urlscan.io logo urlscan.io
SecurityTrails logo

appleinsider.com Open in urlscan Pro
2606:4700:20::6818:1259  Public Scan

Go To Rescan Add Verdict Report
URL: https://appleinsider.com/articles/21/02/26/hacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500
Submission: On March 19 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 71 IPs in 9 countries across 64 domains to perform 410 HTTP transactions. The main IP is 2606:4700:20::6818:1259, located in United States and belongs to CLOUDFLARENET, US. The main domain is appleinsider.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 30th 2020. Valid for: a year.
This is the only time appleinsider.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
34 2606:4700:20:... 13335 (CLOUDFLAR...)
11 2606:4700:20:... 13335 (CLOUDFLAR...)
26 142.250.186.162 15169 (GOOGLE)
3 104.17.120.107 13335 (CLOUDFLAR...)
5 13.226.158.204 16509 (AMAZON-02)
5 2606:4700:7::... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 4 2620:116:800d... 16509 (AMAZON-02)
4 2606:4700::68... 13335 (CLOUDFLAR...)
20 185.220.204.220 41436 (CLOUDWEBM...)
1 184.30.20.141 16625 (AKAMAI-AS)
1 2600:9000:218... 16509 (AMAZON-02)
1 18.196.104.43 16509 (AMAZON-02)
5 136.144.59.88 54825 (PACKET)
1 18.195.155.181 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
6 184.30.20.198 16625 (AKAMAI-AS)
4 4 185.94.180.126 35220 (SPOTX-AMS)
4 4 35.244.159.8 15169 (GOOGLE)
29 45.83.41.102 204548 (CLOUDWEBM...)
3 4 52.58.45.227 16509 (AMAZON-02)
1 1 116.202.114.114 24940 (HETZNER-AS)
7 9 184.30.20.241 16625 (AKAMAI-AS)
6 6 37.252.172.45 29990 (ASN-APPNEX)
4 2a00:1450:400... 15169 (GOOGLE)
1 5 52.95.116.38 16509 (AMAZON-02)
13 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
52 2a00:1450:400... 15169 (GOOGLE)
1 18.194.215.242 16509 (AMAZON-02)
1 3 185.64.189.115 62713 (AS-PUBMATIC)
2 104.108.50.124 16625 (AKAMAI-AS)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
4 9 69.173.144.165 26667 (RUBICONPR...)
1 1 69.173.144.138 26667 (RUBICONPR...)
12 20 142.250.185.194 15169 (GOOGLE)
2 2 185.29.133.52 30419 (MEDIAMATH...)
4 5 151.101.114.49 54113 (FASTLY)
4 5 52.214.43.215 16509 (AMAZON-02)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
1 35.244.174.68 15169 (GOOGLE)
4 2606:4700::68... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
6 29 2606:4700::68... 13335 (CLOUDFLAR...)
3 4 35.156.153.71 16509 (AMAZON-02)
3 4 3.126.56.137 16509 (AMAZON-02)
42 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
14 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 4 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 142.250.185.98 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2 216.52.2.30 29791 (VOXEL-DOT...)
2 7 185.64.190.80 62713 (AS-PUBMATIC)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 3.120.24.152 16509 (AMAZON-02)
2 2 54.149.211.134 16509 (AMAZON-02)
1 34.98.67.61 15169 (GOOGLE)
1 2a05:d01c:1d8... 16509 (AMAZON-02)
2 2 213.155.156.166 1299 (TELIANET ...)
1 178.250.0.163 44788 (ASN-CRITE...)
3 3 52.214.70.9 16509 (AMAZON-02)
1 185.86.139.115 201081 (SMARTADSE...)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
9 185.64.189.110 62713 (AS-PUBMATIC)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 77.243.60.138 42697 (NETIC-AS)
2 2 35.201.96.126 15169 (GOOGLE)
1 185.64.189.249 62713 (AS-PUBMATIC)
2 2 37.157.2.238 198622 (ADFORM)
2 2 35.210.215.44 19527 (GOOGLE-2)
1 2a00:1288:110... 34010 (YAHOO-IRD)
1 185.64.189.114 62713 (AS-PUBMATIC)
1 1 2001:678:cb4:... 56396 (TURN)
1 1 178.62.202.251 14061 (DIGITALOC...)
2 2 66.155.71.25 13768 (COGECO-PEER1)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 159.253.128.188 36351 (SOFTLAYER)
1 1 34.98.107.212 15169 (GOOGLE)
1 1 52.58.248.2 16509 (AMAZON-02)
1 34.120.25.144 15169 (GOOGLE)
1 1 23.210.250.154 16625 (AKAMAI-AS)
1 34.252.7.224 16509 (AMAZON-02)
1 1 104.108.41.56 16625 (AKAMAI-AS)
1 54.89.230.82 14618 (AMAZON-AES)
410 71
34    2606:4700:20::6818:1259 (United States)

ASN13335 (CLOUDFLARENET, US)
appleinsider.com
photos5.appleinsider.com
forums.appleinsider.com
11    2606:4700:20::ac43:529a (United States)

ASN13335 (CLOUDFLARENET, US)
photos5.appleinsider.com
26    142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
securepubads.g.doubleclick.net
partner.googleadservices.com
3    104.17.120.107 (United States)

ASN13335 (CLOUDFLARENET, US)
biddr.brealtime.com
5    13.226.158.204 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-158-204.dus51.r.cloudfront.net
c.amazon-adsystem.com
5    2606:4700:7::a29f:804f (United States)

ASN13335 (CLOUDFLARENET, US)
vanillicon.com
2    2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    2620:116:800d:21:51e4:db4b:4436:b305 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
4    2606:4700::6813:9408 (United States)

ASN13335 (CLOUDFLARENET, US)
script.crazyegg.com
20    185.220.204.220 (Amsterdam, Netherlands)

ASN41436 (CLOUDWEBMANAGE-EU, US)
live.sekindo.com
1    184.30.20.141 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-141.deploy.static.akamaitechnologies.com
cd8ba0b44a15c10065fd-24461f391e20b7336331d5789078af53.ssl.cf1.rackcdn.com
1    2600:9000:2182:a00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
1    18.196.104.43 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-104-43.eu-central-1.compute.amazonaws.com
hb.emxdgt.com
5    136.144.59.88 (Secaucus, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
1    18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
e1.emxdgt.com
4    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
6    184.30.20.198 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-198.deploy.static.akamaitechnologies.com
ads.pubmatic.com
4    185.94.180.126 (United States)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
4    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
u.openx.net
us-u.openx.net
29    45.83.41.102 (Frankfurt am Main, Germany)

ASN204548 (CLOUDWEBMANAGE-IL-FR, US)
video.sekindo.com
4    52.58.45.227 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-45-227.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    116.202.114.114 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.114.114.202.116.clients.your-server.de
csync.loopme.me
9    184.30.20.241 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-241.deploy.static.akamaitechnologies.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
ssum.casalemedia.com
6    37.252.172.45 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
ib.adnxs.com
4    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
5    52.95.116.38 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
13    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.ch
www.googletagservices.com
2    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
4    2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
7248aea1662551ce2c5b3fc70bfff856.safeframe.googlesyndication.com
52    2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    18.194.215.242 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
ads.adaptv.advertising.com
3    185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    104.108.50.124 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-50-124.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    2a02:fa8:8806:16::1400 (United States)

ASN41041 (VCLK-EU-SE, US)
amazon-tam-match.dotomi.com
9    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
pixel.rubiconproject.com
1    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel-eu.rubiconproject.com
20    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
cm.g.doubleclick.net
2    185.29.133.52 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
5    151.101.114.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
5    52.214.43.215 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
match.adsrvr.org
1    2a00:1288:80:800::7001 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
ads.yahoo.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
4    2606:4700::6812:417 (United States)

ASN13335 (CLOUDFLARENET, US)
tags.expo9.exponential.com
3    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
29    2606:4700::6812:c05 (United States)

ASN13335 (CLOUDFLARENET, US)
s.tribalfusion.com
a.tribalfusion.com
4    35.156.153.71 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
pixel.advertising.com
4    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
42    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
4    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
14    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
1    2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
4    2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
3    2a00:1450:400f:806::2003 (Ireland)

ASN15169 (GOOGLE, US)
csi.gstatic.com
6    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
3    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
googleads4.g.doubleclick.net
1    2a00:1450:4001:813::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    216.52.2.30 (United States)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
7    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    3.120.24.152 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
d.agkn.com
2    54.149.211.134 (Boardman, United States)

ASN16509 (AMAZON-02, US)
e.dlx.addthis.com
1    34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
odr.mookie1.com
1    2a05:d01c:1d8:8102:73b:46ad:270f:ab37 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
ag.innovid.com
2    213.155.156.166 (Sweden)

ASN1299 (TELIANET Telia Carrier, SE)
d5p.de17a.com
1    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
3    52.214.70.9 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-70-9.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    185.86.139.115 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
1    85.114.159.118 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
9    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
1    2606:4700:10::ac43:db6 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
1    77.243.60.138 (Aalborg, Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
2    35.201.96.126 (Kansas City, United States)

ASN15169 (GOOGLE, US)
visitor.fiftyt.com
1    185.64.189.249 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
aud.pubmatic.com
2    37.157.2.238 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
2    35.210.215.44 (Brussels, Belgium)

ASN19527 (GOOGLE-2, US)
ads.programattik.com
1    2a00:1288:110:c305::8000 (United Kingdom)

ASN34010 (YAHOO-IRD, GB)
pr-bh.ybp.yahoo.com
1    185.64.189.114 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
1    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (TURN, GB)
ad.turn.com
1    178.62.202.251 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
2    66.155.71.25 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
1    2a02:fa8:8806:12::1400 (United States)

ASN41041 (VCLK-EU-SE, US)
pubmatic-match.dotomi.com
1    159.253.128.188 (Amsterdam, Netherlands)

ASN36351 (SOFTLAYER, US)
PTR: bc.80.fd9f.ip4.static.sl-reverse.com
um.simpli.fi
1    34.98.107.212 (Kansas City, United States)

ASN15169 (GOOGLE, US)
ads.playground.xyz
1    52.58.248.2 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-248-2.eu-central-1.compute.amazonaws.com
aa.agkn.com
1    34.120.25.144 (Kansas City, United States)

ASN15169 (GOOGLE, US)
public-prod-dspcookiematching.dmxleo.com
1    23.210.250.154 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-250-154.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
1    34.252.7.224 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
beacon.krxd.net
1    104.108.41.56 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-41-56.deploy.static.akamaitechnologies.com
tags.bluekai.com
1    54.89.230.82 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
emxhb.emxdgt.com
Apex Domain
Subdomains		 Transfer
98 googlesyndication.com
7248aea1662551ce2c5b3fc70bfff856.safeframe.googlesyndication.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
1 MB
57 doubleclick.net
securepubads.g.doubleclick.net
cm.g.doubleclick.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
300 KB
49 sekindo.com
live.sekindo.com
video.sekindo.com
894 KB
45 appleinsider.com
appleinsider.com
photos5.appleinsider.com
forums.appleinsider.com
3 MB
29 tribalfusion.com
s.tribalfusion.com
a.tribalfusion.com
18 KB
27 pubmatic.com
ads.pubmatic.com
image6.pubmatic.com
image2.pubmatic.com
simage2.pubmatic.com
aud.pubmatic.com
image4.pubmatic.com
76 KB
15 googletagservices.com
www.googletagservices.com
486 KB
12 rubiconproject.com
eus.rubiconproject.com
token.rubiconproject.com
pixel-eu.rubiconproject.com
pixel.rubiconproject.com
17 KB
11 google.com
adservice.google.com
www.google.com
2 KB
11 gstatic.com
fonts.gstatic.com
csi.gstatic.com
www.gstatic.com
112 KB
10 amazon-adsystem.com
c.amazon-adsystem.com
aax-eu.amazon-adsystem.com
72 KB
9 casalemedia.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
ssum.casalemedia.com
8 KB
6 ampproject.org
cdn.ampproject.org
114 KB
6 yahoo.com
ads.yahoo.com
ups.analytics.yahoo.com
pr-bh.ybp.yahoo.com
5 KB
6 adnxs.com
secure.adnxs.com
ib.adnxs.com
6 KB
5 google.de
adservice.google.de
1 KB
5 adsrvr.org
match.adsrvr.org
2 KB
5 everesttech.net
sync-tm.everesttech.net
1 KB
5 advertising.com
ads.adaptv.advertising.com
pixel.advertising.com
1 KB
5 a-mo.net
prebid.a-mo.net
1 KB
5 vanillicon.com
vanillicon.com
5 KB
4 googleadservices.com
partner.googleadservices.com
656 B
4 exponential.com
tags.expo9.exponential.com
56 KB
4 bidswitch.net
x.bidswitch.net
1 KB
4 openx.net
u.openx.net
us-u.openx.net
1 KB
4 spotxchange.com
sync.search.spotxchange.com
3 KB
4 googleapis.com
fonts.googleapis.com
3 KB
4 crazyegg.com
script.crazyegg.com
37 KB
4 quantserve.com
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
10 KB
3 bidr.io
match.prod.bidr.io
1 KB
3 emxdgt.com
hb.emxdgt.com
e1.emxdgt.com
emxhb.emxdgt.com
519 B
3 brealtime.com
biddr.brealtime.com
71 KB
2 sitescout.com
pixel-sync.sitescout.com
947 B
2 programattik.com
ads.programattik.com
1 KB
2 adform.net
c1.adform.net
822 B
2 fiftyt.com
visitor.fiftyt.com
990 B
2 de17a.com
d5p.de17a.com
637 B
2 addthis.com
e.dlx.addthis.com
2 KB
2 agkn.com
d.agkn.com
aa.agkn.com
995 B
2 lijit.com
ap.lijit.com
1 KB
2 mathtag.com
sync.mathtag.com
1 KB
2 dotomi.com
amazon-tam-match.dotomi.com
pubmatic-match.dotomi.com
104 B
2 google-analytics.com
www.google-analytics.com
19 KB
1 bluekai.com
tags.bluekai.com
820 B
1 krxd.net
beacon.krxd.net
337 B
1 stickyadstv.com
ads.stickyadstv.com
749 B
1 dmxleo.com
public-prod-dspcookiematching.dmxleo.com
176 B
1 playground.xyz
ads.playground.xyz
484 B
1 simpli.fi
um.simpli.fi
607 B
1 bidtheatre.com
match.adsby.bidtheatre.com
550 B
1 turn.com
ad.turn.com
518 B
1 semasio.net
uipglob.semasio.net
253 B
1 zeotap.com
mwzeom.zeotap.com
596 B
1 adition.com
dsp.adfarm1.adition.com
501 B
1 smartadserver.com
rtb-csync.smartadserver.com
163 B
1 criteo.com
dis.criteo.com
284 B
1 innovid.com
ag.innovid.com
296 B
1 mookie1.com
odr.mookie1.com
606 B
1 2mdn.net
s0.2mdn.net
18 KB
1 rlcdn.com
id.rlcdn.com
66 B
1 google.ch
adservice.google.ch
165 B
1 loopme.me
csync.loopme.me
243 B
1 quantcount.com
rules.quantcount.com
357 B
1 rackcdn.com
cd8ba0b44a15c10065fd-24461f391e20b7336331d5789078af53.ssl.cf1.rackcdn.com
2 KB
410 64
Domain Requested by
52 tpc.googlesyndication.com securepubads.g.doubleclick.net
googleads.g.doubleclick.net
tpc.googlesyndication.com
appleinsider.com
pagead2.googlesyndication.com
7248aea1662551ce2c5b3fc70bfff856.safeframe.googlesyndication.com
cdn.ampproject.org
42 pagead2.googlesyndication.com s.tribalfusion.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
securepubads.g.doubleclick.net
appleinsider.com
7248aea1662551ce2c5b3fc70bfff856.safeframe.googlesyndication.com
www.googletagservices.com
41 photos5.appleinsider.com appleinsider.com
photos5.appleinsider.com
live.sekindo.com
29 video.sekindo.com appleinsider.com
22 securepubads.g.doubleclick.net appleinsider.com
securepubads.g.doubleclick.net
www.googletagservices.com
googleads.g.doubleclick.net
7248aea1662551ce2c5b3fc70bfff856.safeframe.googlesyndication.com
20 s.tribalfusion.com tags.expo9.exponential.com
s.tribalfusion.com
20 cm.g.doubleclick.net 12 redirects eus.rubiconproject.com
googleads.g.doubleclick.net
appleinsider.com
20 live.sekindo.com photos5.appleinsider.com
live.sekindo.com
appleinsider.com
15 www.googletagservices.com securepubads.g.doubleclick.net
pagead2.googlesyndication.com
googleads.g.doubleclick.net
7248aea1662551ce2c5b3fc70bfff856.safeframe.googlesyndication.com
13 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
7248aea1662551ce2c5b3fc70bfff856.safeframe.googlesyndication.com
appleinsider.com
9 a.tribalfusion.com 6 redirects s.tribalfusion.com
9 simage2.pubmatic.com image6.pubmatic.com
ads.pubmatic.com
7 image2.pubmatic.com 2 redirects image6.pubmatic.com
ads.pubmatic.com
7 fonts.gstatic.com fonts.googleapis.com
6 cdn.ampproject.org googleads.g.doubleclick.net
6 adservice.google.com securepubads.g.doubleclick.net
pagead2.googlesyndication.com
6 ads.pubmatic.com live.sekindo.com
ads.pubmatic.com
aax-eu.amazon-adsystem.com
5 dsum-sec.casalemedia.com 3 redirects googleads.g.doubleclick.net
5 www.google.com 1 redirects googleads.g.doubleclick.net
7248aea1662551ce2c5b3fc70bfff856.safeframe.googlesyndication.com
5 adservice.google.de pagead2.googlesyndication.com
5 match.adsrvr.org 4 redirects eus.rubiconproject.com
5 sync-tm.everesttech.net 4 redirects appleinsider.com
5 pixel.rubiconproject.com 1 redirects eus.rubiconproject.com
s.tribalfusion.com
5 aax-eu.amazon-adsystem.com 1 redirects c.amazon-adsystem.com
aax-eu.amazon-adsystem.com
eus.rubiconproject.com
ads.pubmatic.com
5 prebid.a-mo.net biddr.brealtime.com
appleinsider.com
5 vanillicon.com appleinsider.com
5 c.amazon-adsystem.com appleinsider.com
c.amazon-adsystem.com
live.sekindo.com
4 partner.googleadservices.com pagead2.googlesyndication.com
4 ups.analytics.yahoo.com 3 redirects appleinsider.com
4 pixel.advertising.com 3 redirects appleinsider.com
4 tags.expo9.exponential.com securepubads.g.doubleclick.net
4 token.rubiconproject.com 3 redirects eus.rubiconproject.com
4 7248aea1662551ce2c5b3fc70bfff856.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 x.bidswitch.net 3 redirects appleinsider.com
4 sync.search.spotxchange.com 4 redirects
4 fonts.googleapis.com appleinsider.com
googleads.g.doubleclick.net
7248aea1662551ce2c5b3fc70bfff856.safeframe.googlesyndication.com
4 script.crazyegg.com photos5.appleinsider.com
script.crazyegg.com
3 match.prod.bidr.io 3 redirects
3 ib.adnxs.com 3 redirects
3 csi.gstatic.com tpc.googlesyndication.com
securepubads.g.doubleclick.net
3 image6.pubmatic.com 1 redirects ads.pubmatic.com
3 secure.adnxs.com 3 redirects
3 forums.appleinsider.com appleinsider.com
photos5.appleinsider.com
forums.appleinsider.com
3 biddr.brealtime.com appleinsider.com
biddr.brealtime.com
2 us-u.openx.net 2 redirects
2 pixel-sync.sitescout.com 2 redirects
2 ads.programattik.com 2 redirects
2 c1.adform.net 2 redirects
2 visitor.fiftyt.com 2 redirects
2 d5p.de17a.com 2 redirects
2 e.dlx.addthis.com 2 redirects
2 ssum.casalemedia.com 2 redirects
2 ap.lijit.com 2 redirects
2 googleads4.g.doubleclick.net googleads.g.doubleclick.net
2 sync.mathtag.com 2 redirects
2 eus.rubiconproject.com aax-eu.amazon-adsystem.com
eus.rubiconproject.com
2 ssum-sec.casalemedia.com 2 redirects
2 u.openx.net 2 redirects
2 pixel.quantserve.com 1 redirects appleinsider.com
2 www.google-analytics.com appleinsider.com
www.google-analytics.com
1 emxhb.emxdgt.com biddr.brealtime.com
1 tags.bluekai.com 1 redirects
1 beacon.krxd.net s.tribalfusion.com
1 ads.stickyadstv.com 1 redirects
1 public-prod-dspcookiematching.dmxleo.com s.tribalfusion.com
1 aa.agkn.com 1 redirects
1 ads.playground.xyz 1 redirects
1 um.simpli.fi ads.pubmatic.com
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 match.adsby.bidtheatre.com 1 redirects
1 ad.turn.com 1 redirects
1 image4.pubmatic.com ads.pubmatic.com
1 pr-bh.ybp.yahoo.com ads.pubmatic.com
1 aud.pubmatic.com ads.pubmatic.com
1 uipglob.semasio.net ads.pubmatic.com
1 mwzeom.zeotap.com ads.pubmatic.com
1 dsp.adfarm1.adition.com 1 redirects
1 rtb-csync.smartadserver.com image6.pubmatic.com
1 dis.criteo.com image6.pubmatic.com
1 ag.innovid.com googleads.g.doubleclick.net
1 odr.mookie1.com googleads.g.doubleclick.net
1 d.agkn.com 1 redirects
1 cms.quantserve.com googleads.g.doubleclick.net
1 www.gstatic.com 7248aea1662551ce2c5b3fc70bfff856.safeframe.googlesyndication.com
1 s0.2mdn.net 7248aea1662551ce2c5b3fc70bfff856.safeframe.googlesyndication.com
1 id.rlcdn.com eus.rubiconproject.com
1 ads.yahoo.com eus.rubiconproject.com
1 pixel-eu.rubiconproject.com 1 redirects
1 amazon-tam-match.dotomi.com aax-eu.amazon-adsystem.com
1 ads.adaptv.advertising.com live.sekindo.com
1 adservice.google.ch securepubads.g.doubleclick.net
1 csync.loopme.me 1 redirects
1 e1.emxdgt.com biddr.brealtime.com
1 hb.emxdgt.com biddr.brealtime.com
1 rules.quantcount.com secure.quantserve.com
1 cd8ba0b44a15c10065fd-24461f391e20b7336331d5789078af53.ssl.cf1.rackcdn.com appleinsider.com
1 secure.quantserve.com appleinsider.com
1 appleinsider.com
410 98
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-07-30 -
2021-07-30		 a year crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
*.brealtime.com
Go Daddy Secure Certificate Authority - G2		 2020-01-22 -
2022-03-22		 2 years crt.sh
c.amazon-adsystem.com
Amazon		 2020-08-04 -
2021-08-02		 a year crt.sh
vanillicon.com
Cloudflare Inc ECC CA-3		 2020-07-09 -
2021-07-09		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA		 2020-10-02 -
2021-10-07		 a year crt.sh
www.sekindo.com
Go Daddy Secure Certificate Authority - G2		 2020-10-27 -
2021-11-28		 a year crt.sh
*.ssl.cf1.rackcdn.com
DigiCert SHA2 Secure Server CA		 2020-04-19 -
2021-07-19		 a year crt.sh
*.emxdgt.com
Amazon		 2020-07-31 -
2021-08-30		 a year crt.sh
*.a-mo.net
R3		 2021-03-12 -
2021-06-10		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2020-02-26 -
2021-05-27		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2020-04-23 -
2022-05-04		 2 years crt.sh
*.gstatic.com
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
aax-eu.amazon-adsystem.com
Amazon		 2020-06-15 -
2021-06-15		 a year crt.sh
*.google.ch
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
*.google.com
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
*.v.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2020-12-26 -
2021-06-22		 6 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-01-05 -
2022-01-18		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2019-06-19 -
2021-08-31		 2 years crt.sh
*.adsrvr.org
Trustwave Organization Validation SHA256 CA, Level 1		 2019-03-07 -
2021-04-19		 2 years crt.sh
*.ads.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-02-28 -
2021-04-13		 a month crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
exponential.com
Cloudflare Inc ECC CA-3		 2020-05-22 -
2021-05-22		 a year crt.sh
h2.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2021-03-11 -
2021-04-20		 a month crt.sh
pixel.advertising.com
DigiCert SHA2 High Assurance Server CA		 2021-03-01 -
2021-08-24		 6 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2020-10-24 -
2021-04-20		 6 months crt.sh
*.google.de
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
www.google.com
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
misc-sni.google.com
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
*.doubleclick.net
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2020-03-02 -
2021-04-01		 a year crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-22 -
2022-03-25		 a year crt.sh
*.innovid.com
RapidSSL RSA CA 2018		 2020-02-07 -
2022-04-07		 2 years crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-01-30 -
2021-04-28		 3 months crt.sh
*.smartadserver.com
DigiCert ECC Secure Server CA		 2020-01-30 -
2022-02-03		 2 years crt.sh
*.semasio.net
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-09 -
2022-04-10		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2020-10-30 -
2021-04-27		 6 months crt.sh
*.simpli.fi
DigiCert SHA2 Secure Server CA		 2019-09-18 -
2021-12-12		 2 years crt.sh
dspcookiematching.dmxleo.com
ZeroSSL RSA Domain Secure Site CA		 2021-02-16 -
2021-05-17		 3 months crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-01-13 -
2022-01-07		 a year crt.sh

This page contains 55 frames:

Primary Page: https://appleinsider.com/articles/21/02/26/hacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500
Frame ID: D327D943C51F054F799F39B5DCC299AE
Requests: 103 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.js?nnn=1616191582394
Frame ID: EA0A401D1A85A422E924537D9DFF0ADF
Requests: 2 HTTP requests in this frame

Frame: https://live.sekindo.com/live/liveView.php?s=104577&cbuster=1616191583&pubUrl=https%3A%2F%2Fappleinsider.com%2Farticles%2F21%2F02%2F26%2Fhacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500&vp_content=plembed1d41lktxsnmj&cbuster=1616191582&pubUrlAuto=https%3A%2F%2Fappleinsider.com%2Farticles%2F21%2F02%2F26%2Fhacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500&videoType=flow&floatWidth=400&floatHeight=225&floatDirection=br&floatVerticalOffset=10&floatHorizontalOffset=10&floatCloseBtn=1&flowMode=below&flowCloseButtonPosition=right
Frame ID: BAE211FE17163C1F08C4FD1B0C22AB7D
Requests: 21 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto&display=swap
Frame ID: 73D7483B49C60A22E9CD57A3400686FA
Requests: 20 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Flive.sekindo.com%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D60552060a6703%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D1%26gdpr_consent%3D
Frame ID: 9C40651EC8F91F5E91678BEB2CBECCF7
Requests: 1 HTTP requests in this frame

Frame: https://live.sekindo.com/live/liveCS.php?source=external&csuuid=60552060a6703&pixel=&advId=94&advUuid=58b5604e-88ff-11eb-82dc-14f0ef8b1c06
Frame ID: 9689E0EA6294A3DA8C08B755D7A869B5
Requests: 1 HTTP requests in this frame

Frame: https://live.sekindo.com/live/liveCS.php?source=external&csuuid=60552060a6703&pixel=&advId=98&advUuid=52e4a575-1c09-46e7-b558-74aee06f8f70
Frame ID: C594D20BA0331B2E671E22C7A145DC77
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=pm-db5_rbd_cnv&dcc=t
Frame ID: 075F08E9276BEFD30C1B7E282947E531
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 311A886E2630049DF8A51C7EF95F78FF
Requests: 2 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=rbd_cnv_pm-db5&fv=1.0&a=cm&cm3ppd=1
Frame ID: 3B487480F327C14B7647276203B854D5
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Frame ID: 787EC97EA84EF5722172F2A1E4D69C99
Requests: 12 HTTP requests in this frame

Frame: https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
Frame ID: 31C1545F422609AD6EC2A324FD0C947D
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Frame ID: 93B49DEC8426585611A005BED70BE33E
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 75BBE0EC16AC75022E46D6446F44CF1B
Requests: 23 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvtkR56mDinJftvE-FBN-NnrGZJzQ9r9Rm4GgAJfOb1v0e7qUEIXIhks6Rn6kJp8XZ8DCnCyOv7exMEOMA3eIwaM8dQOBZc3Jtnua2Nit5VkWC8XJaNCKW3shKxvYrzi1QYyrkx_lO2f3aIcnTNntZ-NuiQz918cY8TSHMUxtpMV7nBOBsZPbUWM8v2BOA39JcjqXBb8PhH-PsCUH-eHfpEpP4FyNa7D8fSQxLiuUQm3rejZ6p6Ru3D_aaAm7ibFaoNTIR1_9tSANh-YLmKh-umgALvsGCfs-w1d6r8IgwnWrGghziRLV4lrB0I_fF7gkA2Lcg5Sc1MUQ&sai=AMfl-YSfypxQd0TDUdDyG8sgbKJcx0BscwxbDhlq1CPlFjMpn5LSfkV631dU2Bcosb4qnR2IHrTFSeMV3vt26zeAv54ICi6uAnrRyF-i-6c6TTeJOiyvrfi8FGa_yElWMQhz&sig=Cg0ArKJSzF_bCGltGemzEAE&urlfix=1&adurl=
Frame ID: F7089CFB8372BEABC61BEB9B4B48DFB9
Requests: 17 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstK2YpazChEQ_DESLttPjtjcCGMA8azo5SRyi28Rg06Jk8LVD3aO7qNoEAwfSs0XwPxG9KCSUHmiY28ekZrQa7wge64uCHjTeN_Ksw9OllWEMQt-iz7VYMiuB4wu5UAJgLZv-h7c_8UCpEMWlBof9GVVUyd5PO2Pr61XLZXXXe6Hzb_edQkNHe4tj98C2K73Rm8HV1R5FAWc44hd6TxZWaIE0mQXxxgyhefGYkCIWdFjynAM77LqEXrz-4pXAsdlK3XlR3jnenzanAta1fxZjgkNBRlJkTQvyn-4SyPHvVFf2JWYmCS3drfHHlRZ_NunN6yLaFX5xufgfZ4kRt6beJ5VA&sai=AMfl-YTacDKWq9-6nE4skTwFME7-ZxuVQMtWlqbC_nMJxG_pkDuRKmZNPbi6y07HySh2_aV-ZYGs6VaS_0U8S_wTBnTQExklUhvYxpE7YikU_AhVN-94HJmbrHeBSSxb-F8e&sig=Cg0ArKJSzLMRDyFHUcqAEAE&urlfix=1&adurl=
Frame ID: 9A20A55118CDFA3E28E2A2266F6BD8AB
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210316/r20190131/zrt_lookup.html
Frame ID: 625DCDBB26AEEED92899D0EFA2D79423
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2892341250670811&output=html&h=90&slotname=1393785910&adk=515333760&adf=1766241116&pi=t.ma~as.1393785910&w=728&psa=0&format=728x90&url=https%3A%2F%2Fappleinsider.com%2Farticles%2F21%2F02%2F26%2Fhacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500&ea=0&flash=0&wgl=1&dt=1616191586803&bpp=19&bdt=667&idt=79&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dc126d79272295234-22deadc7d5ba00a1%3AT%3D1616191585%3AS%3DALNI_MYz6GbskdgJ43k2SohTU7mriYA_sg&correlator=6820821975866&frm=23&ife=4&pv=2&ga_vid=460626028.1616191583&ga_sid=1616191587&ga_hid=667748706&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=82&biw=1600&bih=1200&isw=728&ish=90&ifk=2276593134&scr_x=0&scr_y=0&eid=42530671%2C21068084%2C44739387&oid=3&pvsid=3351588543320188&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.40wh5bdy6rbx&fsb=1&dtd=95
Frame ID: 477ADC329719FFA122CE199BC95BCADE
Requests: 13 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvUfjr-8qmhJGUNlH3y_gILVj1iXe7RVIIKzzVa3xovDevtKIqHCzW6yC6YJI9t_jX6y62JMSuM_d9trDNxWQ4K4e5noAdqnB2__SR5QOL0Ol186Tqb5nVovwBlzDi-mfpJ_VWAYq9oZAXgl_FdLeM3IMD_KMn50AfE_VxHiQkZTnmS1VXGlzif25dx4UvYIVLNCwyP8WHs9KdxapB7aKOBoeaDBMpNmj08w2oetnpHTVTBklkmsOpzSbkLAf6a3wo9FkCby8T9fxYHOZDHiHoQ9Z2e83zXfdmnaDe4pScbAH5GC6lFHdrVmTcnkeytusjn031N5sEs9XnVspuaoml-V8g0R4bwqg&sai=AMfl-YR5o7bbqFGrhjuoM6GhvW8ijaCviJ7K5bAkSbXNJHYT5t_agwYrFvD5YJTDs0cywsKbapnsp1O5vBnjdDOFh9uFphlEmcRzJSXR7t1j_eUfrMw9VI5P_g9_W_53X2_p&sig=Cg0ArKJSzKAF-e7xn2KREAE&urlfix=1&adurl=
Frame ID: 21188E20F86FB69CD8DD950F6062121B
Requests: 17 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstoUFqExODeq8Wgn0okqRvDJC4sslLuSnXREsQKHp85yDO2bQZ9_wp3NLPm3NBCPeQ8Fq3OvyWHvnzdqtvlmum8nzKosuH2OPk5uyA5kicu3Ed9vS2x17iQ6LyYKy8MRcsMA4Mr7T09wNf1nEfD3vlFqzwpDP64V0o6yBUt5bqNqkyNEGTDfaGE0MZwvn_ESX0yOQi-GVza9GUsCGz8HfhOAPewwB9o1fVaD1z5E75Te5pETJyZynmNvtGta0t3Yowvtg2CanyUuJtRMd-zOFSddzTNR4MpwDLrGnxENvE49ojRSDL2nYZItSt1MHHBfM-BKr6dzYx9srT1gZfXXw&sai=AMfl-YQJoypE8JYrEkIVYAE3YkGl_PsShmHMVbBqvQ6pUNpt_rRZ1f_0wGi2morci8zckUGgWAVvJSmCJ8EpG72Rah60ggWgKIU2bQJhL_uppfggDh28Vr2mDuY6fnVIdEg&sig=Cg0ArKJSzDjbz8aEX1NLEAE&urlfix=1&adurl=
Frame ID: B5D1C5D9BFA50285725C1D67C8A8E57D
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2892341250670811&output=html&h=250&slotname=3169902014&adk=332698300&adf=432074505&pi=t.ma~as.3169902014&w=300&psa=0&format=300x250&url=https%3A%2F%2Fappleinsider.com%2Farticles%2F21%2F02%2F26%2Fhacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500&ea=0&flash=0&wgl=1&dt=1616191587262&bpp=2&bdt=595&idt=66&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3D6ddf312c3325c223-224230e9d5ba0063%3AT%3D1616191585%3AS%3DALNI_MZvLbSGq7W1MgXCMdujphbmx0XEcA&correlator=6820821975866&frm=23&ife=4&pv=1&ga_vid=1305290599.1616191587&ga_sid=1616191587&ga_hid=380335203&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1103&ady=1960&biw=1600&bih=1200&isw=300&ish=250&ifk=2566836725&scr_x=0&scr_y=0&eid=44735931%2C44739387&oid=3&pvsid=2386061136761195&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.5t0m5vyp89u8&btvi=1&fsb=1&dtd=73
Frame ID: A99B70680C0DEFD70FD0BA976BA304FE
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12488987712501309954/728x90_Crypto_CYSEC/728x90_Crypto_CYSEC.html
Frame ID: 8A6C9E0EF11FFD56BBFF116EF8BA6EB6
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 8E26EC9F5BC1B521B43F3BA1BF0C65F2
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 08FA9E66643320BE7A0AF822401A433D
Requests: 2 HTTP requests in this frame

Frame: https://7248aea1662551ce2c5b3fc70bfff856.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: B2F117996E5CE3F57CDEAB051FD56555
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2892341250670811&output=html&h=250&slotname=3169902014&adk=330464824&adf=3248438070&pi=t.ma~as.3169902014&w=300&psa=0&format=300x250&url=https%3A%2F%2Fappleinsider.com%2Farticles%2F21%2F02%2F26%2Fhacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500&ea=0&flash=0&wgl=1&dt=1616191587717&bpp=1&bdt=642&idt=154&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3D06a4eaed7430a784-22351c0ed5ba0033%3AT%3D1616191585%3AS%3DALNI_MbvdyYlthAWt6y8LWCaQJ45xTTQMg&correlator=6820821975866&frm=23&ife=4&pv=1&ga_vid=1444797335.1616191588&ga_sid=1616191588&ga_hid=1876596505&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1103&ady=1161&biw=1600&bih=1200&isw=300&ish=250&ifk=1834859746&scr_x=0&scr_y=0&eid=44736524%2C44739387&oid=3&pvsid=4343791204405116&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.3m3cfz4yhsyd&fsb=1&dtd=161
Frame ID: D99E4CDFE556D68965800AF12E215FCA
Requests: 10 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs
Frame ID: E61E656504536B12346538FA58D4E559
Requests: 25 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNOuLBComsQBGLvG_J0BMAE&v=APEucNW1Xw_hQEtw18qfwWaAyu6HGxCG5pyXvywrSIfLs3b6Bsdy1mpJihKir4uM_GI42wygkgQTRIC7WpjQs3iDb3_Z5_xbCw
Frame ID: B8C58C7469EB30F40E5C1B053EE6FA5B
Requests: 4 HTTP requests in this frame

Frame: https://7248aea1662551ce2c5b3fc70bfff856.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: F8AE72D630E499F7035EA5F3F1607C53
Requests: 10 HTTP requests in this frame

Frame: https://7248aea1662551ce2c5b3fc70bfff856.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: 3EC907DD48C002F2B9C43B0052968095
Requests: 13 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: 713935B74F32E466BBC126FF3B6B10B4
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 3D84998373A0F4A27D1640A73EFA2507
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 1863C9561C01D379A265B4F13FEE3E3E
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2892341250670811&output=html&h=90&slotname=7494819475&adk=4001829064&adf=776186316&pi=t.ma~as.7494819475&w=728&psa=0&format=728x90&url=https%3A%2F%2Fappleinsider.com%2F&ea=0&flash=0&wgl=1&dt=1616191588413&bpp=3&bdt=194&idt=123&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&correlator=5405335395555&frm=24&ife=3&pv=2&ga_vid=1896391357.1616191589&ga_sid=1616191589&ga_hid=190411898&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3941273990&scr_x=-12245933&scr_y=-12245933&eid=31060287%2C44739387&oid=3&pvsid=1421703291686607&rx=0&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=1.344kf6xhzfdo&fsb=1&dtd=137
Frame ID: B46E0D902F9B69337252F32B7AE3065B
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 35B38228125772954A52B3D65F002D79
Requests: 9 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=aJmTR8ScUsStZbyYdfrTmfw4snY0FvZbT6Tw4A3hQmBB4WYy1tnDnt2N4PvT5GM9Vc3lUsbeRPFxWtZbWUbjP2betVabtVEYjSTJKQVjCQUAvRW79Wsr25FPqodeOXEev2HfFSGjZd26YZamdEyUHB7XrUb1UZblXq6tRbYHTUBYTtQWmbQmRUBNXEnn4Efc5E7XmaMHXUJaWt7TomrZbpsQwmHfJ5EZbg0WiFNivxas&mediaDataID=7665496&mediaName=frame.html
Frame ID: 96454AE24A8BD0863EB02C7C22440D3E
Requests: 2 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=aKmTR81E3t3TZbk4EUYnTFB1r7hTtrSmPQBnVnvpWUC5EY82WAM5PvKmF3JXsvS1cQTXV7xnTvW5FZbVVU7ZcVAU1QTj5QsnsSt3wYtFuWA3p2cB0XbMLUPPr2PQePPMA2tBrXWYDptZav363Y4cM6TsrcUcfkPAQuUdUWTrM05bEuWajoTTMlPqZbZcRVjZdQUupRt79VsvR2rytoWep0EXp4dbZdSGrHYPUywWr4wr&mediaDataID=6807466&mediaName=frame.html
Frame ID: B4D5349120F56A415FCDB87F8FFEC895
Requests: 2 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=aLmTR8STYZcQVJJRbirPWjbUVQR2UusndZaOXaum3tYESG7Zd5PvEotXmUdfcXUvc1UZb7XqitRbJEWFJYVdYWnrbqQFMmYTvs3T3h2a3RnqFIYbUcUtbVn67ZcpGMwotfD3aBh5teM3PfZbprvEYVvPYsv3XGjMpEjT3UUVWFnEUAvTPTb0ScvMPWjw0WBwWAbv2GB0YrQZcVAms26QaRPZbK4WZbOXWBLsHAJuhWfuJ&mediaDataID=6546596&mediaName=frame.html
Frame ID: 12797575F73DE00B1639DFBCA803F7C9
Requests: 2 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=ammTR82avYoTbCYbJgTtfQoA3CncnrotQJ3T382dZar3AjFmUUHXVfVXVM10sfvpTj25F3VVFnHUPf4PTrQPcvoPd3x1dFnT6jy4sMUYrrDT6ir46nhQPfF4WQO0dBKnHPu36Y03cM7VcUjVsjeRAvvWdQQWbf03bZaoVqjpTTQlQEBZcQVbCQUZawRtv6VsbU4r6qnHeo0EqO4WvDSsFZa2mJHmdXtStZbPxQv3LB&mediaDataID=6680176&mediaName=frame.html
Frame ID: C29640EA8ECBFB12C57E15948B848518
Requests: 2 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=anmTR8Rr6oPHvaWV3R5UioodZaoXauw3t3ZdQVbZd56rZamdZaOUt7eXrf8Xb7k0TaqPb3ZdWFYYVtJ4obYnPFbNXEnp4E3g4q30oTrH1rffTdFXmPfJmGrtoWnG5EQ73Hmq56rZaprMH0VvQ1cYV1VfxnEFU5UQPTUbEWAn4QEb1ScUMQdUNYtZbuWmYx3VM2YrZbJTAir5mQbRP7G4dQpXdnApd2o36BRXVnQMwmBGb&mediaDataID=5436426&mediaName=frame.html
Frame ID: 0481308D4D98002A3BECDA0B7112964E
Requests: 2 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=aomTR8T6Mu4sY20F3ZdT6Xp2PB8QABA3drO0HQDmt6v36U04V3fTsJ7VVFlR6UwWdQ5Wbb03b2nUabpVEYlPTrKRGYZaPbEsPHf9UVY55bXxmtqmXqqy3WnASGfZa4AJZboHTsVWJe0rvb1UF91qatRrrGWUU5Td33mrBnQUrq1E3y5EUl2aURoa7A1bjaTdMRmmfZcmcMtmtrF5qQj5HAN3AvGprbZd5cr7qvEEXG&mediaDataID=8039566&mediaName=frame.html
Frame ID: 34447AADB748ECE344F6C605DCD93373
Requests: 2 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=apmTR8oTbD1rZb8UHb1om3IpG3oodYL2Er73d6M4PFZbprnHYcYYYsF01sBynafW5UQ4TUfEWA73RTj1Qs3MPt7w0dnsVmYM4sJ00UnDUPTw4AZb6PAFI2HvmXW3AnW2u5AZbS3srfVsYcUc78SAUuUtvVWrf25rIoWqMpWTJbSTYFSGQJRrZavStM8Vsr35b6nmWqmYTqN4WvDSsfA2AvHmdXyVWQ65FrUNDGvdB&mediaDataID=4056396&mediaName=frame.html
Frame ID: 903CCCE41CD9D98D7E5B01088C3DD91F
Requests: 2 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=aqmTR8PHvdUVMU4bTvnHys0quu3WQDSsZbZa46YEptatVWFeYFYjYFYl1TZamRUYEWUUQTdQ3mrQoRFMqYTUy4T7h5qf2mEBF1r3cWHBXn6QBnV7poHMA3TYk5tiN5mvZanUfZc0GnY1sU3XGbnmEfT3FvWTFbCUPr4PEr1PcZbtStZbr1dvpT6Qp2Vn5XUMLUPim46ZbdQA7H4dQpXd3ZapWio36BY3sj7SGUVxZdZa7Bp&mediaDataID=2713736&mediaName=frame.html
Frame ID: 7B9D625F65E929494B8AC128C8F0242E
Requests: 2 HTTP requests in this frame

Frame: https://s.tribalfusion.com/p.media?clickID=armTR84sY40UULUPqr2AY7R6rD3dMt1WvAntZan4mMR3svfUGvkWsMkS6MOUWUTWrfR5rEoWqjmTEBbQEQFRVbZbQbmtRW36UVjP2F2xnHZaOXaey3WfGQcvD2mUHoWXsTt370bnj1FJeXaeMSrYHUFMXTt31obFnPUbqXEFs3TZba4q7YoTJI1bZbcWtnQn6fLns7rpdrE5qQj5Hio3mJGprbE0GfQ4GYjrMIHmg&mediaDataID=9148826&mediaName=frame.html
Frame ID: 7FFC9B03A7F8B199058014192AC17100
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js
Frame ID: 0D824B4CE7B6DFB2137CEFE5B4844CF9
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: C5A914E3E8916D00D38AF468A191566C
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2892341250670811&output=html&h=50&slotname=1473676963&adk=4238659372&adf=406754587&pi=t.ma~as.1473676963&w=320&psa=0&format=320x50&url=https%3A%2F%2Fappleinsider.com%2Farticles%2F21%2F02%2F26%2Fhacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500&ea=0&flash=0&wgl=1&dt=1616191588809&bpp=34&bdt=1534&idt=190&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3D421fbb2dfabfb201-2217660bd5ba002d%3AT%3D1616191585%3AS%3DALNI_MZcKTASn5Za2QJnnAf9AnDoir_CJQ&correlator=6820821975866&rume=1&frm=23&ife=4&pv=1&ga_vid=1749031965.1616191589&ga_sid=1616191589&ga_hid=1995671848&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=0&ish=0&ifk=836652087&scr_x=0&scr_y=0&eid=42530672%2C44739523%2C44739387%2C21066613%2C21066614&oid=3&pvsid=2504569723169334&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CEr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.yzqu1oxgvx10&fsb=1&dtd=197
Frame ID: 53821171261010FE71B146D61D8721BB
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8470772502363522023
Frame ID: B95EDADDF820DC67F9313B387D773D35
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: EC4D6AB43726BC9A6544837BCCF155A6
Requests: 1 HTTP requests in this frame

Frame: https://rtb-csync.smartadserver.com/redir
Frame ID: CA80E9566204B33D0D7A03D877F0B30E
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6941490031714564249
Frame ID: 7FEF7D8C4DB9A25226304F904751B076
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/ecm3?id=81219A30-5BB3-4F24-BC35-55283A34ABDA&ex=pubmatic.com
Frame ID: 9FC51DF8574ACDD01917C315C8230E76
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: E7C75A043D807D1D5A4B25DFF5DA463A
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: FFD966DCDE15D10FDD7AAC5A0A6E32DF
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 6FC107C746674DB26B1A7D62EF90A03E
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • script /\.quantserve\.com\/quant\.js/i

Page Statistics

410
Requests

100 %
HTTPS

38 %
IPv6

64
Domains

98
Subdomains

71
IPs

9
Countries

6614 kB
Transfer

12486 kB
Size

20
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 79
  • https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.sekindo.com%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D60552060a6703%26pixel%3D%26advId%3D94%26advUuid%3D%24SPOTX_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.sekindo.com%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D60552060a6703%26pixel%3D%26advId%3D94%26advUuid%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=58b5608c-88ff-11eb-82dc-14f0ef8b1c06 HTTP 302
  • https://live.sekindo.com/live/liveCS.php?source=external&csuuid=60552060a6703&pixel=&advId=94&advUuid=58b5604e-88ff-11eb-82dc-14f0ef8b1c06
Request Chain 80
  • https://u.openx.net/w/1.0/cm?id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.sekindo.com%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D60552060a6703%26pixel%3D%26advId%3D98%26advUuid%3D HTTP 302
  • https://u.openx.net/w/1.0/cm?cc=1&id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.sekindo.com%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D60552060a6703%26pixel%3D%26advId%3D98%26advUuid%3D HTTP 302
  • https://live.sekindo.com/live/liveCS.php?source=external&csuuid=60552060a6703&pixel=&advId=98&advUuid=52e4a575-1c09-46e7-b558-74aee06f8f70
Request Chain 100
  • https://csync.loopme.me/?redirect=https%3A%2F%2Flive.sekindo.com%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D60552060a6703%26pixel%3D%26advId%3D93%26advUuid%3D%7Bdevice_id%7D HTTP 307
  • https://live.sekindo.com/live/liveCS.php?source=external&csuuid=60552060a6703&pixel=&advId=93&advUuid=88abac60-0a7a-486b-96f7-dd9229c91345
Request Chain 101
  • https://ssum-sec.casalemedia.com/usermatchredir?s=192962&cb=https%3A%2F%2Flive.sekindo.com%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D60552060a6703%26pixel%3D%26advId%3D99%26advUuid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=192962&cb=https%3A%2F%2Flive.sekindo.com%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D60552060a6703%26pixel%3D%26advId%3D99%26advUuid%3D&C=1 HTTP 302
  • https://live.sekindo.com/live/liveCS.php?source=external&csuuid=60552060a6703&pixel=&advId=99&advUuid=YFUgYiFSqIa9Ji5DHiuxSAAABL0AAAIB
Request Chain 102
  • https://secure.adnxs.com/getuid?https%3A%2F%2Flive.sekindo.com%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D60552060a6703%26pixel%3D%26advId%3D105%26advUuid%3D%24UID HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Flive.sekindo.com%252Flive%252FliveCS.php%253Fsource%253Dexternal%2526csuuid%253D60552060a6703%2526pixel%253D%2526advId%253D105%2526advUuid%253D%2524UID HTTP 302
  • https://live.sekindo.com/live/liveCS.php?source=external&csuuid=60552060a6703&pixel=&advId=105&advUuid=8478434149538680619
Request Chain 121
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=pm-db5_rbd_cnv HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=pm-db5_rbd_cnv&dcc=t
Request Chain 144
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=a9eu HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?id=KMGUQOT2-2-A07D&ex=d-rubiconproject.com&status=ok
Request Chain 145
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OThlM2JkYjA4Nzk5MDk5ZGE1ZWE0OTE2MmE1ODhkMmYzMDczMjNhYQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OThlM2JkYjA4Nzk5MDk5ZGE1ZWE0OTE2MmE1ODhkMmYzMDczMjNhYQ&google_tc=
Request Chain 146
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=68d56055-2061-4900-84ba-77f03296379b
Request Chain 147
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YFUgYgAAAIxC1SrK HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YFUgYgAAAIxC1SrK&_test=YFUgYgAAAIxC1SrK
Request Chain 149
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KMGUQOT2-2-A07D&sigv=1&esig=2~1fad0f8da37ebed9749e4bd6963c93fe34e4730f
Request Chain 150
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm=&google_sc=&google_tc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGLceWtXzM6Yu6Jsf_LOv5k&google_cver=1
Request Chain 151
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01HVVFPVDItMi1BMDdE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01HVVFPVDItMi1BMDdE&google_tc=
Request Chain 160
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adaptv&ttd_tpi=1 HTTP 302
  • https://pixel.advertising.com/ups/55953/sync?uid=660ee4c4-75a3-4143-9af3-35aa638684a1&_origin=1&gdpr=1&gdpr_consent=&piggybackCookie=660ee4c4-75a3-4143-9af3-35aa638684a1
Request Chain 161
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true HTTP 302
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UP59aab64b-88ff-11eb-862c-06369295f146 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_hm=VVA1OWFhYjY0Yi04OGZmLTExZWItODYyYy0wNjM2OTI5NWYxNDY%3D HTTP 302
  • https://pixel.advertising.com/ups/57304/sync?uid=CAESEASgTO3dmlyGQj167dV1z7Q&google_cver=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEASgTO3dmlyGQj167dV1z7Q&google_cver=1&apid=UP59aab64b-88ff-11eb-862c-06369295f146
Request Chain 200
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 280
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB10zvoXA17sL1VMY5rU_1k&google_cver=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB10zvoXA17sL1VMY5rU_1k&google_cver=1&C=1
Request Chain 281
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YFUgZCFSqIa9Ji5DHiuxggAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB10zvoXA17sL1VMY5rU_1k&google_cver=1
Request Chain 284
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D7bb8c29e-8c89-40e3-8c75-745c86f3d356%26D%3D%26bidder%3Dsovrn%26uid%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D7bb8c29e-8c89-40e3-8c75-745c86f3d356%26D%3D%26bidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true HTTP 307
  • https://prebid.a-mo.net/setuid?A=7bb8c29e-8c89-40e3-8c75-745c86f3d356&D=&bidder=sovrn&uid=4beddc84a65b6e28533db5d2
Request Chain 285
  • https://ssum.casalemedia.com/usermatchredir?s=191503&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D7bb8c29e-8c89-40e3-8c75-745c86f3d356%26D%3D%26bidder%3Dindex_rtb%26uid%3D HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?s=191503&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D7bb8c29e-8c89-40e3-8c75-745c86f3d356%26D%3D%26bidder%3Dindex_rtb%26uid%3D&C=1 HTTP 302
  • https://prebid.a-mo.net/setuid?A=7bb8c29e-8c89-40e3-8c75-745c86f3d356&D=&bidder=index_rtb&uid=YFUgZCFSqIa9Ji5DHiuxhAAA%261171
Request Chain 286
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D7bb8c29e-8c89-40e3-8c75-745c86f3d356%26D%3D%26bidder%3Dpubmatic%26uid%3D%23PM_USER_ID HTTP 302
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D7bb8c29e-8c89-40e3-8c75-745c86f3d356%26D%3D%26bidder%3Dpubmatic%26uid%3D%23PM_USER_ID HTTP 302
  • https://prebid.a-mo.net/setuid?A=7bb8c29e-8c89-40e3-8c75-745c86f3d356&D=&bidder=pubmatic&uid=81219A30-5BB3-4F24-BC35-55283A34ABDA
Request Chain 287
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D7bb8c29e-8c89-40e3-8c75-745c86f3d356%26D%3D%26bidder%3Dappnexus%26uid%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fprebid.a-mo.net%252Fsetuid%253FA%253D7bb8c29e-8c89-40e3-8c75-745c86f3d356%2526D%253D%2526bidder%253Dappnexus%2526uid%253D%2524UID HTTP 302
  • https://prebid.a-mo.net/setuid?A=7bb8c29e-8c89-40e3-8c75-745c86f3d356&D=&bidder=appnexus&uid=3127976995046796571
Request Chain 339
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEIyjXgbzsGZHMOJjBc3YVP8&google_cver=1&google_push=AQvitUIUmFtBOAfEHgPXrkFXLU7nT73Mei8eSKbbyBJ5AEaleu2z9iyoYd2nS8vOrf_6LfFGPfD7jPSTM_aR3aCwng6SGm0DESnkcg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=akneustar_dmp&google_cm&google_hm=Q0FFU0VJeWpYZ2J6c0daSE1PSmpCYzNZVlA4
Request Chain 340
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitUIzeXPjYxawsOXh_gUAESrwH8naSm-x7N6molNZrlOQFBy4maLFU2_q_mQweWnFhCJIRwtjIcc7StLbxjZ_70Hqmlnn5GCC7A&google_gid=CAESEOWgyQLeNfdy6uhuxBKqExE&google_cver=1 HTTP 302
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitUIzeXPjYxawsOXh_gUAESrwH8naSm-x7N6molNZrlOQFBy4maLFU2_q_mQweWnFhCJIRwtjIcc7StLbxjZ_70Hqmlnn5GCC7A&google_gid=CAESEOWgyQLeNfdy6uhuxBKqExE&google_cver=1&rd=Y HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTAzMTkyMjA2MzE1Njk3ODIxNDQ2NDE1MQ%3D%3D&google_push=AQvitUIzeXPjYxawsOXh_gUAESrwH8naSm-x7N6molNZrlOQFBy4maLFU2_q_mQweWnFhCJIRwtjIcc7StLbxjZ_70Hqmlnn5GCC7A HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTAzMTkyMjA2MzE1Njk3ODIxNDQ2NDE1MQ%3D%3D&google_push=AQvitUIzeXPjYxawsOXh_gUAESrwH8naSm-x7N6molNZrlOQFBy4maLFU2_q_mQweWnFhCJIRwtjIcc7StLbxjZ_70Hqmlnn5GCC7A&google_tc=
Request Chain 342
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESELuVPvR5GFSxxfHA121tSNM&google_cver=1&google_push=AQvitUIMgfRGQh1EeEKDE4hkzhUIVAda_3bJIAWkk-33Kkug7ClizspBkjmlu40DUZfZFDYOl3W88EMLFFDOPIyfzfwQUzZe5dD5XQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=gSGaMFuzTyS8NVUoOjSr2g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUIMgfRGQh1EeEKDE4hkzhUIVAda_3bJIAWkk-33Kkug7ClizspBkjmlu40DUZfZFDYOl3W88EMLFFDOPIyfzfwQUzZe5dD5XQ
Request Chain 343
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEF_StH2kqKvYQTuPHi43fmk&google_cver=1&google_push=AQvitUKmilY49usroyl5RFIsTTJR1B1wo1meflMsnPL5frNaAthEuC3aWjnQ7heBgaaHJ5BtQzMxxzvuFUhm90cxCj8oecoxEKbRPA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01HVVFSM04tVi0yQ0lS&google_push=AQvitUKmilY49usroyl5RFIsTTJR1B1wo1meflMsnPL5frNaAthEuC3aWjnQ7heBgaaHJ5BtQzMxxzvuFUhm90cxCj8oecoxEKbRPA
Request Chain 358
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8470772502363522023
Request Chain 360
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFHR2prN0Fxa0VBQUJJV1F6TklNQQ&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir
Request Chain 361
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6941490031714564249
Request Chain 363
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=gSGaMFuzTyS8NVUoOjSr2g%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 366
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=81219A30-5BB3-4F24-BC35-55283A34ABDA&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=81219A30-5BB3-4F24-BC35-55283A34ABDA&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=81219A30-5BB3-4F24-BC35-55283A34ABDA&addseg=31
Request Chain 367
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=88dee563-8bf1-42ea-b937-d2c41c2c14dd
Request Chain 368
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=557150446999398645
Request Chain 369
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMWZ7hjsbc6Y5hPDmqbyYms&google_cver=1
Request Chain 370
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:46816055-2066-4100-a82a-a4a0b1d39bfa&gdpr=0&gdpr_consent=
Request Chain 371
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3127976995046796571&gdpr=0&gdpr_consent=
Request Chain 372
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.programattik.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
  • https://ads.programattik.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=156&expires=14&user_id=08ebade7-96b4-4d68-a8d1-4f0e15257c5f&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=d3a1162b-2e29-4341-84f9-dd4918d40629&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 374
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=81219A30-5BB3-4F24-BC35-55283A34ABDA&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=81219A30-5BB3-4F24-BC35-55283A34ABDA&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-GqxxfIBE2uVJP7dnvxe_Wi_VkRJfaL0-~A&gdpr=0&gdpr_consent=
Request Chain 375
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=uazix72s4cai_rSWuar6xbf_58aipeXKvv1lc4ie
Request Chain 376
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YFUgZwAAAGV9fyrK HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YFUgZwAAAGV9fyrK&gdpr=0&gdpr_consent=&_test=YFUgZwAAAGV9fyrK
Request Chain 377
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2594586110779443962&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 378
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:20737ce4-0bb3-42d8-8739-59004e3237f5&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 379
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=c5080193-0f7d-41c9-8f4f-17e46381293a-60552067-4348&gdpr=0&gdpr_consent=
Request Chain 382
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3127976995046796571
Request Chain 383
  • https://aa.agkn.com/adscores/g.pixel?sid=9212295768&_puid=18072662209258333470 HTTP 302
  • https://a.tribalfusion.com/i.match?p=b23&u=266530603730003112570
Request Chain 384
  • https://a.tribalfusion.com/i.match?p=b24&u=18072662209258333470&redirect=https%3A%2F%2Fpublic-prod-dspcookiematching.dmxleo.com%2Fdspreply%3FdspId%3D15%26dspUserId%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=15&dspUserId=18072662209258333470
Request Chain 385
  • https://ads.stickyadstv.com/user-registering?dataProviderId=377&userId=18072662209258333470&redirectId=1001 HTTP 302
  • https://a.tribalfusion.com/i.match?p=b21&u=aff01178a87149a57df8916f3ea1374a
Request Chain 386
  • https://a.tribalfusion.com/i.match?p=b22&u=18072662209258333470&redirect=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dexponential%26partner_uid%3D%24TF_USER_ID_ENC%24 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=exponential&partner_uid=18072662209258333470
Request Chain 388
  • https://us-u.openx.net/w/1.0/cm?id=b9f5c7de-85f6-48cc-ba86-351b90373b6b&r=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db12%26redirect%3Dhttps%253A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%253Fid%253D537141727%2526val%253D%2524TF_USER_ID_ENC%2524%26u%3D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=b9f5c7de-85f6-48cc-ba86-351b90373b6b&r=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db12%26redirect%3Dhttps%253A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%253Fid%253D537141727%2526val%253D%2524TF_USER_ID_ENC%2524%26u%3D HTTP 302
  • https://a.tribalfusion.com/i.match?p=b12&redirect=https%3A//us-u.openx.net/w/1.0/sd%3Fid%3D537141727%26val%3D%24TF_USER_ID_ENC%24&u=5361887f-cb5f-4c63-88d7-c2b98d17b5d3 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b12&redirect=https%3A//us-u.openx.net/w/1.0/sd%3Fid%3D537141727%26val%3D%24TF_USER_ID_ENC%24&u=5361887f-cb5f-4c63-88d7-c2b98d17b5d3
Request Chain 389
  • https://a.tribalfusion.com/i.match?p=b10&u=18072662209258333470&redirect=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D111756%26nid%3D3856%26put%3D%24TF_USER_ID_ENC%24%26expires%3D180 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=111756&nid=3856&put=18072662209258333470&expires=180
Request Chain 390
  • https://tags.bluekai.com/site/4229?id=18072662209258333470&redir=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db3%26u%3D%24_BK_UUID HTTP 302
  • https://a.tribalfusion.com/i.match?p=b3&u=xQ261Q9999e%2B1aPQ
Request Chain 391
  • https://cm.g.doubleclick.net/pixel?google_nid=exp&google_cm&google_sc&google_ula=2786954&google_hm=18072662209258333470 HTTP 302
  • https://a.tribalfusion.com/i.match?p=b6&u=adx&google_gid=CAESEBU31uoAtmX23ME90Z-vP7Y&google_cver=1&google_ula=2786954,0 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b6&u=adx&google_gid=CAESEBU31uoAtmX23ME90Z-vP7Y&google_cver=1&google_ula=2786954,0
Request Chain 395
  • https://sync.search.spotxchange.com/partner?adv_id=8731&uid=18072662209258333470&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db19%26u%3D$SPOTX_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=8731&uid=18072662209258333470&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db19%26u%3D$SPOTX_USER_ID&__user_check__=1&sync_id=5c3ec45b-88ff-11eb-b92c-1f932c7f4206 HTTP 302
  • https://a.tribalfusion.com/i.match?p=b19&u=5c3ec41f-88ff-11eb-b92c-1f932c7f4206 HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b19&u=5c3ec41f-88ff-11eb-b92c-1f932c7f4206

410 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request hacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500
appleinsider.com/articles/21/02/26/ 		103 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://appleinsider.com/articles/21/02/26/hacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6818:1259 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/7.2.30
Resource Hash
a3023508b88d3a78447bfbc530364b51d090ec6c9dec0577fe3e5792a9446c0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
appleinsider.com
:scheme
https
:path
/articles/21/02/26/hacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:21 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=ddbed568d49f013a51667190dceeff7eb1616191580; expires=Sun, 18-Apr-21 22:06:20 GMT; path=/; domain=.appleinsider.com; HttpOnly; SameSite=Lax XSRF-TOKEN=eyJpdiI6IkN1S3J5enRLM1M4TjVWRTRSWCtCUUE9PSIsInZhbHVlIjoiSkNUbUxPNFdEM05iSnY4Q1NSRWVUaWVMQ3R3aVwvOFlVajIrT1ZwRkl0M2hVMGJvNFo0WTZWQTRLQ3gyRTg5XC9OIiwibWFjIjoiYTc5ODc0MzY1OTEyZjY1MTRjNzBlMmIxMjUxZmIxZWUxYTc0YzMwZmQzMzBmMWNlZjlmNDY0MWFjMjM0MTQ2YSJ9; expires=Sat, 20-Mar-2021 00:06:21 GMT; Max-Age=7200; path=/ appleinsider_session=eyJpdiI6IklqXC9KK2NyNHFuU3U0cklXVmVkam5RPT0iLCJ2YWx1ZSI6IkRUb3V1TjlvVWo4bTFPbDNEYTUwSzdpWDdPRGs4ZFdHTWpBUUhpMGNmQVwvQXk0UGxvMWhWYjRLVForbFhVVWNFIiwibWFjIjoiNTIxNzg0OWY1MjUzYmJhYmJkMzM2NWQ3ZDk1MWI2OGJjMjllMzc5MThhMzBlZTQ4YTMxZThmNmZmM2QxNzFlNCJ9; expires=Sat, 20-Mar-2021 00:06:21 GMT; Max-Age=7200; path=/; httponly
x-powered-by
PHP/7.2.30
cache-control
no-cache, private
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
x-content-type-options
nosniff
access-control-allow-origin
*
cf-cache-status
DYNAMIC
cf-request-id
08ee1f81f000002c2a85986000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=gL5S1R%2F5kfX7JxE8G9ngxQYuhsyjYlMLwzc62rDOzJS9ctYlyhAgr%2FqF0vCz729R0g2n6EBYM5i%2BXA%2Bif4Z98tdlAhDm38YozWSPnJCi%2BQUTZvL%2Fjk1LjG92WcL5"}]}
nel
{"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
632a01e31bd72c2a-FRA
content-encoding
br
Inter-Regular.woff2
photos5.appleinsider.com/v10/fonts/Inter/ 		96 KB
97 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://photos5.appleinsider.com/v10/fonts/Inter/Inter-Regular.woff2?v=3.15
Requested by
Host: appleinsider.com
URL: https://appleinsider.com/articles/21/02/26/hacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:529a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3787e2f283651744e0b93d1fefb5936c7af26db8014c0def6651d050c56dd47e

Request headers

Origin
https://appleinsider.com
Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:21 GMT
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
481381
content-length
98804
cf-request-id
08ee1f83fa00004dd0631b1000000001
last-modified
Fri, 12 Mar 2021 04:00:51 GMT
server
cloudflare
etag
"604ae773-181f4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=NAflcWgQWkflfgjlfuFVG%2Bw67rmGhNM8K%2FqUtz5qOMZh2djEBNIQKo7ttoAtMiKY68KKEev%2BURQKRaxkuBL7YMZzruBU4%2FYGIP1B%2FPVh4RreXzA8%2Bw9VFP9Ay33LOykxSMkyfgA%3D"}],"max_age":604800,"group":"cf-nel"}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
632a01e65b764dd0-FRA
expires
Sun, 21 Mar 2021 08:23:20 GMT
Inter-Black.woff2
photos5.appleinsider.com/v10/fonts/Inter/ 		100 KB
101 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://photos5.appleinsider.com/v10/fonts/Inter/Inter-Black.woff2?v=3.15
Requested by
Host: appleinsider.com
URL: https://appleinsider.com/articles/21/02/26/hacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:529a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9af11e9250e89490528ec7ebd34b5b3f9aabb217409251700349924b446d426f

Request headers

Origin
https://appleinsider.com
Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:21 GMT
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
136186
content-length
102832
cf-request-id
08ee1f83fb00004dd07c9a5000000001
last-modified
Thu, 18 Mar 2021 05:52:48 GMT
server
cloudflare
etag
"6052eab0-191b0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=zxuqXjZ%2BGEMcNr4oD3esCOrniqKWw94fQ0XJXx45uM%2BLTih3OLPu8aHhnQEFzNZXD1kGZhC0%2FF0nUfs01MkNxy%2B2iABzWhxL8FfuwRxoeetOb4%2FoaqcIhfa3JUqJwS%2FKhciYjck%3D"}],"max_age":604800,"group":"cf-nel"}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
632a01e65b784dd0-FRA
expires
Thu, 25 Mar 2021 08:16:35 GMT
Inter-Bold.woff2
photos5.appleinsider.com/v10/fonts/Inter/ 		104 KB
104 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://photos5.appleinsider.com/v10/fonts/Inter/Inter-Bold.woff2?v=3.15
Requested by
Host: appleinsider.com
URL: https://appleinsider.com/articles/21/02/26/hacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:529a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7ca1e762fafb354a5eb894c613b964f135a23fffec363e43386f07dc457ed5e

Request headers

Origin
https://appleinsider.com
Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:21 GMT
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
136620
content-length
106052
cf-request-id
08ee1f83fb00004dd07e86d000000001
last-modified
Thu, 18 Mar 2021 05:52:48 GMT
server
cloudflare
etag
"6052eab0-19e44"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=VWox7pkT%2BCWXBh%2Fo5ziDF1MHJ%2BF1NfKuV50NukwFEMeIhFaugoqzxaddAz2M9h%2Bt%2BQw0LtY8xw3mo5WVcOb5Yw5CtQ1X9bnoth9ZfpI%2FRpnSH%2FtByDQ3ELmzcC%2ByU85EREVQLWI%3D"}],"max_age":604800,"group":"cf-nel"}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
632a01e65b794dd0-FRA
expires
Thu, 25 Mar 2021 08:09:21 GMT
Inter-ExtraBold.woff2
photos5.appleinsider.com/v10/fonts/Inter/ 		104 KB
104 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://photos5.appleinsider.com/v10/fonts/Inter/Inter-ExtraBold.woff2?v=3.15
Requested by
Host: appleinsider.com
URL: https://appleinsider.com/articles/21/02/26/hacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:529a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd43194795f55e3d871219c1a4059746526a815273a0804dbdb06b62ef4a3de5

Request headers

Origin
https://appleinsider.com
Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:21 GMT
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
209650
content-length
106048
cf-request-id
08ee1f83fb00004dd04f0d9000000001
last-modified
Mon, 15 Mar 2021 15:08:38 GMT
server
cloudflare
etag
"604f7876-19e40"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=q%2F%2BElvxvoMSdlIgj92Z4qr3T4G7n7O90S9V7d0n2Td7p6hPOWx7OhOphWJ7Nr0DMx4U4MM00RAL4E1zW8%2BHQXil9nCyz12kbsz4nWElrDLhX03NVhIjJjKOThDymuw%2Bd6944xj4%3D"}],"max_age":604800,"group":"cf-nel"}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
632a01e65b7a4dd0-FRA
expires
Wed, 24 Mar 2021 11:52:11 GMT
glyphicons-halflings-regular.woff2
photos5.appleinsider.com/v10/fonts/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://photos5.appleinsider.com/v10/fonts/glyphicons-halflings-regular.woff2
Requested by
Host: appleinsider.com
URL: https://appleinsider.com/articles/21/02/26/hacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:529a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c

Request headers

Origin
https://appleinsider.com
Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:21 GMT
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
222927
content-length
18028
cf-request-id
08ee1f83fb00004dd0a399f000000001
last-modified
Mon, 15 Mar 2021 15:08:38 GMT
server
cloudflare
etag
"604f7876-466c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=3ef2wFmlHua87acg%2FjO0sP9%2BdXcyuJHtAKWvIXkZVp68bnIp2Q53rI6GIoipdx898y4aPJ04SM6x4o%2FNY8SstsFb%2B92S5NWB7CKAwdm4BQqAL8u4wqdDbi7wLefmIT99V2M7r1o%3D"}],"max_age":604800,"group":"cf-nel"}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
632a01e65b7b4dd0-FRA
expires
Wed, 24 Mar 2021 08:10:54 GMT
Inter-Italic.woff2
photos5.appleinsider.com/v10/fonts/Inter/ 		104 KB
105 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://photos5.appleinsider.com/v10/fonts/Inter/Inter-Italic.woff2?v=3.15
Requested by
Host: appleinsider.com
URL: https://appleinsider.com/articles/21/02/26/hacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:529a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33f27c7731513756192c4608d743e9af6697383a1c1ab9a7c3a55d327397412f

Request headers

Origin
https://appleinsider.com
Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:21 GMT
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
302387
content-length
106604
cf-request-id
08ee1f83fb00004dd0ac2a2000000001
last-modified
Mon, 15 Mar 2021 15:08:38 GMT
server
cloudflare
etag
"604f7876-1a06c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=darPIJYPAvY4%2F93SLyNnrs3rjS6QitNtmMivRPm0wmU0xKKZFbKGM9%2BsmIIWCsGwlKtd%2B%2Bl0ZmBtqXnntzSoycenf0KRG4FeuFbo2KyVJL6g16aE76Tf%2FdC5WCjp4Z%2FeuI7MqHM%3D"}],"max_age":604800,"group":"cf-nel"}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
632a01e65b7d4dd0-FRA
expires
Tue, 23 Mar 2021 10:06:34 GMT
Inter-ExtraLightItalic.woff2
photos5.appleinsider.com/v10/fonts/Inter/ 		108 KB
109 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://photos5.appleinsider.com/v10/fonts/Inter/Inter-ExtraLightItalic.woff2?v=3.15
Requested by
Host: appleinsider.com
URL: https://appleinsider.com/articles/21/02/26/hacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:529a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
765c7a04d561aae76c8dba4449ab5cd34136afda5749d06db3279779ad3f4059

Request headers

Origin
https://appleinsider.com
Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:21 GMT
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
392606
content-length
110820
cf-request-id
08ee1f83fc00004dd0a72c4000000001
last-modified
Fri, 12 Mar 2021 04:00:51 GMT
server
cloudflare
etag
"604ae773-1b0e4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Vr%2FbjZzoHKLtf%2FSWgIwv6OBA11l0YcNhCdUxNb9C4xOpYd%2By%2Fref4DUzCW76XXuCVX%2BuODVTVx1iBzRGnMmXkk3Q0Xh%2Bh5QjBMgjkunaJvE3H97jB03wJUeQBFHJ02NpnORCdwc%3D"}],"max_age":604800,"group":"cf-nel"}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
632a01e65b7f4dd0-FRA
expires
Mon, 22 Mar 2021 09:02:55 GMT
Inter-Medium.woff2
photos5.appleinsider.com/v10/fonts/Inter/ 		103 KB
103 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://photos5.appleinsider.com/v10/fonts/Inter/Inter-Medium.woff2?v=3.15
Requested by
Host: appleinsider.com
URL: https://appleinsider.com/articles/21/02/26/hacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:529a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cae7b340613b2a060e0e200528f7e962baa13a44d868036cb2ea02fd7034e6d6

Request headers

Origin
https://appleinsider.com
Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:21 GMT
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
303487
content-length
105500
cf-request-id
08ee1f83fc00004dd03e108000000001
last-modified
Mon, 15 Mar 2021 15:08:38 GMT
server
cloudflare
etag
"604f7876-19c1c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xyf0mwnxE4AZwj0aOznFbN4XtEM2DAerNbVHMj2GGSyc39yXczS8fvHab2EkRfbuaoiSKJv9ih3IE1UKo0JOS3kK4nvvxX0uFbkBhu3bMG8OsTetrSIDpFMlLLycCV7m1e058zA%3D"}],"max_age":604800,"group":"cf-nel"}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
632a01e65b7e4dd0-FRA
expires
Tue, 23 Mar 2021 09:48:14 GMT
vendor.css
photos5.appleinsider.com/v10/css/ 		125 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://photos5.appleinsider.com/v10/css/vendor.css?id=840f06eb8f7a660891cb
Requested by
Host: appleinsider.com
URL: https://appleinsider.com/articles/21/02/26/hacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6818:1259 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15093aaa254c019f5aefbdc893bdadc642353383ca96faff9fb2cf8b5a2d19da

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:21 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
221334
cf-request-id
08ee1f83ea00002c2a568ed000000001
last-modified
Mon, 15 Mar 2021 15:08:38 GMT
server
cloudflare
etag
W/"604f7876-1f5c9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=QBPZiDLHpvIu55zECmyg%2FfPrW926AqNPt8MrqgUzru2ziI3qA%2BNSH9Nlh85PmI%2F4hxvqby9uNPcrBAzVj3BAUl78CCZSvfKTvPsaYirKEeYTE5znimFeklOGzNH80e60Mn0BFN0%3D"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=604800
cf-ray
632a01e64f282c2a-FRA
expires
Wed, 24 Mar 2021 08:37:27 GMT
app.css
photos5.appleinsider.com/v10/css/ 		57 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://photos5.appleinsider.com/v10/css/app.css?id=b7f12cb928ba549d3e64
Requested by
Host: appleinsider.com
URL: https://appleinsider.com/articles/21/02/26/hacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6818:1259 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d8b9a9fe89f8131a3d5eb0b75ed5a577b849110708e05bf0f8106a56f5bd741

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:21 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
144731
cf-request-id
08ee1f83ea00002c2a1f19d000000001
last-modified
Thu, 18 Mar 2021 05:52:48 GMT
server
cloudflare
etag
W/"6052eab0-e366"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=MZIhe02D0rREVl6DINrBKK3XC%2Fbte8mhRTMclII4rUH0%2FsaAIAlodvMi7BxGBpOX1OuR7D7yP742Y0FDLE%2F3XxVpO0%2FZWOQ2KKm531ytbBvtbiopsYv0rtW01urKHp5SZRZTvGQ%3D"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=604800
cf-ray
632a01e64f292c2a-FRA
expires
Thu, 25 Mar 2021 05:54:10 GMT
pg_vendors.min.css
photos5.appleinsider.com/v9/css/ 		6 KB
1012 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://photos5.appleinsider.com/v9/css/pg_vendors.min.css?1.3
Requested by
Host: appleinsider.com
URL: https://appleinsider.com/articles/21/02/26/hacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6818:1259 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
875b95ebe5108bd2cd6a65e4b7634ea2349d423188716a9169a4c75a6d6f18e4

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:21 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
257806
cf-request-id
08ee1f83ea00002c2a46395000000001
last-modified
Thu, 25 Feb 2021 18:15:04 GMT
server
cloudflare
etag
W/"6037e928-16b8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Hhsq03805LEq3dDeM7gm2TXBb7PqR2QAsr1Pg%2FAPJqd6PyV0Ij25tGnxX9KDZsI9EQeuBBi4j0KwWmByn28eJ%2B5FOgckoI8ZvjABqaf%2BYjycEhKA5c9Iycwk6c1ly6r5ITybf%2BA%3D"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=604800
cf-ray
632a01e64f2a2c2a-FRA
expires
Tue, 23 Mar 2021 22:29:35 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		58 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: appleinsider.com
URL: https://appleinsider.com/articles/21/02/26/hacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
f24bd9007a64984a1fac394d0ed07ecdf282d143fb22cc331bb2fa8b0a12fd91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"817 / 738 of 1000 / last-modified: 1616152376"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19833
x-xss-protection
0
expires
Fri, 19 Mar 2021 22:06:22 GMT
77432379-1625.js
biddr.brealtime.com/ 		220 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://biddr.brealtime.com/77432379-1625.js
Requested by
Host: appleinsider.com
URL: https://appleinsider.com/articles/21/02/26/hacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.120.107 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb8e0bbc156073718ecca75b1b84ac2d2fa70f7035e31d87eb99ee2e760e79ec

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 19 Mar 2021 22:06:22 GMT
Content-Encoding
gzip
CF-Cache-Status
HIT
Age
892
Transfer-Encoding
chunked
Connection
keep-alive
x-amz-request-id
0B4F752E9FE67D5E
x-amz-id-2
F0P5VvhgLHIWnE7FRUQlJHcCs+VuBu3VV/Ym00Czz+Vfxx1cLf1bXk3+WhZA9kFZkzzC5ubSJ2c=
Last-Modified
Thu, 17 Dec 2020 15:36:42 GMT
Server
cloudflare
ETag
W/"521fa3dc14536bd52f80aa2e3b9e5c71"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
public, max-age=60
cf-request-id
08ee1f88370000cc4ee1287000000001
CF-RAY
632a01ed2812cc4e-ZRH
Expires
Fri, 19 Mar 2021 22:07:22 GMT
vendor.js
photos5.appleinsider.com/v10/js/ 		212 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://photos5.appleinsider.com/v10/js/vendor.js?id=ddced4f72e510beb40d2
Requested by
Host: appleinsider.com
URL: https://appleinsider.com/articles/21/02/26/hacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6818:1259 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc0d00bf52fe78da5f3063118cb3cf355785cdb37f78f75c07cd590a9bc20934

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:21 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
95398
cf-request-id
08ee1f849900002c2a7c1a9000000001
last-modified
Thu, 18 Mar 2021 18:06:30 GMT
server
cloudflare
etag
W/"605396a6-34f4e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bu7kSG%2B8K3t1pYYP1zsZZqUbcNTIN%2BbPZmwfCctMj8V26zqw1nEc6hC1kE3QewnqBk7ehNPR2rxj0CdzKnnRtVgTwGTryBzbnP%2Bb2I9y7wlUEOgBxj3kEoEFdBSn6WcZSB2djwI%3D"}]}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
cf-ray
632a01e758442c2a-FRA
expires
Thu, 25 Mar 2021 19:36:23 GMT
app.js
photos5.appleinsider.com/v10/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://photos5.appleinsider.com/v10/js/app.js?id=530255261457bde9ca6e
Requested by
Host: appleinsider.com
URL: https://appleinsider.com/articles/21/02/26/hacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6818:1259 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a802db4ddb49c167fccfb0314a37d3a645d2741bd4c25371f5bce66dadb3db31

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:21 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
145984
cf-request-id
08ee1f849900002c2a15207000000001
last-modified
Thu, 18 Mar 2021 05:32:04 GMT
server
cloudflare
etag
W/"6052e5d4-158b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ugCOm%2Be66tQ9Pwi14hjm1FtUcvpi%2BD%2BMAspRjd8XNwK9jey1ZGsOhSaU%2FJvRBqVDvodiZ0Fyz1Zef1d4R5POvZUqX0w1iLKTVqk8W0eqUL0kVUVPlMgYFv%2Fj2LMJz%2FXT0B8PQV4%3D"}]}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
cf-ray
632a01e758452c2a-FRA
expires
Thu, 25 Mar 2021 05:33:17 GMT
article.js
photos5.appleinsider.com/v10/js/ 		1 KB
821 B 		Script
General
Check archive.org
Download Go to
Full URL
https://photos5.appleinsider.com/v10/js/article.js?id=73a35a5866bc3b439848
Requested by
Host: appleinsider.com
URL: https://appleinsider.com/articles/21/02/26/hacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6818:1259 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14d2d52dd8df09e70e35011b01d91866465f6e85ae1e2e987e35e9f32546dcca

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:21 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
489624
cf-request-id
08ee1f849900002c2a859a3000000001
last-modified
Fri, 12 Mar 2021 04:00:51 GMT
server
cloudflare
etag
W/"604ae773-4dc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=FtzOipRIhxiYkpa6zBIHDFHfGu%2BY5PXJI3%2B1zVTaFEvwUSEtuMO1y7FikXET%2BnHTkH6LrF3aWRGlh8ErEW7mFy4B16J4SEC%2B4jE23FXYIo9q483QbFve8JvtR9dPyCTwiN%2BaZtA%3D"}]}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
cf-ray
632a01e758462c2a-FRA
expires
Sun, 21 Mar 2021 06:05:57 GMT
pg_new.min.js
photos5.appleinsider.com/v9/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://photos5.appleinsider.com/v9/js/pg_new.min.js?1.04v
Requested by
Host: appleinsider.com
URL: https://appleinsider.com/articles/21/02/26/hacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6818:1259 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8bbdfbf5803af9dbb2c970b18bf01291b038f6549f44bbca7d86e7cae4ee5507

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:21 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
483751
cf-request-id
08ee1f849900002c2a252a9000000001
last-modified
Thu, 25 Feb 2021 18:10:27 GMT
server
cloudflare
etag
W/"6037e813-11b7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=izRY3Esoa4sq5JSQGWsDR6P9RFojm0M29M3HSKVwW8s1Tvz6zXWl1wuAlO9FPJm3eokG4FJfLBjpemTRaxnkBknUzwl1B7CN5UfGLDzky5iMOD3FpQh1Rqq3Nmqq7mAvjGv6dDM%3D"}]}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
cf-ray
632a01e758482c2a-FRA
expires
Sun, 21 Mar 2021 07:43:50 GMT
check.js
biddr.brealtime.com/ Frame EA0A 		641 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://biddr.brealtime.com/check.js?nnn=1616191582394
Requested by
Host: biddr.brealtime.com
URL: https://biddr.brealtime.com/77432379-1625.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.120.107 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cacbe8d075be5b96af1d81fa4753efcb5fdf25ae5acfbf8b6fe16fba1197eace

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 19 Mar 2021 22:06:22 GMT
Content-Encoding
gzip
CF-Cache-Status
MISS
x-amz-request-id
VK0PHP20T8SNEP8E
Transfer-Encoding
chunked
Connection
keep-alive
x-amz-id-2
oO7qRh4xjYjiftcGUrj8UKeBnvrgpdOKDSaPBgzAtS50IilUHR0Snj1xBtzAenK5gKtp1l9uvrw=
Last-Modified
Tue, 11 Feb 2020 20:09:04 GMT
Server
cloudflare
ETag
W/"81b479edefd671af66d52c0ad9347d68"
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
public, max-age=60
cf-request-id
08ee1f88d30000cc4ee225f000000001
CF-RAY
632a01ee0a4bcc4e-ZRH
Expires
Fri, 19 Mar 2021 22:07:22 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		119 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: appleinsider.com
URL: https://appleinsider.com/articles/21/02/26/hacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.158.204 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-158-204.dus51.r.cloudfront.net
Software
Server /
Resource Hash
86cef609c85d2c2ce6a507af54e77a9c150e2fa408043e1454082614c4b0ce2b

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 21:59:38 GMT
content-encoding
gzip
server
Server
age
403
etag
d2bbe61d6c9cfd2f9d26c66417c4fb1e
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 498cdb7d5db845f8fbb098d88d764204.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-version-id
qpGbqo5n5ftYm2ZsSSwwmAxZeGfbwfiX
x-amz-cf-id
UG9NtcO9Rke6Awmz7__Rr6atwx7VEDOw_mKiR2LVxV_nYfec7WoS-A==
logo-2x.png
photos5.appleinsider.com/v10/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://photos5.appleinsider.com/v10/images/logo-2x.png
Requested by
Host: appleinsider.com
URL: https://appleinsider.com/articles/21/02/26/hacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6818:1259 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73b493c2b38c4c504a07946b51afcb29b5c57e39c07fcedcd9bef5cf036f01da

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:22 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
137123
content-length
2092
cf-request-id
08ee1f88c600002c2a6b0ce000000001
last-modified
Thu, 18 Mar 2021 05:52:48 GMT
server
cloudflare
etag
"6052eab0-82c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=vJx%2FSvylWfO18UC53dXYkXfxg1LSefrxrPFdjK%2BcUkpEX6BFWrouJpECOoJLt4igfc9SeSVeEStNtS7RNLLMTURAlwQaPi8U5PBvC1hWObLN3C1YcQVBZqZWkDzsxdh4GEog290%3D"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
632a01ee0f442c2a-FRA
expires
Thu, 25 Mar 2021 08:00:59 GMT
Inter-SemiBold.woff2
photos5.appleinsider.com/v10/fonts/Inter/ 		104 KB
104 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://photos5.appleinsider.com/v10/fonts/Inter/Inter-SemiBold.woff2?v=3.15
Requested by
Host: photos5.appleinsider.com
URL: https://photos5.appleinsider.com/v10/css/vendor.css?id=840f06eb8f7a660891cb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:529a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77b8d327de844bfaab4618c424bbe957523752f31633058281e9204a47e0d414

Request headers

Origin
https://appleinsider.com
Referer
https://photos5.appleinsider.com/v10/css/vendor.css?id=840f06eb8f7a660891cb
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:22 GMT
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
457248
content-length
105992
cf-request-id
08ee1f88cb00004dd093295000000001
last-modified
Fri, 12 Mar 2021 04:00:51 GMT
server
cloudflare
etag
"604ae773-19e08"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=VrXw6lOgSNMqfdm2MUlJag0nj7Cb9sTYv%2FcxfvCXxf1wfP1baEPCLS7Bm5lapSmj6cVzfi3shLO5LopyFTt1DM6LgaPT4x%2FhHVgjT%2FhnTeDSXQhEXLX8055x31476H5%2BMVqQwhg%3D"}],"max_age":604800,"group":"cf-nel"}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
632a01ee1fd34dd0-FRA
expires
Sun, 21 Mar 2021 15:05:34 GMT
william+gallagher.jpg
photos5.appleinsider.com/gallery/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://photos5.appleinsider.com/gallery/william+gallagher.jpg
Requested by
Host: appleinsider.com
URL: https://appleinsider.com/articles/21/02/26/hacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6818:1259 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8a618ba4c932510f5eada2df0d46557e914c254380831688bf36f5e43f10f2ab

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:22 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
400933
content-length
7738
cf-request-id
08ee1f88e400002c2a62359000000001
last-modified
Wed, 19 Jun 2019 07:11:17 GMT
server
cloudflare
etag
"5d09e015-1e3a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=oXnrDSUuYM%2F%2FAP0cGAVKWHEN6g8sodBo77vqDFSPzo0OdbWJ9ZqPI0v8NMG60lHAqvqB%2BVWiTY9GK1MSL0KeRl2HTGn0FqkcQG57Y8mm0eBjSne8azXPhExhD54u6yj00R3FMT4%3D"}]}
content-type
image/jpeg
access-control-allow-origin
*
expires
Mon, 22 Mar 2021 06:44:09 GMT
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
632a01ee3f832c2a-FRA
cf-bgj
h2pri
38939-74372-iPhone-12-mini-in-Right-Hand-xl.jpg
photos5.appleinsider.com/gallery/ 		176 KB
177 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://photos5.appleinsider.com/gallery/38939-74372-iPhone-12-mini-in-Right-Hand-xl.jpg
Requested by
Host: appleinsider.com
URL: https://appleinsider.com/articles/21/02/26/hacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6818:1259 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
488c82e054918ebc7cabbde48002abd5ca827a764da1f91204733a2c9a61e12c

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:22 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
191701
content-length
180637
cf-request-id
08ee1f88e400002c2a3c9c8000000001
last-modified
Fri, 20 Nov 2020 14:47:44 GMT
server
cloudflare
etag
"5fb7d710-2c19d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Powmrboop3B4iyB%2BkoH%2BawQ3XJD1EJkuFqt2F%2FUrjLq5IeXaZJcB6yGTSRQsYcMx1byWeTGOUqX%2BLBr88CksWB9EAtW%2Fv5plWBttUgNqbkxlxP2f9F5kYOTTWMe90JEyRYsiflg%3D"}]}
content-type
image/jpeg
access-control-allow-origin
*
expires
Wed, 24 Mar 2021 16:51:21 GMT
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
632a01ee3f852c2a-FRA
cf-bgj
h2pri
facebook.png
photos5.appleinsider.com/v10/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://photos5.appleinsider.com/v10/images/facebook.png
Requested by
Host: appleinsider.com
URL: https://appleinsider.com/articles/21/02/26/hacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6818:1259 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac3582c00c3a13a4157cd7a5403f119215308c21266c2b8adad49f1a548ab414

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:22 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
130784
content-length
1196
cf-request-id
08ee1f88e400002c2a0c82a000000001
last-modified
Thu, 18 Mar 2021 05:52:48 GMT
server
cloudflare
etag
"6052eab0-4ac"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=LzUuD6bUDz1QNIaGfXhXTgefz%2FVJg0JBNGxIYbB7rHhpUE%2BX23b79ojo4L%2B75Nz%2F1bpaUgzWswlG542am02PDfvY6u3gy8FtrJ0FaTb5LGac0U8poQ%2Blft33DRKoNHxo%2BeoeGFo%3D"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
632a01ee3f862c2a-FRA
expires
Thu, 25 Mar 2021 09:46:38 GMT
twitter.png
photos5.appleinsider.com/v10/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://photos5.appleinsider.com/v10/images/twitter.png
Requested by
Host: appleinsider.com
URL: https://appleinsider.com/articles/21/02/26/hacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6818:1259 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6321149c49d5453da9ad7651320ea17aa201b2c1a659c9f55f69ea26e3cdb6ef

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:22 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
489625
content-length
2353
cf-request-id
08ee1f88e400002c2a27a3e000000001
last-modified
Fri, 12 Mar 2021 04:00:51 GMT
server
cloudflare
etag
"604ae773-931"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2Bzudq6Vlae1S1MUHU%2B4sMYIrMfzeyEUygpjFaWxIvD%2FGAEjXdO0FcPTfVrmM7y81YGSawigO%2Fp%2BhBy76ixv1zQ11NL6Xin78zNCwxFJu5SsBK%2F9WZXFNaTAhmf%2B9lW0E1IZsA4E%3D"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
632a01ee3f872c2a-FRA
expires
Sun, 21 Mar 2021 06:05:57 GMT
reddit.png
photos5.appleinsider.com/v10/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://photos5.appleinsider.com/v10/images/reddit.png
Requested by
Host: appleinsider.com
URL: https://appleinsider.com/articles/21/02/26/hacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6818:1259 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddc2a4f78ecebd49ce5ea49157110f4054215e780baa67c9811074e3f09ab23d

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:22 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
136865
content-length
2478
cf-request-id
08ee1f88e400002c2a750f1000000001
last-modified
Thu, 18 Mar 2021 05:52:48 GMT
server
cloudflare
etag
"6052eab0-9ae"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=CnYhBqM3vfz8JgRMv63LFk1tYfXQgUura%2FRxgQw523H%2FjrrzEelOPz7dTWY2iubsX5qcsMycCESiU1P%2FJY%2FNRIcVyY3eS1TRxKtBHerE4r2QNZPs9Fnhe16qEHb2LSxFDg49uTw%3D"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
632a01ee3f882c2a-FRA
expires
Thu, 25 Mar 2021 08:05:17 GMT
0f6df003b465d6678ebf574dfce4f74d.svg
vanillicon.com/v2/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vanillicon.com/v2/0f6df003b465d6678ebf574dfce4f74d.svg
Requested by
Host: appleinsider.com
URL: https://appleinsider.com/articles/21/02/26/hacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:804f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f571817942f4304a56e8b8b77d38e73f619f50d0709875e03cd076520cec55f3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:22 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
126199
content-disposition
inline; filename="0f6df003b465d6678ebf574dfce4f74d.svg"
x-generated-by
vanillicon
last-modified
Sat, 01 Jan 2011 00:00:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public
cf-request-id
08ee1f890000004ddcad363000000001
cf-ray
632a01ee6aa54ddc-FRA
expires
Fri, 18 Mar 2022 11:03:03 GMT
0bcb853770960f3d571bd6310d42f8ba.svg
vanillicon.com/v2/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vanillicon.com/v2/0bcb853770960f3d571bd6310d42f8ba.svg
Requested by
Host: appleinsider.com
URL: https://appleinsider.com/articles/21/02/26/hacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:804f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
65e1a28296d03f9a90d276fb38f293db5401bb2960c5ed583aba405563a3353f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:22 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
602211
content-disposition
inline; filename="0bcb853770960f3d571bd6310d42f8ba.svg"
x-generated-by
vanillicon
last-modified
Sat, 01 Jan 2011 00:00:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public
cf-request-id
08ee1f890200004ddc7e93a000000001
cf-ray
632a01ee6aa84ddc-FRA
expires
Sat, 12 Mar 2022 22:49:31 GMT
7afe4f5247270715f1c659f02efb8856.svg
vanillicon.com/v2/ 		2 KB
996 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vanillicon.com/v2/7afe4f5247270715f1c659f02efb8856.svg
Requested by
Host: appleinsider.com
URL: https://appleinsider.com/articles/21/02/26/hacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:804f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8bc74e6e7162be3b24e66a45c1b8394dca58ffa02cda223dc7a47f95357c829a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:22 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
38132
content-disposition
inline; filename="7afe4f5247270715f1c659f02efb8856.svg"
x-generated-by
vanillicon
last-modified
Sat, 01 Jan 2011 00:00:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public
cf-request-id
08ee1f890000004ddc6e23b000000001
cf-ray
632a01ee6aa94ddc-FRA
expires
Sat, 19 Mar 2022 11:30:50 GMT
28b68aebb613718ebede0b29a010916b.svg
vanillicon.com/v2/ 		2 KB
839 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vanillicon.com/v2/28b68aebb613718ebede0b29a010916b.svg
Requested by
Host: appleinsider.com
URL: https://appleinsider.com/articles/21/02/26/hacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:804f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ef81a01b04a5daa160e0d3a765e5d78d21b112290534b76b0c4ab0fc25ecdc7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:22 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
last-modified
Sat, 01 Jan 2011 00:00:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
x-generated-by
vanillicon
cache-control
public
content-disposition
inline; filename="28b68aebb613718ebede0b29a010916b.svg"
cf-ray
632a01ee6aaa4ddc-FRA
cf-request-id
08ee1f890100004ddc6b133000000001
expires
Sat, 19 Mar 2022 22:06:22 GMT
2887aca43e708d2b5e1b2f64c2ad91ee.svg
vanillicon.com/v2/ 		2 KB
985 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vanillicon.com/v2/2887aca43e708d2b5e1b2f64c2ad91ee.svg
Requested by
Host: appleinsider.com
URL: https://appleinsider.com/articles/21/02/26/hacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:7::a29f:804f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08dd0433dcfd7d8a38f55bf918be2132c881de283c98b4b3c09bf32da9ebb40e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:22 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
30844
content-disposition
inline; filename="2887aca43e708d2b5e1b2f64c2ad91ee.svg"
x-generated-by
vanillicon
last-modified
Sat, 01 Jan 2011 00:00:00 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
public
cf-request-id
08ee1f890100004ddc7684c000000001
cf-ray
632a01ee6aab4ddc-FRA
expires
Sat, 19 Mar 2022 13:32:18 GMT
pubads_impl_2021031601.js
securepubads.g.doubleclick.net/gpt/ 		285 KB
100 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
sffe /
Resource Hash
eea4a3705b3e19174b9f0f127702bfc02cda65dff1f5b25e65f48a9c65ce9a7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 16 Mar 2021 08:39:28 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
102421
x-xss-protection
0
expires
Fri, 19 Mar 2021 22:06:22 GMT
embed.js
forums.appleinsider.com//js/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://forums.appleinsider.com//js/embed.js
Requested by
Host: appleinsider.com
URL: https://appleinsider.com/articles/21/02/26/hacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6818:1259 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd872851125ba6270e1b3245a3af9817eb638999f3b64345974f150596dca268

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:22 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 26 Jan 2017 17:29:29 GMT
server
cloudflare
age
1081
etag
W/"3501-54702b105b040-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=R8nc7YMyyUonbRcSiS4A5uY%2BhMWl9CLSJKmQYa1gLR%2B1mSZ2bG%2FLQDMwxSGtNWj63D0Meh2k3egi%2Fs33E89uTyE8jVgUNb1VMN9r53bizGuu6qwlGS4SDT5bin1T14VUcCV67g%3D%3D"}]}
content-type
application/javascript
cache-control
max-age=18000
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
632a01ee5fa92c2a-FRA
cf-request-id
08ee1f88f600002c2a44b37000000001
40924-79127-39688-76174-210107-iOS-xl-m.jpg
photos5.appleinsider.com/gallery/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://photos5.appleinsider.com/gallery/40924-79127-39688-76174-210107-iOS-xl-m.jpg
Requested by
Host: appleinsider.com
URL: https://appleinsider.com/articles/21/02/26/hacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6818:1259 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25b4e8175ad31491c6935d4581f1b529280bae31b512d56c51be98bc853d6763

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:22 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
1874
content-length
17580
cf-request-id
08ee1f88f300002c2a6b0d0000000001
last-modified
Fri, 19 Mar 2021 21:15:15 GMT
server
cloudflare
etag
"60551463-44ac"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=YG7XAAFBM1mHS37u3%2Bp9NHAIFgXtaIAhwMKWA6YOg3eIEgiJjYFRDvKpUlEVEq%2BkIvYj6kzDjgpsf9SKAJd6JAfbpTYgOAejORuxmVazdXZZvga222eYbIOsads7DvhvYZ0SVbQ%3D"}]}
content-type
image/jpeg
access-control-allow-origin
*
expires
Fri, 26 Mar 2021 21:35:07 GMT
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
632a01ee5fa02c2a-FRA
cf-bgj
h2pri
40918-79119-March-Madness-2021-m.jpg
photos5.appleinsider.com/gallery/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://photos5.appleinsider.com/gallery/40918-79119-March-Madness-2021-m.jpg
Requested by
Host: appleinsider.com
URL: https://appleinsider.com/articles/21/02/26/hacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6818:1259 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c906f952ff36925693d427252714fde102f7f663f21d97d83b62f250f8d6156d

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:22 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
18217
content-length
23882
cf-request-id
08ee1f88f300002c2a1523b000000001
last-modified
Fri, 19 Mar 2021 16:50:49 GMT
server
cloudflare
etag
"6054d669-5d4a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=XORPnZZCm6JBwnKkwkVMxoHjToOE5S%2BsI2H1a7D4ffNfi%2F6DP6JVZ6wu0EYZeageXqat%2FWy0x40%2Fatghlg7e9WR0GryGmI91v8HuULOPvw5fuS3zFwBtLJBk8tM7ZwgnC1AHQgM%3D"}]}
content-type
image/jpeg
access-control-allow-origin
*
expires
Fri, 26 Mar 2021 17:02:45 GMT
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
632a01ee5fa22c2a-FRA
cf-bgj
h2pri
40896-79056-40063-77044-000-lead-Touch-ID-xl-m.jpg
photos5.appleinsider.com/gallery/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://photos5.appleinsider.com/gallery/40896-79056-40063-77044-000-lead-Touch-ID-xl-m.jpg
Requested by
Host: appleinsider.com
URL: https://appleinsider.com/articles/21/02/26/hacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6818:1259 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8370fc202af542c0ecc594e4da76c3c603857fc1c6ee98fbcae83b370c4727e7

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:22 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
113999
content-length
15127
cf-request-id
08ee1f88f300002c2a67a3f000000001
last-modified
Thu, 18 Mar 2021 14:08:57 GMT
server
cloudflare
etag
"60535ef9-3b17"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=KllN8sKv3kf9B4UQpJ8%2BenefyUnSI65LH7cW8CMhCK5VhNK6bDr2CktvCLFrRLHetutV1TYau7ncLrTtjJlWIzwLRqRr2HQJJdTW7IPpg6ZZhdklXfmyNXOWhOsm3YlR1m6Kr%2Fs%3D"}]}
content-type
image/jpeg
access-control-allow-origin
*
expires
Thu, 25 Mar 2021 14:26:23 GMT
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
632a01ee5fa42c2a-FRA
cf-bgj
h2pri
apple-airpods-pro.png
photos5.appleinsider.com/price_guide/featured-deal/ 		153 KB
153 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://photos5.appleinsider.com/price_guide/featured-deal/apple-airpods-pro.png
Requested by
Host: appleinsider.com
URL: https://appleinsider.com/articles/21/02/26/hacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6818:1259 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3d2a5e0adda124add8f8d7d4b040b2413a75e0fcd47f29482db86a0b87c6f5e

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:22 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
136770
content-length
156324
cf-request-id
08ee1f890000002c2a19068000000001
last-modified
Sat, 25 Apr 2020 20:59:05 GMT
server
cloudflare
etag
"5ea4a499-262a4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=xID53hLOZuXEuTGWsStUTXaQfGb64PEZIsqKBClzFGWO6a%2Bz4ftGlwHMlIUlJDXwDnjZnBqy4bgzRb6CUDQUEZUoWU9oPBlkuHkbmLQm8IVOjsrkX0oOODDiVVG3A5wxvGMwI7Q%3D"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
632a01ee6fc92c2a-FRA
expires
Thu, 25 Mar 2021 08:06:52 GMT
2020-ipad-pro.png
photos5.appleinsider.com/price_guide/featured-deal/ 		944 KB
946 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://photos5.appleinsider.com/price_guide/featured-deal/2020-ipad-pro.png
Requested by
Host: appleinsider.com
URL: https://appleinsider.com/articles/21/02/26/hacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6818:1259 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
761f2b9137be3867352770b228e71a0bdd5f47c31237395213e0b9d7d4f7756c

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:22 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
404335
content-length
967028
cf-request-id
08ee1f890100002c2a1523c000000001
last-modified
Sat, 25 Apr 2020 21:03:20 GMT
server
cloudflare
etag
"5ea4a598-ec174"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rGYfYkb3W802ATj4YHl0Z2kfPiZoUoSGOU4JAjYXsPOM%2FTN6E1xvu1upi%2F1IVL4tP1UjwBMfjVJteyQVfXU8BHioxC1NeBppSbyBmgZ4d9OVrceLRo8EPEEUdcORiSM6W12pfFc%3D"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
632a01ee6fcb2c2a-FRA
expires
Mon, 22 Mar 2021 05:47:27 GMT
m1-macbook-air-gold.png
photos5.appleinsider.com/price_guide/featured-deal/ 		445 KB
446 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://photos5.appleinsider.com/price_guide/featured-deal/m1-macbook-air-gold.png
Requested by
Host: appleinsider.com
URL: https://appleinsider.com/articles/21/02/26/hacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6818:1259 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e17eb4cf197771ccfa5c6a4a7d7ab36a0d99197a8a7a40e30895c6407a6ef419

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:22 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
95319
content-length
455587
cf-request-id
08ee1f890100002c2a45b84000000001
last-modified
Thu, 07 Jan 2021 19:27:01 GMT
server
cloudflare
etag
"5ff76085-6f3a3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=gD69CmsKUXukBhzATjIBVcf%2B1E%2F%2FssfmoCoDMJkGqf6BkekwxjiCWumQ02Z2qjjRp%2BnG8PTLeAM%2FBXK1k13M1ih9PCd2ZfbPFWViaFi41VJAIkE8nnf2H8d2wafzZe2o9UbbKCA%3D"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
632a01ee6fcc2c2a-FRA
expires
Thu, 25 Mar 2021 19:37:42 GMT
avatar-default.png
photos5.appleinsider.com/v10/images/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://photos5.appleinsider.com/v10/images/avatar-default.png
Requested by
Host: photos5.appleinsider.com
URL: https://photos5.appleinsider.com/v10/css/app.css?id=b7f12cb928ba549d3e64
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6818:1259 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1001ad98e4c727c3d83184a9fa50f1cca34b4ee53db28be1ec3499f8305f3783

Request headers

Referer
https://photos5.appleinsider.com/v10/css/app.css?id=b7f12cb928ba549d3e64
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:22 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
304759
content-length
6608
cf-request-id
08ee1f890200002c2a463d2000000001
last-modified
Mon, 15 Mar 2021 15:08:38 GMT
server
cloudflare
etag
"604f7876-19d0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Qi6pljpjQHf1VX06RTxrD09t7Mdz50dqG6jSWXpXplxSjclQeCPWQQ1vxtVDPhQeTP%2FYOd6cmHj%2Fxxvq34GrLIsaDdRWpzy9DVd85McVl4lzGlNKBH72X7tik53re%2FuXcfw4bF4%3D"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
632a01ee6fd22c2a-FRA
expires
Tue, 23 Mar 2021 09:27:03 GMT
socialFooterFB.png
photos5.appleinsider.com/v10/images/ 		946 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://photos5.appleinsider.com/v10/images/socialFooterFB.png
Requested by
Host: photos5.appleinsider.com
URL: https://photos5.appleinsider.com/v10/css/app.css?id=b7f12cb928ba549d3e64
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6818:1259 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4140061ee9197acfbc4003459d37f5d28477f7d6a9b2bc98f8ceae15f89ccab0

Request headers

Referer
https://photos5.appleinsider.com/v10/css/app.css?id=b7f12cb928ba549d3e64
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:22 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
68727
content-length
946
cf-request-id
08ee1f890600002c2a5f89a000000001
last-modified
Thu, 18 Mar 2021 18:06:30 GMT
server
cloudflare
etag
"605396a6-3b2"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=et4rYZuIlFHLLjJbWPG2z0RZriXB5lLKhpQkeTFjJpqRjLvG3p6p5SUyTc4UH0XAImdODeisCdjGSI1WX9HseijE0wlEkIsDGiP%2BvsoH9Dp2yLD0lphw1ww5OaRWc2l3cR11R%2BQ%3D"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
632a01ee7fd52c2a-FRA
expires
Fri, 26 Mar 2021 03:00:55 GMT
socialFooterT.png
photos5.appleinsider.com/v10/images/ 		983 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://photos5.appleinsider.com/v10/images/socialFooterT.png
Requested by
Host: photos5.appleinsider.com
URL: https://photos5.appleinsider.com/v10/css/app.css?id=b7f12cb928ba549d3e64
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6818:1259 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
79e1a87df94f3cdc2c6942636750f5093ad5e96e980fc63bf6d62e87a4780561

Request headers

Referer
https://photos5.appleinsider.com/v10/css/app.css?id=b7f12cb928ba549d3e64
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:22 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
304874
content-length
983
cf-request-id
08ee1f890600002c2a44b38000000001
last-modified
Mon, 15 Mar 2021 15:08:38 GMT
server
cloudflare
etag
"604f7876-3d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=pOG2ZeTbTDWi5Kts0%2FHIHVDj1uAsJtEkMPeIzzlH1jU4h3juerNlQdJeyMAWY2FfAMbAeYZ%2FI8URclXBwo7VEYsgowH2HOPM7qe74Tvi4Qlvbc3EcLMaLUulJ3EOFbKzonUqOOM%3D"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
632a01ee7fd72c2a-FRA
expires
Tue, 23 Mar 2021 09:25:08 GMT
socialFooterE.png
photos5.appleinsider.com/v10/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://photos5.appleinsider.com/v10/images/socialFooterE.png
Requested by
Host: photos5.appleinsider.com
URL: https://photos5.appleinsider.com/v10/css/app.css?id=b7f12cb928ba549d3e64
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6818:1259 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d16a0a443fca75e32beb193844badf4022625c4fbda6defa604f8cfb68249588

Request headers

Referer
https://photos5.appleinsider.com/v10/css/app.css?id=b7f12cb928ba549d3e64
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:22 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
510261
content-length
1108
cf-request-id
08ee1f890700002c2a24a2b000000001
last-modified
Fri, 12 Mar 2021 04:00:51 GMT
server
cloudflare
etag
"604ae773-454"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2Byf0xLAT0kstnhZPeQ2POjA01eoNOupx58wKwboIPewipymQaxDh6mPfg72A6bnku5MzsCxEWw%2BuzFHcWM9C%2FPvJ%2F0v4bgL3i%2B24NUoCTqUm54xhEzV55pQzCxrGyxzP5KjBBrI%3D"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
632a01ee7fd92c2a-FRA
expires
Sun, 21 Mar 2021 00:22:01 GMT
34439-62156-Best-Cases-for-AIrPods-Pro-m.jpg
photos5.appleinsider.com/gallery/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://photos5.appleinsider.com/gallery/34439-62156-Best-Cases-for-AIrPods-Pro-m.jpg
Requested by
Host: appleinsider.com
URL: https://appleinsider.com/articles/21/02/26/hacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6818:1259 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
befc61b78e3323ca219ba3e9e088eb78cc30e30a8b5aa226f1fdefc9ccd7b326

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:22 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
13742
content-length
18347
cf-request-id
08ee1f891c00002c2a3c9cb000000001
last-modified
Fri, 07 Feb 2020 17:12:41 GMT
server
cloudflare
etag
"5e3d9a89-47ab"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=3364C7mXdHs1C2JW4LjO2ArVHtKfk%2Bz0XUTFThINuVWEBGD1JTkU9XNOzAi4O5PmjnbyposvHsDsWgDvj5GD4048OLHChZgYseV3pqCaLcioeode0mszZl1T16Hcv3piXFfEXh8%3D"}]}
content-type
image/jpeg
access-control-allow-origin
*
expires
Fri, 26 Mar 2021 18:17:20 GMT
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
632a01ee980a2c2a-FRA
cf-bgj
h2pri
39894-76678-Galaxy-Buds-Pro-and-AirPods-Pro-on-Notebook-m.jpg
photos5.appleinsider.com/gallery/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://photos5.appleinsider.com/gallery/39894-76678-Galaxy-Buds-Pro-and-AirPods-Pro-on-Notebook-m.jpg
Requested by
Host: appleinsider.com
URL: https://appleinsider.com/articles/21/02/26/hacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6818:1259 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0cc4a20268cb6c7f0d9385354e7d7889e28302e738956d7c1f5409876fd1b535

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:22 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
193352
content-length
11015
cf-request-id
08ee1f891c00002c2a0c82d000000001
last-modified
Wed, 20 Jan 2021 15:17:27 GMT
server
cloudflare
etag
"60084987-2b07"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wxZxdZnUnqfXMcw%2BTdIwE%2BmB0K7a7MBbFsQExgo3eLLlVUcqls4zbaB1dcMQzHaws1V6HJNzyakr22qlrk2MZ1t%2Fu6QRp%2F8qrJ3lNejHCASPI0NU%2FXJB4sDaKQN8kkk4vA2tkGo%3D"}]}
content-type
image/jpeg
access-control-allow-origin
*
expires
Wed, 24 Mar 2021 16:23:50 GMT
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
632a01ee980b2c2a-FRA
cf-bgj
h2pri
38821-74145-cinebench_r23_on_m1_13-inch_macbook_pro-m.jpg
photos5.appleinsider.com/gallery/ 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://photos5.appleinsider.com/gallery/38821-74145-cinebench_r23_on_m1_13-inch_macbook_pro-m.jpg
Requested by
Host: appleinsider.com
URL: https://appleinsider.com/articles/21/02/26/hacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6818:1259 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9e3cb8e0e3c49ad5d2ec238f15f4541f0c9ac788a8658504c1db05502a368f3

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:22 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
282742
content-length
17657
cf-request-id
08ee1f891c00002c2a8a03f000000001
last-modified
Tue, 17 Nov 2020 13:28:14 GMT
server
cloudflare
etag
"5fb3cfee-44f9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=r5nfIeFGILpR4%2FoB5ZclPLZdbaj0AXBwxGJwyb9CN%2FVVTsbXE%2FIlAyj9s%2FsSkjrHBEjZSYpMxWwv%2FpZp1aNV3DT%2FtqOrXSLrqSKv%2Bw8lLmGw5mMaWZQjxN94F%2B35MDxYSBc2mDE%3D"}]}
content-type
image/jpeg
access-control-allow-origin
*
expires
Tue, 23 Mar 2021 15:34:00 GMT
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
632a01ee980c2c2a-FRA
cf-bgj
h2pri
38588-73551-IMG_3762-m.png
photos5.appleinsider.com/gallery/ 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://photos5.appleinsider.com/gallery/38588-73551-IMG_3762-m.png
Requested by
Host: appleinsider.com
URL: https://appleinsider.com/articles/21/02/26/hacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6818:1259 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3aa6a293efb52fe8918829133d2af070fcd229f4637d2777a060c6d2f4239cc0

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:22 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
137002
content-length
59424
cf-request-id
08ee1f891c00002c2a859d7000000001
last-modified
Tue, 03 Nov 2020 18:21:19 GMT
server
cloudflare
etag
"5fa19f9f-e820"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Fve0OKUYdwkavSyLXpIPI3cYCP3%2BiO7zm1gfYISXDWRWmz7PYZeRXg2thFVx7hMrxqEST7zcJx7l5CR%2FvOLXw8F9R5nNmebkmWyhfmMBVjEPagTLAt9zn5k0Q44EdO3j5T7Uoss%3D"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
632a01ee980d2c2a-FRA
expires
Thu, 25 Mar 2021 08:03:00 GMT
38738-73905-000-lead-MBA-and-MBP-m.jpg
photos5.appleinsider.com/gallery/ 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://photos5.appleinsider.com/gallery/38738-73905-000-lead-MBA-and-MBP-m.jpg
Requested by
Host: appleinsider.com
URL: https://appleinsider.com/articles/21/02/26/hacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6818:1259 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
af4e8aaef5ec46cd2f63b641d34fecd3acbc73b3b15aad726a6350ac3381f9ec

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:22 GMT
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
304759
content-length
13477
cf-request-id
08ee1f891c00002c2a8e8c4000000001
last-modified
Wed, 11 Nov 2020 16:27:48 GMT
server
cloudflare
etag
"5fac1104-34a5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ZAzLR0tWNl0y0QvPuvvxoyQmXtSW2SKoL%2BX0Hy3KIZge1HHF0Ita4o2rUoqZgwEAiDunlQLd9RZW2SRDvx7g6Ec00E2CsyQjamOD7XG%2FBxSaEF7XXnvmFscEc8av%2F78V2%2FwYI8k%3D"}]}
content-type
image/jpeg
access-control-allow-origin
*
expires
Tue, 23 Mar 2021 09:27:03 GMT
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
632a01ee980e2c2a-FRA
cf-bgj
h2pri
analytics.js
www.google-analytics.com/ 		46 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: appleinsider.com
URL: https://appleinsider.com/articles/21/02/26/hacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 05 Feb 2021 21:33:27 GMT
server
Golfe2
age
227
date
Fri, 19 Mar 2021 22:02:35 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18980
expires
Sat, 20 Mar 2021 00:02:35 GMT
quant.js
secure.quantserve.com/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: appleinsider.com
URL: https://appleinsider.com/articles/21/02/26/hacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
16d7d7227f6d8251224d32cd45c81633a3a9d63bf35cd84b1d99d389becb5030

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:22 GMT
content-encoding
gzip
etag
"YoFsxqR3BwPygbSjh02Dug=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Fri, 26 Mar 2021 22:06:22 GMT
7826.js
script.crazyegg.com/pages/scripts/0098/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/scripts/0098/7826.js?v1616191583
Requested by
Host: photos5.appleinsider.com
URL: https://photos5.appleinsider.com/v10/js/app.js?id=530255261457bde9ca6e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57f33276aa42452582360f95e8da719a1989daa6fcab143638a61e88f03b615a

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:22 GMT
content-encoding
gzip
cf-cache-status
HIT
age
10998
cf-polished
origSize=4157
ce-version
11.1.262
cf-request-id
08ee1f895100002be932030000000001
timing-allow-origin
*
last-modified
Fri, 19 Mar 2021 19:03:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
cf-ray
632a01eeecfb2be9-FRA
cf-bgj
minify
liveView.php
live.sekindo.com/live/ 		35 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.sekindo.com/live/liveView.php?s=104577&cbuster=1616191583&pubUrl=https%3A%2F%2Fappleinsider.com%2Farticles%2F21%2F02%2F26%2Fhacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500&vp_content=plembed1d41lktxsnmj
Requested by
Host: photos5.appleinsider.com
URL: https://photos5.appleinsider.com/v10/js/article.js?id=73a35a5866bc3b439848
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.220 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
088ad1b8f9db6e1ec5989a83190722ac4bb61fd5e0c6ffe25207a616dd556122

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Mar 2021 22:06:21 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/javascript; charset=utf-8
jquery.appear.js
forums.appleinsider.com/js/library/ 		1 KB
996 B 		Script
General
Check archive.org
Download Go to
Full URL
https://forums.appleinsider.com/js/library/jquery.appear.js
Requested by
Host: photos5.appleinsider.com
URL: https://photos5.appleinsider.com/v10/js/vendor.js?id=ddced4f72e510beb40d2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6818:1259 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fae99115f3157b9b3dbca9ebdbf689d7d8b790de1b18f9f7bc2371059bcbfb51

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:22 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 22 Aug 2016 07:51:55 GMT
server
cloudflare
age
6559
etag
W/"5c7-53aa45265bcc0-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=F7mH9SGxYwr%2Bcx6tY9YPSK2nDaF9AUQofg8sU8YpQi3HMiQhfSgkNS1UyAS1VbwimSKCdK815pH7om8gySGZmMUv2GNEJKSNTvYF58vQxUu4a8VXRQ1O4LmLJrqMIf1Pmd%2BlsQ%3D%3D"}]}
content-type
application/javascript
cache-control
max-age=18000
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
632a01eee8682c2a-FRA
cf-request-id
08ee1f895100002c2a80159000000001
embed.css
forums.appleinsider.com/applications/dashboard/design/ 		1 KB
838 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://forums.appleinsider.com/applications/dashboard/design/embed.css
Requested by
Host: forums.appleinsider.com
URL: https://forums.appleinsider.com//js/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6818:1259 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62cfe66953f23f1199ecf39301c83f0e7665967adb41e7527b01c83be3ac6a2d

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:22 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 26 Jan 2017 17:01:32 GMT
server
cloudflare
age
6559
etag
W/"59f-547024d10b300-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=sbiLMIhoc%2BY924yOA%2FUKVJYC1LdczU4oVkwvL7j%2BUgzIGzX12Fp%2FR5aZrHP%2BRMetl55aAcXaRA7U7pMnMliRH9VYh95KUKBVla%2B7i7i1XjLrhOfdbM6YHySl1AfuegwMaMFjDg%3D%3D"}]}
content-type
text/css
cache-control
max-age=18000
nel
{"report_to":"cf-nel","max_age":604800}
cf-ray
632a01eee8692c2a-FRA
cf-request-id
08ee1f895100002c2a388dd000000001
progress.gif
cd8ba0b44a15c10065fd-24461f391e20b7336331d5789078af53.ssl.cf1.rackcdn.com/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cd8ba0b44a15c10065fd-24461f391e20b7336331d5789078af53.ssl.cf1.rackcdn.com/images/progress.gif
Requested by
Host: appleinsider.com
URL: https://appleinsider.com/articles/21/02/26/hacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.141 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-141.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0db4c4e8b18f8b97a2e31c6c9a73165c0aa88ef219b33bb4bc59fc633fba9aa8

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 19 Mar 2021 22:06:24 GMT
Last-Modified
Wed, 23 Nov 2016 17:18:59 GMT
X-Trans-Id
tx0165d7811e2d446a90732-005fd174abdfw1
ETag
ad257c9da4a8da0364ad3ad9908ebb7e
Content-Type
image/png
X-Timestamp
1479921538.92466
Cache-Control
public, max-age=120380
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1284
Expires
Sun, 21 Mar 2021 07:32:44 GMT
rules-p-dGYBJRHHExURr.js
rules.quantcount.com/ 		3 B
357 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-dGYBJRHHExURr.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:a00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:04:07 GMT
via
1.1 0406d08716a9781a5c19ff86db2debd3.cloudfront.net (CloudFront)
last-modified
Fri, 03 Mar 2017 23:52:35 GMT
server
AmazonS3
age
136
etag
"8a80554c91d9fca8acb82f023de02f11"
x-cache
Error from cloudfront
content-type
application/x-javascript
cache-control
max-age=300
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
content-length
3
x-amz-cf-id
kxhREoFB1PFlUvUeE7EG-VhBQ4_8Hr15jSra2Cs3cIqdH8ESWAYRgQ==
collect
www.google-analytics.com/j/ 		2 B
68 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j88&a=1473824655&t=pageview&_s=1&dl=https%3A%2F%2Fappleinsider.com%2Farticles%2F21%2F02%2F26%2Fhacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500&ul=en-us&de=UTF-8&dt=Hacker%20allegedly%20posed%20as%20Apple%20Support%20to%20scam%20user%20out%20of%20%241%2C500%20%7C%20AppleInsider&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAAABAAAAAC~&jid=222143934&gjid=1297951279&cid=460626028.1616191583&tid=UA-280331-5&_gid=78104428.1616191583&_r=1&_slc=1&z=974714152
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 19 Mar 2021 22:06:22 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://appleinsider.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.158.204 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-158-204.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Z_m26sDjicOoQtCCmuJEtOsMPnFQWWIm
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
10450
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Sat, 06 Mar 2021 01:32:40 GMT
server
AmazonS3
date
Fri, 19 Mar 2021 19:13:13 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 dfeaf865724e57eaac72220929416926.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
hZNA_6l8MCR6o4nPWm6RGTUybOlY2gbofqgH_bUli5hgxiBMrf_pgw==
bid
c.amazon-adsystem.com/e/dtb/ 		116 B
503 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fappleinsider.com%2Farticles%2F21%2F02%2F26%2Fhacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500&pid=4UL6A4IJQ9MQO&cb=0&ws=1600x1200&v=7.60.00&t=2000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F53013535%2FHomepage_Desktop_Third_Rectangle_300x250%22%7D%2C%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F53013535%2FHomepage_Mobile_Desktop_Mid_News_Rive_300x250%22%7D%2C%7B%22sd%22%3A%222%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F53013535%2FArticle_Bottom_Desktop_300x250%22%7D%2C%7B%22sd%22%3A%223%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F53013535%2Fhomepage_article_top_rectangle_300x250_300x600%22%7D%2C%7B%22sd%22%3A%224%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F53013535%2FHomepage_Sidebar_Medium_Rectangle_Top_300x250%22%7D%2C%7B%22sd%22%3A%225%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F53013535%2FHomepage_Article_Mobile_Prime_Rectangle_300x250%22%7D%2C%7B%22sd%22%3A%226%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F53013535%2FHomepage_Leaderboard_970x250_728x90%22%7D%2C%7B%22sd%22%3A%227%22%2C%22s%22%3A%5B%22320x50%22%2C%22320x100%22%5D%2C%22sn%22%3A%22%2F53013535%2FHomepage_Mobile_Leaderboard_320x50_300x50%22%7D%2C%7B%22sd%22%3A%228%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F53013535%2FHomepage_Tablet_Leaderboard_728x90%22%7D%2C%7B%22sd%22%3A%229%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F53013535%2FHomepage-Tablet-First-Rectangle-300x250%22%7D%2C%7B%22sd%22%3A%2210%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F53013535%2FHomepage-Tablet-Second-Rectangle-300x250%22%7D%2C%7B%22sd%22%3A%2211%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F53013535%2FHomepage_Mobile_Middle_News_River_300x250%22%7D%5D&cfgv=0&pubid=434bb5e4-3704-4b75-b36c-785a444462bd&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.158.204 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-158-204.dus51.r.cloudfront.net
Software
Server /
Resource Hash
a6fcb160686a9f95ed8f2709c613e4edf551d759734a4eac9406473285f4eb55

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:24 GMT
content-encoding
gzip
server
Server
x-amz-cf-pop
DUS51-C1
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://appleinsider.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
126
via
1.1 498cdb7d5db845f8fbb098d88d764204.cloudfront.net (CloudFront)
x-amz-cf-id
UIcnDjVjwX975i1MJuuUs93HmmBlqBaLWM_IHa4o75Yb11YD-Nc2bw==
7826.json
script.crazyegg.com/pages/data-scripts/0098/ 		12 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/data-scripts/0098/7826.json?t=1
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0098/7826.js?v1616191583
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aecc2be0ad7b8c706927a1856b0a171e832decaef5e337609357d64fb2ee74a3

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:22 GMT
content-encoding
gzip
cf-cache-status
HIT
age
10998
ce-version
11.1.262
content-length
1831
cf-request-id
08ee1f89b700004d89c7a3c000000001
timing-allow-origin
*
last-modified
Fri, 19 Mar 2021 19:03:04 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
accept-ranges
bytes
cf-ray
632a01ef8a714d89-FRA
pixel;r=1761025427;rf=0;a=p-dGYBJRHHExURr;url=https%3A%2F%2Fappleinsider.com%2Farticles%2F21%2F02%2F26%2Fhacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500;uh=78e1d296268e;uht=2;fpan=...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1761025427;rf=0;a=p-dGYBJRHHExURr;url=https%3A%2F%2Fappleinsider.com%2Farticles%2F21%2F02%2F26%2Fhacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500;uh=78e1d296268e;uht=2;fpan=1;fpa=P0-1564006676-1616191582658;ns=0;ce=1;qjs=1;qv=e576aef5-20210317211205;cm=;gdpr=0;ref=;d=appleinsider.com;je=0;sr=1600x1200x24;dst=1;et=1616191582658;tzo=-60;ogl=url.https%3A%2F%2Fappleinsider%252Ecom%2Farticles%2F21%2F02%2F26%2Fhacker-allegedly-posed-as-apple-suppo%2Cimage.https%3A%2F%2Fphotos5%252Eappleinsider%252Ecom%2Fgallery%2F38939-74372-iPhone-12-mini-in-Right-Han%2Ctitle.Hacker%20allegedly%20posed%20as%20Apple%20Support%20to%20scam%20user%20out%20of%20%241%252C500%20%7C%20AppleInside%2Cdescription.A%20Pennsylvania%20iPhone%20user%20claims%20that%20her%20call%20to%20Apple%20Support%20was%20intercepted%2Ctype.website%2Clocale.en_US%2Csite_name.AppleInsider
Requested by
Host: appleinsider.com
URL: https://appleinsider.com/articles/21/02/26/hacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Mar 2021 22:06:22 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
11.1.262.js
script.crazyegg.com/pages/versioned/commontransformations-scripts/ 		98 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/versioned/commontransformations-scripts/11.1.262.js
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/scripts/0098/7826.js?v1616191583
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8662e8699404832e3a07ef1cfdba7901823be6a87b190ae0b93d0da68de6ad2

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:22 GMT
content-encoding
gzip
cf-cache-status
HIT
age
105736
cf-ray
632a01efadec2be9-FRA
content-length
33634
cf-request-id
08ee1f89c700002be9fcae8000000001
last-modified
Fri, 12 Mar 2021 18:35:10 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, s-maxage=31536000
accept-ranges
bytes
timing-allow-origin
*
7826.json
script.crazyegg.com/pages/sampling-data-scripts/0098/ 		170 B
272 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://script.crazyegg.com/pages/sampling-data-scripts/0098/7826.json?t=1
Requested by
Host: script.crazyegg.com
URL: https://script.crazyegg.com/pages/versioned/commontransformations-scripts/11.1.262.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:9408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
745e2282f1169eb555e5be229507f9045de9c4f6af5bd76d7fa77847b4863b1c

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:22 GMT
content-encoding
gzip
cf-cache-status
HIT
age
10997
ce-version
11.1.262
content-length
153
cf-request-id
08ee1f89dc00004d89c6b87000000001
timing-allow-origin
*
last-modified
Fri, 19 Mar 2021 19:03:05 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
CE-Version
cache-control
public, max-age=300, s-maxage=1209600
accept-ranges
bytes
cf-ray
632a01efcabd4d89-FRA
/
hb.emxdgt.com/ 		0
308 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.emxdgt.com/?t=1500&ts=1616191584641&src=pbjs
Requested by
Host: biddr.brealtime.com
URL: https://biddr.brealtime.com/77432379-1625.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.196.104.43 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-196-104-43.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Fri, 19 Mar 2021 22:06:24 GMT
Content-Type
text/html
Access-Control-Allow-Origin
https://appleinsider.com
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Access-Control-Allow-Headers
security, Content-Type
Content-Length
0
c
prebid.a-mo.net/a/ 		783 B
773 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: biddr.brealtime.com
URL: https://biddr.brealtime.com/77432379-1625.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
5c6abf5e7d05586effaa873a2a17d18a666cfa627ab6cdb9c987c29d5534cc59

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 19 Mar 2021 22:06:24 GMT
content-encoding
gzip
server
envoy
vary
origin, accept-encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://appleinsider.com
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
155
content-length
342
/
e1.emxdgt.com/sync/ Frame EA0A 		0
59 B 		Script
General
Check archive.org
Download Go to
Full URL
https://e1.emxdgt.com/sync/
Requested by
Host: biddr.brealtime.com
URL: https://biddr.brealtime.com/check.js?nnn=1616191582394
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:24 GMT
content-length
0
content-type
text/html
liveView.php
live.sekindo.com/live/ Frame BAE2 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.sekindo.com/live/liveView.php?s=104577&cbuster=1616191583&pubUrl=https%3A%2F%2Fappleinsider.com%2Farticles%2F21%2F02%2F26%2Fhacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500&vp_content=plembed1d41lktxsnmj&cbuster=1616191582&pubUrlAuto=https%3A%2F%2Fappleinsider.com%2Farticles%2F21%2F02%2F26%2Fhacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500&videoType=flow&floatWidth=400&floatHeight=225&floatDirection=br&floatVerticalOffset=10&floatHorizontalOffset=10&floatCloseBtn=1&flowMode=below&flowCloseButtonPosition=right
Requested by
Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveView.php?s=104577&cbuster=1616191583&pubUrl=https%3A%2F%2Fappleinsider.com%2Farticles%2F21%2F02%2F26%2Fhacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500&vp_content=plembed1d41lktxsnmj
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.220 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
2d8e6467a538ec3bbbd5836494f51dbf5df8565565bfc76075879fc3fb23cdae

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Mar 2021 22:06:23 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/javascript; charset=utf-8
iab_consent_sdk.v1.0.js
live.sekindo.com/content/ClientDetections/ Frame BAE2 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.sekindo.com/content/ClientDetections/iab_consent_sdk.v1.0.js
Requested by
Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveView.php?s=104577&cbuster=1616191583&pubUrl=https%3A%2F%2Fappleinsider.com%2Farticles%2F21%2F02%2F26%2Fhacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500&vp_content=plembed1d41lktxsnmj&cbuster=1616191582&pubUrlAuto=https%3A%2F%2Fappleinsider.com%2Farticles%2F21%2F02%2F26%2Fhacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500&videoType=flow&floatWidth=400&floatHeight=225&floatDirection=br&floatVerticalOffset=10&floatHorizontalOffset=10&floatCloseBtn=1&flowMode=below&flowCloseButtonPosition=right
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.220 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
a3336e3373c170b40764f5a62d121335bec4243b0034e561937194dfe2e413fd

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:24 GMT
content-encoding
gzip
last-modified
Wed, 12 Feb 2020 15:01:36 GMT
server
nginx
etag
W/"5e441350-4be0"
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Sat, 19 Mar 2022 22:06:24 GMT
DetectGDPR2.v1.1.js
live.sekindo.com/content/ClientDetections/ Frame BAE2 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.sekindo.com/content/ClientDetections/DetectGDPR2.v1.1.js
Requested by
Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveView.php?s=104577&cbuster=1616191583&pubUrl=https%3A%2F%2Fappleinsider.com%2Farticles%2F21%2F02%2F26%2Fhacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500&vp_content=plembed1d41lktxsnmj&cbuster=1616191582&pubUrlAuto=https%3A%2F%2Fappleinsider.com%2Farticles%2F21%2F02%2F26%2Fhacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500&videoType=flow&floatWidth=400&floatHeight=225&floatDirection=br&floatVerticalOffset=10&floatHorizontalOffset=10&floatCloseBtn=1&flowMode=below&flowCloseButtonPosition=right
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.220 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
154212eb976f7df7c79f5844fcb356740bcb6c51edacb2e8515108e2d7effa67

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:24 GMT
content-encoding
gzip
last-modified
Thu, 11 Feb 2021 09:45:48 GMT
server
nginx
etag
W/"6024fccc-228f"
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Sat, 19 Mar 2022 22:06:24 GMT
DetectGDPR.v1.1.js
live.sekindo.com/content/ClientDetections/ Frame BAE2 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.sekindo.com/content/ClientDetections/DetectGDPR.v1.1.js
Requested by
Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveView.php?s=104577&cbuster=1616191583&pubUrl=https%3A%2F%2Fappleinsider.com%2Farticles%2F21%2F02%2F26%2Fhacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500&vp_content=plembed1d41lktxsnmj&cbuster=1616191582&pubUrlAuto=https%3A%2F%2Fappleinsider.com%2Farticles%2F21%2F02%2F26%2Fhacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500&videoType=flow&floatWidth=400&floatHeight=225&floatDirection=br&floatVerticalOffset=10&floatHorizontalOffset=10&floatCloseBtn=1&flowMode=below&flowCloseButtonPosition=right
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.220 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
5bb08412d18881e3fc69fdb44226bfc6f66a77d45dfff3f10b98a100c09bc970

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:24 GMT
content-encoding
gzip
last-modified
Thu, 11 Feb 2021 09:45:48 GMT
server
nginx
etag
W/"6024fccc-1ef8"
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Sat, 19 Mar 2022 22:06:24 GMT
hls.0.12.4_2.min.js
live.sekindo.com/content/video/hls/ Frame BAE2 		256 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.sekindo.com/content/video/hls/hls.0.12.4_2.min.js
Requested by
Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveView.php?s=104577&cbuster=1616191583&pubUrl=https%3A%2F%2Fappleinsider.com%2Farticles%2F21%2F02%2F26%2Fhacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500&vp_content=plembed1d41lktxsnmj&cbuster=1616191582&pubUrlAuto=https%3A%2F%2Fappleinsider.com%2Farticles%2F21%2F02%2F26%2Fhacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500&videoType=flow&floatWidth=400&floatHeight=225&floatDirection=br&floatVerticalOffset=10&floatHorizontalOffset=10&floatCloseBtn=1&flowMode=below&flowCloseButtonPosition=right
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.220 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
13ab06913444b6e3b4139e5487813073f11e082878ae8a5bf5213fdc6f95f5e0

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:23 GMT
content-encoding
gzip
last-modified
Thu, 13 Aug 2020 08:36:05 GMT
server
nginx
etag
W/"5f34fb75-3ff27"
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Sat, 19 Mar 2022 22:06:23 GMT
prebidVid.4.8.0_4.min.js
live.sekindo.com/content/prebid/ Frame BAE2 		319 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.sekindo.com/content/prebid/prebidVid.4.8.0_4.min.js
Requested by
Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveView.php?s=104577&cbuster=1616191583&pubUrl=https%3A%2F%2Fappleinsider.com%2Farticles%2F21%2F02%2F26%2Fhacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500&vp_content=plembed1d41lktxsnmj&cbuster=1616191582&pubUrlAuto=https%3A%2F%2Fappleinsider.com%2Farticles%2F21%2F02%2F26%2Fhacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500&videoType=flow&floatWidth=400&floatHeight=225&floatDirection=br&floatVerticalOffset=10&floatHorizontalOffset=10&floatCloseBtn=1&flowMode=below&flowCloseButtonPosition=right
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.220 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
5226a6ccbc50919e0dd5cc105b4373dd44872961f683346c9220a582eb2630e8

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:24 GMT
content-encoding
gzip
last-modified
Sun, 14 Mar 2021 14:27:24 GMT
server
nginx
etag
W/"604e1d4c-4fc06"
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Sat, 19 Mar 2022 22:06:24 GMT
liveVideo.php
live.sekindo.com/live/ Frame BAE2 		579 KB
159 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.sekindo.com/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D30332D32305F30307D7B7331343737313931327D7B433236307D7B535958427762475670626E4E705A4756794C6D4E7662513D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593232357D7B66317D7B7251554A554943386754334A6B5A584A555A584E30494338674D5341764947526C5A6D46316248513D7D7B4C383035377DFEFE&userIpAddr=185.156.175.187&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&debugInformation=ABT+%2F+OrderTest+%2F+1+%2F+default&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=25&c2pWaitTime=10&csuuid=60552060a6703&debugInfo=14771912_ABT+%2F+OrderTest+%2F+1+%2F+default&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=14771912&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed1d41lktxsnmj&secondaryContent=&x=400&y=225&pubUrl=https%3A%2F%2Fappleinsider.com%2Farticles%2F21%2F02%2F26%2Fhacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500&contentNum=1&flow_closeBtn=1&flowCloseTimeout=42300&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=2&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=47.394&geoLong=8.445&vpTemplate=8057&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Requested by
Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveView.php?s=104577&cbuster=1616191583&pubUrl=https%3A%2F%2Fappleinsider.com%2Farticles%2F21%2F02%2F26%2Fhacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500&vp_content=plembed1d41lktxsnmj&cbuster=1616191582&pubUrlAuto=https%3A%2F%2Fappleinsider.com%2Farticles%2F21%2F02%2F26%2Fhacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500&videoType=flow&floatWidth=400&floatHeight=225&floatDirection=br&floatVerticalOffset=10&floatHorizontalOffset=10&floatCloseBtn=1&flowMode=below&flowCloseButtonPosition=right
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.220 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
d4728ab04d11f6495ca98ef06ac6c2acaf249b0472b0c6cc7d7d31e15de30a87

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:24 GMT
content-encoding
gzip
server
nginx
content-type
text/html; charset=UTF-8
primisslate.css
live.sekindo.com/content/video/css/ 		17 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://live.sekindo.com/content/video/css/primisslate.css
Requested by
Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D30332D32305F30307D7B7331343737313931327D7B433236307D7B535958427762475670626E4E705A4756794C6D4E7662513D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593232357D7B66317D7B7251554A554943386754334A6B5A584A555A584E30494338674D5341764947526C5A6D46316248513D7D7B4C383035377DFEFE&userIpAddr=185.156.175.187&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&debugInformation=ABT+%2F+OrderTest+%2F+1+%2F+default&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=25&c2pWaitTime=10&csuuid=60552060a6703&debugInfo=14771912_ABT+%2F+OrderTest+%2F+1+%2F+default&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=14771912&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed1d41lktxsnmj&secondaryContent=&x=400&y=225&pubUrl=https%3A%2F%2Fappleinsider.com%2Farticles%2F21%2F02%2F26%2Fhacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500&contentNum=1&flow_closeBtn=1&flowCloseTimeout=42300&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=2&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=47.394&geoLong=8.445&vpTemplate=8057&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.220 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
4f7cd55655bafca4db9b67255125ed52cd91d21b1727e9f28f71219aa1341de5

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:23 GMT
content-encoding
gzip
last-modified
Tue, 18 Aug 2020 10:07:25 GMT
server
nginx
etag
W/"5f3ba85d-45c8"
content-type
text/css
css
fonts.googleapis.com/ Frame 73D7 		2 KB
657 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto&display=swap
Requested by
Host: appleinsider.com
URL: https://appleinsider.com/articles/21/02/26/hacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9a9b45c0ca49b03d148d40405cc2d81602e647ad078b12aca5902efdd60535c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 19 Mar 2021 20:29:49 GMT
server
ESF
date
Fri, 19 Mar 2021 22:06:24 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 19 Mar 2021 22:06:24 GMT
apstag.js
c.amazon-adsystem.com/aax2/ Frame BAE2 		119 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D30332D32305F30307D7B7331343737313931327D7B433236307D7B535958427762475670626E4E705A4756794C6D4E7662513D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593232357D7B66317D7B7251554A554943386754334A6B5A584A555A584E30494338674D5341764947526C5A6D46316248513D7D7B4C383035377DFEFE&userIpAddr=185.156.175.187&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&debugInformation=ABT+%2F+OrderTest+%2F+1+%2F+default&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=25&c2pWaitTime=10&csuuid=60552060a6703&debugInfo=14771912_ABT+%2F+OrderTest+%2F+1+%2F+default&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=14771912&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed1d41lktxsnmj&secondaryContent=&x=400&y=225&pubUrl=https%3A%2F%2Fappleinsider.com%2Farticles%2F21%2F02%2F26%2Fhacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500&contentNum=1&flow_closeBtn=1&flowCloseTimeout=42300&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=2&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=47.394&geoLong=8.445&vpTemplate=8057&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.158.204 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-158-204.dus51.r.cloudfront.net
Software
Server /
Resource Hash
86cef609c85d2c2ce6a507af54e77a9c150e2fa408043e1454082614c4b0ce2b

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 21:59:38 GMT
content-encoding
gzip
server
Server
age
405
etag
d2bbe61d6c9cfd2f9d26c66417c4fb1e
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 498cdb7d5db845f8fbb098d88d764204.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
DUS51-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-version-id
qpGbqo5n5ftYm2ZsSSwwmAxZeGfbwfiX
x-amz-cf-id
iUAoN0yCUvQbVm60OgtZ2b7ydt8Ff9LEQM4ZUHTQbr-Vdz2_IJZTnA==
inter-stock.css
photos5.appleinsider.com/v10/fonts/Inter/ Frame 73D7 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://photos5.appleinsider.com/v10/fonts/Inter/inter-stock.css
Requested by
Host: appleinsider.com
URL: https://appleinsider.com/articles/21/02/26/hacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6818:1259 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4b238a114d6b3927bbce04f21463ad293517b32674e90e81f0f9f7fcaf12b16

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:24 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
135367
cf-request-id
08ee1f926a00002c2a530a6000000001
last-modified
Tue, 29 Sep 2020 09:02:07 GMT
server
cloudflare
etag
W/"5f72f80f-14b7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qcnsWoCdLpdAtxpM%2BgD7nisvlfTcMunfSsIFVEus%2BY73Q5o0epTOSc9gVuNk8Keyu4DCbk2%2Fc%2B0%2BfbJiLbhRX10SlC90TGjJPNre%2FPXDGzQwOuIfA2vHhTihBZS5No7Od3ux9dA%3D"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=604800
cf-ray
632a01fd7ac42c2a-FRA
expires
Thu, 25 Mar 2021 08:30:17 GMT
inter-stock.css
photos5.appleinsider.com/v10/fonts/Inter/ 		5 KB
961 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://photos5.appleinsider.com/v10/fonts/Inter/inter-stock.css
Requested by
Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D30332D32305F30307D7B7331343737313931327D7B433236307D7B535958427762475670626E4E705A4756794C6D4E7662513D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593232357D7B66317D7B7251554A554943386754334A6B5A584A555A584E30494338674D5341764947526C5A6D46316248513D7D7B4C383035377DFEFE&userIpAddr=185.156.175.187&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&debugInformation=ABT+%2F+OrderTest+%2F+1+%2F+default&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=25&c2pWaitTime=10&csuuid=60552060a6703&debugInfo=14771912_ABT+%2F+OrderTest+%2F+1+%2F+default&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=14771912&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed1d41lktxsnmj&secondaryContent=&x=400&y=225&pubUrl=https%3A%2F%2Fappleinsider.com%2Farticles%2F21%2F02%2F26%2Fhacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500&contentNum=1&flow_closeBtn=1&flowCloseTimeout=42300&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=2&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=47.394&geoLong=8.445&vpTemplate=8057&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6818:1259 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a4b238a114d6b3927bbce04f21463ad293517b32674e90e81f0f9f7fcaf12b16

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:24 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
135367
cf-request-id
08ee1f92cd00002c2a6b14d000000001
last-modified
Tue, 29 Sep 2020 09:02:07 GMT
server
cloudflare
etag
W/"5f72f80f-14b7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=IHWyTaLcum%2B14AwV4kailn2Zr1623QE56bub3%2BOthP7ltIq1gJR8zoReQAtFhLqx2htu2YAMWdEFi%2Bv4EmSm3%2BEqP%2BVGaNCozXim1v4u%2BB31zcXT26vEZMP14W1GyvC4Nv3%2FZfk%3D"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=604800
cf-ray
632a01fe1b882c2a-FRA
expires
Thu, 25 Mar 2021 08:30:17 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 9C40 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Flive.sekindo.com%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D60552060a6703%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D1%26gdpr_consent%3D
Requested by
Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D30332D32305F30307D7B7331343737313931327D7B433236307D7B535958427762475670626E4E705A4756794C6D4E7662513D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593232357D7B66317D7B7251554A554943386754334A6B5A584A555A584E30494338674D5341764947526C5A6D46316248513D7D7B4C383035377DFEFE&userIpAddr=185.156.175.187&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&debugInformation=ABT+%2F+OrderTest+%2F+1+%2F+default&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=25&c2pWaitTime=10&csuuid=60552060a6703&debugInfo=14771912_ABT+%2F+OrderTest+%2F+1+%2F+default&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=14771912&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed1d41lktxsnmj&secondaryContent=&x=400&y=225&pubUrl=https%3A%2F%2Fappleinsider.com%2Farticles%2F21%2F02%2F26%2Fhacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500&contentNum=1&flow_closeBtn=1&flowCloseTimeout=42300&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=2&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=47.394&geoLong=8.445&vpTemplate=8057&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-198.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://appleinsider.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://appleinsider.com/

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
ETag
"1300708-1f78-5b232eb4914bb"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
2654
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=41476
Expires
Sat, 20 Mar 2021 09:37:41 GMT
Date
Fri, 19 Mar 2021 22:06:25 GMT
Connection
keep-alive
Vary
Accept-Encoding
liveCS.php
live.sekindo.com/live/ Frame 9689
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.sekindo.com%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D60552060a6703%26pixel%3D%26advId%3D94%26advUuid%3D%24...
  • https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.sekindo.com%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D60552060a6703%26pixel%3D%26advId%3D94%26advUuid%3D%24...
  • https://live.sekindo.com/live/liveCS.php?source=external&csuuid=60552060a6703&pixel=&advId=94&advUuid=58b5604e-88ff-11eb-82dc-14f0ef8b1c06
0
223 B 		Document
General
Check archive.org
Download Go to
Full URL
https://live.sekindo.com/live/liveCS.php?source=external&csuuid=60552060a6703&pixel=&advId=94&advUuid=58b5604e-88ff-11eb-82dc-14f0ef8b1c06
Requested by
Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D30332D32305F30307D7B7331343737313931327D7B433236307D7B535958427762475670626E4E705A4756794C6D4E7662513D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593232357D7B66317D7B7251554A554943386754334A6B5A584A555A584E30494338674D5341764947526C5A6D46316248513D7D7B4C383035377DFEFE&userIpAddr=185.156.175.187&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&debugInformation=ABT+%2F+OrderTest+%2F+1+%2F+default&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=25&c2pWaitTime=10&csuuid=60552060a6703&debugInfo=14771912_ABT+%2F+OrderTest+%2F+1+%2F+default&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=14771912&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed1d41lktxsnmj&secondaryContent=&x=400&y=225&pubUrl=https%3A%2F%2Fappleinsider.com%2Farticles%2F21%2F02%2F26%2Fhacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500&contentNum=1&flow_closeBtn=1&flowCloseTimeout=42300&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=2&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=47.394&geoLong=8.445&vpTemplate=8057&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.220 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
live.sekindo.com
:scheme
https
:path
/live/liveCS.php?source=external&csuuid=60552060a6703&pixel=&advId=94&advUuid=58b5604e-88ff-11eb-82dc-14f0ef8b1c06
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://appleinsider.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://appleinsider.com/

Response headers

server
nginx
date
Fri, 19 Mar 2021 22:06:24 GMT
content-type
text/html; charset=utf-8
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
pragma
no-cache
age
0
content-encoding
gzip

Redirect headers

Server
nginx
Date
Fri, 19 Mar 2021 22:06:25 GMT
Content-Type
text/plain
Content-Length
0
Connection
keep-alive
Set-Cookie
audience=58b5604e-88ff-11eb-82dc-14f0ef8b1c06; expires=Sat, 19-Mar-2022 23:13:05 GMT; path=/; domain=.spotxchange.com; SameSite=none; Secure
Location
https://live.sekindo.com/live/liveCS.php?source=external&csuuid=60552060a6703&pixel=&advId=94&advUuid=58b5604e-88ff-11eb-82dc-14f0ef8b1c06
X-fe
103
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
liveCS.php
live.sekindo.com/live/ Frame C594
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.sekindo.com%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D60552060a6703%26pixel%3D%26advId%3D98%26advU...
  • https://u.openx.net/w/1.0/cm?cc=1&id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.sekindo.com%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D60552060a6703%26pixel%3D%26advId%3D98%2...
  • https://live.sekindo.com/live/liveCS.php?source=external&csuuid=60552060a6703&pixel=&advId=98&advUuid=52e4a575-1c09-46e7-b558-74aee06f8f70
0
223 B 		Document
General
Check archive.org
Download Go to
Full URL
https://live.sekindo.com/live/liveCS.php?source=external&csuuid=60552060a6703&pixel=&advId=98&advUuid=52e4a575-1c09-46e7-b558-74aee06f8f70
Requested by
Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D30332D32305F30307D7B7331343737313931327D7B433236307D7B535958427762475670626E4E705A4756794C6D4E7662513D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593232357D7B66317D7B7251554A554943386754334A6B5A584A555A584E30494338674D5341764947526C5A6D46316248513D7D7B4C383035377DFEFE&userIpAddr=185.156.175.187&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&debugInformation=ABT+%2F+OrderTest+%2F+1+%2F+default&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=25&c2pWaitTime=10&csuuid=60552060a6703&debugInfo=14771912_ABT+%2F+OrderTest+%2F+1+%2F+default&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=14771912&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed1d41lktxsnmj&secondaryContent=&x=400&y=225&pubUrl=https%3A%2F%2Fappleinsider.com%2Farticles%2F21%2F02%2F26%2Fhacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500&contentNum=1&flow_closeBtn=1&flowCloseTimeout=42300&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=2&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=47.394&geoLong=8.445&vpTemplate=8057&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.220 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
live.sekindo.com
:scheme
https
:path
/live/liveCS.php?source=external&csuuid=60552060a6703&pixel=&advId=98&advUuid=52e4a575-1c09-46e7-b558-74aee06f8f70
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://appleinsider.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://appleinsider.com/

Response headers

server
nginx
date
Fri, 19 Mar 2021 22:06:24 GMT
content-type
text/html; charset=utf-8
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
pragma
no-cache
age
0
content-encoding
gzip

Redirect headers

vary
Accept, Accept-Encoding
set-cookie
i=76ed7c9c-f9c8-41e3-abeb-2a656800ff98|1616191585; Version=1; Expires=Sat, 19-Mar-2022 22:06:25 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.203.0
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://live.sekindo.com/live/liveCS.php?source=external&csuuid=60552060a6703&pixel=&advId=98&advUuid=52e4a575-1c09-46e7-b558-74aee06f8f70
date
Fri, 19 Mar 2021 22:06:25 GMT
content-type
text/html
content-length
0
content-encoding
gzip
via
1.1 google
alt-svc
clear
liveView.php
live.sekindo.com/live/ Frame BAE2 		61 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.sekindo.com/live/liveView.php?s=58057&vid_vastTimeout=-1&vid_vastType=3&vid_playerVer=3.1.0&vid_viewabilityState=1&vid_content_url=https%3A%2F%2Fvideo.sekindo.com%2Fuploads%2Fcn25%2Fvideo%2Fusers%2Forigin%2F29643%2Fvideo_5ec3be263b843264581209%2Fvid60521b8616460631674807.mp4&vid_content_id=1415740&vid_content_desc=What+do+classical+musicians+think+about+AirPods+Max%3F&vid_content_title=What+do+classical+musicians+think+about+AirPods+Max%3F&vid_content_duration=372&debugInformation=ABT+%2F+OrderTest+%2F+1+%2F+default&x=400&y=225&pubUrl=https%3A%2F%2Fappleinsider.com%2Farticles%2F21%2F02%2F26%2Fhacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500&ri=6C69766553746174737C736B317B54307D7B64323032312D30332D32305F30307D7B7331343737313931327D7B433236307D7B535958427762475670626E4E705A4756794C6D4E7662513D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593232357D7B66317D7B7251554A554943386754334A6B5A584A555A584E30494338674D5341764947526C5A6D46316248513D7D7B4C383035377DFEFE&isApp=0&geoLati=47.394&geoLong=8.445&userIpAddr=185.156.175.187&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&csuuid=60552060a6703&cbuster=1616191584993&gdpr=1&gdprConsent=&isWePassGdpr=0
Requested by
Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D30332D32305F30307D7B7331343737313931327D7B433236307D7B535958427762475670626E4E705A4756794C6D4E7662513D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593232357D7B66317D7B7251554A554943386754334A6B5A584A555A584E30494338674D5341764947526C5A6D46316248513D7D7B4C383035377DFEFE&userIpAddr=185.156.175.187&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&debugInformation=ABT+%2F+OrderTest+%2F+1+%2F+default&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=25&c2pWaitTime=10&csuuid=60552060a6703&debugInfo=14771912_ABT+%2F+OrderTest+%2F+1+%2F+default&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=14771912&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed1d41lktxsnmj&secondaryContent=&x=400&y=225&pubUrl=https%3A%2F%2Fappleinsider.com%2Farticles%2F21%2F02%2F26%2Fhacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500&contentNum=1&flow_closeBtn=1&flowCloseTimeout=42300&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=2&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=47.394&geoLong=8.445&vpTemplate=8057&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.220 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
a1c9daffa7c687103de5918335c011196f0c7f6c136996f1e73d2bbc76624006

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Mar 2021 22:06:24 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://appleinsider.com
cache-control
no-store
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
3000
liveView.php
live.sekindo.com/live/ Frame BAE2 		7 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.sekindo.com/live/liveView.php?s=58057&vid_vastTimeout=-1&vid_vastType=3&vid_playerVer=3.1.0&vid_viewabilityState=0&vid_content_url=https%3A%2F%2Fvideo.sekindo.com%2Fuploads%2Fcn25%2Fvideo%2Fusers%2Forigin%2F29643%2Fvideo_5ec3be263b843264581209%2Fvid60521b8616460631674807.mp4&vid_content_id=1415740&vid_content_desc=What+do+classical+musicians+think+about+AirPods+Max%3F&vid_content_title=What+do+classical+musicians+think+about+AirPods+Max%3F&vid_content_duration=372&debugInformation=ABT+%2F+OrderTest+%2F+1+%2F+default&x=400&y=225&pubUrl=https%3A%2F%2Fappleinsider.com%2Farticles%2F21%2F02%2F26%2Fhacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500&ri=6C69766553746174737C736B317B54307D7B64323032312D30332D32305F30307D7B7331343737313931327D7B433236307D7B535958427762475670626E4E705A4756794C6D4E7662513D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593232357D7B66317D7B7251554A554943386754334A6B5A584A555A584E30494338674D5341764947526C5A6D46316248513D7D7B4C383035377DFEFE&isApp=0&geoLati=47.394&geoLong=8.445&userIpAddr=185.156.175.187&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&csuuid=60552060a6703&cbuster=1616191584996&gdpr=1&gdprConsent=&isWePassGdpr=0
Requested by
Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D30332D32305F30307D7B7331343737313931327D7B433236307D7B535958427762475670626E4E705A4756794C6D4E7662513D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593232357D7B66317D7B7251554A554943386754334A6B5A584A555A584E30494338674D5341764947526C5A6D46316248513D7D7B4C383035377DFEFE&userIpAddr=185.156.175.187&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&debugInformation=ABT+%2F+OrderTest+%2F+1+%2F+default&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=25&c2pWaitTime=10&csuuid=60552060a6703&debugInfo=14771912_ABT+%2F+OrderTest+%2F+1+%2F+default&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=14771912&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed1d41lktxsnmj&secondaryContent=&x=400&y=225&pubUrl=https%3A%2F%2Fappleinsider.com%2Farticles%2F21%2F02%2F26%2Fhacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500&contentNum=1&flow_closeBtn=1&flowCloseTimeout=42300&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=2&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=47.394&geoLong=8.445&vpTemplate=8057&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.220 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
cc964a9e581ef2b8bd999a51bc96bc8e9f5012a1796dce4fdcd77c5fcb92f23b

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Mar 2021 22:06:24 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://appleinsider.com
cache-control
no-store
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
1493
vid60521b8616460631674807.jpg
video.sekindo.com/uploads/cn25/video/users/converted/29643/video_5ec3be263b843264581209/ Frame 73D7 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.sekindo.com/uploads/cn25/video/users/converted/29643/video_5ec3be263b843264581209/vid60521b8616460631674807.jpg?cbuster=1615993734
Requested by
Host: appleinsider.com
URL: https://appleinsider.com/articles/21/02/26/hacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.83.41.102 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
191039253fec46a4b0f43f37b44fe35e7812485f61049c14a2258682764ebcf7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 19 Mar 2021 22:05:38 GMT
Last-Modified
Wed, 17 Mar 2021 15:10:16 GMT
Server
Tengine
ETag
"60521bd8-332c"
X-Cache-Status
HIT
Strict-Transport-Security
max-age=31536000
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=25
Content-Length
13100
Expires
Thu, 31 Dec 2037 23:55:55 GMT
placeHolder.png
live.sekindo.com/content/video/splayer/assets/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.sekindo.com/content/video/splayer/assets/placeHolder.png
Requested by
Host: appleinsider.com
URL: https://appleinsider.com/articles/21/02/26/hacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.220 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
76102878c1198de858725194952ba1c6b35bdee0f870cc6a124e93d17385e64e

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:24 GMT
last-modified
Sun, 11 Jun 2017 08:04:06 GMT
server
nginx
etag
"593cf976-5dbf"
content-type
image/png
cache-control
no-cache, private
accept-ranges
bytes
content-length
23999
expires
Fri, 19 Mar 2021 22:06:23 GMT
vid60521b8616460631674807.jpg
video.sekindo.com/uploads/cn25/video/users/converted/29643/video_5ec3be263b843264581209/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.sekindo.com/uploads/cn25/video/users/converted/29643/video_5ec3be263b843264581209/vid60521b8616460631674807.jpg?cbuster=1615993734
Requested by
Host: appleinsider.com
URL: https://appleinsider.com/articles/21/02/26/hacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.83.41.102 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
191039253fec46a4b0f43f37b44fe35e7812485f61049c14a2258682764ebcf7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 19 Mar 2021 22:05:38 GMT
Last-Modified
Wed, 17 Mar 2021 15:10:16 GMT
Server
Tengine
ETag
"60521bd8-332c"
X-Cache-Status
HIT
Strict-Transport-Security
max-age=31536000
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=25
Content-Length
13100
Expires
Thu, 31 Dec 2037 23:55:55 GMT
vid6051048f773a4897604025.jpg
video.sekindo.com/uploads/cn25/video/users/converted/29643/video_5ec3be263b843264581209/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.sekindo.com/uploads/cn25/video/users/converted/29643/video_5ec3be263b843264581209/vid6051048f773a4897604025.jpg?cbuster=1615922320
Requested by
Host: appleinsider.com
URL: https://appleinsider.com/articles/21/02/26/hacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.83.41.102 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
5364076cfe1c869d31b110dd1714ab0b434eb2d804098f2c072ce051e58b221a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 19 Mar 2021 22:05:38 GMT
Last-Modified
Tue, 16 Mar 2021 19:23:52 GMT
Server
Tengine
ETag
"605105c8-3d21"
X-Cache-Status
HIT
Strict-Transport-Security
max-age=31536000
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=25
Content-Length
15649
Expires
Thu, 31 Dec 2037 23:55:55 GMT
vid6050cf254a96c117905428.jpg
video.sekindo.com/uploads/cn25/video/users/converted/29643/video_5ec3be263b843264581209/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.sekindo.com/uploads/cn25/video/users/converted/29643/video_5ec3be263b843264581209/vid6050cf254a96c117905428.jpg?cbuster=1615908646
Requested by
Host: appleinsider.com
URL: https://appleinsider.com/articles/21/02/26/hacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.83.41.102 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
5364076cfe1c869d31b110dd1714ab0b434eb2d804098f2c072ce051e58b221a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 19 Mar 2021 22:05:38 GMT
Last-Modified
Tue, 16 Mar 2021 15:32:10 GMT
Server
Tengine
ETag
"6050cf7a-3d21"
X-Cache-Status
HIT
Strict-Transport-Security
max-age=31536000
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=25
Content-Length
15649
Expires
Thu, 31 Dec 2037 23:55:55 GMT
vid604aba7783eb5490734748.jpg
video.sekindo.com/uploads/cn25/video/users/converted/29643/video_5ec3be263b843264581209/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.sekindo.com/uploads/cn25/video/users/converted/29643/video_5ec3be263b843264581209/vid604aba7783eb5490734748.jpg?cbuster=1615510164
Requested by
Host: appleinsider.com
URL: https://appleinsider.com/articles/21/02/26/hacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.83.41.102 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
8a1ea0e81bde6e9742dfa4366d766b6a7d5c1bcea45776e6f9bce1f3c40bcc64
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 19 Mar 2021 22:05:38 GMT
Last-Modified
Fri, 12 Mar 2021 00:51:32 GMT
Server
Tengine
ETag
"604abb14-38e1"
X-Cache-Status
HIT
Strict-Transport-Security
max-age=31536000
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=25
Content-Length
14561
Expires
Thu, 31 Dec 2037 23:55:55 GMT
vid6047e7a7ba8a1441291979.jpg
video.sekindo.com/uploads/cn25/video/users/converted/29643/video_5ec3be263b843264581209/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.sekindo.com/uploads/cn25/video/users/converted/29643/video_5ec3be263b843264581209/vid6047e7a7ba8a1441291979.jpg?cbuster=1615325097
Requested by
Host: appleinsider.com
URL: https://appleinsider.com/articles/21/02/26/hacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.83.41.102 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
0219ec7b047e58c70c8bfd4d780e7b992db12ec7156f9eec2581833468c88eaf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 19 Mar 2021 22:05:38 GMT
Last-Modified
Tue, 09 Mar 2021 21:26:08 GMT
Server
Tengine
ETag
"6047e7f0-3b4c"
X-Cache-Status
HIT
Strict-Transport-Security
max-age=31536000
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=25
Content-Length
15180
Expires
Thu, 31 Dec 2037 23:55:55 GMT
vid5ef1072bd97a7229954602.jpg
video.sekindo.com/uploads/cn4/video/users/converted/29643/video_5ec3be263b843264581209/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.sekindo.com/uploads/cn4/video/users/converted/29643/video_5ec3be263b843264581209/vid5ef1072bd97a7229954602.jpg?cbuster=1614243182
Requested by
Host: appleinsider.com
URL: https://appleinsider.com/articles/21/02/26/hacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.83.41.102 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
a068ed9e2b725182be730cf4615e366cdf43ff33a01d018c3a73bfcbe4c2e831
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 19 Mar 2021 22:05:38 GMT
Last-Modified
Tue, 08 Sep 2020 23:44:26 GMT
Server
Tengine
ETag
"5f58175a-6afa"
X-Cache-Status
HIT
Strict-Transport-Security
max-age=31536000
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=25
Content-Length
27386
Expires
Thu, 31 Dec 2037 23:55:55 GMT
vid5ef61a3897ab1187369893.jpg
video.sekindo.com/uploads/cn5/video/users/converted/29643/video_5ec3be263b843264581209/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.sekindo.com/uploads/cn5/video/users/converted/29643/video_5ec3be263b843264581209/vid5ef61a3897ab1187369893.jpg?cbuster=1614243182
Requested by
Host: appleinsider.com
URL: https://appleinsider.com/articles/21/02/26/hacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.83.41.102 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
ca8cd7434534c33d1a91d567b31d06170780d91aa1dcdaa0e7aff6c7ef28e9fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 19 Mar 2021 22:05:38 GMT
Last-Modified
Tue, 08 Sep 2020 22:25:26 GMT
Server
Tengine
ETag
"5f5804d6-2af1"
X-Cache-Status
HIT
Strict-Transport-Security
max-age=31536000
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=25
Content-Length
10993
Expires
Thu, 31 Dec 2037 23:55:55 GMT
vid5ee12064a65ec630510109.jpg
video.sekindo.com/uploads/cn4/video/users/converted/29643/video_5ec3be263b843264581209/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.sekindo.com/uploads/cn4/video/users/converted/29643/video_5ec3be263b843264581209/vid5ee12064a65ec630510109.jpg?cbuster=1614243182
Requested by
Host: appleinsider.com
URL: https://appleinsider.com/articles/21/02/26/hacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.83.41.102 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
2031270ae2c3fd43730a1f6f7312aa3493762d71bc5e8fe4682796dce73a8eb6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 19 Mar 2021 22:05:38 GMT
Last-Modified
Wed, 09 Sep 2020 05:21:17 GMT
Server
Tengine
ETag
"5f58664d-37c1"
X-Cache-Status
HIT
Strict-Transport-Security
max-age=31536000
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=25
Content-Length
14273
Expires
Thu, 31 Dec 2037 23:55:55 GMT
vid5ec433b8ac0da833237991.jpg
video.sekindo.com/uploads/cn18/video/users/converted/29643/video_5ec3be263b843264581209/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.sekindo.com/uploads/cn18/video/users/converted/29643/video_5ec3be263b843264581209/vid5ec433b8ac0da833237991.jpg?cbuster=1614243182
Requested by
Host: appleinsider.com
URL: https://appleinsider.com/articles/21/02/26/hacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.83.41.102 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
c152a166a717e7ebc5878e087bd97a4a056d63c3e8c4c0130bc6b4119b7ad9ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 19 Mar 2021 22:05:38 GMT
Last-Modified
Wed, 09 Sep 2020 15:56:57 GMT
Server
Tengine
ETag
"5f58fb49-500d"
X-Cache-Status
HIT
Strict-Transport-Security
max-age=31536000
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=25
Content-Length
20493
Expires
Thu, 31 Dec 2037 23:55:55 GMT
vid5ec433a78cf00367137856.jpg
video.sekindo.com/uploads/cn20/video/users/converted/29643/video_5ec3be263b843264581209/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.sekindo.com/uploads/cn20/video/users/converted/29643/video_5ec3be263b843264581209/vid5ec433a78cf00367137856.jpg?cbuster=1614243182
Requested by
Host: appleinsider.com
URL: https://appleinsider.com/articles/21/02/26/hacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.83.41.102 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
749aa04b7f357665b2c6e9135fc4774883e0d0d1774d99fbaa02fdce0bf02fd1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 19 Mar 2021 22:05:38 GMT
Last-Modified
Wed, 09 Sep 2020 15:56:42 GMT
Server
Tengine
ETag
"5f58fb3a-5254"
X-Cache-Status
HIT
Strict-Transport-Security
max-age=31536000
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=25
Content-Length
21076
Expires
Thu, 31 Dec 2037 23:55:55 GMT
vid5ed03f375d6cc210183316.jpg
video.sekindo.com/uploads/cn2/video/users/converted/29643/video_5ec3be263b843264581209/ 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.sekindo.com/uploads/cn2/video/users/converted/29643/video_5ec3be263b843264581209/vid5ed03f375d6cc210183316.jpg?cbuster=1614243182
Requested by
Host: appleinsider.com
URL: https://appleinsider.com/articles/21/02/26/hacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.83.41.102 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
f098fa8c61bc58c6ae865f2decbb29789a4c4fae617c04fe1ac929da40cc895f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 19 Mar 2021 22:05:38 GMT
Last-Modified
Wed, 09 Sep 2020 11:11:41 GMT
Server
Tengine
ETag
"5f58b86d-50ee"
X-Cache-Status
HIT
Strict-Transport-Security
max-age=31536000
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=25
Content-Length
20718
Expires
Thu, 31 Dec 2037 23:55:55 GMT
vid5ef1625a1820e281604078.jpg
video.sekindo.com/uploads/cn1/video/users/converted/29643/video_5ec3be263b843264581209/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.sekindo.com/uploads/cn1/video/users/converted/29643/video_5ec3be263b843264581209/vid5ef1625a1820e281604078.jpg?cbuster=1614243182
Requested by
Host: appleinsider.com
URL: https://appleinsider.com/articles/21/02/26/hacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.83.41.102 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
e8df9eafb05c0b87064966e3f68769b532e0caeadf8723bfdb0d5a0354e76f46
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 19 Mar 2021 22:05:38 GMT
Last-Modified
Tue, 08 Sep 2020 23:38:27 GMT
Server
Tengine
ETag
"5f5815f3-2d20"
X-Cache-Status
HIT
Strict-Transport-Security
max-age=31536000
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=25
Content-Length
11552
Expires
Thu, 31 Dec 2037 23:55:55 GMT
vid5ec433ae30182735832127.jpg
video.sekindo.com/uploads/cn3/video/users/converted/29643/video_5ec3be263b843264581209/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.sekindo.com/uploads/cn3/video/users/converted/29643/video_5ec3be263b843264581209/vid5ec433ae30182735832127.jpg?cbuster=1614243182
Requested by
Host: appleinsider.com
URL: https://appleinsider.com/articles/21/02/26/hacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.83.41.102 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
a66b22a30f49218c29ce4dc5c69ee665cd8eff6ca3da8e45febfcf296b146642
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 19 Mar 2021 22:05:38 GMT
Last-Modified
Wed, 09 Sep 2020 15:57:42 GMT
Server
Tengine
ETag
"5f58fb76-3001"
X-Cache-Status
HIT
Strict-Transport-Security
max-age=31536000
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=25
Content-Length
12289
Expires
Thu, 31 Dec 2037 23:55:55 GMT
vid5ec433b31e0db618380888.jpg
video.sekindo.com/uploads/cn23/video/users/converted/29643/video_5ec3be263b843264581209/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.sekindo.com/uploads/cn23/video/users/converted/29643/video_5ec3be263b843264581209/vid5ec433b31e0db618380888.jpg?cbuster=1614243182
Requested by
Host: appleinsider.com
URL: https://appleinsider.com/articles/21/02/26/hacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.83.41.102 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
8b087d701da74f3300ebac7597c74681ed9e9e03c0635517c52463f958d64d5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 19 Mar 2021 22:05:38 GMT
Last-Modified
Wed, 09 Sep 2020 15:58:00 GMT
Server
Tengine
ETag
"5f58fb88-3e20"
X-Cache-Status
HIT
Strict-Transport-Security
max-age=31536000
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=25
Content-Length
15904
Expires
Thu, 31 Dec 2037 23:55:55 GMT
sync
x.bidswitch.net/ Frame BAE2 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=sekindo&user_id=60552060a6703&custom_data=60552060a6703&gdpr=1&gdpr_consent=
Requested by
Host: appleinsider.com
URL: https://appleinsider.com/articles/21/02/26/hacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.58.45.227 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-45-227.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:25 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
liveCS.php
live.sekindo.com/live/ Frame BAE2
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Flive.sekindo.com%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D60552060a6703%26pixel%3D%26advId%3D93%26advUuid%3D%7Bdevice_id%7D
  • https://live.sekindo.com/live/liveCS.php?source=external&csuuid=60552060a6703&pixel=&advId=93&advUuid=88abac60-0a7a-486b-96f7-dd9229c91345
0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.sekindo.com/live/liveCS.php?source=external&csuuid=60552060a6703&pixel=&advId=93&advUuid=88abac60-0a7a-486b-96f7-dd9229c91345
Requested by
Host: appleinsider.com
URL: https://appleinsider.com/articles/21/02/26/hacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.220 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Mar 2021 22:06:24 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
content-type
text/html; charset=utf-8

Redirect headers

location
https://live.sekindo.com/live/liveCS.php?source=external&csuuid=60552060a6703&pixel=&advId=93&advUuid=88abac60-0a7a-486b-96f7-dd9229c91345
date
Fri, 19 Mar 2021 22:06:25 GMT
server
_
content-length
0
liveCS.php
live.sekindo.com/live/ Frame BAE2
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=192962&cb=https%3A%2F%2Flive.sekindo.com%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D60552060a6703%26pixel%3D%26advId%3D99%26advUuid%3D
  • https://ssum-sec.casalemedia.com/usermatchredir?s=192962&cb=https%3A%2F%2Flive.sekindo.com%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D60552060a6703%26pixel%3D%26advId%3D99%26advUuid%3D&C=1
  • https://live.sekindo.com/live/liveCS.php?source=external&csuuid=60552060a6703&pixel=&advId=99&advUuid=YFUgYiFSqIa9Ji5DHiuxSAAABL0AAAIB
0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.sekindo.com/live/liveCS.php?source=external&csuuid=60552060a6703&pixel=&advId=99&advUuid=YFUgYiFSqIa9Ji5DHiuxSAAABL0AAAIB
Requested by
Host: appleinsider.com
URL: https://appleinsider.com/articles/21/02/26/hacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.220 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Mar 2021 22:06:25 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
content-type
text/html; charset=utf-8

Redirect headers

Pragma
no-cache
Date
Fri, 19 Mar 2021 22:06:26 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://live.sekindo.com/live/liveCS.php?source=external&csuuid=60552060a6703&pixel=&advId=99&advUuid=YFUgYiFSqIa9Ji5DHiuxSAAABL0AAAIB
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
334
Expires
Fri, 19 Mar 2021 22:06:26 GMT
liveCS.php
live.sekindo.com/live/ Frame BAE2
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Flive.sekindo.com%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D60552060a6703%26pixel%3D%26advId%3D105%26advUuid%3D%24UID
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Flive.sekindo.com%252Flive%252FliveCS.php%253Fsource%253Dexternal%2526csuuid%253D60552060a6703%2526pixel%253D%2526advId%253D105%2526ad...
  • https://live.sekindo.com/live/liveCS.php?source=external&csuuid=60552060a6703&pixel=&advId=105&advUuid=8478434149538680619
0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.sekindo.com/live/liveCS.php?source=external&csuuid=60552060a6703&pixel=&advId=105&advUuid=8478434149538680619
Requested by
Host: appleinsider.com
URL: https://appleinsider.com/articles/21/02/26/hacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.220 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Mar 2021 22:06:24 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
content-type
text/html; charset=utf-8

Redirect headers

Pragma
no-cache
Date
Fri, 19 Mar 2021 22:06:25 GMT
X-Proxy-Origin
185.156.175.187; 185.156.175.187; 693.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.139:80
AN-X-Request-Uuid
2ac8e487-5c6a-43b1-8f19-02e118ded2d6
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://live.sekindo.com/live/liveCS.php?source=external&csuuid=60552060a6703&pixel=&advId=105&advUuid=8478434149538680619
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 73D7 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://appleinsider.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Mar 2021 18:51:47 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:36 GMT
server
sffe
age
357278
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15736
x-xss-protection
0
expires
Tue, 15 Mar 2022 18:51:47 GMT
Inter-BoldItalic.woff2
photos5.appleinsider.com/v10/fonts/Inter/ Frame 73D7 		109 KB
110 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://photos5.appleinsider.com/v10/fonts/Inter/Inter-BoldItalic.woff2?v=3.15
Requested by
Host: photos5.appleinsider.com
URL: https://photos5.appleinsider.com/v10/fonts/Inter/inter-stock.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:529a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e1a3d5a75c5be3856a2b41ff77a078ef952465c2d46e3c7d9189fe85a080b9bb

Request headers

Origin
https://appleinsider.com
Referer
https://photos5.appleinsider.com/v10/fonts/Inter/inter-stock.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:25 GMT
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
131127
content-length
111644
cf-request-id
08ee1f932900004dd0682d0000000001
last-modified
Thu, 18 Mar 2021 05:52:48 GMT
server
cloudflare
etag
"6052eab0-1b41c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5ZpGY5T0f0D35CHX%2FX4kQJ3CkgN%2FNDarTxc8hmn2k%2BytwmU8idyw51Cz%2F%2Bp1YdGbNhPuWO1zTHQEGQr67iV3kY%2B2QrDIdd4o2urQAFawMr2BN0flqR3nFnk6hcTUcJg3YaVqpcw%3D"}],"max_age":604800,"group":"cf-nel"}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
632a01feae7c4dd0-FRA
expires
Thu, 25 Mar 2021 09:40:58 GMT
Inter-Bold.woff2
photos5.appleinsider.com/v10/fonts/Inter/ Frame 73D7 		104 KB
104 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://photos5.appleinsider.com/v10/fonts/Inter/Inter-Bold.woff2?v=3.15
Requested by
Host: photos5.appleinsider.com
URL: https://photos5.appleinsider.com/v10/fonts/Inter/inter-stock.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:529a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7ca1e762fafb354a5eb894c613b964f135a23fffec363e43386f07dc457ed5e

Request headers

Origin
https://appleinsider.com
Referer
https://photos5.appleinsider.com/v10/fonts/Inter/inter-stock.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:25 GMT
cf-cache-status
HIT
nel
{"max_age":604800,"report_to":"cf-nel"}
age
136624
content-length
106052
cf-request-id
08ee1f932c00004dd06a1b2000000001
last-modified
Thu, 18 Mar 2021 05:52:48 GMT
server
cloudflare
etag
"6052eab0-19e44"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2DGl2Q%2FE91ajwPbmULYrNCh5XwXdZR%2Bi7Yz%2BHHrEgsDJdphLxAMozkr%2Fn7Lmy5wyVOFSt2DMudVoSF%2FGrTHrtswRA%2BZ2LVSWN%2B%2F3uqPd1wFj9Mzf9wkwMKjIIGcFtjr4kJo8tu8%3D"}],"max_age":604800,"group":"cf-nel"}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
cf-ray
632a01feae804dd0-FRA
expires
Thu, 25 Mar 2021 08:09:21 GMT
vid60521b8616460631674807.jpg
video.sekindo.com/uploads/cn25/video/users/converted/29643/video_5ec3be263b843264581209/ Frame 73D7 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.sekindo.com/uploads/cn25/video/users/converted/29643/video_5ec3be263b843264581209/vid60521b8616460631674807.jpg?cbuster=1615993734
Requested by
Host: appleinsider.com
URL: https://appleinsider.com/articles/21/02/26/hacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.83.41.102 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
191039253fec46a4b0f43f37b44fe35e7812485f61049c14a2258682764ebcf7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 19 Mar 2021 22:05:38 GMT
Last-Modified
Wed, 17 Mar 2021 15:10:16 GMT
Server
Tengine
ETag
"60521bd8-332c"
X-Cache-Status
HIT
Strict-Transport-Security
max-age=31536000
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=25
Content-Length
13100
Expires
Thu, 31 Dec 2037 23:55:55 GMT
vid6051048f773a4897604025.jpg
video.sekindo.com/uploads/cn25/video/users/converted/29643/video_5ec3be263b843264581209/ Frame 73D7 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.sekindo.com/uploads/cn25/video/users/converted/29643/video_5ec3be263b843264581209/vid6051048f773a4897604025.jpg?cbuster=1615922320
Requested by
Host: appleinsider.com
URL: https://appleinsider.com/articles/21/02/26/hacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.83.41.102 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
5364076cfe1c869d31b110dd1714ab0b434eb2d804098f2c072ce051e58b221a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 19 Mar 2021 22:05:38 GMT
Last-Modified
Tue, 16 Mar 2021 19:23:52 GMT
Server
Tengine
ETag
"605105c8-3d21"
X-Cache-Status
HIT
Strict-Transport-Security
max-age=31536000
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=25
Content-Length
15649
Expires
Thu, 31 Dec 2037 23:55:55 GMT
vid6050cf254a96c117905428.jpg
video.sekindo.com/uploads/cn25/video/users/converted/29643/video_5ec3be263b843264581209/ Frame 73D7 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.sekindo.com/uploads/cn25/video/users/converted/29643/video_5ec3be263b843264581209/vid6050cf254a96c117905428.jpg?cbuster=1615908646
Requested by
Host: appleinsider.com
URL: https://appleinsider.com/articles/21/02/26/hacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.83.41.102 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
5364076cfe1c869d31b110dd1714ab0b434eb2d804098f2c072ce051e58b221a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 19 Mar 2021 22:05:38 GMT
Last-Modified
Tue, 16 Mar 2021 15:32:10 GMT
Server
Tengine
ETag
"6050cf7a-3d21"
X-Cache-Status
HIT
Strict-Transport-Security
max-age=31536000
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=25
Content-Length
15649
Expires
Thu, 31 Dec 2037 23:55:55 GMT
vid604aba7783eb5490734748.jpg
video.sekindo.com/uploads/cn25/video/users/converted/29643/video_5ec3be263b843264581209/ Frame 73D7 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.sekindo.com/uploads/cn25/video/users/converted/29643/video_5ec3be263b843264581209/vid604aba7783eb5490734748.jpg?cbuster=1615510164
Requested by
Host: appleinsider.com
URL: https://appleinsider.com/articles/21/02/26/hacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.83.41.102 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
8a1ea0e81bde6e9742dfa4366d766b6a7d5c1bcea45776e6f9bce1f3c40bcc64
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 19 Mar 2021 22:05:38 GMT
Last-Modified
Fri, 12 Mar 2021 00:51:32 GMT
Server
Tengine
ETag
"604abb14-38e1"
X-Cache-Status
HIT
Strict-Transport-Security
max-age=31536000
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=25
Content-Length
14561
Expires
Thu, 31 Dec 2037 23:55:55 GMT
vid6047e7a7ba8a1441291979.jpg
video.sekindo.com/uploads/cn25/video/users/converted/29643/video_5ec3be263b843264581209/ Frame 73D7 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.sekindo.com/uploads/cn25/video/users/converted/29643/video_5ec3be263b843264581209/vid6047e7a7ba8a1441291979.jpg?cbuster=1615325097
Requested by
Host: appleinsider.com
URL: https://appleinsider.com/articles/21/02/26/hacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.83.41.102 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
0219ec7b047e58c70c8bfd4d780e7b992db12ec7156f9eec2581833468c88eaf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 19 Mar 2021 22:05:38 GMT
Last-Modified
Tue, 09 Mar 2021 21:26:08 GMT
Server
Tengine
ETag
"6047e7f0-3b4c"
X-Cache-Status
HIT
Strict-Transport-Security
max-age=31536000
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=25
Content-Length
15180
Expires
Thu, 31 Dec 2037 23:55:55 GMT
vid5ef1072bd97a7229954602.jpg
video.sekindo.com/uploads/cn4/video/users/converted/29643/video_5ec3be263b843264581209/ Frame 73D7 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.sekindo.com/uploads/cn4/video/users/converted/29643/video_5ec3be263b843264581209/vid5ef1072bd97a7229954602.jpg?cbuster=1614243182
Requested by
Host: appleinsider.com
URL: https://appleinsider.com/articles/21/02/26/hacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.83.41.102 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
a068ed9e2b725182be730cf4615e366cdf43ff33a01d018c3a73bfcbe4c2e831
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 19 Mar 2021 22:05:38 GMT
Last-Modified
Tue, 08 Sep 2020 23:44:26 GMT
Server
Tengine
ETag
"5f58175a-6afa"
X-Cache-Status
HIT
Strict-Transport-Security
max-age=31536000
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=25
Content-Length
27386
Expires
Thu, 31 Dec 2037 23:55:55 GMT
vid5ef61a3897ab1187369893.jpg
video.sekindo.com/uploads/cn5/video/users/converted/29643/video_5ec3be263b843264581209/ Frame 73D7 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.sekindo.com/uploads/cn5/video/users/converted/29643/video_5ec3be263b843264581209/vid5ef61a3897ab1187369893.jpg?cbuster=1614243182
Requested by
Host: appleinsider.com
URL: https://appleinsider.com/articles/21/02/26/hacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.83.41.102 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
ca8cd7434534c33d1a91d567b31d06170780d91aa1dcdaa0e7aff6c7ef28e9fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 19 Mar 2021 22:05:38 GMT
Last-Modified
Tue, 08 Sep 2020 22:25:26 GMT
Server
Tengine
ETag
"5f5804d6-2af1"
X-Cache-Status
HIT
Strict-Transport-Security
max-age=31536000
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=25
Content-Length
10993
Expires
Thu, 31 Dec 2037 23:55:55 GMT
vid5ee12064a65ec630510109.jpg
video.sekindo.com/uploads/cn4/video/users/converted/29643/video_5ec3be263b843264581209/ Frame 73D7 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.sekindo.com/uploads/cn4/video/users/converted/29643/video_5ec3be263b843264581209/vid5ee12064a65ec630510109.jpg?cbuster=1614243182
Requested by
Host: appleinsider.com
URL: https://appleinsider.com/articles/21/02/26/hacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.83.41.102 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
2031270ae2c3fd43730a1f6f7312aa3493762d71bc5e8fe4682796dce73a8eb6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 19 Mar 2021 22:05:38 GMT
Last-Modified
Wed, 09 Sep 2020 05:21:17 GMT
Server
Tengine
ETag
"5f58664d-37c1"
X-Cache-Status
HIT
Strict-Transport-Security
max-age=31536000
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=25
Content-Length
14273
Expires
Thu, 31 Dec 2037 23:55:55 GMT
vid5ec433b8ac0da833237991.jpg
video.sekindo.com/uploads/cn18/video/users/converted/29643/video_5ec3be263b843264581209/ Frame 73D7 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.sekindo.com/uploads/cn18/video/users/converted/29643/video_5ec3be263b843264581209/vid5ec433b8ac0da833237991.jpg?cbuster=1614243182
Requested by
Host: appleinsider.com
URL: https://appleinsider.com/articles/21/02/26/hacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.83.41.102 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
c152a166a717e7ebc5878e087bd97a4a056d63c3e8c4c0130bc6b4119b7ad9ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 19 Mar 2021 22:05:38 GMT
Last-Modified
Wed, 09 Sep 2020 15:56:57 GMT
Server
Tengine
ETag
"5f58fb49-500d"
X-Cache-Status
HIT
Strict-Transport-Security
max-age=31536000
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=25
Content-Length
20493
Expires
Thu, 31 Dec 2037 23:55:55 GMT
vid5ec433a78cf00367137856.jpg
video.sekindo.com/uploads/cn20/video/users/converted/29643/video_5ec3be263b843264581209/ Frame 73D7 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.sekindo.com/uploads/cn20/video/users/converted/29643/video_5ec3be263b843264581209/vid5ec433a78cf00367137856.jpg?cbuster=1614243182
Requested by
Host: appleinsider.com
URL: https://appleinsider.com/articles/21/02/26/hacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.83.41.102 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
749aa04b7f357665b2c6e9135fc4774883e0d0d1774d99fbaa02fdce0bf02fd1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 19 Mar 2021 22:05:38 GMT
Last-Modified
Wed, 09 Sep 2020 15:56:42 GMT
Server
Tengine
ETag
"5f58fb3a-5254"
X-Cache-Status
HIT
Strict-Transport-Security
max-age=31536000
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=25
Content-Length
21076
Expires
Thu, 31 Dec 2037 23:55:55 GMT
vid5ed03f375d6cc210183316.jpg
video.sekindo.com/uploads/cn2/video/users/converted/29643/video_5ec3be263b843264581209/ Frame 73D7 		20 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.sekindo.com/uploads/cn2/video/users/converted/29643/video_5ec3be263b843264581209/vid5ed03f375d6cc210183316.jpg?cbuster=1614243182
Requested by
Host: appleinsider.com
URL: https://appleinsider.com/articles/21/02/26/hacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.83.41.102 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
f098fa8c61bc58c6ae865f2decbb29789a4c4fae617c04fe1ac929da40cc895f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 19 Mar 2021 22:05:38 GMT
Last-Modified
Wed, 09 Sep 2020 11:11:41 GMT
Server
Tengine
ETag
"5f58b86d-50ee"
X-Cache-Status
HIT
Strict-Transport-Security
max-age=31536000
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=25
Content-Length
20718
Expires
Thu, 31 Dec 2037 23:55:55 GMT
vid5ef1625a1820e281604078.jpg
video.sekindo.com/uploads/cn1/video/users/converted/29643/video_5ec3be263b843264581209/ Frame 73D7 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.sekindo.com/uploads/cn1/video/users/converted/29643/video_5ec3be263b843264581209/vid5ef1625a1820e281604078.jpg?cbuster=1614243182
Requested by
Host: appleinsider.com
URL: https://appleinsider.com/articles/21/02/26/hacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.83.41.102 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
e8df9eafb05c0b87064966e3f68769b532e0caeadf8723bfdb0d5a0354e76f46
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 19 Mar 2021 22:05:38 GMT
Last-Modified
Tue, 08 Sep 2020 23:38:27 GMT
Server
Tengine
ETag
"5f5815f3-2d20"
X-Cache-Status
HIT
Strict-Transport-Security
max-age=31536000
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=25
Content-Length
11552
Expires
Thu, 31 Dec 2037 23:55:55 GMT
vid5ec433ae30182735832127.jpg
video.sekindo.com/uploads/cn3/video/users/converted/29643/video_5ec3be263b843264581209/ Frame 73D7 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.sekindo.com/uploads/cn3/video/users/converted/29643/video_5ec3be263b843264581209/vid5ec433ae30182735832127.jpg?cbuster=1614243182
Requested by
Host: appleinsider.com
URL: https://appleinsider.com/articles/21/02/26/hacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.83.41.102 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
a66b22a30f49218c29ce4dc5c69ee665cd8eff6ca3da8e45febfcf296b146642
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 19 Mar 2021 22:05:38 GMT
Last-Modified
Wed, 09 Sep 2020 15:57:42 GMT
Server
Tengine
ETag
"5f58fb76-3001"
X-Cache-Status
HIT
Strict-Transport-Security
max-age=31536000
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=25
Content-Length
12289
Expires
Thu, 31 Dec 2037 23:55:55 GMT
vid5ec433b31e0db618380888.jpg
video.sekindo.com/uploads/cn23/video/users/converted/29643/video_5ec3be263b843264581209/ Frame 73D7 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.sekindo.com/uploads/cn23/video/users/converted/29643/video_5ec3be263b843264581209/vid5ec433b31e0db618380888.jpg?cbuster=1614243182
Requested by
Host: appleinsider.com
URL: https://appleinsider.com/articles/21/02/26/hacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
45.83.41.102 Frankfurt am Main, Germany, ASN204548 (CLOUDWEBMANAGE-IL-FR, US),
Reverse DNS
Software
Tengine /
Resource Hash
8b087d701da74f3300ebac7597c74681ed9e9e03c0635517c52463f958d64d5f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 19 Mar 2021 22:05:38 GMT
Last-Modified
Wed, 09 Sep 2020 15:58:00 GMT
Server
Tengine
ETag
"5f58fb88-3e20"
X-Cache-Status
HIT
Strict-Transport-Security
max-age=31536000
Content-Type
image/jpeg
Cache-Control
max-age=315360000
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=25
Content-Length
15904
Expires
Thu, 31 Dec 2037 23:55:55 GMT
liveView.php
live.sekindo.com/live/ Frame BAE2 		7 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.sekindo.com/live/liveView.php?s=58057&vid_vastTimeout=-1&vid_vastType=3&vid_playerVer=3.1.0&vid_viewabilityState=0&vid_content_url=https%3A%2F%2Fvideo.sekindo.com%2Fuploads%2Fcn25%2Fvideo%2Fusers%2Forigin%2F29643%2Fvideo_5ec3be263b843264581209%2Fvid60521b8616460631674807.mp4&vid_content_id=1415740&vid_content_desc=What+do+classical+musicians+think+about+AirPods+Max%3F&vid_content_title=What+do+classical+musicians+think+about+AirPods+Max%3F&vid_content_duration=372&debugInformation=ABT+%2F+OrderTest+%2F+1+%2F+default&x=599&y=337&pubUrl=https%3A%2F%2Fappleinsider.com%2Farticles%2F21%2F02%2F26%2Fhacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500&ri=6C69766553746174737C736B317B54307D7B64323032312D30332D32305F30307D7B7331343737313931327D7B433236307D7B535958427762475670626E4E705A4756794C6D4E7662513D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593232357D7B66317D7B7251554A554943386754334A6B5A584A555A584E30494338674D5341764947526C5A6D46316248513D7D7B4C383035377DFEFE&isApp=0&geoLati=47.394&geoLong=8.445&userIpAddr=185.156.175.187&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&csuuid=60552060a6703&cbuster=1616191585120&gdpr=1&gdprConsent=&isWePassGdpr=0
Requested by
Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D30332D32305F30307D7B7331343737313931327D7B433236307D7B535958427762475670626E4E705A4756794C6D4E7662513D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593232357D7B66317D7B7251554A554943386754334A6B5A584A555A584E30494338674D5341764947526C5A6D46316248513D7D7B4C383035377DFEFE&userIpAddr=185.156.175.187&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&debugInformation=ABT+%2F+OrderTest+%2F+1+%2F+default&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=25&c2pWaitTime=10&csuuid=60552060a6703&debugInfo=14771912_ABT+%2F+OrderTest+%2F+1+%2F+default&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=14771912&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed1d41lktxsnmj&secondaryContent=&x=400&y=225&pubUrl=https%3A%2F%2Fappleinsider.com%2Farticles%2F21%2F02%2F26%2Fhacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500&contentNum=1&flow_closeBtn=1&flowCloseTimeout=42300&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=2&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=47.394&geoLong=8.445&vpTemplate=8057&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.220 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
0ba5f0c45ee16ec16f40458857f751ca84a7a59a3822c05838d8aa0961546538

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Mar 2021 22:06:25 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://appleinsider.com
cache-control
no-store
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
1493
Cookie set iu3
aax-eu.amazon-adsystem.com/s/ Frame 075F
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=pm-db5_rbd_cnv
  • https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=pm-db5_rbd_cnv&dcc=t
238 B
929 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=pm-db5_rbd_cnv&dcc=t
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.116.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
bf1ee0fcbc592d8fdae64f59ec2c10c497f9722193dab57f4c001c3b5072dcd1

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://appleinsider.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=A0AxQ8B0DUG0lY7zRhuuUf4|t
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://appleinsider.com/

Response headers

Server
Server
Date
Fri, 19 Mar 2021 22:06:25 GMT
Content-Type
text/html;charset=ISO-8859-1
Content-Length
192
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Set-Cookie
ad-id=A0AxQ8B0DUG0lY7zRhuuUf4; Domain=.amazon-adsystem.com; Expires=Fri, 01-Oct-2021 22:06:25 GMT; Path=/; Secure; HttpOnly; SameSite=None ad-privacy=0; Domain=.amazon-adsystem.com; Expires=Wed, 01-Apr-2026 22:06:25 GMT; Path=/; Secure; HttpOnly; SameSite=None
Vary
Accept-Encoding,User-Agent
Content-Encoding
gzip

Redirect headers

Server
Server
Date
Fri, 19 Mar 2021 22:06:25 GMT
Content-Length
0
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=pm-db5_rbd_cnv&dcc=t
Set-Cookie
ad-id=A0AxQ8B0DUG0lY7zRhuuUf4|t; Domain=.amazon-adsystem.com; Expires=Fri, 01-Oct-2021 22:06:25 GMT; Path=/; Secure; HttpOnly; SameSite=None
Vary
User-Agent
integrator.js
adservice.google.ch/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.ch/adsid/integrator.js?domain=appleinsider.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 19 Mar 2021 22:06:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=appleinsider.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 19 Mar 2021 22:06:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		8 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4032750948166073&correlator=4089806920481179&output=ldjh&impl=fif&eid=21065645%2C31060468%2C31060473%2C31060209%2C31060367%2C44733568%2C44739387&vrg=2021031601&ptt=17&sc=1&sfv=1-0-37&ecs=20210319&iu_parts=53013535%2CHomepage_Desktop_Third_Rectangle_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=sub_section%3Darticle%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=amznbid%3D0%26amznp%3D0&cookie_enabled=1&bc=31&abxe=1&lmt=1616191585&dt=1616191585210&dlt=1616191581155&idt=1443&frm=20&biw=1600&bih=1200&oid=3&adxs=1103&adys=1960&adks=30983971&ucis=1&ifi=1&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fappleinsider.com%2Farticles%2F21%2F02%2F26%2Fhacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x-1&ga_vid=460626028.1616191583&ga_sid=1616191585&ga_hid=1473824655&ga_fc=false&fws=4&ohw=1200&btvi=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
4c559e3b5e990b0762f9b274e68a0187b0a2d7c46951990a0e10fe29d9c4069c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:26 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3737
x-xss-protection
0
google-lineitem-id
5370051254
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138310141019
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://appleinsider.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
7248aea1662551ce2c5b3fc70bfff856.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://7248aea1662551ce2c5b3fc70bfff856.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
ads
securepubads.g.doubleclick.net/gampad/ 		13 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4032750948166073&correlator=4089806920481179&output=ldjh&impl=fif&eid=21065645%2C31060468%2C31060473%2C31060209%2C31060367%2C44733568%2C44739387&vrg=2021031601&ptt=17&sc=1&sfv=1-0-37&ecs=20210319&iu_parts=53013535%2CArticle_Bottom_Desktop_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=sub_section%3Darticle%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=amznbid%3D0%26amznp%3D0&cookie_enabled=1&bc=31&abxe=1&lmt=1616191585&dt=1616191585217&dlt=1616191581155&idt=1443&frm=20&biw=1600&bih=1200&oid=3&adxs=1103&adys=5469&adks=4240735759&ucis=2&ifi=2&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fappleinsider.com%2Farticles%2F21%2F02%2F26%2Fhacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x-1&ga_vid=460626028.1616191583&ga_sid=1616191585&ga_hid=1473824655&ga_fc=false&fws=4&ohw=1200&btvi=2
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
1d572a9c421a1310ff8d40a62d9bdb3a783ba11b9fe0af4d99f48aad9ead81f8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:27 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7304
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://appleinsider.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4032750948166073&correlator=4089806920481179&output=ldjh&impl=fif&eid=21065645%2C31060468%2C31060473%2C31060209%2C31060367%2C44733568%2C44739387&vrg=2021031601&ptt=17&sc=1&sfv=1-0-37&ecs=20210319&iu_parts=53013535%2Chomepage_article_top_rectangle_300x250_300x600&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250%7C300x600&prev_scp=sub_section%3Darticle%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=amznbid%3D0%26amznp%3D0&cookie_enabled=1&bc=31&abxe=1&lmt=1616191585&dt=1616191585220&dlt=1616191581155&idt=1443&frm=20&biw=1600&bih=1200&oid=3&adxs=1103&adys=1161&adks=2844837861&ucis=3&ifi=3&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fappleinsider.com%2Farticles%2F21%2F02%2F26%2Fhacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x250&ga_vid=460626028.1616191583&ga_sid=1616191585&ga_hid=1473824655&ga_fc=false&fws=4&ohw=300&btvi=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
0a45f9257ce66c3f408315f90a7356df06a46b435a83490ff451d7cd616aeaae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:27 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2807
x-xss-protection
0
google-lineitem-id
5348260490
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138310141019
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://appleinsider.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		64 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4032750948166073&correlator=4089806920481179&output=ldjh&impl=fif&eid=21065645%2C31060468%2C31060473%2C31060209%2C31060367%2C44733568%2C44739387&vrg=2021031601&ptt=17&sc=1&sfv=1-0-37&ecs=20210319&iu_parts=53013535%2CHomepage_Article_Mobile_Prime_Rectangle_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=sub_section%3Darticle%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=amznbid%3D0%26amznp%3D0&cookie_enabled=1&bc=31&abxe=1&lmt=1616191585&dt=1616191585222&dlt=1616191581155&idt=1443&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=3148421385&ucis=4&ifi=4&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fappleinsider.com%2Farticles%2F21%2F02%2F26%2Fhacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=0x0&ga_vid=460626028.1616191583&ga_sid=1616191585&ga_hid=1473824655&ga_fc=false&fws=132&ohw=300
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
81b73c8b3cc1d3951cf7404d0f1206e8f802e483a32ed8d89b02af6f2f4e0107
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:28 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15472
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://appleinsider.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4032750948166073&correlator=4089806920481179&output=ldjh&impl=fif&eid=21065645%2C31060468%2C31060473%2C31060209%2C31060367%2C44733568%2C44739387&vrg=2021031601&ptt=17&sc=1&sfv=1-0-37&ecs=20210319&iu_parts=53013535%2CHomepage_Leaderboard_970x250_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x250&prev_scp=sub_section%3Darticle%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=amznbid%3D0%26amznp%3D0&cookie_enabled=1&bc=31&abxe=1&lmt=1616191585&dt=1616191585224&dlt=1616191581155&idt=1443&frm=20&biw=1600&bih=1200&oid=3&adxs=315&adys=82&adks=405679607&ucis=5&ifi=5&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fappleinsider.com%2Farticles%2F21%2F02%2F26%2Fhacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x100&msz=970x90&ga_vid=460626028.1616191583&ga_sid=1616191585&ga_hid=1473824655&ga_fc=false&fws=4&ohw=970&btvi=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
fd30a4edcb1669898c389ea6591911eb61caca46f1a52c7d1442ac44a4db1fb7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:26 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2789
x-xss-protection
0
google-lineitem-id
5336570536
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138310513942
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://appleinsider.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4032750948166073&correlator=4089806920481179&output=ldjh&impl=fif&eid=21065645%2C31060468%2C31060473%2C31060209%2C31060367%2C44733568%2C44739387&vrg=2021031601&ptt=17&sc=1&sfv=1-0-37&ecs=20210319&iu_parts=53013535%2CHomepage_Mobile_Leaderboard_320x50_300x50&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C320x100&prev_scp=sub_section%3Darticle%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=amznbid%3D0%26amznp%3D0&cookie_enabled=1&bc=31&abxe=1&lmt=1616191585&dt=1616191585226&dlt=1616191581155&idt=1443&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=2897076391&ucis=6&ifi=6&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fappleinsider.com%2Farticles%2F21%2F02%2F26%2Fhacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=0x0&ga_vid=460626028.1616191583&ga_sid=1616191585&ga_hid=1473824655&ga_fc=false&fws=132&ohw=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
d28aa7a8683ab9aca322b2e19dc2d40d71d0578e389d57146f14da8ae96ca2f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:27 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2783
x-xss-protection
0
google-lineitem-id
5355428082
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138309560001
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://appleinsider.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		5 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4032750948166073&correlator=4089806920481179&output=ldjh&impl=fif&eid=21065645%2C31060468%2C31060473%2C31060209%2C31060367%2C44733568%2C44739387&vrg=2021031601&ptt=17&sc=1&sfv=1-0-37&ecs=20210319&iu_parts=53013535%2CHomepage_Tablet_Leaderboard_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&prev_scp=sub_section%3Darticle%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=amznbid%3D0%26amznp%3D0&cookie_enabled=1&bc=31&abxe=1&lmt=1616191585&dt=1616191585229&dlt=1616191581155&idt=1443&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933&adys=-12245933&adks=2862972581&ucis=7&ifi=7&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fappleinsider.com%2Farticles%2F21%2F02%2F26%2Fhacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x100&msz=0x0&ga_vid=460626028.1616191583&ga_sid=1616191585&ga_hid=1473824655&ga_fc=false&fws=132&ohw=0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
531b890931ea5ac440e5d7aa3895a538f6cf7f65f6d632981e17e25ddf986fed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:28 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2834
x-xss-protection
0
google-lineitem-id
5412658014
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138316468606
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://appleinsider.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame BAE2 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.226.158.204 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-226-158-204.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Z_m26sDjicOoQtCCmuJEtOsMPnFQWWIm
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
10451
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Sat, 06 Mar 2021 01:32:40 GMT
server
AmazonS3
date
Fri, 19 Mar 2021 19:13:13 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 dfeaf865724e57eaac72220929416926.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
DUS51-C1
x-amz-cf-id
ZgpyzTIr0lTkTxj1w75Fpexa9JB0NN1uKHFzIiXdNjKycx4DXOtbJQ==
openrtb
ads.adaptv.advertising.com/rtb/ Frame BAE2 		0
217 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=PrimisTwoHB
Requested by
Host: live.sekindo.com
URL: https://live.sekindo.com/content/prebid/prebidVid.4.8.0_4.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.215.242 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://appleinsider.com
access-control-allow-credentials
true
server
adaptv/1.0
Connection
keep-alive
content-length
0
content-type
application/json
showad.js
ads.pubmatic.com/AdServer/js/ Frame 311A 		37 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Flive.sekindo.com%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D60552060a6703%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D1%26gdpr_consent%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-198.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Flive.sekindo.com%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D60552060a6703%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D1%26gdpr_consent%3D
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Flive.sekindo.com%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D60552060a6703%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D1%26gdpr_consent%3D

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:52 GMT
ETag
"13006b6-94f8-5b232eca8cf5e"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
13837
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=36140
Expires
Sat, 20 Mar 2021 08:08:45 GMT
Date
Fri, 19 Mar 2021 22:06:25 GMT
Connection
keep-alive
Vary
Accept-Encoding
PugMaster
image6.pubmatic.com/AdServer/ Frame 311A 		0
75 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=93471819&p=159196&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=&sec=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 19 Mar 2021 22:06:23 GMT
Content-Length
0
pr
aax-eu.amazon-adsystem.com/s/v3/ Frame 3B48 		799 B
754 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=rbd_cnv_pm-db5&fv=1.0&a=cm&cm3ppd=1
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=pm-db5_rbd_cnv&dcc=t
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.116.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
6cd9efafa48604ac9ccf5be48ae6a2bc7217372a798bed3b591779a2a0732579

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=pm-db5_rbd_cnv&dcc=t
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
ad-id=A0AxQ8B0DUG0lY7zRhuuUf4; ad-privacy=0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=pm-db5_rbd_cnv&dcc=t

Response headers

Server
Server
Date
Fri, 19 Mar 2021 22:06:25 GMT
Content-Type
text/html;charset=ISO-8859-1
Content-Length
393
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
Accept-Encoding,User-Agent
Content-Encoding
gzip
usync.html
eus.rubiconproject.com/ Frame 787E 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=rbd_cnv_pm-db5&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.108.50.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-50-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Fri, 19 Mar 2021 22:06:25 GMT
Connection
keep-alive
Vary
Accept-Encoding
current
amazon-tam-match.dotomi.com/match/bounce/ Frame 31C1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://amazon-tam-match.dotomi.com/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=rbd_cnv_pm-db5&fv=1.0&a=cm&cm3ppd=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:16::1400 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

:method
GET
:authority
amazon-tam-match.dotomi.com
:scheme
https
:path
/match/bounce/current?networkId=31082&version=1&rurl=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dcnv.com%26id%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server
nginx
date
Fri, 19 Mar 2021 22:06:25 GMT
cache-control
no-cache, private, max-age=0, no-store
expires
0
pragma
no-cache
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 93B4 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Requested by
Host: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/v3/pr?exlist=rbd_cnv_pm-db5&fv=1.0&a=cm&cm3ppd=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-198.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; KCCH=YES; pi=159196:2
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
ETag
"1300708-1f78-5b232eb4914bb"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
2654
Content-Type
text/html; charset=UTF-8
Cache-Control
max-age=41476
Expires
Sat, 20 Mar 2021 09:37:41 GMT
Date
Fri, 19 Mar 2021 22:06:25 GMT
Connection
keep-alive
Vary
Accept-Encoding
showad.js
ads.pubmatic.com/AdServer/js/ Frame 75BB 		37 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-198.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=YES; KCCH=YES; pi=159196:2
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156657&predirect=https%3A%2F%2Faax-eu.amazon-adsystem.com%2Fs%2Fecm3%3Fid%3DPM_UID%26ex%3Dpubmatic.com&userIdMacro=PM_UID

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:52 GMT
ETag
"13006b6-94f8-5b232eca8cf5e"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
13837
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=36140
Expires
Sat, 20 Mar 2021 08:08:45 GMT
Date
Fri, 19 Mar 2021 22:06:25 GMT
Connection
keep-alive
Vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame 787E 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.108.50.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-108-50-124.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
b73974e03f8b91aac7c1c821d0db3365903643ad36608216be96b9a8ed0d70bc

Request headers

Referer
https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 19 Mar 2021 22:06:25 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=28060
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9441
Expires
Sat, 20 Mar 2021 05:54:05 GMT
khaos.jpg
token.rubiconproject.com/ Frame 787E 		284 B
921 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://token.rubiconproject.com/khaos.jpg?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
284
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Content-Type
image/jpg
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 787E
Redirect Chain
  • https://pixel-eu.rubiconproject.com/exchange/sync.php?p=a9eu
  • https://aax-eu.amazon-adsystem.com/s/ecm3?id=KMGUQOT2-2-A07D&ex=d-rubiconproject.com&status=ok
43 B
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?id=KMGUQOT2-2-A07D&ex=d-rubiconproject.com&status=ok
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.116.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 19 Mar 2021 22:06:25 GMT
Server
Server
Vary
User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://aax-eu.amazon-adsystem.com/s/ecm3?id=KMGUQOT2-2-A07D&ex=d-rubiconproject.com&status=ok
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
de8527bfa1ccfd6c1590da0d3b6cff52
Expires
0
pixel
cm.g.doubleclick.net/ Frame 787E
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OThlM2JkYjA4Nzk5MDk5ZGE1ZWE0OTE2MmE1ODhkMmYzMDczMjNhYQ
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OThlM2JkYjA4Nzk5MDk5ZGE1ZWE0OTE2MmE1ODhkMmYzMDczMjNhYQ&google_tc=
170 B
484 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OThlM2JkYjA4Nzk5MDk5ZGE1ZWE0OTE2MmE1ODhkMmYzMDczMjNhYQ&google_tc=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Mar 2021 22:06:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 19 Mar 2021 22:06:26 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=OThlM2JkYjA4Nzk5MDk5ZGE1ZWE0OTE2MmE1ODhkMmYzMDczMjNhYQ&google_tc=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
334
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 787E
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=68d56055-2061-4900-84ba-77f03296379b
42 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=68d56055-2061-4900-84ba-77f03296379b
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Content-Type
image/gif

Redirect headers

Date
Fri, 19 Mar 2021 22:06:24 GMT
Server
MT3 3611 f10363c master zrh-pixel-x15
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=68d56055-2061-4900-84ba-77f03296379b
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 19 Mar 2021 22:06:23 GMT
tap.php
pixel.rubiconproject.com/ Frame 787E
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YFUgYgAAAIxC1SrK
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YFUgYgAAAIxC1SrK&_test=YFUgYgAAAIxC1SrK
42 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YFUgYgAAAIxC1SrK&_test=YFUgYgAAAIxC1SrK
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 19 Mar 2021 22:06:26 GMT
via
1.1 varnish
server
Varnish
x-timer
S1616191586.112209,VS0,VE0
x-served-by
cache-hhn4073-HHN
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YFUgYgAAAIxC1SrK&_test=YFUgYgAAAIxC1SrK
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
rubicon
match.adsrvr.org/track/cmf/ Frame 787E 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.214.43.215 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Mar 2021 22:06:26 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
v1
ads.yahoo.com/cms/ Frame 787E
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KMGUQOT2-2-A07D&sigv=1&esig=2~1fad0f8da37ebed9749e4bd6963c93fe34e4730f
0
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KMGUQOT2-2-A07D&sigv=1&esig=2~1fad0f8da37ebed9749e4bd6963c93fe34e4730f
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:25 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KMGUQOT2-2-A07D&sigv=1&esig=2~1fad0f8da37ebed9749e4bd6963c93fe34e4730f
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 787E
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm=&google_sc=&google_tc=
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGLceWtXzM6Yu6Jsf_LOv5k&google_cver=1
42 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGLceWtXzM6Yu6Jsf_LOv5k&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 19 Mar 2021 22:06:26 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEGLceWtXzM6Yu6Jsf_LOv5k&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 787E
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01HVVFPVDItMi1BMDdE
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01HVVFPVDItMi1BMDdE&google_tc=
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01HVVFPVDItMi1BMDdE&google_tc=
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Mar 2021 22:06:26 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 19 Mar 2021 22:06:26 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01HVVFPVDItMi1BMDdE&google_tc=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
709414.gif
id.rlcdn.com/ Frame 787E 		0
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=a9eu&endpoint=eu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:25 GMT
via
1.1 google
alt-svc
clear
content-length
0
view
securepubads.g.doubleclick.net/pcs/ Frame F708 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvtkR56mDinJftvE-FBN-NnrGZJzQ9r9Rm4GgAJfOb1v0e7qUEIXIhks6Rn6kJp8XZ8DCnCyOv7exMEOMA3eIwaM8dQOBZc3Jtnua2Nit5VkWC8XJaNCKW3shKxvYrzi1QYyrkx_lO2f3aIcnTNntZ-NuiQz918cY8TSHMUxtpMV7nBOBsZPbUWM8v2BOA39JcjqXBb8PhH-PsCUH-eHfpEpP4FyNa7D8fSQxLiuUQm3rejZ6p6Ru3D_aaAm7ibFaoNTIR1_9tSANh-YLmKh-umgALvsGCfs-w1d6r8IgwnWrGghziRLV4lrB0I_fF7gkA2Lcg5Sc1MUQ&sai=AMfl-YSfypxQd0TDUdDyG8sgbKJcx0BscwxbDhlq1CPlFjMpn5LSfkV631dU2Bcosb4qnR2IHrTFSeMV3vt26zeAv54ICi6uAnrRyF-i-6c6TTeJOiyvrfi8FGa_yElWMQhz&sig=Cg0ArKJSzF_bCGltGemzEAE&urlfix=1&adurl=
Requested by
Host: appleinsider.com
URL: https://appleinsider.com/articles/21/02/26/hacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 19 Mar 2021 22:06:26 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
tags.js
tags.expo9.exponential.com/tags/AppleInsider/ROS/ Frame F708 		59 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.expo9.exponential.com/tags/AppleInsider/ROS/tags.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:417 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6661d6dc1d39eb18523862313f826916e67f6b32fbb34b124184da4921f5fe49

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:26 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
p3p
CP="NOI DEVo TAIa OUR BUS"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14009
cf-request-id
08ee1f9776000016ee1220d000000001
x-function
151
last-modified
Wed, 29 Jul 2020 11:50:12 GMT
server
cloudflare
x-reuse-index
44
etag
13854921556770694164
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=3600, private
cf-ray
632a02058c6716ee-FRA
expires
Fri, 19 Mar 2021 23:06:26 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F708 		117 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
941c260356b6aa75782a27384179a63581c9e41b42155774982f36b0d84cde9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1615980836519751"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36389
x-xss-protection
0
expires
Fri, 19 Mar 2021 22:06:26 GMT
osd.js
www.googletagservices.com/activeview/js/current/ 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca625f204331905abf3b4d86a89dfb9799c63771723b9b15c5b54c1f9fb2b83c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1615980824644616"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28204
x-xss-protection
0
expires
Fri, 19 Mar 2021 22:06:26 GMT
displayAd.js
s.tribalfusion.com/ Frame F708 		677 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/displayAd.js?dver=0.8&th=8645007496
Requested by
Host: tags.expo9.exponential.com
URL: https://tags.expo9.exponential.com/tags/AppleInsider/ROS/tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d534282691b4fc487d5ce2daf030c690f69438fd04f56346da8473a2e07cc018

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:26 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
p3p
CP="NOI DEVo TAIa OUR BUS"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
330
cf-request-id
08ee1f983c00004e55a301f000000001
x-function
153
last-modified
Tue, 04 Apr 2017 05:09:56 GMT
server
cloudflare
x-reuse-index
218
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
private
cf-ray
632a0206c8314e55-FRA
expires
Thu, 17 Jun 2021 22:06:26 GMT
j.ad
s.tribalfusion.com/ Frame F708 		421 B
754 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.28&th=8645007496&tagKey=3706711333&site=appleinsider&adSpace=ros&center=1&env=display&size=728x90&busted=1&url=https%3A%2F%2Fappleinsider.com%2Farticles%2F21%2F02%2F26%2Fhacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500&f=1&p=11506901&tKey=almneMTFJ12FPpVq7oWTF93d3NQMeG38&a=1&adContainerId=richmedia_2&rnd=11509127
Requested by
Host: tags.expo9.exponential.com
URL: https://tags.expo9.exponential.com/tags/AppleInsider/ROS/tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52ebcb2fd0e6862e1a58e1141685948d809d9b169fb7b44d3dcaf864b83c6cdc

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:26 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
p3p
CP="NOI DEVo TAIa OUR BUS"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
291
cf-request-id
08ee1f98f200004e55b0a8d000000001
pragma
no-cache
x-function
101
server
cloudflare
x-reuse-index
1699
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
private, no-cache, no-store, proxy-revalidate
cf-ray
632a0207e9d14e55-FRA
expires
0
m7y5t93k
sync-tm.everesttech.net/upi/pid/ Frame BAE2 		85 B
236 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/upi/pid/m7y5t93k?gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=1&gdpr_consent=
Requested by
Host: appleinsider.com
URL: https://appleinsider.com/articles/21/02/26/hacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.49 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.3.8.v20160314) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Mar 2021 22:06:26 GMT
via
1.1 varnish
server
Jetty(9.3.8.v20160314)
x-timer
S1616191587.678149,VS0,VE90
x-served-by
cache-hhn4073-HHN
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
cache-control
no-cache
accept-ranges
bytes
content-type
image/png
content-length
85
x-cache-hits
0
sync
pixel.advertising.com/ups/55953/ Frame BAE2
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=adaptv&ttd_tpi=1
  • https://pixel.advertising.com/ups/55953/sync?uid=660ee4c4-75a3-4143-9af3-35aa638684a1&_origin=1&gdpr=1&gdpr_consent=&piggybackCookie=660ee4c4-75a3-4143-9af3-35aa638684a1
0
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.advertising.com/ups/55953/sync?uid=660ee4c4-75a3-4143-9af3-35aa638684a1&_origin=1&gdpr=1&gdpr_consent=&piggybackCookie=660ee4c4-75a3-4143-9af3-35aa638684a1
Requested by
Host: appleinsider.com
URL: https://appleinsider.com/articles/21/02/26/hacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.153.71 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:26 GMT
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma
no-cache
date
Fri, 19 Mar 2021 22:06:26 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://pixel.advertising.com/ups/55953/sync?uid=660ee4c4-75a3-4143-9af3-35aa638684a1&_origin=1&gdpr=1&gdpr_consent=&piggybackCookie=660ee4c4-75a3-4143-9af3-35aa638684a1
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
369
sync
ups.analytics.yahoo.com/ups/57304/ Frame BAE2
Redirect Chain
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UP59aab64b-88ff-11eb-862c-06369295f146
  • https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_hm=VVA1OWFhYjY0Yi04OGZmLTExZWItODYyYy0wNjM2OTI5NWYxNDY%3D
  • https://pixel.advertising.com/ups/57304/sync?uid=CAESEASgTO3dmlyGQj167dV1z7Q&google_cver=1
  • https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEASgTO3dmlyGQj167dV1z7Q&google_cver=1&apid=UP59aab64b-88ff-11eb-862c-06369295f146
0
964 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEASgTO3dmlyGQj167dV1z7Q&google_cver=1&apid=UP59aab64b-88ff-11eb-862c-06369295f146
Requested by
Host: appleinsider.com
URL: https://appleinsider.com/articles/21/02/26/hacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 19 Mar 2021 22:06:26 GMT
Server
ATS/7.1.2.128
Connection
keep-alive
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEASgTO3dmlyGQj167dV1z7Q&google_cver=1&apid=UP59aab64b-88ff-11eb-862c-06369295f146
date
Fri, 19 Mar 2021 22:06:26 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
view
securepubads.g.doubleclick.net/pcs/ Frame 9A20 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstK2YpazChEQ_DESLttPjtjcCGMA8azo5SRyi28Rg06Jk8LVD3aO7qNoEAwfSs0XwPxG9KCSUHmiY28ekZrQa7wge64uCHjTeN_Ksw9OllWEMQt-iz7VYMiuB4wu5UAJgLZv-h7c_8UCpEMWlBof9GVVUyd5PO2Pr61XLZXXXe6Hzb_edQkNHe4tj98C2K73Rm8HV1R5FAWc44hd6TxZWaIE0mQXxxgyhefGYkCIWdFjynAM77LqEXrz-4pXAsdlK3XlR3jnenzanAta1fxZjgkNBRlJkTQvyn-4SyPHvVFf2JWYmCS3drfHHlRZ_NunN6yLaFX5xufgfZ4kRt6beJ5VA&sai=AMfl-YTacDKWq9-6nE4skTwFME7-ZxuVQMtWlqbC_nMJxG_pkDuRKmZNPbi6y07HySh2_aV-ZYGs6VaS_0U8S_wTBnTQExklUhvYxpE7YikU_AhVN-94HJmbrHeBSSxb-F8e&sig=Cg0ArKJSzLMRDyFHUcqAEAE&urlfix=1&adurl=
Requested by
Host: appleinsider.com
URL: https://appleinsider.com/articles/21/02/26/hacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 19 Mar 2021 22:06:26 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
tags.js
tags.expo9.exponential.com/tags/AppleInsider/ROS/ Frame 9A20 		59 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.expo9.exponential.com/tags/AppleInsider/ROS/tags.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:417 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6661d6dc1d39eb18523862313f826916e67f6b32fbb34b124184da4921f5fe49

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:26 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
p3p
CP="NOI DEVo TAIa OUR BUS"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14009
cf-request-id
08ee1f9970000016ee1b142000000001
x-function
151
last-modified
Wed, 29 Jul 2020 11:50:12 GMT
server
cloudflare
x-reuse-index
37
etag
13854921556770694164
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=3600, private
cf-ray
632a0208b8ed16ee-FRA
expires
Fri, 19 Mar 2021 23:06:26 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9A20 		117 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
941c260356b6aa75782a27384179a63581c9e41b42155774982f36b0d84cde9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1615980836519751"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36389
x-xss-protection
0
expires
Fri, 19 Mar 2021 22:06:26 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame F708 		139 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.28&th=8645007496&tagKey=3706711333&site=appleinsider&adSpace=ros&center=1&env=display&size=728x90&busted=1&url=https%3A%2F%2Fappleinsider.com%2Farticles%2F21%2F02%2F26%2Fhacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500&f=1&p=11506901&tKey=almneMTFJ12FPpVq7oWTF93d3NQMeG38&a=1&adContainerId=richmedia_2&rnd=11509127
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
760943c5458d877bf9b8cb655c079df027c5f4d0814a7d39968101bbd5d36016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49851
x-xss-protection
0
server
cafe
etag
10627910760205795077
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 19 Mar 2021 22:06:26 GMT
truncated
/ Frame F708 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ed0bd5970fead47fd26fc0d0047e5cd509c6714132ea7f35bb44f7c27ee52f30

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210316/r20190131/ Frame F708 		226 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210316/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2892341250670811&plah=appleinsider.com&amaexp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
76de05ef38c3493027e88617f808b48e1683e54a4e2989862d1afc85933f01eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
86501
x-xss-protection
0
server
cafe
etag
16342648926818324530
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 19 Mar 2021 22:06:26 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210316/r20190131/ Frame 625D 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210316/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c44ef8885a1386dad99986e4de63457883d50b1a966d27b502f37d691d7bd770
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210316/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://appleinsider.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUnL1upVaiihkhKeln-YMOtf95jwtL_ugs1vbyvom_s-pNe_czmz4eJAmmsjEeo; test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://appleinsider.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Fri, 19 Mar 2021 04:26:34 GMT
expires
Fri, 02 Apr 2021 04:26:34 GMT
content-type
text/html; charset=UTF-8
etag
14488317231655078900
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4661
x-xss-protection
0
age
63592
cache-control
public, max-age=1209600
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
displayAd.js
s.tribalfusion.com/ Frame 9A20 		677 B
741 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/displayAd.js?dver=0.8&th=8645007496
Requested by
Host: tags.expo9.exponential.com
URL: https://tags.expo9.exponential.com/tags/AppleInsider/ROS/tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c119eb1fefdf0d48b4eddbcb8c30680212e8d59728a0e466d69b8628a7fc2682

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:27 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
p3p
CP="NOI DEVo TAIa OUR BUS"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
329
cf-request-id
08ee1f9a2300004e55e6bf9000000001
x-function
153
last-modified
Tue, 04 Apr 2017 05:09:56 GMT
server
cloudflare
x-reuse-index
364
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
private
cf-ray
632a0209dc884e55-FRA
expires
Thu, 17 Jun 2021 22:06:26 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame F708 		12 B
278 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=appleinsider.com&callback=_gfp_s_&client=ca-pub-2892341250670811&cookie=ID%3Dc126d79272295234-22deadc7d5ba00a1%3AT%3D1616191585%3AS%3DALNI_MYz6GbskdgJ43k2SohTU7mriYA_sg
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210316/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2892341250670811&plah=appleinsider.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame F708 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=appleinsider.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210316/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2892341250670811&plah=appleinsider.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 19 Mar 2021 22:06:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame F708 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=appleinsider.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210316/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2892341250670811&plah=appleinsider.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 19 Mar 2021 22:06:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 477A 		94 KB
35 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2892341250670811&output=html&h=90&slotname=1393785910&adk=515333760&adf=1766241116&pi=t.ma~as.1393785910&w=728&psa=0&format=728x90&url=https%3A%2F%2Fappleinsider.com%2Farticles%2F21%2F02%2F26%2Fhacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500&ea=0&flash=0&wgl=1&dt=1616191586803&bpp=19&bdt=667&idt=79&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dc126d79272295234-22deadc7d5ba00a1%3AT%3D1616191585%3AS%3DALNI_MYz6GbskdgJ43k2SohTU7mriYA_sg&correlator=6820821975866&frm=23&ife=4&pv=2&ga_vid=460626028.1616191583&ga_sid=1616191587&ga_hid=667748706&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=82&biw=1600&bih=1200&isw=728&ish=90&ifk=2276593134&scr_x=0&scr_y=0&eid=42530671%2C21068084%2C44739387&oid=3&pvsid=3351588543320188&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.40wh5bdy6rbx&fsb=1&dtd=95
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210316/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2892341250670811&plah=appleinsider.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0b1f6bfe4f72c20bff3541757537727990fd11d721e8ee3425bdf9fd22c77fcb
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12488987712501309954/728x90_Crypto_CYSEC/728x90_Crypto_CYSEC.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12488987712501309954/728x90_Crypto_CYSEC/728x90_Crypto_CYSEC.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CP_Ht-uuve8CFdQAGwodL3UD7A&gqi=YiBVYPuUOc-X-wby25XYCQ&layout=/sadbundle/%24csp%253Der3%24/12488987712501309954/728x90_Crypto_CYSEC/728x90_Crypto_CYSEC.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-2892341250670811&output=html&h=90&slotname=1393785910&adk=515333760&adf=1766241116&pi=t.ma~as.1393785910&w=728&psa=0&format=728x90&url=https%3A%2F%2Fappleinsider.com%2Farticles%2F21%2F02%2F26%2Fhacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500&ea=0&flash=0&wgl=1&dt=1616191586803&bpp=19&bdt=667&idt=79&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dc126d79272295234-22deadc7d5ba00a1%3AT%3D1616191585%3AS%3DALNI_MYz6GbskdgJ43k2SohTU7mriYA_sg&correlator=6820821975866&frm=23&ife=4&pv=2&ga_vid=460626028.1616191583&ga_sid=1616191587&ga_hid=667748706&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=82&biw=1600&bih=1200&isw=728&ish=90&ifk=2276593134&scr_x=0&scr_y=0&eid=42530671%2C21068084%2C44739387&oid=3&pvsid=3351588543320188&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.40wh5bdy6rbx&fsb=1&dtd=95
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://appleinsider.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUnL1upVaiihkhKeln-YMOtf95jwtL_ugs1vbyvom_s-pNe_czmz4eJAmmsjEeo; test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://appleinsider.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12488987712501309954/728x90_Crypto_CYSEC/728x90_Crypto_CYSEC.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12488987712501309954/728x90_Crypto_CYSEC/728x90_Crypto_CYSEC.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CP_Ht-uuve8CFdQAGwodL3UD7A&gqi=YiBVYPuUOc-X-wby25XYCQ&layout=/sadbundle/%24csp%253Der3%24/12488987712501309954/728x90_Crypto_CYSEC/728x90_Crypto_CYSEC.html
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 19 Mar 2021 22:06:27 GMT
server
cafe
content-length
34679
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ Frame F708 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210316/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2892341250670811&plah=appleinsider.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca625f204331905abf3b4d86a89dfb9799c63771723b9b15c5b54c1f9fb2b83c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1615980824644616"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28204
x-xss-protection
0
expires
Fri, 19 Mar 2021 22:06:26 GMT
j.ad
s.tribalfusion.com/ Frame 9A20 		423 B
783 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.28&th=8645007496&tagKey=3706711333&site=appleinsider&adSpace=ros&center=1&env=display&size=300x250&busted=1&url=https%3A%2F%2Fappleinsider.com%2Farticles%2F21%2F02%2F26%2Fhacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500&f=1&p=11506901&tKey=afmneMS6nvTHJVTrn12bPq1HnCQMeWVP&a=3&adContainerId=richmedia_4&rnd=11510430
Requested by
Host: tags.expo9.exponential.com
URL: https://tags.expo9.exponential.com/tags/AppleInsider/ROS/tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
840dda9350b05523e4b89181044ead329a29421b30ebca38812d73ebc9d5b290

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:27 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
p3p
CP="NOI DEVo TAIa OUR BUS"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
293
cf-request-id
08ee1f9af200004e55b4231000000001
pragma
no-cache
x-function
101
server
cloudflare
x-reuse-index
381
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
private, no-cache, no-store, proxy-revalidate
cf-ray
632a020b1f074e55-FRA
expires
0
view
securepubads.g.doubleclick.net/pcs/ Frame 2118 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvUfjr-8qmhJGUNlH3y_gILVj1iXe7RVIIKzzVa3xovDevtKIqHCzW6yC6YJI9t_jX6y62JMSuM_d9trDNxWQ4K4e5noAdqnB2__SR5QOL0Ol186Tqb5nVovwBlzDi-mfpJ_VWAYq9oZAXgl_FdLeM3IMD_KMn50AfE_VxHiQkZTnmS1VXGlzif25dx4UvYIVLNCwyP8WHs9KdxapB7aKOBoeaDBMpNmj08w2oetnpHTVTBklkmsOpzSbkLAf6a3wo9FkCby8T9fxYHOZDHiHoQ9Z2e83zXfdmnaDe4pScbAH5GC6lFHdrVmTcnkeytusjn031N5sEs9XnVspuaoml-V8g0R4bwqg&sai=AMfl-YR5o7bbqFGrhjuoM6GhvW8ijaCviJ7K5bAkSbXNJHYT5t_agwYrFvD5YJTDs0cywsKbapnsp1O5vBnjdDOFh9uFphlEmcRzJSXR7t1j_eUfrMw9VI5P_g9_W_53X2_p&sig=Cg0ArKJSzKAF-e7xn2KREAE&urlfix=1&adurl=
Requested by
Host: appleinsider.com
URL: https://appleinsider.com/articles/21/02/26/hacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 19 Mar 2021 22:06:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
tags.js
tags.expo9.exponential.com/tags/AppleInsider/ROS/ Frame 2118 		59 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.expo9.exponential.com/tags/AppleInsider/ROS/tags.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:417 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6661d6dc1d39eb18523862313f826916e67f6b32fbb34b124184da4921f5fe49

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:27 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
p3p
CP="NOI DEVo TAIa OUR BUS"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14009
cf-request-id
08ee1f9b07000016ee1b153000000001
x-function
151
last-modified
Wed, 29 Jul 2020 11:50:12 GMT
server
cloudflare
x-reuse-index
26
etag
13854921556770694164
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=3600, private
cf-ray
632a020b3bbe16ee-FRA
expires
Fri, 19 Mar 2021 23:06:27 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 2118 		117 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
941c260356b6aa75782a27384179a63581c9e41b42155774982f36b0d84cde9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1615980836519751"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36389
x-xss-protection
0
expires
Fri, 19 Mar 2021 22:06:27 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 9A20 		139 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.28&th=8645007496&tagKey=3706711333&site=appleinsider&adSpace=ros&center=1&env=display&size=300x250&busted=1&url=https%3A%2F%2Fappleinsider.com%2Farticles%2F21%2F02%2F26%2Fhacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500&f=1&p=11506901&tKey=afmneMS6nvTHJVTrn12bPq1HnCQMeWVP&a=3&adContainerId=richmedia_4&rnd=11510430
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
760943c5458d877bf9b8cb655c079df027c5f4d0814a7d39968101bbd5d36016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49851
x-xss-protection
0
server
cafe
etag
10627910760205795077
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 19 Mar 2021 22:06:27 GMT
truncated
/ Frame 9A20 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c9f94366ef7123559757e28fd3a0163ce8678403548505a768b8557ebd1a0c11

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
displayAd.js
s.tribalfusion.com/ Frame 2118 		678 B
756 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/displayAd.js?dver=0.8&th=8645007496
Requested by
Host: tags.expo9.exponential.com
URL: https://tags.expo9.exponential.com/tags/AppleInsider/ROS/tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34d7002be9cf6b6e6d901d7c836ddafe1faf456c54ae2601f3b64880ab4e72b7

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:27 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
p3p
CP="NOI DEVo TAIa OUR BUS"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
332
cf-request-id
08ee1f9bb800004e55df074000000001
x-function
153
last-modified
Tue, 04 Apr 2017 05:09:56 GMT
server
cloudflare
x-reuse-index
96
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
private
cf-ray
632a020c59534e55-FRA
expires
Thu, 17 Jun 2021 22:06:27 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210316/r20190131/ Frame 9A20 		226 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210316/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2892341250670811&plah=appleinsider.com&amaexp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
76de05ef38c3493027e88617f808b48e1683e54a4e2989862d1afc85933f01eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
86501
x-xss-protection
0
server
cafe
etag
16342648926818324530
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 19 Mar 2021 22:06:27 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame B5D1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstoUFqExODeq8Wgn0okqRvDJC4sslLuSnXREsQKHp85yDO2bQZ9_wp3NLPm3NBCPeQ8Fq3OvyWHvnzdqtvlmum8nzKosuH2OPk5uyA5kicu3Ed9vS2x17iQ6LyYKy8MRcsMA4Mr7T09wNf1nEfD3vlFqzwpDP64V0o6yBUt5bqNqkyNEGTDfaGE0MZwvn_ESX0yOQi-GVza9GUsCGz8HfhOAPewwB9o1fVaD1z5E75Te5pETJyZynmNvtGta0t3Yowvtg2CanyUuJtRMd-zOFSddzTNR4MpwDLrGnxENvE49ojRSDL2nYZItSt1MHHBfM-BKr6dzYx9srT1gZfXXw&sai=AMfl-YQJoypE8JYrEkIVYAE3YkGl_PsShmHMVbBqvQ6pUNpt_rRZ1f_0wGi2morci8zckUGgWAVvJSmCJ8EpG72Rah60ggWgKIU2bQJhL_uppfggDh28Vr2mDuY6fnVIdEg&sig=Cg0ArKJSzDjbz8aEX1NLEAE&urlfix=1&adurl=
Requested by
Host: appleinsider.com
URL: https://appleinsider.com/articles/21/02/26/hacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 19 Mar 2021 22:06:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 19 Mar 2021 22:06:27 GMT
tags.js
tags.expo9.exponential.com/tags/AppleInsidercomMobile/ROS/ Frame B5D1 		59 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.expo9.exponential.com/tags/AppleInsidercomMobile/ROS/tags.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:417 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eefd3a56fd15759a72dbb2f579e7afd77eae3a881f62533e5454cd24c5b00164

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:28 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
p3p
CP="NOI DEVo TAIa OUR BUS"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
14004
cf-request-id
08ee1f9bd0000016eed4335000000001
x-function
151
last-modified
Wed, 29 Jul 2020 11:50:12 GMT
server
cloudflare
x-reuse-index
1
etag
465983014131723928
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=3600, private
cf-ray
632a020c8d0816ee-FRA
expires
Fri, 19 Mar 2021 23:06:27 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B5D1 		117 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
941c260356b6aa75782a27384179a63581c9e41b42155774982f36b0d84cde9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1615980836519751"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36389
x-xss-protection
0
expires
Fri, 19 Mar 2021 22:06:27 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame 9A20 		12 B
97 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=appleinsider.com&callback=_gfp_s_&client=ca-pub-2892341250670811&cookie=ID%3D6ddf312c3325c223-224230e9d5ba0063%3AT%3D1616191585%3AS%3DALNI_MZvLbSGq7W1MgXCMdujphbmx0XEcA
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210316/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2892341250670811&plah=appleinsider.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame 9A20 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=appleinsider.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210316/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2892341250670811&plah=appleinsider.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 19 Mar 2021 22:06:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 9A20 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=appleinsider.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210316/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2892341250670811&plah=appleinsider.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 19 Mar 2021 22:06:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame A99B 		80 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2892341250670811&output=html&h=250&slotname=3169902014&adk=332698300&adf=432074505&pi=t.ma~as.3169902014&w=300&psa=0&format=300x250&url=https%3A%2F%2Fappleinsider.com%2Farticles%2F21%2F02%2F26%2Fhacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500&ea=0&flash=0&wgl=1&dt=1616191587262&bpp=2&bdt=595&idt=66&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3D6ddf312c3325c223-224230e9d5ba0063%3AT%3D1616191585%3AS%3DALNI_MZvLbSGq7W1MgXCMdujphbmx0XEcA&correlator=6820821975866&frm=23&ife=4&pv=1&ga_vid=1305290599.1616191587&ga_sid=1616191587&ga_hid=380335203&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1103&ady=1960&biw=1600&bih=1200&isw=300&ish=250&ifk=2566836725&scr_x=0&scr_y=0&eid=44735931%2C44739387&oid=3&pvsid=2386061136761195&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.5t0m5vyp89u8&btvi=1&fsb=1&dtd=73
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210316/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2892341250670811&plah=appleinsider.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d538fc0da4c0569e6d9b9f9b6bdcd7753a1e53e4c3a6bd30ae928ff85ef1e87b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-2892341250670811&output=html&h=250&slotname=3169902014&adk=332698300&adf=432074505&pi=t.ma~as.3169902014&w=300&psa=0&format=300x250&url=https%3A%2F%2Fappleinsider.com%2Farticles%2F21%2F02%2F26%2Fhacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500&ea=0&flash=0&wgl=1&dt=1616191587262&bpp=2&bdt=595&idt=66&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3D6ddf312c3325c223-224230e9d5ba0063%3AT%3D1616191585%3AS%3DALNI_MZvLbSGq7W1MgXCMdujphbmx0XEcA&correlator=6820821975866&frm=23&ife=4&pv=1&ga_vid=1305290599.1616191587&ga_sid=1616191587&ga_hid=380335203&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1103&ady=1960&biw=1600&bih=1200&isw=300&ish=250&ifk=2566836725&scr_x=0&scr_y=0&eid=44735931%2C44739387&oid=3&pvsid=2386061136761195&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.5t0m5vyp89u8&btvi=1&fsb=1&dtd=73
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://appleinsider.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://appleinsider.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
access-control-expose-headers
x-google-amp-ad-validated-version
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 19 Mar 2021 22:06:27 GMT
server
cafe
content-length
13786
x-xss-protection
0
set-cookie
IDE=AHWqTUl7sSD16K_UaLe-_U6OFSgZzbf2cvPX5vSyL60bPTuWqaF29ZscVVY0sMoLVT0; expires=Wed, 13-Apr-2022 22:06:27 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 19 Mar 2021 22:06:27 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ Frame 9A20 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210316/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2892341250670811&plah=appleinsider.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca625f204331905abf3b4d86a89dfb9799c63771723b9b15c5b54c1f9fb2b83c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1615980824644616"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28204
x-xss-protection
0
expires
Fri, 19 Mar 2021 22:06:27 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/ Frame 477A 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2892341250670811&output=html&h=90&slotname=1393785910&adk=515333760&adf=1766241116&pi=t.ma~as.1393785910&w=728&psa=0&format=728x90&url=https%3A%2F%2Fappleinsider.com%2Farticles%2F21%2F02%2F26%2Fhacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500&ea=0&flash=0&wgl=1&dt=1616191586803&bpp=19&bdt=667&idt=79&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dc126d79272295234-22deadc7d5ba00a1%3AT%3D1616191585%3AS%3DALNI_MYz6GbskdgJ43k2SohTU7mriYA_sg&correlator=6820821975866&frm=23&ife=4&pv=2&ga_vid=460626028.1616191583&ga_sid=1616191587&ga_hid=667748706&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=82&biw=1600&bih=1200&isw=728&ish=90&ifk=2276593134&scr_x=0&scr_y=0&eid=42530671%2C21068084%2C44739387&oid=3&pvsid=3351588543320188&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.40wh5bdy6rbx&fsb=1&dtd=95
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
849218b5e3074469cfb7a5af5e80ec8916f16ab5b83448df8b348e102ca8ca70
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:05:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
61
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7120
x-xss-protection
0
server
cafe
etag
15132876316592709121
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 02 Apr 2021 22:05:26 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame 477A 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2892341250670811&output=html&h=90&slotname=1393785910&adk=515333760&adf=1766241116&pi=t.ma~as.1393785910&w=728&psa=0&format=728x90&url=https%3A%2F%2Fappleinsider.com%2Farticles%2F21%2F02%2F26%2Fhacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500&ea=0&flash=0&wgl=1&dt=1616191586803&bpp=19&bdt=667&idt=79&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dc126d79272295234-22deadc7d5ba00a1%3AT%3D1616191585%3AS%3DALNI_MYz6GbskdgJ43k2SohTU7mriYA_sg&correlator=6820821975866&frm=23&ife=4&pv=2&ga_vid=460626028.1616191583&ga_sid=1616191587&ga_hid=667748706&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=82&biw=1600&bih=1200&isw=728&ish=90&ifk=2276593134&scr_x=0&scr_y=0&eid=42530671%2C21068084%2C44739387&oid=3&pvsid=3351588543320188&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.40wh5bdy6rbx&fsb=1&dtd=95
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 02 Apr 2021 22:06:20 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 477A 		117 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2892341250670811&output=html&h=90&slotname=1393785910&adk=515333760&adf=1766241116&pi=t.ma~as.1393785910&w=728&psa=0&format=728x90&url=https%3A%2F%2Fappleinsider.com%2Farticles%2F21%2F02%2F26%2Fhacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500&ea=0&flash=0&wgl=1&dt=1616191586803&bpp=19&bdt=667&idt=79&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dc126d79272295234-22deadc7d5ba00a1%3AT%3D1616191585%3AS%3DALNI_MYz6GbskdgJ43k2SohTU7mriYA_sg&correlator=6820821975866&frm=23&ife=4&pv=2&ga_vid=460626028.1616191583&ga_sid=1616191587&ga_hid=667748706&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=82&biw=1600&bih=1200&isw=728&ish=90&ifk=2276593134&scr_x=0&scr_y=0&eid=42530671%2C21068084%2C44739387&oid=3&pvsid=3351588543320188&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.40wh5bdy6rbx&fsb=1&dtd=95
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
941c260356b6aa75782a27384179a63581c9e41b42155774982f36b0d84cde9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1615980836519751"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36389
x-xss-protection
0
expires
Fri, 19 Mar 2021 22:06:27 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame 477A 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2892341250670811&output=html&h=90&slotname=1393785910&adk=515333760&adf=1766241116&pi=t.ma~as.1393785910&w=728&psa=0&format=728x90&url=https%3A%2F%2Fappleinsider.com%2Farticles%2F21%2F02%2F26%2Fhacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500&ea=0&flash=0&wgl=1&dt=1616191586803&bpp=19&bdt=667&idt=79&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dc126d79272295234-22deadc7d5ba00a1%3AT%3D1616191585%3AS%3DALNI_MYz6GbskdgJ43k2SohTU7mriYA_sg&correlator=6820821975866&frm=23&ife=4&pv=2&ga_vid=460626028.1616191583&ga_sid=1616191587&ga_hid=667748706&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=82&biw=1600&bih=1200&isw=728&ish=90&ifk=2276593134&scr_x=0&scr_y=0&eid=42530671%2C21068084%2C44739387&oid=3&pvsid=3351588543320188&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.40wh5bdy6rbx&fsb=1&dtd=95
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
570c04b30a5c8fa6ceaff96ea6d3a0dfabd85dee3edae40e38b0344a7278f254
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:04:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
118
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5991
x-xss-protection
0
server
cafe
etag
8832118191516519848
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 02 Apr 2021 22:04:29 GMT
l
www.google.com/ads/measurement/ Frame 477A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaR1yEjePQ8LCDgbkgqj5ITTnSJi2rdzyqGyleEP_fQhue8_i59f5QVzsTXSOfcWLU9c3iPqFreDMwQz_KFCIYImFIHEhA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2892341250670811&output=html&h=90&slotname=1393785910&adk=515333760&adf=1766241116&pi=t.ma~as.1393785910&w=728&psa=0&format=728x90&url=https%3A%2F%2Fappleinsider.com%2Farticles%2F21%2F02%2F26%2Fhacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500&ea=0&flash=0&wgl=1&dt=1616191586803&bpp=19&bdt=667&idt=79&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dc126d79272295234-22deadc7d5ba00a1%3AT%3D1616191585%3AS%3DALNI_MYz6GbskdgJ43k2SohTU7mriYA_sg&correlator=6820821975866&frm=23&ife=4&pv=2&ga_vid=460626028.1616191583&ga_sid=1616191587&ga_hid=667748706&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=82&biw=1600&bih=1200&isw=728&ish=90&ifk=2276593134&scr_x=0&scr_y=0&eid=42530671%2C21068084%2C44739387&oid=3&pvsid=3351588543320188&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.40wh5bdy6rbx&fsb=1&dtd=95
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
728x90_Crypto_CYSEC.html
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12488987712501309954/728x90_Crypto_CYSEC/ Frame 8A6C 		356 KB
54 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12488987712501309954/728x90_Crypto_CYSEC/728x90_Crypto_CYSEC.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2892341250670811&output=html&h=90&slotname=1393785910&adk=515333760&adf=1766241116&pi=t.ma~as.1393785910&w=728&psa=0&format=728x90&url=https%3A%2F%2Fappleinsider.com%2Farticles%2F21%2F02%2F26%2Fhacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500&ea=0&flash=0&wgl=1&dt=1616191586803&bpp=19&bdt=667&idt=79&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dc126d79272295234-22deadc7d5ba00a1%3AT%3D1616191585%3AS%3DALNI_MYz6GbskdgJ43k2SohTU7mriYA_sg&correlator=6820821975866&frm=23&ife=4&pv=2&ga_vid=460626028.1616191583&ga_sid=1616191587&ga_hid=667748706&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=82&biw=1600&bih=1200&isw=728&ish=90&ifk=2276593134&scr_x=0&scr_y=0&eid=42530671%2C21068084%2C44739387&oid=3&pvsid=3351588543320188&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.40wh5bdy6rbx&fsb=1&dtd=95
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
237e58d4929062172ba4faa1a73496b655c51f55e5f2f4e3442354555acb18ed
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sadbundle/$csp%3Der3$/12488987712501309954/728x90_Crypto_CYSEC/728x90_Crypto_CYSEC.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
access-control-allow-origin
*
content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
date
Thu, 18 Mar 2021 02:11:34 GMT
expires
Fri, 18 Mar 2022 02:11:34 GMT
last-modified
Sun, 07 Feb 2021 23:39:33 GMT
x-content-type-options
nosniff
x-dns-prefetch-control
off
content-encoding
gzip
server
sffe
x-xss-protection
0
content-length
53314
age
158093
cache-control
public, max-age=31536000
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
adview
googleads.g.doubleclick.net/pagead/ Frame 477A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C2Aw4YiBVYP-OOtSBbK_qjeAOr9iD9WHbmduwlA2F3aOn2QIQASCm4vQBYJWKuILIB6AB6tyA0QLIAQmpApQ0LZp_9qk-qAMByANIqgSPAk_QLBv6H6odBtBO0zpJbzcSO2wu9adzs_zDiDLMU2m2yPKwRZGKDWZVlcVvArwGGGWS0Mc6iid6lK6dAO37EISNXiE7zpo-BXn2URcG_wxnpOpP9D09JO-_FG1uX9-qIvI99dbibT8JdTGZRQHHf8NDoPYft30yt4vdiWVx5N-SyRUuMHwV_O82INwVCHvOwh6VEv9m0R4UGBxp1R8NR93-70A4K8JhIRrKOx3VPBwvFOt860qHh9bIKZbmaUBJXIUvq25HKDLdFUlF5mpK3xCP8B7dMohfpT8r3_X65govxpc1udvKv6tdQY1gZlIDK8GPG5zgDI1PmsyxB1gArtYsMokPNtj6JlIeiTq0eiPABNCM2ea6A5IFBAgEGAGSBQQIBRgEoAYugAf-ov-uAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBRDR2tgB0ggJCIDhgBAQARgfgAoByAsB2BMNshcaChgIABIUcHViLTI4OTIzNDEyNTA2NzA4MTE&sigh=Dz3FRl-Semc&template_id=419&tpd=AGWhJmuA5tqilk91ogH7o73YGGqkOCNDiuQocbv02IjnJm2n5g
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2892341250670811&output=html&h=90&slotname=1393785910&adk=515333760&adf=1766241116&pi=t.ma~as.1393785910&w=728&psa=0&format=728x90&url=https%3A%2F%2Fappleinsider.com%2Farticles%2F21%2F02%2F26%2Fhacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500&ea=0&flash=0&wgl=1&dt=1616191586803&bpp=19&bdt=667&idt=79&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dc126d79272295234-22deadc7d5ba00a1%3AT%3D1616191585%3AS%3DALNI_MYz6GbskdgJ43k2SohTU7mriYA_sg&correlator=6820821975866&frm=23&ife=4&pv=2&ga_vid=460626028.1616191583&ga_sid=1616191587&ga_hid=667748706&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=82&biw=1600&bih=1200&isw=728&ish=90&ifk=2276593134&scr_x=0&scr_y=0&eid=42530671%2C21068084%2C44739387&oid=3&pvsid=3351588543320188&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.40wh5bdy6rbx&fsb=1&dtd=95
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2892341250670811&output=html&h=90&slotname=1393785910&adk=515333760&adf=1766241116&pi=t.ma~as.1393785910&w=728&psa=0&format=728x90&url=https%3A%2F%2Fappleinsider.com%2Farticles%2F21%2F02%2F26%2Fhacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500&ea=0&flash=0&wgl=1&dt=1616191586803&bpp=19&bdt=667&idt=79&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dc126d79272295234-22deadc7d5ba00a1%3AT%3D1616191585%3AS%3DALNI_MYz6GbskdgJ43k2SohTU7mriYA_sg&correlator=6820821975866&frm=23&ife=4&pv=2&ga_vid=460626028.1616191583&ga_sid=1616191587&ga_hid=667748706&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=82&biw=1600&bih=1200&isw=728&ish=90&ifk=2276593134&scr_x=0&scr_y=0&eid=42530671%2C21068084%2C44739387&oid=3&pvsid=3351588543320188&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.40wh5bdy6rbx&fsb=1&dtd=95
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Fri, 19 Mar 2021 22:06:27 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
s
googleads.g.doubleclick.net/pagead/drt/ Frame 8E26 		143 B
220 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2892341250670811&output=html&h=90&slotname=1393785910&adk=515333760&adf=1766241116&pi=t.ma~as.1393785910&w=728&psa=0&format=728x90&url=https%3A%2F%2Fappleinsider.com%2Farticles%2F21%2F02%2F26%2Fhacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500&ea=0&flash=0&wgl=1&dt=1616191586803&bpp=19&bdt=667&idt=79&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dc126d79272295234-22deadc7d5ba00a1%3AT%3D1616191585%3AS%3DALNI_MYz6GbskdgJ43k2SohTU7mriYA_sg&correlator=6820821975866&frm=23&ife=4&pv=2&ga_vid=460626028.1616191583&ga_sid=1616191587&ga_hid=667748706&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=82&biw=1600&bih=1200&isw=728&ish=90&ifk=2276593134&scr_x=0&scr_y=0&eid=42530671%2C21068084%2C44739387&oid=3&pvsid=3351588543320188&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.40wh5bdy6rbx&fsb=1&dtd=95
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2892341250670811&output=html&h=90&slotname=1393785910&adk=515333760&adf=1766241116&pi=t.ma~as.1393785910&w=728&psa=0&format=728x90&url=https%3A%2F%2Fappleinsider.com%2Farticles%2F21%2F02%2F26%2Fhacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500&ea=0&flash=0&wgl=1&dt=1616191586803&bpp=19&bdt=667&idt=79&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dc126d79272295234-22deadc7d5ba00a1%3AT%3D1616191585%3AS%3DALNI_MYz6GbskdgJ43k2SohTU7mriYA_sg&correlator=6820821975866&frm=23&ife=4&pv=2&ga_vid=460626028.1616191583&ga_sid=1616191587&ga_hid=667748706&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=82&biw=1600&bih=1200&isw=728&ish=90&ifk=2276593134&scr_x=0&scr_y=0&eid=42530671%2C21068084%2C44739387&oid=3&pvsid=3351588543320188&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.40wh5bdy6rbx&fsb=1&dtd=95
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUlaFZn10Ht20cCwEbaM73iymTdN1TN2AQWIU6kE-T1BIM_dtz2mA3WfY4wt9Jw
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2892341250670811&output=html&h=90&slotname=1393785910&adk=515333760&adf=1766241116&pi=t.ma~as.1393785910&w=728&psa=0&format=728x90&url=https%3A%2F%2Fappleinsider.com%2Farticles%2F21%2F02%2F26%2Fhacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500&ea=0&flash=0&wgl=1&dt=1616191586803&bpp=19&bdt=667&idt=79&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dc126d79272295234-22deadc7d5ba00a1%3AT%3D1616191585%3AS%3DALNI_MYz6GbskdgJ43k2SohTU7mriYA_sg&correlator=6820821975866&frm=23&ife=4&pv=2&ga_vid=460626028.1616191583&ga_sid=1616191587&ga_hid=667748706&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=82&biw=1600&bih=1200&isw=728&ish=90&ifk=2276593134&scr_x=0&scr_y=0&eid=42530671%2C21068084%2C44739387&oid=3&pvsid=3351588543320188&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.40wh5bdy6rbx&fsb=1&dtd=95

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Fri, 19 Mar 2021 21:41:26 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
1501
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_csp
pagead2.googlesyndication.com/pagead/ Frame 477A 		0
433 B 		Other
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CP_Ht-uuve8CFdQAGwodL3UD7A&gqi=YiBVYPuUOc-X-wby25XYCQ&layout=/sadbundle/%24csp%253Der3%24/12488987712501309954/728x90_Crypto_CYSEC/728x90_Crypto_CYSEC.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2892341250670811&output=html&h=90&slotname=1393785910&adk=515333760&adf=1766241116&pi=t.ma~as.1393785910&w=728&psa=0&format=728x90&url=https%3A%2F%2Fappleinsider.com%2Farticles%2F21%2F02%2F26%2Fhacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500&ea=0&flash=0&wgl=1&dt=1616191586803&bpp=19&bdt=667&idt=79&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dc126d79272295234-22deadc7d5ba00a1%3AT%3D1616191585%3AS%3DALNI_MYz6GbskdgJ43k2SohTU7mriYA_sg&correlator=6820821975866&frm=23&ife=4&pv=2&ga_vid=460626028.1616191583&ga_sid=1616191587&ga_hid=667748706&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=82&biw=1600&bih=1200&isw=728&ish=90&ifk=2276593134&scr_x=0&scr_y=0&eid=42530671%2C21068084%2C44739387&oid=3&pvsid=3351588543320188&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.40wh5bdy6rbx&fsb=1&dtd=95
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Fri, 19 Mar 2021 22:06:27 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 8E26
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
139 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2892341250670811&output=html&h=90&slotname=1393785910&adk=515333760&adf=1766241116&pi=t.ma~as.1393785910&w=728&psa=0&format=728x90&url=https%3A%2F%2Fappleinsider.com%2Farticles%2F21%2F02%2F26%2Fhacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500&ea=0&flash=0&wgl=1&dt=1616191586803&bpp=19&bdt=667&idt=79&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dc126d79272295234-22deadc7d5ba00a1%3AT%3D1616191585%3AS%3DALNI_MYz6GbskdgJ43k2SohTU7mriYA_sg&correlator=6820821975866&frm=23&ife=4&pv=2&ga_vid=460626028.1616191583&ga_sid=1616191587&ga_hid=667748706&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=82&biw=1600&bih=1200&isw=728&ish=90&ifk=2276593134&scr_x=0&scr_y=0&eid=42530671%2C21068084%2C44739387&oid=3&pvsid=3351588543320188&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.40wh5bdy6rbx&fsb=1&dtd=95
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUlaFZn10Ht20cCwEbaM73iymTdN1TN2AQWIU6kE-T1BIM_dtz2mA3WfY4wt9Jw
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Fri, 19 Mar 2021 22:06:27 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Fri, 19-Mar-2021 23:06:27 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 19 Mar 2021 22:06:27 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Fri, 19 Mar 2021 22:06:27 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 477A 		221 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
153cf98de2d8701822c7f158b379f27a10c6fdc3204e473ef6ec42b80148fa87

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
j.ad
s.tribalfusion.com/ Frame 2118 		423 B
882 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.28&th=8645007496&tagKey=3706711333&site=appleinsider&adSpace=ros&center=1&env=display&size=300x250&busted=1&url=https%3A%2F%2Fappleinsider.com%2Farticles%2F21%2F02%2F26%2Fhacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500&f=1&p=11506901&tKey=aQmneMQPJB3tBq1WZbLmdPNSS38QMeLBN&a=5&adContainerId=richmedia_6&rnd=11508579
Requested by
Host: tags.expo9.exponential.com
URL: https://tags.expo9.exponential.com/tags/AppleInsider/ROS/tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
840dda9350b05523e4b89181044ead329a29421b30ebca38812d73ebc9d5b290

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:27 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
p3p
CP="NOI DEVo TAIa OUR BUS"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
293
cf-request-id
08ee1f9c8d00004e55c3828000000001
pragma
no-cache
x-function
101
server
cloudflare
x-reuse-index
604
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
private, no-cache, no-store, proxy-revalidate
cf-ray
632a020dabbe4e55-FRA
expires
0
exitapi-impl.js
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 8A6C 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12488987712501309954/728x90_Crypto_CYSEC/728x90_Crypto_CYSEC.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 12:33:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
34382
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3271
x-xss-protection
0
server
cafe
etag
7483759447172721109
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Sat, 20 Mar 2021 12:33:25 GMT
addata.js
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 8A6C 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12488987712501309954/728x90_Crypto_CYSEC/728x90_Crypto_CYSEC.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 12:41:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
33873
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8867
x-xss-protection
0
server
cafe
etag
18043545750443934562
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
timing-allow-origin
*
expires
Sat, 20 Mar 2021 12:41:54 GMT
createjs-2015.11.26.min.js
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12488987712501309954/728x90_Crypto_CYSEC/libs/ Frame 8A6C 		186 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12488987712501309954/728x90_Crypto_CYSEC/libs/createjs-2015.11.26.min.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12488987712501309954/728x90_Crypto_CYSEC/728x90_Crypto_CYSEC.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
60f05d358e0777fa5948d114025fac40231d57ee6e877d44c3629518927a5091
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding
gzip
x-content-type-options
nosniff
age
165324
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49532
x-xss-protection
0
last-modified
Sun, 07 Feb 2021 23:39:33 GMT
server
sffe
date
Thu, 18 Mar 2021 00:11:03 GMT
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 18 Mar 2022 00:11:03 GMT
b1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12488987712501309954/728x90_Crypto_CYSEC/images/ Frame 8A6C 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12488987712501309954/728x90_Crypto_CYSEC/images/b1.png?1612705245660
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2892341250670811&output=html&h=90&slotname=1393785910&adk=515333760&adf=1766241116&pi=t.ma~as.1393785910&w=728&psa=0&format=728x90&url=https%3A%2F%2Fappleinsider.com%2Farticles%2F21%2F02%2F26%2Fhacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500&ea=0&flash=0&wgl=1&dt=1616191586803&bpp=19&bdt=667&idt=79&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dc126d79272295234-22deadc7d5ba00a1%3AT%3D1616191585%3AS%3DALNI_MYz6GbskdgJ43k2SohTU7mriYA_sg&correlator=6820821975866&frm=23&ife=4&pv=2&ga_vid=460626028.1616191583&ga_sid=1616191587&ga_hid=667748706&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=82&biw=1600&bih=1200&isw=728&ish=90&ifk=2276593134&scr_x=0&scr_y=0&eid=42530671%2C21068084%2C44739387&oid=3&pvsid=3351588543320188&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.40wh5bdy6rbx&fsb=1&dtd=95
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f9f11198f0ab7cfd020549a59766b4679b32cc8abda972f04100388e77df1d1b
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
184211
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2833
x-xss-protection
0
last-modified
Sun, 07 Feb 2021 23:39:33 GMT
server
sffe
date
Wed, 17 Mar 2021 18:56:16 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Mar 2022 18:56:16 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame F708 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuEH4I-oespE8eed6Ev0iUfGiOPA0dJ-KjnfTZCriFRJUArt0mcld7RiJSRsHygNerGqpeVzq2oifpOuDtarV8dYN8UKltdM-SrfOv5IWW6Oa_Ebay_f5nEDh-JsEESVtEoIodk3NXeVLGQH8x-0eIUwwpoM1XFpCjW4Tp-QF_6Gl5T-l-bSBWGrIGdnCTGCLutvDG6V-hXy0tJsyqntwhdo2HpKrTFncq1cWnNYZw8tVhfH2l1vPZY_w32L8z8jnVM24b2iP4zee3Y15d3wjBv172XVk-Vn5O3P-q9x85cBax9UVbw9CirqcIicwlklFTGRMAbHxtPt4cS&sai=AMfl-YTVPr1bAQ3ko9bxHjerF_5XoLj-8EJpwVFmXHbxI1EdGBJ5iITkctey1dQASO9X5HLo8Jg-f5njyK_TE_N5MV-vSoZ25ovv6cOo0OdkykdIJ_yACeJJTlSKhYIj_al-&sig=Cg0ArKJSzBAMU-BPDJgZEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 19 Mar 2021 22:06:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 19 Mar 2021 22:06:27 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame F708 		8 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210316&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210316/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2892341250670811&plah=appleinsider.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3ef5caae394f3fcd94539da9c82807ea6dbb931f617a93c17644819a4a3bb2dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 19 Mar 2021 22:06:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6580
x-xss-protection
0
rum.js
securepubads.g.doubleclick.net/pagead/js/ Frame 477A 		54 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/js/rum.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2892341250670811&output=html&h=90&slotname=1393785910&adk=515333760&adf=1766241116&pi=t.ma~as.1393785910&w=728&psa=0&format=728x90&url=https%3A%2F%2Fappleinsider.com%2Farticles%2F21%2F02%2F26%2Fhacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500&ea=0&flash=0&wgl=1&dt=1616191586803&bpp=19&bdt=667&idt=79&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3Dc126d79272295234-22deadc7d5ba00a1%3AT%3D1616191585%3AS%3DALNI_MYz6GbskdgJ43k2SohTU7mriYA_sg&correlator=6820821975866&frm=23&ife=4&pv=2&ga_vid=460626028.1616191583&ga_sid=1616191587&ga_hid=667748706&ga_fc=1&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=82&biw=1600&bih=1200&isw=728&ish=90&ifk=2276593134&scr_x=0&scr_y=0&eid=42530671%2C21068084%2C44739387&oid=3&pvsid=3351588543320188&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C728%2C90&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.40wh5bdy6rbx&fsb=1&dtd=95
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
3477e8fe3b7becd59943c9497c9a6cdcb7768f59f5c0bba0bcf981c923b25c6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 21:58:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
490
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20897
x-xss-protection
0
server
cafe
etag
7857869394883405340
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Fri, 19 Mar 2021 22:58:17 GMT
b2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12488987712501309954/728x90_Crypto_CYSEC/images/ Frame 8A6C 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12488987712501309954/728x90_Crypto_CYSEC/images/b2.png?1612705245660
Requested by
Host: appleinsider.com
URL: https://appleinsider.com/articles/21/02/26/hacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ce1ed2e9be8ff9df278edca25d9eb912161fdd5d36e8c9a9fa5394637ffa1455
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
359819
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2775
x-xss-protection
0
last-modified
Sun, 07 Feb 2021 23:39:33 GMT
server
sffe
date
Mon, 15 Mar 2021 18:09:28 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 15 Mar 2022 18:09:28 GMT
rum.js
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/ Frame 8A6C 		54 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/rum.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3477e8fe3b7becd59943c9497c9a6cdcb7768f59f5c0bba0bcf981c923b25c6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 16:45:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
19237
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20897
x-xss-protection
0
server
cafe
etag
7857869394883405340
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 02 Apr 2021 16:45:50 GMT
Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js
pagead2.googlesyndication.com/bg/ Frame 8A6C 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ed9e68daec65b2fde80938f332c6813249b5261d1b158b5703574e2c34a14c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 10:03:59 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 15 Mar 2021 13:45:00 GMT
server
sffe
age
43348
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5785
x-xss-protection
0
expires
Sat, 19 Mar 2022 10:03:59 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame F708 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210316/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2892341250670811&plah=appleinsider.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1611170586013198"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6403
x-xss-protection
0
expires
Fri, 19 Mar 2021 22:06:27 GMT
b3.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12488987712501309954/728x90_Crypto_CYSEC/images/ Frame 8A6C 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12488987712501309954/728x90_Crypto_CYSEC/images/b3.png?1612705245660
Requested by
Host: appleinsider.com
URL: https://appleinsider.com/articles/21/02/26/hacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
37e4caae3508151d00a12bf57c48b7b6d430df206af4e3795e7e6c09a7ba2f1b
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
132272
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2794
x-xss-protection
0
last-modified
Sun, 07 Feb 2021 23:39:33 GMT
server
sffe
date
Thu, 18 Mar 2021 09:21:55 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 18 Mar 2022 09:21:55 GMT
b4.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12488987712501309954/728x90_Crypto_CYSEC/images/ Frame 8A6C 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12488987712501309954/728x90_Crypto_CYSEC/images/b4.png?1612705245660
Requested by
Host: appleinsider.com
URL: https://appleinsider.com/articles/21/02/26/hacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
40e4ca785fbdd235ed59f15be7fb71c733d8dec51a75b5ff53943466e6376e3e
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
171691
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2785
x-xss-protection
0
last-modified
Sun, 07 Feb 2021 23:39:33 GMT
server
sffe
date
Wed, 17 Mar 2021 22:24:56 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Mar 2022 22:24:56 GMT
csi
csi.gstatic.com/ Frame 8A6C 		0
54 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~kmguqq6s&ctx=3&gqid=YiBVYPuUOc-X-wby25XYCQ&qqid=CP_Ht-uuve8CFdQAGwodL3UD7A&met.7=CB8QCBgBMD44hQFAA0gDUANYOGADaBBwOXjhrAOAAcKgA4gByaEWsAEBuAED~CBwQChgBIF4oXjBlOAdoX3BleMYbgAHHGYgBj0SwAQG4AQM~CBwQChgBIF4oXjBnOAloX3BmeIVGgAGjRYgBsLMBsAEBuAED~CB8QChgBIF4oXjBpOAtoX3BneOSDA4AB_IIDiAG20QuwAQG4AQM~CB8QBhgBIIUBKIUBMIwBOAdohgFwjAF46xaAAZEWiAGRFrABAbgBAw~CB8QBhgBIJcBKJcBMJ4BOAdolwFwngF42yGAAdcViAHXFbABAbgBAw~CBgQChgBIJkBKJkBMKEBOAhomQFwoAF4sqUBgAGhowGIAZuvA7ABAbgBAw~CCcQChgBIJkBKJkBMKEBOAc~CB8QBhgBIJ8BKJ8BMKYBOAdonwFwpQF4vBaAAeoViAHqFbABAbgBAw
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400f:806::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 19 Mar 2021 22:06:27 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 08FA 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/221/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://appleinsider.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://appleinsider.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4984
date
Fri, 19 Mar 2021 17:36:09 GMT
expires
Sat, 19 Mar 2022 17:36:09 GMT
last-modified
Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
16218
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_204
pagead2.googlesyndication.com/pagead/ Frame 477A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=reportingobserver&qqid=CP_Ht-uuve8CFdQAGwodL3UD7A&c=0&t=csp-violation&ln=1&cn=0&src=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Mar 2021 22:06:27 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 477A 		0
331 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~kmguqq74&ctx=2&gqid=YiBVYPuUOc-X-wby25XYCQ&qqid=CP_Ht-uuve8CFdQAGwodL3UD7A&met.4=fb.cy~cmrload.do~lb.fg~ol.gz~bdt.-l8~bpp.-26~idt.-i~dtd.-2~dt.-2p&met.3=739.fg~736.fm~735.fr_1~740.ft~740.fu~740.fu~738.gz~740.h9~740.hb~740.jo~113.jx_3~112.jw_4&met.1=1.kmguqpn8~6.1~7.1~8.2~9.2~10.y~11.2~12.e~13.cs~14.cv~15.cv~16.fg~17.fg~18.fg~19.gz~20.gz~21.h0~22.dh~23.fn&met.7=CAUQCBgBMM8DOOMEQAFIAVABWCJgAWgOcMwDeJaXAoAB944CiAGZ7AWwAQG4AQM~CBwQChgBINUDKNUDMN0DOAho1gNw3QN4pziAAdA3iAHiiQGwAQG4AQM~CBwQChgBINUDKNUDMN4DOAlo1gNw3QN47QqAAZcKiAHRE7ABAbgBAw~CCoQChgBINUDKNUDMIgEODM~CBwQChgBINUDKNUDMNwDOAdo1gNw3AN4py-AAecuiAGta7ABAbgBAw~CBsQBhgBINYDKNYDMOQDOA8~CB8QBRgBIN0DKN0DMJwEOD5A4ANI4QNQ4QNYlQRg4QNo7gNwlgR44awDgAHCoAOIAcmhFrABAbgBAw~CCEQBBgBIN8DKN8DMIsEOCxo4ANwigR4NbABAbgBAw~CCgQBRgBIOcDKOcDMO8DOAho6ANw7gN43AGAAZEBiAGPAbABAbgBAw~CBwQBRgBIOgDKOgDMOwDOAQ~CBwYASDrAyjrAzC3BDhMQOsDSOsDUOsDWI0EYOsDaI0EcLYEeLEDsAEBuAED~CCgQChgBIPIEKPIEMIwFOBpo8gRwiwV4v6QBgAGhowGIAZuvA7ABAbgBAw
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400f:806::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 19 Mar 2021 22:06:27 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
b5.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12488987712501309954/728x90_Crypto_CYSEC/images/ Frame 8A6C 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12488987712501309954/728x90_Crypto_CYSEC/images/b5.png?1612705245660
Requested by
Host: appleinsider.com
URL: https://appleinsider.com/articles/21/02/26/hacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd0bdd24280f8b22eb04178ebcb13bcd3ca6e8556a8de013645984074fd6519a
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
180744
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2761
x-xss-protection
0
last-modified
Sun, 07 Feb 2021 23:39:33 GMT
server
sffe
date
Wed, 17 Mar 2021 19:54:03 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Mar 2022 19:54:03 GMT
circuitos.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12488987712501309954/728x90_Crypto_CYSEC/images/ Frame 8A6C 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12488987712501309954/728x90_Crypto_CYSEC/images/circuitos.png?1612705245660
Requested by
Host: appleinsider.com
URL: https://appleinsider.com/articles/21/02/26/hacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aed9fe2b609631c6841e9319489de8c42a054b5e8fb8c39352d27ca8d166943a
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
174242
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20248
x-xss-protection
0
last-modified
Sun, 07 Feb 2021 23:39:33 GMT
server
sffe
date
Wed, 17 Mar 2021 21:42:25 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Mar 2022 21:42:25 GMT
Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js
pagead2.googlesyndication.com/bg/ Frame 08FA 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ed9e68daec65b2fde80938f332c6813249b5261d1b158b5703574e2c34a14c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 10:03:59 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 15 Mar 2021 13:45:00 GMT
server
sffe
age
43348
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5785
x-xss-protection
0
expires
Sat, 19 Mar 2022 10:03:59 GMT
fondo970.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12488987712501309954/728x90_Crypto_CYSEC/images/ Frame 8A6C 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12488987712501309954/728x90_Crypto_CYSEC/images/fondo970.jpg?1612705245660
Requested by
Host: appleinsider.com
URL: https://appleinsider.com/articles/21/02/26/hacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
78dbc9cd19dd5259ac28d72cb3d37a550984ea3193f0c8a6d069d21e0431dd3f
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
549143
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6319
x-xss-protection
0
last-modified
Sun, 07 Feb 2021 23:39:33 GMT
server
sffe
date
Sat, 13 Mar 2021 13:34:04 GMT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 13 Mar 2022 13:34:04 GMT
notebook.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12488987712501309954/728x90_Crypto_CYSEC/images/ Frame 8A6C 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12488987712501309954/728x90_Crypto_CYSEC/images/notebook.png?1612705245660
Requested by
Host: appleinsider.com
URL: https://appleinsider.com/articles/21/02/26/hacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9253810d1bec934a4f882c5f0023d4728b7c4f188face11cef590230d4763eb8
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
549143
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4984
x-xss-protection
0
last-modified
Sun, 07 Feb 2021 23:39:33 GMT
server
sffe
date
Sat, 13 Mar 2021 13:34:04 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 13 Mar 2022 13:34:04 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 2118 		139 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.28&th=8645007496&tagKey=3706711333&site=appleinsider&adSpace=ros&center=1&env=display&size=300x250&busted=1&url=https%3A%2F%2Fappleinsider.com%2Farticles%2F21%2F02%2F26%2Fhacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500&f=1&p=11506901&tKey=aQmneMQPJB3tBq1WZbLmdPNSS38QMeLBN&a=5&adContainerId=richmedia_6&rnd=11508579
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
760943c5458d877bf9b8cb655c079df027c5f4d0814a7d39968101bbd5d36016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49851
x-xss-protection
0
server
cafe
etag
10627910760205795077
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 19 Mar 2021 22:06:27 GMT
truncated
/ Frame 2118 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6870a4e15d2e7022e0be24c3851da9993b67a5176cfe7165e0e7272a68ca133d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
plataformaCOIN.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12488987712501309954/728x90_Crypto_CYSEC/images/ Frame 8A6C 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/12488987712501309954/728x90_Crypto_CYSEC/images/plataformaCOIN.png?1612705245660
Requested by
Host: appleinsider.com
URL: https://appleinsider.com/articles/21/02/26/hacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8220d81d935da596097a07d0b0fb1152c7ab8367345ea4e59746890096b07761
Security Headers
Name Value
Content-Security-Policy default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options
nosniff
age
170671
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6260
x-xss-protection
0
last-modified
Sun, 07 Feb 2021 23:39:33 GMT
server
sffe
date
Wed, 17 Mar 2021 22:41:56 GMT
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Mar 2022 22:41:56 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210316/r20190131/ Frame 2118 		226 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210316/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2892341250670811&plah=appleinsider.com&amaexp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
76de05ef38c3493027e88617f808b48e1683e54a4e2989862d1afc85933f01eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
86501
x-xss-protection
0
server
cafe
etag
16342648926818324530
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 19 Mar 2021 22:06:27 GMT
container.html
7248aea1662551ce2c5b3fc70bfff856.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame B2F1 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://7248aea1662551ce2c5b3fc70bfff856.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
7248aea1662551ce2c5b3fc70bfff856.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-37/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://appleinsider.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://appleinsider.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
2973
date
Fri, 19 Mar 2021 22:06:25 GMT
expires
Sat, 19 Mar 2022 22:06:25 GMT
last-modified
Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
2
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2118 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ins_no_ifr&sf=true
Requested by
Host: appleinsider.com
URL: https://appleinsider.com/articles/21/02/26/hacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Mar 2021 22:06:27 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ Frame 2118 		12 B
199 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=appleinsider.com&callback=_gfp_s_&client=ca-pub-2892341250670811&cookie=ID%3D06a4eaed7430a784-22351c0ed5ba0033%3AT%3D1616191585%3AS%3DALNI_MbvdyYlthAWt6y8LWCaQJ45xTTQMg
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210316/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2892341250670811&plah=appleinsider.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame 2118 		107 B
777 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=appleinsider.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210316/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2892341250670811&plah=appleinsider.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 19 Mar 2021 22:06:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 2118 		107 B
146 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=appleinsider.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210316/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2892341250670811&plah=appleinsider.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 19 Mar 2021 22:06:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame D99E 		59 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2892341250670811&output=html&h=250&slotname=3169902014&adk=330464824&adf=3248438070&pi=t.ma~as.3169902014&w=300&psa=0&format=300x250&url=https%3A%2F%2Fappleinsider.com%2Farticles%2F21%2F02%2F26%2Fhacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500&ea=0&flash=0&wgl=1&dt=1616191587717&bpp=1&bdt=642&idt=154&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3D06a4eaed7430a784-22351c0ed5ba0033%3AT%3D1616191585%3AS%3DALNI_MbvdyYlthAWt6y8LWCaQJ45xTTQMg&correlator=6820821975866&frm=23&ife=4&pv=1&ga_vid=1444797335.1616191588&ga_sid=1616191588&ga_hid=1876596505&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1103&ady=1161&biw=1600&bih=1200&isw=300&ish=250&ifk=1834859746&scr_x=0&scr_y=0&eid=44736524%2C44739387&oid=3&pvsid=4343791204405116&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.3m3cfz4yhsyd&fsb=1&dtd=161
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210316/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2892341250670811&plah=appleinsider.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e0381bf6144d8fc893ff00dc28935e0b600aaae38704b5be266960c520b09036
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-2892341250670811&output=html&h=250&slotname=3169902014&adk=330464824&adf=3248438070&pi=t.ma~as.3169902014&w=300&psa=0&format=300x250&url=https%3A%2F%2Fappleinsider.com%2Farticles%2F21%2F02%2F26%2Fhacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500&ea=0&flash=0&wgl=1&dt=1616191587717&bpp=1&bdt=642&idt=154&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3D06a4eaed7430a784-22351c0ed5ba0033%3AT%3D1616191585%3AS%3DALNI_MbvdyYlthAWt6y8LWCaQJ45xTTQMg&correlator=6820821975866&frm=23&ife=4&pv=1&ga_vid=1444797335.1616191588&ga_sid=1616191588&ga_hid=1876596505&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1103&ady=1161&biw=1600&bih=1200&isw=300&ish=250&ifk=1834859746&scr_x=0&scr_y=0&eid=44736524%2C44739387&oid=3&pvsid=4343791204405116&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.3m3cfz4yhsyd&fsb=1&dtd=161
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://appleinsider.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
DSID=NO_DATA; IDE=AHWqTUl7sSD16K_UaLe-_U6OFSgZzbf2cvPX5vSyL60bPTuWqaF29ZscVVY0sMoLVT0; test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://appleinsider.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 19 Mar 2021 22:06:28 GMT
server
cafe
content-length
23172
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ Frame 2118 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210316/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2892341250670811&plah=appleinsider.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca625f204331905abf3b4d86a89dfb9799c63771723b9b15c5b54c1f9fb2b83c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1615980824644616"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28204
x-xss-protection
0
expires
Fri, 19 Mar 2021 22:06:27 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012101070013000/ Frame E61E 		185 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2892341250670811&output=html&h=250&slotname=3169902014&adk=332698300&adf=432074505&pi=t.ma~as.3169902014&w=300&psa=0&format=300x250&url=https%3A%2F%2Fappleinsider.com%2Farticles%2F21%2F02%2F26%2Fhacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500&ea=0&flash=0&wgl=1&dt=1616191587262&bpp=2&bdt=595&idt=66&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3D6ddf312c3325c223-224230e9d5ba0063%3AT%3D1616191585%3AS%3DALNI_MZvLbSGq7W1MgXCMdujphbmx0XEcA&correlator=6820821975866&frm=23&ife=4&pv=1&ga_vid=1305290599.1616191587&ga_sid=1616191587&ga_hid=380335203&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1103&ady=1960&biw=1600&bih=1200&isw=300&ish=250&ifk=2566836725&scr_x=0&scr_y=0&eid=44735931%2C44739387&oid=3&pvsid=2386061136761195&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.5t0m5vyp89u8&btvi=1&fsb=1&dtd=73
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0812a00aee80133b732c5cb2e0362ee2a52ae9f50c126d43e73f98163db9711f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
209791
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
53820
x-xss-protection
0
server
sffe
date
Wed, 17 Mar 2021 11:49:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"ee5348f2de7cdf64"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Mar 2022 11:49:56 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012101070013000/v0/ Frame E61E 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012101070013000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2892341250670811&output=html&h=250&slotname=3169902014&adk=332698300&adf=432074505&pi=t.ma~as.3169902014&w=300&psa=0&format=300x250&url=https%3A%2F%2Fappleinsider.com%2Farticles%2F21%2F02%2F26%2Fhacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500&ea=0&flash=0&wgl=1&dt=1616191587262&bpp=2&bdt=595&idt=66&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3D6ddf312c3325c223-224230e9d5ba0063%3AT%3D1616191585%3AS%3DALNI_MZvLbSGq7W1MgXCMdujphbmx0XEcA&correlator=6820821975866&frm=23&ife=4&pv=1&ga_vid=1305290599.1616191587&ga_sid=1616191587&ga_hid=380335203&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1103&ady=1960&biw=1600&bih=1200&isw=300&ish=250&ifk=2566836725&scr_x=0&scr_y=0&eid=44735931%2C44739387&oid=3&pvsid=2386061136761195&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.5t0m5vyp89u8&btvi=1&fsb=1&dtd=73
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
981f6ac4a0eed80f6a40eef39d86ce7876f6e360d8b3a2f57f2617bb12895dc3
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
209791
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4559
x-xss-protection
0
server
sffe
date
Wed, 17 Mar 2021 11:49:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"c3a321a15743f406"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Mar 2022 11:49:56 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012101070013000/v0/ Frame E61E 		87 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012101070013000/v0/amp-analytics-0.1.mjs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2892341250670811&output=html&h=250&slotname=3169902014&adk=332698300&adf=432074505&pi=t.ma~as.3169902014&w=300&psa=0&format=300x250&url=https%3A%2F%2Fappleinsider.com%2Farticles%2F21%2F02%2F26%2Fhacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500&ea=0&flash=0&wgl=1&dt=1616191587262&bpp=2&bdt=595&idt=66&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3D6ddf312c3325c223-224230e9d5ba0063%3AT%3D1616191585%3AS%3DALNI_MZvLbSGq7W1MgXCMdujphbmx0XEcA&correlator=6820821975866&frm=23&ife=4&pv=1&ga_vid=1305290599.1616191587&ga_sid=1616191587&ga_hid=380335203&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1103&ady=1960&biw=1600&bih=1200&isw=300&ish=250&ifk=2566836725&scr_x=0&scr_y=0&eid=44735931%2C44739387&oid=3&pvsid=2386061136761195&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.5t0m5vyp89u8&btvi=1&fsb=1&dtd=73
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c4024d5169b2506f3421052b45f5d66154de796baf2443d9326ac40107ce5cfb
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
209791
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27206
x-xss-protection
0
server
sffe
date
Wed, 17 Mar 2021 11:49:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"1f991b6a8daa2b14"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Mar 2022 11:49:56 GMT
amp-animation-0.1.mjs
cdn.ampproject.org/rtv/012101070013000/v0/ Frame E61E 		70 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012101070013000/v0/amp-animation-0.1.mjs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2892341250670811&output=html&h=250&slotname=3169902014&adk=332698300&adf=432074505&pi=t.ma~as.3169902014&w=300&psa=0&format=300x250&url=https%3A%2F%2Fappleinsider.com%2Farticles%2F21%2F02%2F26%2Fhacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500&ea=0&flash=0&wgl=1&dt=1616191587262&bpp=2&bdt=595&idt=66&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3D6ddf312c3325c223-224230e9d5ba0063%3AT%3D1616191585%3AS%3DALNI_MZvLbSGq7W1MgXCMdujphbmx0XEcA&correlator=6820821975866&frm=23&ife=4&pv=1&ga_vid=1305290599.1616191587&ga_sid=1616191587&ga_hid=380335203&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1103&ady=1960&biw=1600&bih=1200&isw=300&ish=250&ifk=2566836725&scr_x=0&scr_y=0&eid=44735931%2C44739387&oid=3&pvsid=2386061136761195&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.5t0m5vyp89u8&btvi=1&fsb=1&dtd=73
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2ba791631934e793b9b3e99d3dc1359dcfe6dd228bf9ea807b8e89b7529f9ba6
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
384422
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16397
x-xss-protection
0
server
sffe
date
Mon, 15 Mar 2021 11:19:25 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"2ccf127281514232"
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 15 Mar 2022 11:19:25 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012101070013000/v0/ Frame E61E 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012101070013000/v0/amp-fit-text-0.1.mjs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2892341250670811&output=html&h=250&slotname=3169902014&adk=332698300&adf=432074505&pi=t.ma~as.3169902014&w=300&psa=0&format=300x250&url=https%3A%2F%2Fappleinsider.com%2Farticles%2F21%2F02%2F26%2Fhacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500&ea=0&flash=0&wgl=1&dt=1616191587262&bpp=2&bdt=595&idt=66&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3D6ddf312c3325c223-224230e9d5ba0063%3AT%3D1616191585%3AS%3DALNI_MZvLbSGq7W1MgXCMdujphbmx0XEcA&correlator=6820821975866&frm=23&ife=4&pv=1&ga_vid=1305290599.1616191587&ga_sid=1616191587&ga_hid=380335203&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1103&ady=1960&biw=1600&bih=1200&isw=300&ish=250&ifk=2566836725&scr_x=0&scr_y=0&eid=44735931%2C44739387&oid=3&pvsid=2386061136761195&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.5t0m5vyp89u8&btvi=1&fsb=1&dtd=73
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c7fa743da4cd37829cd0e7c02e877f094400036be87c8e1fd9d2c3f5f68a8fa5
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
209791
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1376
x-xss-protection
0
server
sffe
date
Wed, 17 Mar 2021 11:49:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"512b909f94eb26fb"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Mar 2022 11:49:56 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012101070013000/v0/ Frame E61E 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012101070013000/v0/amp-form-0.1.mjs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2892341250670811&output=html&h=250&slotname=3169902014&adk=332698300&adf=432074505&pi=t.ma~as.3169902014&w=300&psa=0&format=300x250&url=https%3A%2F%2Fappleinsider.com%2Farticles%2F21%2F02%2F26%2Fhacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500&ea=0&flash=0&wgl=1&dt=1616191587262&bpp=2&bdt=595&idt=66&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3D6ddf312c3325c223-224230e9d5ba0063%3AT%3D1616191585%3AS%3DALNI_MZvLbSGq7W1MgXCMdujphbmx0XEcA&correlator=6820821975866&frm=23&ife=4&pv=1&ga_vid=1305290599.1616191587&ga_sid=1616191587&ga_hid=380335203&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1103&ady=1960&biw=1600&bih=1200&isw=300&ish=250&ifk=2566836725&scr_x=0&scr_y=0&eid=44735931%2C44739387&oid=3&pvsid=2386061136761195&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.5t0m5vyp89u8&btvi=1&fsb=1&dtd=73
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
194a2819816bb760d4c5ba2ba825cf1926b853c821842697c3024ec74a36f66c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
209791
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12793
x-xss-protection
0
server
sffe
date
Wed, 17 Mar 2021 11:49:56 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"1e3ef417618f7e28"
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Mar 2022 11:49:56 GMT
css
fonts.googleapis.com/ Frame E61E 		1015 B
534 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poppins:500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2892341250670811&output=html&h=250&slotname=3169902014&adk=332698300&adf=432074505&pi=t.ma~as.3169902014&w=300&psa=0&format=300x250&url=https%3A%2F%2Fappleinsider.com%2Farticles%2F21%2F02%2F26%2Fhacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500&ea=0&flash=0&wgl=1&dt=1616191587262&bpp=2&bdt=595&idt=66&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3D6ddf312c3325c223-224230e9d5ba0063%3AT%3D1616191585%3AS%3DALNI_MZvLbSGq7W1MgXCMdujphbmx0XEcA&correlator=6820821975866&frm=23&ife=4&pv=1&ga_vid=1305290599.1616191587&ga_sid=1616191587&ga_hid=380335203&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1103&ady=1960&biw=1600&bih=1200&isw=300&ish=250&ifk=2566836725&scr_x=0&scr_y=0&eid=44735931%2C44739387&oid=3&pvsid=2386061136761195&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.5t0m5vyp89u8&btvi=1&fsb=1&dtd=73
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b07bd6568b3e77539af2d0279bf4f3796424a97efee11a1d53ff702c5ae95373
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 19 Mar 2021 20:32:52 GMT
server
ESF
date
Fri, 19 Mar 2021 22:06:27 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 19 Mar 2021 22:06:27 GMT
css
fonts.googleapis.com/ Frame E61E 		10 KB
841 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,900,300,400
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2892341250670811&output=html&h=250&slotname=3169902014&adk=332698300&adf=432074505&pi=t.ma~as.3169902014&w=300&psa=0&format=300x250&url=https%3A%2F%2Fappleinsider.com%2Farticles%2F21%2F02%2F26%2Fhacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500&ea=0&flash=0&wgl=1&dt=1616191587262&bpp=2&bdt=595&idt=66&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3D6ddf312c3325c223-224230e9d5ba0063%3AT%3D1616191585%3AS%3DALNI_MZvLbSGq7W1MgXCMdujphbmx0XEcA&correlator=6820821975866&frm=23&ife=4&pv=1&ga_vid=1305290599.1616191587&ga_sid=1616191587&ga_hid=380335203&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1103&ady=1960&biw=1600&bih=1200&isw=300&ish=250&ifk=2566836725&scr_x=0&scr_y=0&eid=44735931%2C44739387&oid=3&pvsid=2386061136761195&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.5t0m5vyp89u8&btvi=1&fsb=1&dtd=73
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6126f659fda95d8b8e4aa98fa249da5f56d78f108ace1807d18593645e6a3dfa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 19 Mar 2021 21:54:36 GMT
server
ESF
date
Fri, 19 Mar 2021 22:06:27 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 19 Mar 2021 22:06:27 GMT
truncated
/ Frame E61E 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cb61467facf9663317770c8e7283f8d177fef1029a791a2cc5719264e941a03b

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E61E 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2892341250670811&output=html&h=250&slotname=3169902014&adk=332698300&adf=432074505&pi=t.ma~as.3169902014&w=300&psa=0&format=300x250&url=https%3A%2F%2Fappleinsider.com%2Farticles%2F21%2F02%2F26%2Fhacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500&ea=0&flash=0&wgl=1&dt=1616191587262&bpp=2&bdt=595&idt=66&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3D6ddf312c3325c223-224230e9d5ba0063%3AT%3D1616191585%3AS%3DALNI_MZvLbSGq7W1MgXCMdujphbmx0XEcA&correlator=6820821975866&frm=23&ife=4&pv=1&ga_vid=1305290599.1616191587&ga_sid=1616191587&ga_hid=380335203&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1103&ady=1960&biw=1600&bih=1200&isw=300&ish=250&ifk=2566836725&scr_x=0&scr_y=0&eid=44735931%2C44739387&oid=3&pvsid=2386061136761195&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.5t0m5vyp89u8&btvi=1&fsb=1&dtd=73
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 19 Mar 2021 20:46:55 GMT
x-content-type-options
nosniff
server
cafe
age
4772
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Sat, 20 Mar 2021 20:46:55 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E61E 		295 B
389 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2892341250670811&output=html&h=250&slotname=3169902014&adk=332698300&adf=432074505&pi=t.ma~as.3169902014&w=300&psa=0&format=300x250&url=https%3A%2F%2Fappleinsider.com%2Farticles%2F21%2F02%2F26%2Fhacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500&ea=0&flash=0&wgl=1&dt=1616191587262&bpp=2&bdt=595&idt=66&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3D6ddf312c3325c223-224230e9d5ba0063%3AT%3D1616191585%3AS%3DALNI_MZvLbSGq7W1MgXCMdujphbmx0XEcA&correlator=6820821975866&frm=23&ife=4&pv=1&ga_vid=1305290599.1616191587&ga_sid=1616191587&ga_hid=380335203&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1103&ady=1960&biw=1600&bih=1200&isw=300&ish=250&ifk=2566836725&scr_x=0&scr_y=0&eid=44735931%2C44739387&oid=3&pvsid=2386061136761195&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.5t0m5vyp89u8&btvi=1&fsb=1&dtd=73
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 18 Mar 2021 22:17:05 GMT
x-content-type-options
nosniff
server
cafe
age
85762
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 19 Mar 2021 22:17:05 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame E61E 		0
21 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CTvUIYyBVYMDKFcaJlgT7tRP0_6XzYe6nlNCnDd_k2b7IIhABIKbi9AFglYq4gsgHoAG-g4ejA8gBCagDAcgDCKoElQJP0LWJz0tbYwEhTD23eHuNJIbwg9IKv3kDWBd3Q1IbTUPYTWLKVle9p1FzRBegHy7Xz2_Pf_qMrEVK-Vbnf0dw5HoROJw9uHcqEtYRO6UMMBeWxxGhI_0au1exXeZkCtNVmMbRILa24p508NoSwxx9kwnTSOsRsDzePOXIQRMrbm7oIFCZP-3v51nWfw9JNeWw-PfEsm0cp8hYHRfBH4KtCl8jWPV5X2TDK9uAs59wkGrIdALPatKBikaxbgohLhHaOs30nLo5lrpOlezxmq4mmaboEmo18O3n30OISGrAHDmJKkZOCqdmTT9CDGFlH725soUvtg2THFEpdRXVQpCNOB-vJN_DejOlsb7E6Bko8QJQDRQ5wASIornG0gOSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAHqvz4XKgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBCxoy_SCAkIgOGAEBABGB-ACgHICwHYEwKIFAKyFxoKGAgAEhRwdWItMjg5MjM0MTI1MDY3MDgxMQ&sigh=Q9TxQBV_v00&template_id=419&tpd=AGWhJmv2yZM23c2j2XgQkTBc2QZo1cJwPFw-ofK8LLUtS4_sBg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2892341250670811&output=html&h=250&slotname=3169902014&adk=332698300&adf=432074505&pi=t.ma~as.3169902014&w=300&psa=0&format=300x250&url=https%3A%2F%2Fappleinsider.com%2Farticles%2F21%2F02%2F26%2Fhacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500&ea=0&flash=0&wgl=1&dt=1616191587262&bpp=2&bdt=595&idt=66&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3D6ddf312c3325c223-224230e9d5ba0063%3AT%3D1616191585%3AS%3DALNI_MZvLbSGq7W1MgXCMdujphbmx0XEcA&correlator=6820821975866&frm=23&ife=4&pv=1&ga_vid=1305290599.1616191587&ga_sid=1616191587&ga_hid=380335203&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1103&ady=1960&biw=1600&bih=1200&isw=300&ish=250&ifk=2566836725&scr_x=0&scr_y=0&eid=44735931%2C44739387&oid=3&pvsid=2386061136761195&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.5t0m5vyp89u8&btvi=1&fsb=1&dtd=73
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2892341250670811&output=html&h=250&slotname=3169902014&adk=332698300&adf=432074505&pi=t.ma~as.3169902014&w=300&psa=0&format=300x250&url=https%3A%2F%2Fappleinsider.com%2Farticles%2F21%2F02%2F26%2Fhacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500&ea=0&flash=0&wgl=1&dt=1616191587262&bpp=2&bdt=595&idt=66&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3D6ddf312c3325c223-224230e9d5ba0063%3AT%3D1616191585%3AS%3DALNI_MZvLbSGq7W1MgXCMdujphbmx0XEcA&correlator=6820821975866&frm=23&ife=4&pv=1&ga_vid=1305290599.1616191587&ga_sid=1616191587&ga_hid=380335203&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1103&ady=1960&biw=1600&bih=1200&isw=300&ish=250&ifk=2566836725&scr_x=0&scr_y=0&eid=44735931%2C44739387&oid=3&pvsid=2386061136761195&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.5t0m5vyp89u8&btvi=1&fsb=1&dtd=73
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Fri, 19 Mar 2021 22:06:27 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
9dd183e9c9e49014791a5ff2d40a2bb5.jpg
tpc.googlesyndication.com/sadbundle/9777568179225911899/media/ Frame E61E 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/9777568179225911899/media/9dd183e9c9e49014791a5ff2d40a2bb5.jpg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2892341250670811&output=html&h=250&slotname=3169902014&adk=332698300&adf=432074505&pi=t.ma~as.3169902014&w=300&psa=0&format=300x250&url=https%3A%2F%2Fappleinsider.com%2Farticles%2F21%2F02%2F26%2Fhacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500&ea=0&flash=0&wgl=1&dt=1616191587262&bpp=2&bdt=595&idt=66&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3D6ddf312c3325c223-224230e9d5ba0063%3AT%3D1616191585%3AS%3DALNI_MZvLbSGq7W1MgXCMdujphbmx0XEcA&correlator=6820821975866&frm=23&ife=4&pv=1&ga_vid=1305290599.1616191587&ga_sid=1616191587&ga_hid=380335203&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1103&ady=1960&biw=1600&bih=1200&isw=300&ish=250&ifk=2566836725&scr_x=0&scr_y=0&eid=44735931%2C44739387&oid=3&pvsid=2386061136761195&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.5t0m5vyp89u8&btvi=1&fsb=1&dtd=73
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1cfa4722d859ed9c23c266c38ff695c42c58ab322ac295f71a555c060ddbf3f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 14 Mar 2021 08:14:43 GMT
x-content-type-options
nosniff
age
481904
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12065
x-xss-protection
0
last-modified
Thu, 14 Jan 2021 13:15:34 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 14 Mar 2022 08:14:43 GMT
c3e704e3884e4071340e10ef3fe53bb4.png
tpc.googlesyndication.com/sadbundle/9777568179225911899/media/ Frame E61E 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/9777568179225911899/media/c3e704e3884e4071340e10ef3fe53bb4.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2892341250670811&output=html&h=250&slotname=3169902014&adk=332698300&adf=432074505&pi=t.ma~as.3169902014&w=300&psa=0&format=300x250&url=https%3A%2F%2Fappleinsider.com%2Farticles%2F21%2F02%2F26%2Fhacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500&ea=0&flash=0&wgl=1&dt=1616191587262&bpp=2&bdt=595&idt=66&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3D6ddf312c3325c223-224230e9d5ba0063%3AT%3D1616191585%3AS%3DALNI_MZvLbSGq7W1MgXCMdujphbmx0XEcA&correlator=6820821975866&frm=23&ife=4&pv=1&ga_vid=1305290599.1616191587&ga_sid=1616191587&ga_hid=380335203&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1103&ady=1960&biw=1600&bih=1200&isw=300&ish=250&ifk=2566836725&scr_x=0&scr_y=0&eid=44735931%2C44739387&oid=3&pvsid=2386061136761195&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.5t0m5vyp89u8&btvi=1&fsb=1&dtd=73
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bcac4d62c8c5688db1aed2bc7461df4e0c8db673fb204efb2bb64ba48a22d79d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 14 Mar 2021 08:14:43 GMT
x-content-type-options
nosniff
age
481904
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2368
x-xss-protection
0
last-modified
Thu, 14 Jan 2021 13:15:34 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 14 Mar 2022 08:14:43 GMT
truncated
/ Frame E61E 		325 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
facdac93f2611a381e216862be3c314c5e9a07f741cb91afcc31a67646dfaf96

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/svg+xml
pixel
googleads.g.doubleclick.net/xbbe/ Frame B8C5 		478 B
336 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNOuLBComsQBGLvG_J0BMAE&v=APEucNW1Xw_hQEtw18qfwWaAyu6HGxCG5pyXvywrSIfLs3b6Bsdy1mpJihKir4uM_GI42wygkgQTRIC7WpjQs3iDb3_Z5_xbCw
Requested by
Host: 7248aea1662551ce2c5b3fc70bfff856.safeframe.googlesyndication.com
URL: https://7248aea1662551ce2c5b3fc70bfff856.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/xbbe/pixel?d=CNOuLBComsQBGLvG_J0BMAE&v=APEucNW1Xw_hQEtw18qfwWaAyu6HGxCG5pyXvywrSIfLs3b6Bsdy1mpJihKir4uM_GI42wygkgQTRIC7WpjQs3iDb3_Z5_xbCw
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://7248aea1662551ce2c5b3fc70bfff856.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
DSID=NO_DATA; IDE=AHWqTUl7sSD16K_UaLe-_U6OFSgZzbf2cvPX5vSyL60bPTuWqaF29ZscVVY0sMoLVT0; test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://7248aea1662551ce2c5b3fc70bfff856.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Fri, 19 Mar 2021 22:06:27 GMT
server
cafe
cache-control
private
content-length
230
x-xss-protection
0
set-cookie
test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 19 Mar 2021 22:06:27 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame B2F1 		39 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AFq3TSXhVAPM0Bv332nwBEVwuSATpSDpaNpJaEIfkVbtA4ND5Zqmgp8GNS2ECmEbG83CwFxBxT0N3FlVjsu_g5pQqS8tHfXyLGpgqUtF_9P2m0fHRbWltVmNnufedV8Xtyinj3SIxrONirOBg7vbl57RO6Mg&dbm_d=AKAmf-CK311pZRKvorVCQXTkMl6pnAYKohMHPXgKqVvYQEFKlnKurZz2ICylShN_a_qhWQyR7KWYDtIneef8Ougx_d8dnk8W43wt57duaHoTnZiKAfhgOvUjG30YpkpOaSERIaTGT0WpstaaI_rZunpy1lfK64B8a1j2kufWn8VvztwdohQmN3qjghmZKHShd4OFoUsqdmSgXKK-AmTMYsRnEMeNOSDHyXimgHeuJTwhzk2n7xMtz9x9VKGGl9E-jc0FYu9DP4eT4TPeYt3vMrb7I-hcEbfCo44P9rCdOhk_lwW1UGr2V-zWkHFCekeHFnyMbWQ8ZvgASnr0EPHRsb5ZqsyYDwwGw__Co2F0eP8ynvmZLl03yRjuPiMtmrhMM7h_E9PxGuDCVKsyFt-In4x428uIG8Dumr7hY9cvziv02_WEKGZ8P6LhA2KkorJxAmu-Foa25ah1Qf2bPIdGUEb52qThaYu1ahcX5kHSsBqpJBEqKO1v3XD0MmX8UXsNPonoq-FQn7PbEATa2UALUsdjb1rvSi6ICVKeGdTrl0tLya_8NRKhiePG2lirllXqTD28cohjb_UmIYmyoYqW-WfISLTLQm3dZqkWqQN83vAIXj_QpQdjlpt2dXs8EnTlsFu7FG5nhemL1MZ0dagDMp4Cb7hASMqHy8H9dpDMjdOrUqAHaENGZTSYUspHFz_4P38L1GpzyoLnlv21UqVWtw2yhMF1C9XAljV1cGFPgqIIwoMGwL8TmnV-XFLcgQjIzqKwjJMBedBUhEMBpcW3n5T0Un8zcHJpuEeAj3M8pzEkDk1qBx9bnTxnIbuwWCTjkf4HP-Zc6Xz-d7iINFwCrxQOjL15AiDO2Qa57ees5AwTgk35ta4yNZjNknK_ZYMKPW2AmVJJjGlDVyBwmayRkSbUE7ge7hDVMUuPBAIuoXWneB4lARg6vxqx7NdcOH-SbxD09OiVkkKjURI49Bj5gzCRXbEm1ksgmHaZt1ZIwBSaMXIPcimXg73f4b438wNdKCQoZsAMwcjK-Xl7s34BdWVn1Q-DrLmNjq4aqvtFggoDh06aYVh83vEzM1T3jeb-odtDtXz2cn8hzEF7R2hxgFTPDzRteVeouALmzw1QOXt43mJlhG-5DQSwz8RT4uN3GwhPWUw4uTXSUeZitkXcPl0ep03CciyQAqe8_hUWxiLJhM5idBdffxdGNrr64mV6ZuJfPqgU-fPZt1Hu6IsW4hvLBmtTBDz_2eTXHnNWo9dQGKoziVP3_CtovcRWK11n31Q-tDblnlCJb8ufLAGnY0X8DurMifARY4-5t6TutflS0H5nvtWbwf8GvGEymColPg1EK4nytq1c9FTo5R02yYVqd0HLQgUsad4zeoMSGbvopMaqLCBI31FoA927-FBHe5fr_fgLcR6VQVaIMkXHhmiU84SW0A3FewRfdLkY-yMAeIJTUsAMIJyu5kgngFg73qSfHnVB9PAmgm3Cf_S4_VjqETED8piCrhbrTn-CX1bvYaRyuXH6pfnmVWOwQilho4HU0AyhYxCLHMSvuvaTFoMcjq_VdNQlCqNoPpl7tiv1qEtrPss-GXxVFT6QsjzX8QdX8hV3s4ccPb1dyV8kbQzM_vffV5eCR2-VWzv5FAgu6T5QukWQNyedDvqgUm4TubTIwMovV1EOXPGJY-YXCLdH15hxPOLszS05mE69W-6dOJaaBQHPlOAqrhBfpOst5T6fLDVjwUQp-B9G1pRH-xUTv2rIW_StJ6oKe7Nbk0FpkhBy1AsEkseweRpKOAgQKunMfFsgonf4bPnFrJWAIv4MjvrbCee_sZqxriUDmpL026AGJPkfwfQ630K2O4JvouNvXksdZR7cfqRc223yc12YLvuV16S-Ag44dn4dK92-v5r4oN4zQk1mV0ZV_f60yihsIuVxWHpZsq7uXFhvQ51WGJOHgWj99DzKDWN6CwsBpMGGqlnmtYutnrFy9algo3eDQZrr21lI2Yq-InFERxj8hcmvKFXQwOuH5eHtAsguidKHOuUHcy_gfsI5GzWvUk67ad2riLT7ECkHhTfB2dPqOLer0hx4cXHZ26uN8TUapDg_KhMppHchid_xMNCOHbJtx-RS5TFd6J_Dr9PP-SUUJhqF5u-TlEC_TtL1B6oroiQkvUvdEeff-qUriAiqyw10ecWN5cFe32SctJWy3-cX77D8GABWm-W1N1FSivQTRx_qFSg7ZOCUCLrASef0MIj1HaOGnle8dRXBk1uGj8aI7k2Uxa2f-M8X7MEMN5Z32ujehhUtXB7CoeIJ59lbzVGBTJ-fjnNYMsh_byL8JduG1Jphk9grnrUItrMJ3Ley2x2JtJEdLG_YvI6vurd7C2ZtS9-ut7My_lJ9Y-rFkO8FczHTSte845GHAHrBPnoNacnHq0aUGUJuLqj0UFi4ZSef2Vs4ubu1_3shgFQtRzx2J31Qp1SOHpeD-PE0K9HTLjUwTr780OpZGVgdIfeTgfLH_Koj8qr7HfE7AdYTmbQiutI4CTIiRdfhPcTsjtUNKTZPPUhEMC1o3gIKt-woxaKHG3FEt8dp_mqPsA7-c7KRayAMZHOtIsBjB4PqHc9Ms8RlgRPr9q73HD9E9gScU7Bi4isv1H2f2OjzcLpdAoNWDeqoXx2hfH7G3nmHNhqdu5Iv251OPpQlXmveYq1VeQOc8MzVvfZF-ykUCMbMW-HVXCDuPLeqnXhwuSBJszbr8jRqmy-clBdlq3Hkl7KxYQi2LDh6R4pB_XhgHLArXrnpcWmmQ6Z3rxpeQPXUpnfngHYWcgv3IJovKR5U7icec6S6Q0eQixABN4R1SKh0RJptf4z0QskXG0HPAA_dRDhbsZt6Mv_ZYqH0q1sLsDWK8KKWp6NRxLNmkDS1CvALEOa1vuUN__r8DC3zdGbeX7iLFqcXWs6hAGQHGUa9EAWWc1vAqsl-no8BVoZ-6R-8L9aIalKLuiiJmwKDjyNa_Sb5vHWH7O-ry9TatsdAvXTJTS5Ny3AepPtVUOvoca3bh2znI5lsPSvjvOBOQUrulp6Huwd_NBrZSzRmvlIfUME3DiS8wNUvhYEg&cid=CAASPeRoc6N06h0Jr-cl7SUHcDfgAeWbu8cxadl2Q3ebGGNpAxcJGSQbv_Dm_Yj19rBGrNN5dcnGvJsYqrWeOsQ&rfl=1%2Chttps%253A%252F%252Fappleinsider.com%252F%240
Requested by
Host: appleinsider.com
URL: https://appleinsider.com/articles/21/02/26/hacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
26177f6f8267d81b44f39af5aacbd7aecd500a42d6edf0bde63ffcb8271efd1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7248aea1662551ce2c5b3fc70bfff856.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Mar 2021 22:06:27 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19069
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B2F1 		42 B
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DYnBurMwsPjFzIQEcnKG7KW2EHt31SgLBCBEr4vW9bW5xI83gYyJbzxDJ2l1Az9UuXeVwthITDxduCKfliUus_GYTsE4D4Xh6kG7cQuVBK3WT2hy4
Requested by
Host: 7248aea1662551ce2c5b3fc70bfff856.safeframe.googlesyndication.com
URL: https://7248aea1662551ce2c5b3fc70bfff856.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7248aea1662551ce2c5b3fc70bfff856.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Mar 2021 22:06:27 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame B2F1 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/window_focus_fy2019.js
Requested by
Host: 7248aea1662551ce2c5b3fc70bfff856.safeframe.googlesyndication.com
URL: https://7248aea1662551ce2c5b3fc70bfff856.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7248aea1662551ce2c5b3fc70bfff856.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 02 Apr 2021 22:06:20 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame B2F1 		117 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 7248aea1662551ce2c5b3fc70bfff856.safeframe.googlesyndication.com
URL: https://7248aea1662551ce2c5b3fc70bfff856.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
941c260356b6aa75782a27384179a63581c9e41b42155774982f36b0d84cde9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7248aea1662551ce2c5b3fc70bfff856.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1615980836519751"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36389
x-xss-protection
0
expires
Fri, 19 Mar 2021 22:06:27 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame B2F1 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 7248aea1662551ce2c5b3fc70bfff856.safeframe.googlesyndication.com
URL: https://7248aea1662551ce2c5b3fc70bfff856.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
570c04b30a5c8fa6ceaff96ea6d3a0dfabd85dee3edae40e38b0344a7278f254
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7248aea1662551ce2c5b3fc70bfff856.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:04:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
118
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5991
x-xss-protection
0
server
cafe
etag
8832118191516519848
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 02 Apr 2021 22:04:29 GMT
l
www.google.com/ads/measurement/ Frame B2F1 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQQ8mDHxN7sgcgvQ9oQ1McLwJ2G4J2zmwK3lFmx32MSdeh9l6AYWsAFnBVINXHdlJffstpW
Requested by
Host: 7248aea1662551ce2c5b3fc70bfff856.safeframe.googlesyndication.com
URL: https://7248aea1662551ce2c5b3fc70bfff856.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://7248aea1662551ce2c5b3fc70bfff856.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v20/ Frame E61E 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,900,300,400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 19:52:31 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:19:00 GMT
server
sffe
age
180836
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15816
x-xss-protection
0
expires
Thu, 17 Mar 2022 19:52:31 GMT
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v15/ Frame E61E 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v15/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d7ba57e3ccc2e3b2bdf8cc9e613194b802607682bf473293c2e3e29de82c9491
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 15:06:18 GMT
x-content-type-options
nosniff
last-modified
Thu, 05 Nov 2020 22:01:55 GMT
server
sffe
age
25209
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7776
x-xss-protection
0
expires
Sat, 19 Mar 2022 15:06:18 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v20/ Frame E61E 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,900,300,400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
24369e1b2461af9dcefecaf9cc93d64cf22a4c5bac32506100b9e21014507bcf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Mar 2021 18:27:39 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:37 GMT
server
sffe
age
358728
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15872
x-xss-protection
0
expires
Tue, 15 Mar 2022 18:27:39 GMT
KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v20/ Frame E61E 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmYUtfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,900,300,400
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
edcdf3f60252a5987bedc9c86b5422d972ba509bbbe60d58925310c744a33e28
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 20:36:02 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:19:17 GMT
server
sffe
age
178225
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15712
x-xss-protection
0
expires
Thu, 17 Mar 2022 20:36:02 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v20/ Frame E61E 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,900,300,400
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
29f6da0a8c21c5681511bb9b08663d3fd2c5d09c9bd8054ec354c563b8c8b7c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 22:41:50 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:55 GMT
server
sffe
age
170678
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15784
x-xss-protection
0
expires
Thu, 17 Mar 2022 22:41:50 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v20/ Frame E61E 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,900,300,400
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://googleads.g.doubleclick.net
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 15 Mar 2021 18:51:47 GMT
x-content-type-options
nosniff
last-modified
Wed, 24 Jul 2019 01:18:36 GMT
server
sffe
age
357281
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15736
x-xss-protection
0
expires
Tue, 15 Mar 2022 18:51:47 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20210316/r20110914/ Frame B2F1 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210316/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AFq3TSXhVAPM0Bv332nwBEVwuSATpSDpaNpJaEIfkVbtA4ND5Zqmgp8GNS2ECmEbG83CwFxBxT0N3FlVjsu_g5pQqS8tHfXyLGpgqUtF_9P2m0fHRbWltVmNnufedV8Xtyinj3SIxrONirOBg7vbl57RO6Mg&dbm_d=AKAmf-CK311pZRKvorVCQXTkMl6pnAYKohMHPXgKqVvYQEFKlnKurZz2ICylShN_a_qhWQyR7KWYDtIneef8Ougx_d8dnk8W43wt57duaHoTnZiKAfhgOvUjG30YpkpOaSERIaTGT0WpstaaI_rZunpy1lfK64B8a1j2kufWn8VvztwdohQmN3qjghmZKHShd4OFoUsqdmSgXKK-AmTMYsRnEMeNOSDHyXimgHeuJTwhzk2n7xMtz9x9VKGGl9E-jc0FYu9DP4eT4TPeYt3vMrb7I-hcEbfCo44P9rCdOhk_lwW1UGr2V-zWkHFCekeHFnyMbWQ8ZvgASnr0EPHRsb5ZqsyYDwwGw__Co2F0eP8ynvmZLl03yRjuPiMtmrhMM7h_E9PxGuDCVKsyFt-In4x428uIG8Dumr7hY9cvziv02_WEKGZ8P6LhA2KkorJxAmu-Foa25ah1Qf2bPIdGUEb52qThaYu1ahcX5kHSsBqpJBEqKO1v3XD0MmX8UXsNPonoq-FQn7PbEATa2UALUsdjb1rvSi6ICVKeGdTrl0tLya_8NRKhiePG2lirllXqTD28cohjb_UmIYmyoYqW-WfISLTLQm3dZqkWqQN83vAIXj_QpQdjlpt2dXs8EnTlsFu7FG5nhemL1MZ0dagDMp4Cb7hASMqHy8H9dpDMjdOrUqAHaENGZTSYUspHFz_4P38L1GpzyoLnlv21UqVWtw2yhMF1C9XAljV1cGFPgqIIwoMGwL8TmnV-XFLcgQjIzqKwjJMBedBUhEMBpcW3n5T0Un8zcHJpuEeAj3M8pzEkDk1qBx9bnTxnIbuwWCTjkf4HP-Zc6Xz-d7iINFwCrxQOjL15AiDO2Qa57ees5AwTgk35ta4yNZjNknK_ZYMKPW2AmVJJjGlDVyBwmayRkSbUE7ge7hDVMUuPBAIuoXWneB4lARg6vxqx7NdcOH-SbxD09OiVkkKjURI49Bj5gzCRXbEm1ksgmHaZt1ZIwBSaMXIPcimXg73f4b438wNdKCQoZsAMwcjK-Xl7s34BdWVn1Q-DrLmNjq4aqvtFggoDh06aYVh83vEzM1T3jeb-odtDtXz2cn8hzEF7R2hxgFTPDzRteVeouALmzw1QOXt43mJlhG-5DQSwz8RT4uN3GwhPWUw4uTXSUeZitkXcPl0ep03CciyQAqe8_hUWxiLJhM5idBdffxdGNrr64mV6ZuJfPqgU-fPZt1Hu6IsW4hvLBmtTBDz_2eTXHnNWo9dQGKoziVP3_CtovcRWK11n31Q-tDblnlCJb8ufLAGnY0X8DurMifARY4-5t6TutflS0H5nvtWbwf8GvGEymColPg1EK4nytq1c9FTo5R02yYVqd0HLQgUsad4zeoMSGbvopMaqLCBI31FoA927-FBHe5fr_fgLcR6VQVaIMkXHhmiU84SW0A3FewRfdLkY-yMAeIJTUsAMIJyu5kgngFg73qSfHnVB9PAmgm3Cf_S4_VjqETED8piCrhbrTn-CX1bvYaRyuXH6pfnmVWOwQilho4HU0AyhYxCLHMSvuvaTFoMcjq_VdNQlCqNoPpl7tiv1qEtrPss-GXxVFT6QsjzX8QdX8hV3s4ccPb1dyV8kbQzM_vffV5eCR2-VWzv5FAgu6T5QukWQNyedDvqgUm4TubTIwMovV1EOXPGJY-YXCLdH15hxPOLszS05mE69W-6dOJaaBQHPlOAqrhBfpOst5T6fLDVjwUQp-B9G1pRH-xUTv2rIW_StJ6oKe7Nbk0FpkhBy1AsEkseweRpKOAgQKunMfFsgonf4bPnFrJWAIv4MjvrbCee_sZqxriUDmpL026AGJPkfwfQ630K2O4JvouNvXksdZR7cfqRc223yc12YLvuV16S-Ag44dn4dK92-v5r4oN4zQk1mV0ZV_f60yihsIuVxWHpZsq7uXFhvQ51WGJOHgWj99DzKDWN6CwsBpMGGqlnmtYutnrFy9algo3eDQZrr21lI2Yq-InFERxj8hcmvKFXQwOuH5eHtAsguidKHOuUHcy_gfsI5GzWvUk67ad2riLT7ECkHhTfB2dPqOLer0hx4cXHZ26uN8TUapDg_KhMppHchid_xMNCOHbJtx-RS5TFd6J_Dr9PP-SUUJhqF5u-TlEC_TtL1B6oroiQkvUvdEeff-qUriAiqyw10ecWN5cFe32SctJWy3-cX77D8GABWm-W1N1FSivQTRx_qFSg7ZOCUCLrASef0MIj1HaOGnle8dRXBk1uGj8aI7k2Uxa2f-M8X7MEMN5Z32ujehhUtXB7CoeIJ59lbzVGBTJ-fjnNYMsh_byL8JduG1Jphk9grnrUItrMJ3Ley2x2JtJEdLG_YvI6vurd7C2ZtS9-ut7My_lJ9Y-rFkO8FczHTSte845GHAHrBPnoNacnHq0aUGUJuLqj0UFi4ZSef2Vs4ubu1_3shgFQtRzx2J31Qp1SOHpeD-PE0K9HTLjUwTr780OpZGVgdIfeTgfLH_Koj8qr7HfE7AdYTmbQiutI4CTIiRdfhPcTsjtUNKTZPPUhEMC1o3gIKt-woxaKHG3FEt8dp_mqPsA7-c7KRayAMZHOtIsBjB4PqHc9Ms8RlgRPr9q73HD9E9gScU7Bi4isv1H2f2OjzcLpdAoNWDeqoXx2hfH7G3nmHNhqdu5Iv251OPpQlXmveYq1VeQOc8MzVvfZF-ykUCMbMW-HVXCDuPLeqnXhwuSBJszbr8jRqmy-clBdlq3Hkl7KxYQi2LDh6R4pB_XhgHLArXrnpcWmmQ6Z3rxpeQPXUpnfngHYWcgv3IJovKR5U7icec6S6Q0eQixABN4R1SKh0RJptf4z0QskXG0HPAA_dRDhbsZt6Mv_ZYqH0q1sLsDWK8KKWp6NRxLNmkDS1CvALEOa1vuUN__r8DC3zdGbeX7iLFqcXWs6hAGQHGUa9EAWWc1vAqsl-no8BVoZ-6R-8L9aIalKLuiiJmwKDjyNa_Sb5vHWH7O-ry9TatsdAvXTJTS5Ny3AepPtVUOvoca3bh2znI5lsPSvjvOBOQUrulp6Huwd_NBrZSzRmvlIfUME3DiS8wNUvhYEg&cid=CAASPeRoc6N06h0Jr-cl7SUHcDfgAeWbu8cxadl2Q3ebGGNpAxcJGSQbv_Dm_Yj19rBGrNN5dcnGvJsYqrWeOsQ&rfl=1%2Chttps%253A%252F%252Fappleinsider.com%252F%240
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
70d82c6075989e0082b4917c6685f5f6bec1e673d0a80160eac61b3f1cdcb1a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7248aea1662551ce2c5b3fc70bfff856.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:02:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
222
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8471
x-xss-protection
0
server
cafe
etag
753583566593306265
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 02 Apr 2021 22:02:46 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20210316/r20110914/elements/html/ Frame B2F1 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210316/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AFq3TSXhVAPM0Bv332nwBEVwuSATpSDpaNpJaEIfkVbtA4ND5Zqmgp8GNS2ECmEbG83CwFxBxT0N3FlVjsu_g5pQqS8tHfXyLGpgqUtF_9P2m0fHRbWltVmNnufedV8Xtyinj3SIxrONirOBg7vbl57RO6Mg&dbm_d=AKAmf-CK311pZRKvorVCQXTkMl6pnAYKohMHPXgKqVvYQEFKlnKurZz2ICylShN_a_qhWQyR7KWYDtIneef8Ougx_d8dnk8W43wt57duaHoTnZiKAfhgOvUjG30YpkpOaSERIaTGT0WpstaaI_rZunpy1lfK64B8a1j2kufWn8VvztwdohQmN3qjghmZKHShd4OFoUsqdmSgXKK-AmTMYsRnEMeNOSDHyXimgHeuJTwhzk2n7xMtz9x9VKGGl9E-jc0FYu9DP4eT4TPeYt3vMrb7I-hcEbfCo44P9rCdOhk_lwW1UGr2V-zWkHFCekeHFnyMbWQ8ZvgASnr0EPHRsb5ZqsyYDwwGw__Co2F0eP8ynvmZLl03yRjuPiMtmrhMM7h_E9PxGuDCVKsyFt-In4x428uIG8Dumr7hY9cvziv02_WEKGZ8P6LhA2KkorJxAmu-Foa25ah1Qf2bPIdGUEb52qThaYu1ahcX5kHSsBqpJBEqKO1v3XD0MmX8UXsNPonoq-FQn7PbEATa2UALUsdjb1rvSi6ICVKeGdTrl0tLya_8NRKhiePG2lirllXqTD28cohjb_UmIYmyoYqW-WfISLTLQm3dZqkWqQN83vAIXj_QpQdjlpt2dXs8EnTlsFu7FG5nhemL1MZ0dagDMp4Cb7hASMqHy8H9dpDMjdOrUqAHaENGZTSYUspHFz_4P38L1GpzyoLnlv21UqVWtw2yhMF1C9XAljV1cGFPgqIIwoMGwL8TmnV-XFLcgQjIzqKwjJMBedBUhEMBpcW3n5T0Un8zcHJpuEeAj3M8pzEkDk1qBx9bnTxnIbuwWCTjkf4HP-Zc6Xz-d7iINFwCrxQOjL15AiDO2Qa57ees5AwTgk35ta4yNZjNknK_ZYMKPW2AmVJJjGlDVyBwmayRkSbUE7ge7hDVMUuPBAIuoXWneB4lARg6vxqx7NdcOH-SbxD09OiVkkKjURI49Bj5gzCRXbEm1ksgmHaZt1ZIwBSaMXIPcimXg73f4b438wNdKCQoZsAMwcjK-Xl7s34BdWVn1Q-DrLmNjq4aqvtFggoDh06aYVh83vEzM1T3jeb-odtDtXz2cn8hzEF7R2hxgFTPDzRteVeouALmzw1QOXt43mJlhG-5DQSwz8RT4uN3GwhPWUw4uTXSUeZitkXcPl0ep03CciyQAqe8_hUWxiLJhM5idBdffxdGNrr64mV6ZuJfPqgU-fPZt1Hu6IsW4hvLBmtTBDz_2eTXHnNWo9dQGKoziVP3_CtovcRWK11n31Q-tDblnlCJb8ufLAGnY0X8DurMifARY4-5t6TutflS0H5nvtWbwf8GvGEymColPg1EK4nytq1c9FTo5R02yYVqd0HLQgUsad4zeoMSGbvopMaqLCBI31FoA927-FBHe5fr_fgLcR6VQVaIMkXHhmiU84SW0A3FewRfdLkY-yMAeIJTUsAMIJyu5kgngFg73qSfHnVB9PAmgm3Cf_S4_VjqETED8piCrhbrTn-CX1bvYaRyuXH6pfnmVWOwQilho4HU0AyhYxCLHMSvuvaTFoMcjq_VdNQlCqNoPpl7tiv1qEtrPss-GXxVFT6QsjzX8QdX8hV3s4ccPb1dyV8kbQzM_vffV5eCR2-VWzv5FAgu6T5QukWQNyedDvqgUm4TubTIwMovV1EOXPGJY-YXCLdH15hxPOLszS05mE69W-6dOJaaBQHPlOAqrhBfpOst5T6fLDVjwUQp-B9G1pRH-xUTv2rIW_StJ6oKe7Nbk0FpkhBy1AsEkseweRpKOAgQKunMfFsgonf4bPnFrJWAIv4MjvrbCee_sZqxriUDmpL026AGJPkfwfQ630K2O4JvouNvXksdZR7cfqRc223yc12YLvuV16S-Ag44dn4dK92-v5r4oN4zQk1mV0ZV_f60yihsIuVxWHpZsq7uXFhvQ51WGJOHgWj99DzKDWN6CwsBpMGGqlnmtYutnrFy9algo3eDQZrr21lI2Yq-InFERxj8hcmvKFXQwOuH5eHtAsguidKHOuUHcy_gfsI5GzWvUk67ad2riLT7ECkHhTfB2dPqOLer0hx4cXHZ26uN8TUapDg_KhMppHchid_xMNCOHbJtx-RS5TFd6J_Dr9PP-SUUJhqF5u-TlEC_TtL1B6oroiQkvUvdEeff-qUriAiqyw10ecWN5cFe32SctJWy3-cX77D8GABWm-W1N1FSivQTRx_qFSg7ZOCUCLrASef0MIj1HaOGnle8dRXBk1uGj8aI7k2Uxa2f-M8X7MEMN5Z32ujehhUtXB7CoeIJ59lbzVGBTJ-fjnNYMsh_byL8JduG1Jphk9grnrUItrMJ3Ley2x2JtJEdLG_YvI6vurd7C2ZtS9-ut7My_lJ9Y-rFkO8FczHTSte845GHAHrBPnoNacnHq0aUGUJuLqj0UFi4ZSef2Vs4ubu1_3shgFQtRzx2J31Qp1SOHpeD-PE0K9HTLjUwTr780OpZGVgdIfeTgfLH_Koj8qr7HfE7AdYTmbQiutI4CTIiRdfhPcTsjtUNKTZPPUhEMC1o3gIKt-woxaKHG3FEt8dp_mqPsA7-c7KRayAMZHOtIsBjB4PqHc9Ms8RlgRPr9q73HD9E9gScU7Bi4isv1H2f2OjzcLpdAoNWDeqoXx2hfH7G3nmHNhqdu5Iv251OPpQlXmveYq1VeQOc8MzVvfZF-ykUCMbMW-HVXCDuPLeqnXhwuSBJszbr8jRqmy-clBdlq3Hkl7KxYQi2LDh6R4pB_XhgHLArXrnpcWmmQ6Z3rxpeQPXUpnfngHYWcgv3IJovKR5U7icec6S6Q0eQixABN4R1SKh0RJptf4z0QskXG0HPAA_dRDhbsZt6Mv_ZYqH0q1sLsDWK8KKWp6NRxLNmkDS1CvALEOa1vuUN__r8DC3zdGbeX7iLFqcXWs6hAGQHGUa9EAWWc1vAqsl-no8BVoZ-6R-8L9aIalKLuiiJmwKDjyNa_Sb5vHWH7O-ry9TatsdAvXTJTS5Ny3AepPtVUOvoca3bh2znI5lsPSvjvOBOQUrulp6Huwd_NBrZSzRmvlIfUME3DiS8wNUvhYEg&cid=CAASPeRoc6N06h0Jr-cl7SUHcDfgAeWbu8cxadl2Q3ebGGNpAxcJGSQbv_Dm_Yj19rBGrNN5dcnGvJsYqrWeOsQ&rfl=1%2Chttps%253A%252F%252Fappleinsider.com%252F%240
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7248aea1662551ce2c5b3fc70bfff856.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 21:59:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
414
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3124
x-xss-protection
0
server
cafe
etag
4537136162986801320
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 02 Apr 2021 21:59:34 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame B2F1 		0
575 B 		Other
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssgCeixhvxercAuUlbPYyEOxPIjX3TTXeuJ1VegFlqrSooN7YTtmn9o9Hzi8Hakmz2X60fmzl4AL2k3o6EunNnbdZhhcjcd92M3DlQ7Kz8QUofzuOqZeeQckD6R6lxyNDHUYmw_rgsgOCvr2ppQ09TZFcbAnKsZf5EfnU1qu0pHzzmYOJ3Bk9SF0HTgUnGNG7xfWqM9UMR-j_2AmlWYCe3mEEwrkzS3zUTcwUN_fMesHA0WX7fgHUcxvW3JOWNVdSujGTN94Wqhd51K5eNMI9xe94Dn9Eckwvd6AjLiO7o5Vpdf-EUXsHv_cu1dIQ2GyRA4QE9QmHDVzOinBVFS3ds8gpTKa16u5TEXT31hIfA04a8wHGsbgD2DDYpuj3R_yU7Z_Y3KWcoUnbojkMD2GKYD60u1zed5sjOJW_0u8oBnB3GMyUspYQDF3PB45721H0xi1sw0fRqJ2QJ7K_E0MQV73R0RXqxfY9zJ6vYQp7a9UXXDAMlUjO5qWeAz50AybmzmvwfmjP6HFIGnNjqc7fzOWUQj3sGUs602VOO8PW4ezbm63wgSokbFGqHvYTtrxyPVyCieTwKyXjxCSXZ_byeHqSYQAGsw2i9iw-6_o575CNifYJ_l9rZ2KI9n9TnQUpBQ70DuVqwqIPQCaEx7nft6rySFjOJ6ZdsA3F2MRcBzQbkgdnJsLYJY582Ggx6_fWu2EbmGnsfv0dczIwRKr9ZveLSljgQFXfdqwnzWjkoOGQUMSwx7THfW2g0GmlA22nALsugYNi05nxL8ni8pHp99mIKUzRsVRk4YeTBevI4M0e21Ps1kWokCJ-XbYegR-vd7BfU0e4gw0CVD7hH0Svt854Am-kCaYGQ0Nm7AH47kRSEHpvbNHk1_QRBgQ77WC7_kJ1Bdo4gkSmAdfJOsNmn8RSKAlu_G4w4B74IP7GYlC6Y9AXh0fA0qAiFsXkWrwBuaQMHE8Syxp5bCMA0F5ocNE_wGN4cH-lXVWvOzPC20hrIHvIl7VHAEckFwNkTMVfnXszy1GEpTNmtGQ_Ho1AJ-xQi92N5A_jKr8cZY7fGy-uf6DudElJ9i4z702dNgbUGF_BEIG9q3W4FR2rLoh4olSHSkU8acYAYLaV5nKnZrk25SGyaFbhACyJXXtD4wDjvDt4xI_yC8fXqrKWamdX7M_Q491FqslnpUSucaf7hg61HEVeU&sai=AMfl-YTmtvzoUML_Jr1WV85IJQ9GGdiXhzocxIIQkCqiy5hzcPaICGRVFfK2adK7pvnVDQMReVtk04zKUgS-sL-ox40KkVioqgVSXi10hlAL5DfE-WbOBU9i8LYNXccU1abvHRfXjlsEYy1NambieKZXqhv_grcf2fkv6_eWgPQJao4s5mSphOet3I-njTlfQtMOpjz3Gagty1MSjs4noH4b6mjbSWhquQV0cVXFWlF8FA&sig=Cg0ArKJSzGopur1YHsX5EAE&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=1&cisv=r20210316.61017&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AFq3TSXhVAPM0Bv332nwBEVwuSATpSDpaNpJaEIfkVbtA4ND5Zqmgp8GNS2ECmEbG83CwFxBxT0N3FlVjsu_g5pQqS8tHfXyLGpgqUtF_9P2m0fHRbWltVmNnufedV8Xtyinj3SIxrONirOBg7vbl57RO6Mg&dbm_d=AKAmf-CK311pZRKvorVCQXTkMl6pnAYKohMHPXgKqVvYQEFKlnKurZz2ICylShN_a_qhWQyR7KWYDtIneef8Ougx_d8dnk8W43wt57duaHoTnZiKAfhgOvUjG30YpkpOaSERIaTGT0WpstaaI_rZunpy1lfK64B8a1j2kufWn8VvztwdohQmN3qjghmZKHShd4OFoUsqdmSgXKK-AmTMYsRnEMeNOSDHyXimgHeuJTwhzk2n7xMtz9x9VKGGl9E-jc0FYu9DP4eT4TPeYt3vMrb7I-hcEbfCo44P9rCdOhk_lwW1UGr2V-zWkHFCekeHFnyMbWQ8ZvgASnr0EPHRsb5ZqsyYDwwGw__Co2F0eP8ynvmZLl03yRjuPiMtmrhMM7h_E9PxGuDCVKsyFt-In4x428uIG8Dumr7hY9cvziv02_WEKGZ8P6LhA2KkorJxAmu-Foa25ah1Qf2bPIdGUEb52qThaYu1ahcX5kHSsBqpJBEqKO1v3XD0MmX8UXsNPonoq-FQn7PbEATa2UALUsdjb1rvSi6ICVKeGdTrl0tLya_8NRKhiePG2lirllXqTD28cohjb_UmIYmyoYqW-WfISLTLQm3dZqkWqQN83vAIXj_QpQdjlpt2dXs8EnTlsFu7FG5nhemL1MZ0dagDMp4Cb7hASMqHy8H9dpDMjdOrUqAHaENGZTSYUspHFz_4P38L1GpzyoLnlv21UqVWtw2yhMF1C9XAljV1cGFPgqIIwoMGwL8TmnV-XFLcgQjIzqKwjJMBedBUhEMBpcW3n5T0Un8zcHJpuEeAj3M8pzEkDk1qBx9bnTxnIbuwWCTjkf4HP-Zc6Xz-d7iINFwCrxQOjL15AiDO2Qa57ees5AwTgk35ta4yNZjNknK_ZYMKPW2AmVJJjGlDVyBwmayRkSbUE7ge7hDVMUuPBAIuoXWneB4lARg6vxqx7NdcOH-SbxD09OiVkkKjURI49Bj5gzCRXbEm1ksgmHaZt1ZIwBSaMXIPcimXg73f4b438wNdKCQoZsAMwcjK-Xl7s34BdWVn1Q-DrLmNjq4aqvtFggoDh06aYVh83vEzM1T3jeb-odtDtXz2cn8hzEF7R2hxgFTPDzRteVeouALmzw1QOXt43mJlhG-5DQSwz8RT4uN3GwhPWUw4uTXSUeZitkXcPl0ep03CciyQAqe8_hUWxiLJhM5idBdffxdGNrr64mV6ZuJfPqgU-fPZt1Hu6IsW4hvLBmtTBDz_2eTXHnNWo9dQGKoziVP3_CtovcRWK11n31Q-tDblnlCJb8ufLAGnY0X8DurMifARY4-5t6TutflS0H5nvtWbwf8GvGEymColPg1EK4nytq1c9FTo5R02yYVqd0HLQgUsad4zeoMSGbvopMaqLCBI31FoA927-FBHe5fr_fgLcR6VQVaIMkXHhmiU84SW0A3FewRfdLkY-yMAeIJTUsAMIJyu5kgngFg73qSfHnVB9PAmgm3Cf_S4_VjqETED8piCrhbrTn-CX1bvYaRyuXH6pfnmVWOwQilho4HU0AyhYxCLHMSvuvaTFoMcjq_VdNQlCqNoPpl7tiv1qEtrPss-GXxVFT6QsjzX8QdX8hV3s4ccPb1dyV8kbQzM_vffV5eCR2-VWzv5FAgu6T5QukWQNyedDvqgUm4TubTIwMovV1EOXPGJY-YXCLdH15hxPOLszS05mE69W-6dOJaaBQHPlOAqrhBfpOst5T6fLDVjwUQp-B9G1pRH-xUTv2rIW_StJ6oKe7Nbk0FpkhBy1AsEkseweRpKOAgQKunMfFsgonf4bPnFrJWAIv4MjvrbCee_sZqxriUDmpL026AGJPkfwfQ630K2O4JvouNvXksdZR7cfqRc223yc12YLvuV16S-Ag44dn4dK92-v5r4oN4zQk1mV0ZV_f60yihsIuVxWHpZsq7uXFhvQ51WGJOHgWj99DzKDWN6CwsBpMGGqlnmtYutnrFy9algo3eDQZrr21lI2Yq-InFERxj8hcmvKFXQwOuH5eHtAsguidKHOuUHcy_gfsI5GzWvUk67ad2riLT7ECkHhTfB2dPqOLer0hx4cXHZ26uN8TUapDg_KhMppHchid_xMNCOHbJtx-RS5TFd6J_Dr9PP-SUUJhqF5u-TlEC_TtL1B6oroiQkvUvdEeff-qUriAiqyw10ecWN5cFe32SctJWy3-cX77D8GABWm-W1N1FSivQTRx_qFSg7ZOCUCLrASef0MIj1HaOGnle8dRXBk1uGj8aI7k2Uxa2f-M8X7MEMN5Z32ujehhUtXB7CoeIJ59lbzVGBTJ-fjnNYMsh_byL8JduG1Jphk9grnrUItrMJ3Ley2x2JtJEdLG_YvI6vurd7C2ZtS9-ut7My_lJ9Y-rFkO8FczHTSte845GHAHrBPnoNacnHq0aUGUJuLqj0UFi4ZSef2Vs4ubu1_3shgFQtRzx2J31Qp1SOHpeD-PE0K9HTLjUwTr780OpZGVgdIfeTgfLH_Koj8qr7HfE7AdYTmbQiutI4CTIiRdfhPcTsjtUNKTZPPUhEMC1o3gIKt-woxaKHG3FEt8dp_mqPsA7-c7KRayAMZHOtIsBjB4PqHc9Ms8RlgRPr9q73HD9E9gScU7Bi4isv1H2f2OjzcLpdAoNWDeqoXx2hfH7G3nmHNhqdu5Iv251OPpQlXmveYq1VeQOc8MzVvfZF-ykUCMbMW-HVXCDuPLeqnXhwuSBJszbr8jRqmy-clBdlq3Hkl7KxYQi2LDh6R4pB_XhgHLArXrnpcWmmQ6Z3rxpeQPXUpnfngHYWcgv3IJovKR5U7icec6S6Q0eQixABN4R1SKh0RJptf4z0QskXG0HPAA_dRDhbsZt6Mv_ZYqH0q1sLsDWK8KKWp6NRxLNmkDS1CvALEOa1vuUN__r8DC3zdGbeX7iLFqcXWs6hAGQHGUa9EAWWc1vAqsl-no8BVoZ-6R-8L9aIalKLuiiJmwKDjyNa_Sb5vHWH7O-ry9TatsdAvXTJTS5Ny3AepPtVUOvoca3bh2znI5lsPSvjvOBOQUrulp6Huwd_NBrZSzRmvlIfUME3DiS8wNUvhYEg&cid=CAASPeRoc6N06h0Jr-cl7SUHcDfgAeWbu8cxadl2Q3ebGGNpAxcJGSQbv_Dm_Yj19rBGrNN5dcnGvJsYqrWeOsQ&rfl=1%2Chttps%253A%252F%252Fappleinsider.com%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7248aea1662551ce2c5b3fc70bfff856.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Fri, 19 Mar 2021 22:06:28 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame B2F1 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AFq3TSXhVAPM0Bv332nwBEVwuSATpSDpaNpJaEIfkVbtA4ND5Zqmgp8GNS2ECmEbG83CwFxBxT0N3FlVjsu_g5pQqS8tHfXyLGpgqUtF_9P2m0fHRbWltVmNnufedV8Xtyinj3SIxrONirOBg7vbl57RO6Mg&dbm_d=AKAmf-CK311pZRKvorVCQXTkMl6pnAYKohMHPXgKqVvYQEFKlnKurZz2ICylShN_a_qhWQyR7KWYDtIneef8Ougx_d8dnk8W43wt57duaHoTnZiKAfhgOvUjG30YpkpOaSERIaTGT0WpstaaI_rZunpy1lfK64B8a1j2kufWn8VvztwdohQmN3qjghmZKHShd4OFoUsqdmSgXKK-AmTMYsRnEMeNOSDHyXimgHeuJTwhzk2n7xMtz9x9VKGGl9E-jc0FYu9DP4eT4TPeYt3vMrb7I-hcEbfCo44P9rCdOhk_lwW1UGr2V-zWkHFCekeHFnyMbWQ8ZvgASnr0EPHRsb5ZqsyYDwwGw__Co2F0eP8ynvmZLl03yRjuPiMtmrhMM7h_E9PxGuDCVKsyFt-In4x428uIG8Dumr7hY9cvziv02_WEKGZ8P6LhA2KkorJxAmu-Foa25ah1Qf2bPIdGUEb52qThaYu1ahcX5kHSsBqpJBEqKO1v3XD0MmX8UXsNPonoq-FQn7PbEATa2UALUsdjb1rvSi6ICVKeGdTrl0tLya_8NRKhiePG2lirllXqTD28cohjb_UmIYmyoYqW-WfISLTLQm3dZqkWqQN83vAIXj_QpQdjlpt2dXs8EnTlsFu7FG5nhemL1MZ0dagDMp4Cb7hASMqHy8H9dpDMjdOrUqAHaENGZTSYUspHFz_4P38L1GpzyoLnlv21UqVWtw2yhMF1C9XAljV1cGFPgqIIwoMGwL8TmnV-XFLcgQjIzqKwjJMBedBUhEMBpcW3n5T0Un8zcHJpuEeAj3M8pzEkDk1qBx9bnTxnIbuwWCTjkf4HP-Zc6Xz-d7iINFwCrxQOjL15AiDO2Qa57ees5AwTgk35ta4yNZjNknK_ZYMKPW2AmVJJjGlDVyBwmayRkSbUE7ge7hDVMUuPBAIuoXWneB4lARg6vxqx7NdcOH-SbxD09OiVkkKjURI49Bj5gzCRXbEm1ksgmHaZt1ZIwBSaMXIPcimXg73f4b438wNdKCQoZsAMwcjK-Xl7s34BdWVn1Q-DrLmNjq4aqvtFggoDh06aYVh83vEzM1T3jeb-odtDtXz2cn8hzEF7R2hxgFTPDzRteVeouALmzw1QOXt43mJlhG-5DQSwz8RT4uN3GwhPWUw4uTXSUeZitkXcPl0ep03CciyQAqe8_hUWxiLJhM5idBdffxdGNrr64mV6ZuJfPqgU-fPZt1Hu6IsW4hvLBmtTBDz_2eTXHnNWo9dQGKoziVP3_CtovcRWK11n31Q-tDblnlCJb8ufLAGnY0X8DurMifARY4-5t6TutflS0H5nvtWbwf8GvGEymColPg1EK4nytq1c9FTo5R02yYVqd0HLQgUsad4zeoMSGbvopMaqLCBI31FoA927-FBHe5fr_fgLcR6VQVaIMkXHhmiU84SW0A3FewRfdLkY-yMAeIJTUsAMIJyu5kgngFg73qSfHnVB9PAmgm3Cf_S4_VjqETED8piCrhbrTn-CX1bvYaRyuXH6pfnmVWOwQilho4HU0AyhYxCLHMSvuvaTFoMcjq_VdNQlCqNoPpl7tiv1qEtrPss-GXxVFT6QsjzX8QdX8hV3s4ccPb1dyV8kbQzM_vffV5eCR2-VWzv5FAgu6T5QukWQNyedDvqgUm4TubTIwMovV1EOXPGJY-YXCLdH15hxPOLszS05mE69W-6dOJaaBQHPlOAqrhBfpOst5T6fLDVjwUQp-B9G1pRH-xUTv2rIW_StJ6oKe7Nbk0FpkhBy1AsEkseweRpKOAgQKunMfFsgonf4bPnFrJWAIv4MjvrbCee_sZqxriUDmpL026AGJPkfwfQ630K2O4JvouNvXksdZR7cfqRc223yc12YLvuV16S-Ag44dn4dK92-v5r4oN4zQk1mV0ZV_f60yihsIuVxWHpZsq7uXFhvQ51WGJOHgWj99DzKDWN6CwsBpMGGqlnmtYutnrFy9algo3eDQZrr21lI2Yq-InFERxj8hcmvKFXQwOuH5eHtAsguidKHOuUHcy_gfsI5GzWvUk67ad2riLT7ECkHhTfB2dPqOLer0hx4cXHZ26uN8TUapDg_KhMppHchid_xMNCOHbJtx-RS5TFd6J_Dr9PP-SUUJhqF5u-TlEC_TtL1B6oroiQkvUvdEeff-qUriAiqyw10ecWN5cFe32SctJWy3-cX77D8GABWm-W1N1FSivQTRx_qFSg7ZOCUCLrASef0MIj1HaOGnle8dRXBk1uGj8aI7k2Uxa2f-M8X7MEMN5Z32ujehhUtXB7CoeIJ59lbzVGBTJ-fjnNYMsh_byL8JduG1Jphk9grnrUItrMJ3Ley2x2JtJEdLG_YvI6vurd7C2ZtS9-ut7My_lJ9Y-rFkO8FczHTSte845GHAHrBPnoNacnHq0aUGUJuLqj0UFi4ZSef2Vs4ubu1_3shgFQtRzx2J31Qp1SOHpeD-PE0K9HTLjUwTr780OpZGVgdIfeTgfLH_Koj8qr7HfE7AdYTmbQiutI4CTIiRdfhPcTsjtUNKTZPPUhEMC1o3gIKt-woxaKHG3FEt8dp_mqPsA7-c7KRayAMZHOtIsBjB4PqHc9Ms8RlgRPr9q73HD9E9gScU7Bi4isv1H2f2OjzcLpdAoNWDeqoXx2hfH7G3nmHNhqdu5Iv251OPpQlXmveYq1VeQOc8MzVvfZF-ykUCMbMW-HVXCDuPLeqnXhwuSBJszbr8jRqmy-clBdlq3Hkl7KxYQi2LDh6R4pB_XhgHLArXrnpcWmmQ6Z3rxpeQPXUpnfngHYWcgv3IJovKR5U7icec6S6Q0eQixABN4R1SKh0RJptf4z0QskXG0HPAA_dRDhbsZt6Mv_ZYqH0q1sLsDWK8KKWp6NRxLNmkDS1CvALEOa1vuUN__r8DC3zdGbeX7iLFqcXWs6hAGQHGUa9EAWWc1vAqsl-no8BVoZ-6R-8L9aIalKLuiiJmwKDjyNa_Sb5vHWH7O-ry9TatsdAvXTJTS5Ny3AepPtVUOvoca3bh2znI5lsPSvjvOBOQUrulp6Huwd_NBrZSzRmvlIfUME3DiS8wNUvhYEg&cid=CAASPeRoc6N06h0Jr-cl7SUHcDfgAeWbu8cxadl2Q3ebGGNpAxcJGSQbv_Dm_Yj19rBGrNN5dcnGvJsYqrWeOsQ&rfl=1%2Chttps%253A%252F%252Fappleinsider.com%252F%240
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7248aea1662551ce2c5b3fc70bfff856.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 15:55:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
22288
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 19 Mar 2022 15:55:00 GMT
300x250.PNG
s0.2mdn.net/9736901/ Frame B2F1 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/9736901/300x250.PNG
Requested by
Host: 7248aea1662551ce2c5b3fc70bfff856.safeframe.googlesyndication.com
URL: https://7248aea1662551ce2c5b3fc70bfff856.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4535133ea6e5808fcca93c262aed87c8220ddc98677fed0e29ef6b78c872ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7248aea1662551ce2c5b3fc70bfff856.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 05:56:50 GMT
x-content-type-options
nosniff
last-modified
Mon, 01 Mar 2021 09:49:25 GMT
server
sffe
age
58178
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18385
x-xss-protection
0
expires
Sat, 20 Mar 2021 05:56:50 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 9A20 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvDnExJN4Bzvmd8Hv0sSXmo_cS5Dgn4srJ1whkXQXlvtJJAQ5K9QTNhoRFuuUe1F_fs8Bm_8djGWZZEBLxZtgI6X0VGKft0pq3IQisbRZXrdLNAYAWuVV94sLobInIY95hM3CL6kW-dq-h5r0qScdAEpqm2MShh4-SY25uHt-vN_c8b-buh0sFp7mNxG3jQEpMRiXBul-ZZB6znNFqk9_CVwNIaoY9KAdCrHOVG9cBjgETeC0DMN_bfPosUvFH4o290DDiKv7vxvOCbP4znOhCyD8m3pfHgyRoRcmR1mOe7zBT23GDqUSXOAA5E44k1XgQq3A7C6xrrSY8l_WWNwO_oz5GD&sai=AMfl-YTPsALL3KmC4rsm7wMqIbU24xcn5ihxMd3stG1yuzWuYB-0pwbM5P-xxJE3ijSZfnE3EtXmxOpcgO85_N_a1HoIM4W5_WpR1y4E7g8-uMMnmt3H6ji_XaIaCNL8sWYO&sig=Cg0ArKJSzHsYCIKk0rbaEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 19 Mar 2021 22:06:28 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 19 Mar 2021 22:06:28 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 9A20 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210316&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210316/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2892341250670811&plah=appleinsider.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b33a285ba101f6414c3ab0033391f4c9ea8b8c74fa31272d39c95b806cfb7d42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 19 Mar 2021 22:06:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6468
x-xss-protection
0
container.html
7248aea1662551ce2c5b3fc70bfff856.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame F8AE 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://7248aea1662551ce2c5b3fc70bfff856.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
7248aea1662551ce2c5b3fc70bfff856.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-37/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://appleinsider.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://appleinsider.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
2973
date
Fri, 19 Mar 2021 22:06:25 GMT
expires
Sat, 19 Mar 2022 22:06:25 GMT
last-modified
Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
3
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
rum.js
securepubads.g.doubleclick.net/pagead/js/ Frame 9A20 		54 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/js/rum.js
Requested by
Host: appleinsider.com
URL: https://appleinsider.com/articles/21/02/26/hacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
3477e8fe3b7becd59943c9497c9a6cdcb7768f59f5c0bba0bcf981c923b25c6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 21:58:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
491
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20897
x-xss-protection
0
server
cafe
etag
7857869394883405340
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Fri, 19 Mar 2021 22:58:17 GMT
container.html
7248aea1662551ce2c5b3fc70bfff856.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 3EC9 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://7248aea1662551ce2c5b3fc70bfff856.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
7248aea1662551ce2c5b3fc70bfff856.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-37/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://appleinsider.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://appleinsider.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
2973
date
Fri, 19 Mar 2021 22:06:25 GMT
expires
Sat, 19 Mar 2022 22:06:25 GMT
last-modified
Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
3
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 9A20 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210316/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2892341250670811&plah=appleinsider.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1611170586013198"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6403
x-xss-protection
0
expires
Fri, 19 Mar 2021 22:06:28 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E61E 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 19 Mar 2021 20:46:55 GMT
x-content-type-options
nosniff
server
cafe
age
4773
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Sat, 20 Mar 2021 20:46:55 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E61E 		295 B
326 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 18 Mar 2021 22:17:05 GMT
x-content-type-options
nosniff
server
cafe
age
85763
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
content-type
image/png
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 19 Mar 2021 22:17:05 GMT
9dd183e9c9e49014791a5ff2d40a2bb5.jpg
tpc.googlesyndication.com/sadbundle/9777568179225911899/media/ Frame E61E 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/9777568179225911899/media/9dd183e9c9e49014791a5ff2d40a2bb5.jpg
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1cfa4722d859ed9c23c266c38ff695c42c58ab322ac295f71a555c060ddbf3f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 14 Mar 2021 08:14:43 GMT
x-content-type-options
nosniff
age
481905
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12065
x-xss-protection
0
last-modified
Thu, 14 Jan 2021 13:15:34 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 14 Mar 2022 08:14:43 GMT
c3e704e3884e4071340e10ef3fe53bb4.png
tpc.googlesyndication.com/sadbundle/9777568179225911899/media/ Frame E61E 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/9777568179225911899/media/c3e704e3884e4071340e10ef3fe53bb4.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bcac4d62c8c5688db1aed2bc7461df4e0c8db673fb204efb2bb64ba48a22d79d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 14 Mar 2021 08:14:43 GMT
x-content-type-options
nosniff
age
481905
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2368
x-xss-protection
0
last-modified
Thu, 14 Jan 2021 13:15:34 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 14 Mar 2022 08:14:43 GMT
pixel
cm.g.doubleclick.net/ Frame B8C5 		170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_dbm
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNOuLBComsQBGLvG_J0BMAE&v=APEucNW1Xw_hQEtw18qfwWaAyu6HGxCG5pyXvywrSIfLs3b6Bsdy1mpJihKir4uM_GI42wygkgQTRIC7WpjQs3iDb3_Z5_xbCw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Mar 2021 22:06:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame B8C5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB10zvoXA17sL1VMY5rU_1k&google_cver=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB10zvoXA17sL1VMY5rU_1k&google_cver=1&C=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB10zvoXA17sL1VMY5rU_1k&google_cver=1&C=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNOuLBComsQBGLvG_J0BMAE&v=APEucNW1Xw_hQEtw18qfwWaAyu6HGxCG5pyXvywrSIfLs3b6Bsdy1mpJihKir4uM_GI42wygkgQTRIC7WpjQs3iDb3_Z5_xbCw
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 19 Mar 2021 22:06:28 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 19 Mar 2021 22:06:28 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 19 Mar 2021 22:06:28 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB10zvoXA17sL1VMY5rU_1k&google_cver=1&C=1
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
308
Expires
Fri, 19 Mar 2021 22:06:28 GMT
rum
dsum-sec.casalemedia.com/ Frame B8C5
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YFUgZCFSqIa9Ji5DHiuxggAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB10zvoXA17sL1VMY5rU_1k&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB10zvoXA17sL1VMY5rU_1k&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNOuLBComsQBGLvG_J0BMAE&v=APEucNW1Xw_hQEtw18qfwWaAyu6HGxCG5pyXvywrSIfLs3b6Bsdy1mpJihKir4uM_GI42wygkgQTRIC7WpjQs3iDb3_Z5_xbCw
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.241 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-241.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 19 Mar 2021 22:06:28 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Fri, 19 Mar 2021 22:06:28 GMT

Redirect headers

pragma
no-cache
date
Fri, 19 Mar 2021 22:06:28 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB10zvoXA17sL1VMY5rU_1k&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame B2F1 		0
60 B 		Other
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssgCeixhvxercAuUlbPYyEOxPIjX3TTXeuJ1VegFlqrSooN7YTtmn9o9Hzi8Hakmz2X60fmzl4AL2k3o6EunNnbdZhhcjcd92M3DlQ7Kz8QUofzuOqZeeQckD6R6lxyNDHUYmw_rgsgOCvr2ppQ09TZFcbAnKsZf5EfnU1qu0pHzzmYOJ3Bk9SF0HTgUnGNG7xfWqM9UMR-j_2AmlWYCe3mEEwrkzS3zUTcwUN_fMesHA0WX7fgHUcxvW3JOWNVdSujGTN94Wqhd51K5eNMI9xe94Dn9Eckwvd6AjLiO7o5Vpdf-EUXsHv_cu1dIQ2GyRA4QE9QmHDVzOinBVFS3ds8gpTKa16u5TEXT31hIfA04a8wHGsbgD2DDYpuj3R_yU7Z_Y3KWcoUnbojkMD2GKYD60u1zed5sjOJW_0u8oBnB3GMyUspYQDF3PB45721H0xi1sw0fRqJ2QJ7K_E0MQV73R0RXqxfY9zJ6vYQp7a9UXXDAMlUjO5qWeAz50AybmzmvwfmjP6HFIGnNjqc7fzOWUQj3sGUs602VOO8PW4ezbm63wgSokbFGqHvYTtrxyPVyCieTwKyXjxCSXZ_byeHqSYQAGsw2i9iw-6_o575CNifYJ_l9rZ2KI9n9TnQUpBQ70DuVqwqIPQCaEx7nft6rySFjOJ6ZdsA3F2MRcBzQbkgdnJsLYJY582Ggx6_fWu2EbmGnsfv0dczIwRKr9ZveLSljgQFXfdqwnzWjkoOGQUMSwx7THfW2g0GmlA22nALsugYNi05nxL8ni8pHp99mIKUzRsVRk4YeTBevI4M0e21Ps1kWokCJ-XbYegR-vd7BfU0e4gw0CVD7hH0Svt854Am-kCaYGQ0Nm7AH47kRSEHpvbNHk1_QRBgQ77WC7_kJ1Bdo4gkSmAdfJOsNmn8RSKAlu_G4w4B74IP7GYlC6Y9AXh0fA0qAiFsXkWrwBuaQMHE8Syxp5bCMA0F5ocNE_wGN4cH-lXVWvOzPC20hrIHvIl7VHAEckFwNkTMVfnXszy1GEpTNmtGQ_Ho1AJ-xQi92N5A_jKr8cZY7fGy-uf6DudElJ9i4z702dNgbUGF_BEIG9q3W4FR2rLoh4olSHSkU8acYAYLaV5nKnZrk25SGyaFbhACyJXXtD4wDjvDt4xI_yC8fXqrKWamdX7M_Q491FqslnpUSucaf7hg61HEVeU&sai=AMfl-YTmtvzoUML_Jr1WV85IJQ9GGdiXhzocxIIQkCqiy5hzcPaICGRVFfK2adK7pvnVDQMReVtk04zKUgS-sL-ox40KkVioqgVSXi10hlAL5DfE-WbOBU9i8LYNXccU1abvHRfXjlsEYy1NambieKZXqhv_grcf2fkv6_eWgPQJao4s5mSphOet3I-njTlfQtMOpjz3Gagty1MSjs4noH4b6mjbSWhquQV0cVXFWlF8FA&sig=Cg0ArKJSzGopur1YHsX5EAE&urlfix=1&omid=0&rm=1&ctpt=101&vt=11&dtpt=100&dett=2&cstd=1&cisv=r20210316.61017&adurl=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AFq3TSXhVAPM0Bv332nwBEVwuSATpSDpaNpJaEIfkVbtA4ND5Zqmgp8GNS2ECmEbG83CwFxBxT0N3FlVjsu_g5pQqS8tHfXyLGpgqUtF_9P2m0fHRbWltVmNnufedV8Xtyinj3SIxrONirOBg7vbl57RO6Mg&dbm_d=AKAmf-CK311pZRKvorVCQXTkMl6pnAYKohMHPXgKqVvYQEFKlnKurZz2ICylShN_a_qhWQyR7KWYDtIneef8Ougx_d8dnk8W43wt57duaHoTnZiKAfhgOvUjG30YpkpOaSERIaTGT0WpstaaI_rZunpy1lfK64B8a1j2kufWn8VvztwdohQmN3qjghmZKHShd4OFoUsqdmSgXKK-AmTMYsRnEMeNOSDHyXimgHeuJTwhzk2n7xMtz9x9VKGGl9E-jc0FYu9DP4eT4TPeYt3vMrb7I-hcEbfCo44P9rCdOhk_lwW1UGr2V-zWkHFCekeHFnyMbWQ8ZvgASnr0EPHRsb5ZqsyYDwwGw__Co2F0eP8ynvmZLl03yRjuPiMtmrhMM7h_E9PxGuDCVKsyFt-In4x428uIG8Dumr7hY9cvziv02_WEKGZ8P6LhA2KkorJxAmu-Foa25ah1Qf2bPIdGUEb52qThaYu1ahcX5kHSsBqpJBEqKO1v3XD0MmX8UXsNPonoq-FQn7PbEATa2UALUsdjb1rvSi6ICVKeGdTrl0tLya_8NRKhiePG2lirllXqTD28cohjb_UmIYmyoYqW-WfISLTLQm3dZqkWqQN83vAIXj_QpQdjlpt2dXs8EnTlsFu7FG5nhemL1MZ0dagDMp4Cb7hASMqHy8H9dpDMjdOrUqAHaENGZTSYUspHFz_4P38L1GpzyoLnlv21UqVWtw2yhMF1C9XAljV1cGFPgqIIwoMGwL8TmnV-XFLcgQjIzqKwjJMBedBUhEMBpcW3n5T0Un8zcHJpuEeAj3M8pzEkDk1qBx9bnTxnIbuwWCTjkf4HP-Zc6Xz-d7iINFwCrxQOjL15AiDO2Qa57ees5AwTgk35ta4yNZjNknK_ZYMKPW2AmVJJjGlDVyBwmayRkSbUE7ge7hDVMUuPBAIuoXWneB4lARg6vxqx7NdcOH-SbxD09OiVkkKjURI49Bj5gzCRXbEm1ksgmHaZt1ZIwBSaMXIPcimXg73f4b438wNdKCQoZsAMwcjK-Xl7s34BdWVn1Q-DrLmNjq4aqvtFggoDh06aYVh83vEzM1T3jeb-odtDtXz2cn8hzEF7R2hxgFTPDzRteVeouALmzw1QOXt43mJlhG-5DQSwz8RT4uN3GwhPWUw4uTXSUeZitkXcPl0ep03CciyQAqe8_hUWxiLJhM5idBdffxdGNrr64mV6ZuJfPqgU-fPZt1Hu6IsW4hvLBmtTBDz_2eTXHnNWo9dQGKoziVP3_CtovcRWK11n31Q-tDblnlCJb8ufLAGnY0X8DurMifARY4-5t6TutflS0H5nvtWbwf8GvGEymColPg1EK4nytq1c9FTo5R02yYVqd0HLQgUsad4zeoMSGbvopMaqLCBI31FoA927-FBHe5fr_fgLcR6VQVaIMkXHhmiU84SW0A3FewRfdLkY-yMAeIJTUsAMIJyu5kgngFg73qSfHnVB9PAmgm3Cf_S4_VjqETED8piCrhbrTn-CX1bvYaRyuXH6pfnmVWOwQilho4HU0AyhYxCLHMSvuvaTFoMcjq_VdNQlCqNoPpl7tiv1qEtrPss-GXxVFT6QsjzX8QdX8hV3s4ccPb1dyV8kbQzM_vffV5eCR2-VWzv5FAgu6T5QukWQNyedDvqgUm4TubTIwMovV1EOXPGJY-YXCLdH15hxPOLszS05mE69W-6dOJaaBQHPlOAqrhBfpOst5T6fLDVjwUQp-B9G1pRH-xUTv2rIW_StJ6oKe7Nbk0FpkhBy1AsEkseweRpKOAgQKunMfFsgonf4bPnFrJWAIv4MjvrbCee_sZqxriUDmpL026AGJPkfwfQ630K2O4JvouNvXksdZR7cfqRc223yc12YLvuV16S-Ag44dn4dK92-v5r4oN4zQk1mV0ZV_f60yihsIuVxWHpZsq7uXFhvQ51WGJOHgWj99DzKDWN6CwsBpMGGqlnmtYutnrFy9algo3eDQZrr21lI2Yq-InFERxj8hcmvKFXQwOuH5eHtAsguidKHOuUHcy_gfsI5GzWvUk67ad2riLT7ECkHhTfB2dPqOLer0hx4cXHZ26uN8TUapDg_KhMppHchid_xMNCOHbJtx-RS5TFd6J_Dr9PP-SUUJhqF5u-TlEC_TtL1B6oroiQkvUvdEeff-qUriAiqyw10ecWN5cFe32SctJWy3-cX77D8GABWm-W1N1FSivQTRx_qFSg7ZOCUCLrASef0MIj1HaOGnle8dRXBk1uGj8aI7k2Uxa2f-M8X7MEMN5Z32ujehhUtXB7CoeIJ59lbzVGBTJ-fjnNYMsh_byL8JduG1Jphk9grnrUItrMJ3Ley2x2JtJEdLG_YvI6vurd7C2ZtS9-ut7My_lJ9Y-rFkO8FczHTSte845GHAHrBPnoNacnHq0aUGUJuLqj0UFi4ZSef2Vs4ubu1_3shgFQtRzx2J31Qp1SOHpeD-PE0K9HTLjUwTr780OpZGVgdIfeTgfLH_Koj8qr7HfE7AdYTmbQiutI4CTIiRdfhPcTsjtUNKTZPPUhEMC1o3gIKt-woxaKHG3FEt8dp_mqPsA7-c7KRayAMZHOtIsBjB4PqHc9Ms8RlgRPr9q73HD9E9gScU7Bi4isv1H2f2OjzcLpdAoNWDeqoXx2hfH7G3nmHNhqdu5Iv251OPpQlXmveYq1VeQOc8MzVvfZF-ykUCMbMW-HVXCDuPLeqnXhwuSBJszbr8jRqmy-clBdlq3Hkl7KxYQi2LDh6R4pB_XhgHLArXrnpcWmmQ6Z3rxpeQPXUpnfngHYWcgv3IJovKR5U7icec6S6Q0eQixABN4R1SKh0RJptf4z0QskXG0HPAA_dRDhbsZt6Mv_ZYqH0q1sLsDWK8KKWp6NRxLNmkDS1CvALEOa1vuUN__r8DC3zdGbeX7iLFqcXWs6hAGQHGUa9EAWWc1vAqsl-no8BVoZ-6R-8L9aIalKLuiiJmwKDjyNa_Sb5vHWH7O-ry9TatsdAvXTJTS5Ny3AepPtVUOvoca3bh2znI5lsPSvjvOBOQUrulp6Huwd_NBrZSzRmvlIfUME3DiS8wNUvhYEg&cid=CAASPeRoc6N06h0Jr-cl7SUHcDfgAeWbu8cxadl2Q3ebGGNpAxcJGSQbv_Dm_Yj19rBGrNN5dcnGvJsYqrWeOsQ&rfl=1%2Chttps%253A%252F%252Fappleinsider.com%252F%240
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7248aea1662551ce2c5b3fc70bfff856.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

timing-allow-origin
*
date
Fri, 19 Mar 2021 22:06:28 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
Cookie set check.html
biddr.brealtime.com/ Frame 7139 		926 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://biddr.brealtime.com/check.html
Requested by
Host: biddr.brealtime.com
URL: https://biddr.brealtime.com/77432379-1625.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.17.120.107 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Host
biddr.brealtime.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://appleinsider.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://appleinsider.com/

Response headers

Date
Fri, 19 Mar 2021 22:06:28 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=db2beebbba14247cde4543c7eea16bfba1616191588; expires=Sun, 18-Apr-21 22:06:28 GMT; path=/; domain=.brealtime.com; HttpOnly; SameSite=Lax
x-amz-id-2
zLK+otkipESBbarT0a8bhlo16ZCN/UFM5DuUEENRZ7spy18q3kPJVJejXa65EihRlHU1l1/jSCA=
x-amz-request-id
22BA75567DC2B50F
Last-Modified
Tue, 08 Sep 2020 13:51:51 GMT
CF-Cache-Status
HIT
Age
4531
Expires
Fri, 19 Mar 2021 22:07:28 GMT
Cache-Control
public, max-age=60
cf-request-id
08ee1f9f7d0000cc4e75371000000001
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
632a02126b44cc4e-ZRH
Content-Encoding
gzip
setuid
prebid.a-mo.net/
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D7bb8c29e-8c89-40e3-8c75-745c86f3d356%26D%3D%26bidder%3Dsovrn%26uid%3D%24UID
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D7bb8c29e-8c89-40e3-8c75-745c86f3d356%26D%3D%26bidder%3Dsovrn%26uid%3D%24UID&sovrn_retry=true
  • https://prebid.a-mo.net/setuid?A=7bb8c29e-8c89-40e3-8c75-745c86f3d356&D=&bidder=sovrn&uid=4beddc84a65b6e28533db5d2
0
115 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=7bb8c29e-8c89-40e3-8c75-745c86f3d356&D=&bidder=sovrn&uid=4beddc84a65b6e28533db5d2
Requested by
Host: appleinsider.com
URL: https://appleinsider.com/articles/21/02/26/hacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:28 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy

Redirect headers

Date
Fri, 19 Mar 2021 22:06:28 GMT
Server
nginx
Location
https://prebid.a-mo.net/setuid?A=7bb8c29e-8c89-40e3-8c75-745c86f3d356&D=&bidder=sovrn&uid=4beddc84a65b6e28533db5d2
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
setuid
prebid.a-mo.net/
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=191503&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D7bb8c29e-8c89-40e3-8c75-745c86f3d356%26D%3D%26bidder%3Dindex_rtb%26uid%3D
  • https://ssum.casalemedia.com/usermatchredir?s=191503&cb=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D7bb8c29e-8c89-40e3-8c75-745c86f3d356%26D%3D%26bidder%3Dindex_rtb%26uid%3D&C=1
  • https://prebid.a-mo.net/setuid?A=7bb8c29e-8c89-40e3-8c75-745c86f3d356&D=&bidder=index_rtb&uid=YFUgZCFSqIa9Ji5DHiuxhAAA%261171
0
138 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=7bb8c29e-8c89-40e3-8c75-745c86f3d356&D=&bidder=index_rtb&uid=YFUgZCFSqIa9Ji5DHiuxhAAA%261171
Requested by
Host: appleinsider.com
URL: https://appleinsider.com/articles/21/02/26/hacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:27 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy

Redirect headers

Pragma
no-cache
Date
Fri, 19 Mar 2021 22:06:28 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://prebid.a-mo.net/setuid?A=7bb8c29e-8c89-40e3-8c75-745c86f3d356&D=&bidder=index_rtb&uid=YFUgZCFSqIa9Ji5DHiuxhAAA%261171
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
321
Expires
Fri, 19 Mar 2021 22:06:28 GMT
setuid
prebid.a-mo.net/
Redirect Chain
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D7bb8c29e-8c89-40e3-8c75-745c86f3d356%26D%3D%26bidder%3Dpubmatic%26uid%3D%23PM_USER_ID
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?ird=1&rd=https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D7bb8c29e-8c89-40e3-8c75-745c86f3d356%26D%3D%26bidder%3Dpubmatic%26uid%3D%23PM_USER_ID
  • https://prebid.a-mo.net/setuid?A=7bb8c29e-8c89-40e3-8c75-745c86f3d356&D=&bidder=pubmatic&uid=81219A30-5BB3-4F24-BC35-55283A34ABDA
0
119 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=7bb8c29e-8c89-40e3-8c75-745c86f3d356&D=&bidder=pubmatic&uid=81219A30-5BB3-4F24-BC35-55283A34ABDA
Requested by
Host: appleinsider.com
URL: https://appleinsider.com/articles/21/02/26/hacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:28 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy

Redirect headers

Location
https://prebid.a-mo.net/setuid?A=7bb8c29e-8c89-40e3-8c75-745c86f3d356&D=&bidder=pubmatic&uid=81219A30-5BB3-4F24-BC35-55283A34ABDA
Date
Fri, 19 Mar 2021 22:06:28 GMT
Cache-Control
no-store, no-cache, private
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
setuid
prebid.a-mo.net/
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid.a-mo.net%2Fsetuid%3FA%3D7bb8c29e-8c89-40e3-8c75-745c86f3d356%26D%3D%26bidder%3Dappnexus%26uid%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fprebid.a-mo.net%252Fsetuid%253FA%253D7bb8c29e-8c89-40e3-8c75-745c86f3d356%2526D%253D%2526bidder%253Dappnexus%2526uid%253D%2524UID
  • https://prebid.a-mo.net/setuid?A=7bb8c29e-8c89-40e3-8c75-745c86f3d356&D=&bidder=appnexus&uid=3127976995046796571
0
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prebid.a-mo.net/setuid?A=7bb8c29e-8c89-40e3-8c75-745c86f3d356&D=&bidder=appnexus&uid=3127976995046796571
Requested by
Host: appleinsider.com
URL: https://appleinsider.com/articles/21/02/26/hacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:28 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy

Redirect headers

Pragma
no-cache
Date
Fri, 19 Mar 2021 22:06:28 GMT
X-Proxy-Origin
185.156.175.187; 185.156.175.187; 693.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.140:80
AN-X-Request-Uuid
0629acc4-9791-4068-b6c5-212bf8591e26
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://prebid.a-mo.net/setuid?A=7bb8c29e-8c89-40e3-8c75-745c86f3d356&D=&bidder=appnexus&uid=3127976995046796571
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 3D84 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/Enqz_20U.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://7248aea1662551ce2c5b3fc70bfff856.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://7248aea1662551ce2c5b3fc70bfff856.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
8395
date
Fri, 19 Mar 2021 15:58:30 GMT
expires
Sat, 19 Mar 2022 15:58:30 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
22078
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_204
pagead2.googlesyndication.com/pagead/ Frame F708 		0
46 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gda_r20210316&jk=3351588543320188&bg=!rq2lrenNAAbUo7L91KM7ACkAdvg8Wl0LwctCPjVkN4PiX7kn6SYKwKTQj17HLlR7b1f6tEW2euH5QQIAAAGJUgAAAGJoAQcKAFJDhWTQWjzyn1F8CQBXfUsfetCtvi2jELFN_HEY7S-T_aFPVdUnW4d4R1fqXdAG0JWfJ5McrIs4YZwbntqw3OQivttTwSii-0sCbxevAdP1Yi5bmQHkDcekWZ4JCf4_aECI0J3PxnUXIpV0xv125foZiHpv7UWQyPfaneqkETYDNSnHtW6D-1x4jREQjI_36ljd23q0_vVsVjZi-AMyECKSZM3BF5DX7a27G4p9g2p9k7FA6yW-PcAwtqqRF8CKYJSfy6t_YcHDmU5GnIjrGLxQ-2ibi7A2jj6iw3yzUONXIKWYc-YjXBayUHdEqR5mgjdFP9ijb3n4cHOxwrY3YKhxwNmbFblJqaEGK_S8zX_YsCJwNMYiceP961LQsnYiRZ4iBdmJoaLqJv1EZ92XMOT6nMleu3TwHIsnv5H5DGrTsLlXdlqsAiKQEjRVjJQMmnHa_FBR_xkH9d6zKLvFj7djgpFG4VjYI_7NDzlK07c4dm4P-xIt9xiWlErkPzNU273BcwbIuRTkMIe91Ieen9pxLo7e_g55CkSY6AjJvtGzy79RR-xSQVC5j8JVp2klnMTAfB_5wfncG6IFcrqJ_6WdLvIa7cZjQPsCMV4DahZmAzPCUO9iGVU9rTmloGFOrQa0C1hsgAHeqXspgMLsKObun2RoTe9bAtBNXRL4ZlqAv3nYtuw8HtniMZlRNwsSN87fNWY-M4Mj1l9UA9cxsJuX3n4fJ27dNhGZQZS2fp-7SbkkDASuCK-pBQ
Requested by
Host: appleinsider.com
URL: https://appleinsider.com/articles/21/02/26/hacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Mar 2021 22:06:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame B2F1 		219 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f0defd578dff86cd848a54aced67da9fa9345d7fdb8111c472c9992b24da3d72

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
displayAd.js
s.tribalfusion.com/ Frame B5D1 		677 B
923 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/displayAd.js?dver=0.8&th=8645007496
Requested by
Host: tags.expo9.exponential.com
URL: https://tags.expo9.exponential.com/tags/AppleInsidercomMobile/ROS/tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee09ed289051de96284c56db9ad4ca6f0325707cca78f4b0c3c0daca8b666643

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:28 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
p3p
CP="NOI DEVo TAIa OUR BUS"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
329
cf-request-id
08ee1f9fbd00004e559503f000000001
x-function
153
last-modified
Tue, 04 Apr 2017 05:09:56 GMT
server
cloudflare
x-reuse-index
898
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
private
cf-ray
632a0212cbb74e55-FRA
expires
Thu, 17 Jun 2021 22:06:28 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 1863 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/221/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://appleinsider.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://appleinsider.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4984
date
Fri, 19 Mar 2021 17:36:09 GMT
expires
Sat, 19 Mar 2022 17:36:09 GMT
last-modified
Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
16219
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
csi
csi.gstatic.com/ Frame 9A20 		0
318 B 		Other
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~kmguqqpg&chm=1&ctx=2&qqid=CJq80Oquve8CFY2fdwod5zEPUQ&met.4=fb.2~lb.g3~ol.13y~idt.-e~dt.-14h&met.3=739.g3~740.g7~740.g7~740.g8&met.1=1.kmguqpgr~14.0~15.0~16.0~17.0~18.0~19.0~20.13u~21.13y~22.g6~23.g6&met.7=CCIQBBgBIAIoAjA_ODxoA3A-eBuwAQG4AQM~CBsQCiADOLAB~CCoQChgBIAMoAzBmOGM~CBsQCiC2ATjMAQ~CBsQCiCFAziqAQ~CAEQChgBIK8EKK8EMMgEOBlosARwxQR4xIYDgAG7hQOIAdLXCLABAbgBAw~CBwQChgBINQEKNQEMJAFODxo1ARw-wR4raQFgAHlowWIAf6NDrABAbgBAw~CBsQChgBIJkFKJkFMNQFODxomgVw0wV4YYABIIgBDLABAbgBAw~CC8QBxgBIJkFKJkFMKkFOBBomgVwqQV4pQGAAWSIAWuwAQG4AQM~CC8QBxgBIJkFKJkFMKgFOA9omgVwqAV4pQGAAWSIAWuwAQG4AQM~CAUQBRgBIJ4FKJ4FMLAIOJIDaJ4FcK0IeM1ugAHaa4gB5vwEsAEBuAED~CCoQChgBIJ8FKJ8FMMoFOCw~CCIQBBgBIJ0LKJ0LMNoLOD1onwtw2gt4rwGwAQG4AQM~CCcQDRgBIJ4LKJ4LMLELOBNonwtwsQt49zKAAcQyiAG4QrABAbgBAw~CCgQChgBIMcLKMcLMOILOBtoyAtw4Qt4zKMBgAGhowGIAZuvA7ABAbgBAw~CCcQChgBINALKNALMPoLOCo
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400f:806::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 19 Mar 2021 22:06:28 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-37/js/ Frame 3EC9 		24 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-37/js/ext.js
Requested by
Host: 7248aea1662551ce2c5b3fc70bfff856.safeframe.googlesyndication.com
URL: https://7248aea1662551ce2c5b3fc70bfff856.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
48c978eaee9473c367fd30eea148b6cd5233e58a317a36157c24e5dd2af62a97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7248aea1662551ce2c5b3fc70bfff856.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 15:57:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
22110
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7485
x-xss-protection
0
last-modified
Thu, 21 Nov 2019 16:01:11 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 19 Mar 2022 15:57:58 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame 3EC9 		139 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: 7248aea1662551ce2c5b3fc70bfff856.safeframe.googlesyndication.com
URL: https://7248aea1662551ce2c5b3fc70bfff856.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
760943c5458d877bf9b8cb655c079df027c5f4d0814a7d39968101bbd5d36016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7248aea1662551ce2c5b3fc70bfff856.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49851
x-xss-protection
0
server
cafe
etag
10627910760205795077
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 19 Mar 2021 22:06:28 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 3EC9 		117 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 7248aea1662551ce2c5b3fc70bfff856.safeframe.googlesyndication.com
URL: https://7248aea1662551ce2c5b3fc70bfff856.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
941c260356b6aa75782a27384179a63581c9e41b42155774982f36b0d84cde9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7248aea1662551ce2c5b3fc70bfff856.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1615980836519751"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36389
x-xss-protection
0
expires
Fri, 19 Mar 2021 22:06:28 GMT
css
fonts.googleapis.com/ Frame F8AE 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500
Requested by
Host: 7248aea1662551ce2c5b3fc70bfff856.safeframe.googlesyndication.com
URL: https://7248aea1662551ce2c5b3fc70bfff856.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d344632c01d1ca55dc380216de660c9b8a5a3174e7d7afa6784aff50c945e1cc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://7248aea1662551ce2c5b3fc70bfff856.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 19 Mar 2021 20:36:29 GMT
server
ESF
date
Fri, 19 Mar 2021 22:06:28 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 19 Mar 2021 22:06:28 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame F8AE 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: 7248aea1662551ce2c5b3fc70bfff856.safeframe.googlesyndication.com
URL: https://7248aea1662551ce2c5b3fc70bfff856.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0965d7aef99ff8aa80d1b807e0065dfc11611347233cc4e9343a62511785a1dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7248aea1662551ce2c5b3fc70bfff856.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:02:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
250
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
891
x-xss-protection
0
server
cafe
etag
8551179781376740118
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 02 Apr 2021 22:02:18 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame F8AE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CbmW8YyBVYLjPL9WMjuwP0puMeLDKorhgj_DLw9cMZBABIMXSz3xg9ZXOgeAEoAH_-ZXPAsgBCakC0uj9-wYGsj7gAgCoAwHIA5sEqgS2Ak_QIAIe5WqTgy-JKo-uVyoeaAjdzYQu2jk6o4jDOPiOXZ9sdA3yRGieesDpjgS1-mqVh8t-9IdQHe22PJ5PrEm3ilUTbJQxUgUDMVlUWMkHRKm51eEk-CAYCMIJzg91L7gtxoydpagRg53ZGfMXQ1W4P5mOdsSF-5-sdIDUTMNTNKMU5Jnq1gRYxjXxGRnyDoDVsblioSyz-aSaDUTAwXxs2QjnbK47g1vArN6u2owsIgypqtu6CUxZrIsda1vyESN3J1lO3n62gONYxiR2RqqXcpP3DODRAQA3X060duckr_PR8VQSGliMI7nOcOcx_LfEpsCLuzfG4VGAastAWaGFvicKTWkaz0Sm-I--nG20cdRuRoIcH-VeYt7lSd8bNdAiWfLXGD4BOC7nxj76DNdvAEF1R9LABKOU27eoA-AEAZIFBAgEGAGSBQQIBRgEoAYugAfpheqwAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBC_rALSCAkIgOGAQBABGB2ACgPICwGYDKW_x6qoA9gTDrIXGgoYCAASFHB1Yi05MTExMTc1NjEwNDA5MDE1&sigh=IS6TDbTN30c&template_id=515&tpd=AGWhJmvqcFhNk2yU2TCZrLiVYUB2MBcjk6BVQCYA3qNLA_D1Pg
Requested by
Host: appleinsider.com
URL: https://appleinsider.com/articles/21/02/26/hacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://7248aea1662551ce2c5b3fc70bfff856.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/ Frame F8AE 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/abg_lite_fy2019.js
Requested by
Host: 7248aea1662551ce2c5b3fc70bfff856.safeframe.googlesyndication.com
URL: https://7248aea1662551ce2c5b3fc70bfff856.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
849218b5e3074469cfb7a5af5e80ec8916f16ab5b83448df8b348e102ca8ca70
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7248aea1662551ce2c5b3fc70bfff856.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:05:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
62
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7120
x-xss-protection
0
server
cafe
etag
15132876316592709121
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 02 Apr 2021 22:05:26 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame F8AE 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/window_focus_fy2019.js
Requested by
Host: 7248aea1662551ce2c5b3fc70bfff856.safeframe.googlesyndication.com
URL: https://7248aea1662551ce2c5b3fc70bfff856.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7248aea1662551ce2c5b3fc70bfff856.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 02 Apr 2021 22:06:20 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F8AE 		117 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 7248aea1662551ce2c5b3fc70bfff856.safeframe.googlesyndication.com
URL: https://7248aea1662551ce2c5b3fc70bfff856.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
941c260356b6aa75782a27384179a63581c9e41b42155774982f36b0d84cde9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7248aea1662551ce2c5b3fc70bfff856.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1615980836519751"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36389
x-xss-protection
0
expires
Fri, 19 Mar 2021 22:06:28 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame F8AE 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 7248aea1662551ce2c5b3fc70bfff856.safeframe.googlesyndication.com
URL: https://7248aea1662551ce2c5b3fc70bfff856.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
570c04b30a5c8fa6ceaff96ea6d3a0dfabd85dee3edae40e38b0344a7278f254
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7248aea1662551ce2c5b3fc70bfff856.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:04:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
119
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5991
x-xss-protection
0
server
cafe
etag
8832118191516519848
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 02 Apr 2021 22:04:29 GMT
l
www.google.com/ads/measurement/ Frame F8AE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQBR0YvnCpe-zQJaC4AoacMgDehg1u1_-N-foSmhRchcu3HkVKyFC6oKbpPZTW6CBqmq4_s
Requested by
Host: 7248aea1662551ce2c5b3fc70bfff856.safeframe.googlesyndication.com
URL: https://7248aea1662551ce2c5b3fc70bfff856.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://7248aea1662551ce2c5b3fc70bfff856.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
0d892f21276454e9a338c8a4ad11a214.js
www.gstatic.com/mysidia/ Frame F8AE 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/0d892f21276454e9a338c8a4ad11a214.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: 7248aea1662551ce2c5b3fc70bfff856.safeframe.googlesyndication.com
URL: https://7248aea1662551ce2c5b3fc70bfff856.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8687e90791df4582658ad44eb7a20b332e8593811f9ae96d5b1a37b6086953ce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7248aea1662551ce2c5b3fc70bfff856.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 23:03:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 18 Mar 2021 22:34:48 GMT
server
sffe
age
82988
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7776000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10348
x-xss-protection
0
expires
Wed, 16 Jun 2021 23:03:20 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 3EC9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssVAFDXMfqfDTNQVT4J4fyoBspS8e6JcUnwEuXU7uZT5cWxgeKI8l803T95smXnFvtFy0oRXuVf6eYK4KJxTRNrMHGkoxxQASlpdQ_tn4GkGn6Iu-yWJFBXw2C5K4fTljHlZBhQgro5KwmRu480LWrVs8m-6TDDXQxpJcL3RYyDVHBgDUsH6s2jjnqEAXik-798d8ls939xNY453F9S2HLBSftSPIofUZTl10rp_6hH_4SopEzAkS76PrJpsC6ISJRPYqtbiZIqxcu1GAkhtR2LtOWPiv81XuILrX1WLQzfLWZ_5qvu9joNCr0_ieZko-HJ_w9Y&sai=AMfl-YROsibmTW9FNbkwxmDphrGihFqw1LqCdgKzaxddmQldKaH7L8hCpwTI6U8wwA495lJRARusw_h--TeXWWqBB7pnWlCTEDBaLfortgM8zMvi0ZZFamZARukz9kHljwE&sig=Cg0ArKJSzC0oPzjK2bvqEAE&urlfix=1&adurl=
Requested by
Host: 7248aea1662551ce2c5b3fc70bfff856.safeframe.googlesyndication.com
URL: https://7248aea1662551ce2c5b3fc70bfff856.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7248aea1662551ce2c5b3fc70bfff856.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 19 Mar 2021 22:06:28 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js
pagead2.googlesyndication.com/bg/ Frame 3D84 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ed9e68daec65b2fde80938f332c6813249b5261d1b158b5703574e2c34a14c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 10:03:59 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 15 Mar 2021 13:45:00 GMT
server
sffe
age
43349
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5785
x-xss-protection
0
expires
Sat, 19 Mar 2022 10:03:59 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210316/r20190131/ Frame 3EC9 		226 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210316/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2892341250670811&plah=7248aea1662551ce2c5b3fc70bfff856.safeframe.googlesyndication.com&amaexp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
76de05ef38c3493027e88617f808b48e1683e54a4e2989862d1afc85933f01eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7248aea1662551ce2c5b3fc70bfff856.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
86501
x-xss-protection
0
server
cafe
etag
16342648926818324530
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 19 Mar 2021 22:06:28 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 477A 		42 B
69 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssaXfysi7IT9Di0A3WIFq_9SLcpDT6KiQ6i1rZkj4KttFreyC599cbGd9764ldO2mWPGCGFptdEV6-3ATiIoGJqK94JCHKEZ5U75-GibENM3hzGQBJoFddBKw4RjQ&sai=AMfl-YTm64JRpQ8Uh2FDyd8dapYiJiy0W24zEnPMzJokgDlq2lZkgtoywhMwvF9r12ln6aGt5sJHu4mE5xj1zeQ-GEE7IS42_H638WIZgYLRCzSz5ycI5jL5jG4_5WJQ&sig=Cg0ArKJSzB48N80PxvD6EAE&cid=CAASF-Ro2mhEWU0qCIn6xwq-8JwcufiwLjdB&id=osdim&mcvt=1017&p=0,0,90,728&mtos=1017,1017,1017,1017,1017&tos=1017,0,0,0,0&v=20210317&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=515333760&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1616191586902&dlt=461&rpt=51&isd=0&msd=0&r=v&uup=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Mar 2021 22:06:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
j.ad
s.tribalfusion.com/ Frame B5D1 		5 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.28&th=8645007496&tagKey=3706711333&site=appleinsidercommobile&adSpace=ros&center=1&env=display&size=320x50&busted=1&url=https%3A%2F%2Fappleinsider.com%2Farticles%2F21%2F02%2F26%2Fhacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500&f=1&p=11506901&tKey=atmneMVcQT5bimnduqYqaOPTvqQMex81&a=7&adContainerId=richmedia_8&rnd=11515206
Requested by
Host: tags.expo9.exponential.com
URL: https://tags.expo9.exponential.com/tags/AppleInsidercomMobile/ROS/tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c7a760f8ea5ef5075d96014853297393af02e312a4c61c53ac005136c819283

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:28 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
p3p
CP="NOI DEVo TAIa OUR BUS"
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
2126
cf-request-id
08ee1fa08700004e55ac964000000001
pragma
no-cache
x-function
101
server
cloudflare
x-reuse-index
105
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
cache-control
private, no-cache, no-store, proxy-revalidate
cf-ray
632a02140ddb4e55-FRA
expires
0
15620381607370009730
tpc.googlesyndication.com/simgad/ Frame D99E 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/15620381607370009730?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qkRA2uQ2fgckj0olNWVrqLEh4OxZg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2892341250670811&output=html&h=250&slotname=3169902014&adk=330464824&adf=3248438070&pi=t.ma~as.3169902014&w=300&psa=0&format=300x250&url=https%3A%2F%2Fappleinsider.com%2Farticles%2F21%2F02%2F26%2Fhacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500&ea=0&flash=0&wgl=1&dt=1616191587717&bpp=1&bdt=642&idt=154&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3D06a4eaed7430a784-22351c0ed5ba0033%3AT%3D1616191585%3AS%3DALNI_MbvdyYlthAWt6y8LWCaQJ45xTTQMg&correlator=6820821975866&frm=23&ife=4&pv=1&ga_vid=1444797335.1616191588&ga_sid=1616191588&ga_hid=1876596505&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1103&ady=1161&biw=1600&bih=1200&isw=300&ish=250&ifk=1834859746&scr_x=0&scr_y=0&eid=44736524%2C44739387&oid=3&pvsid=4343791204405116&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.3m3cfz4yhsyd&fsb=1&dtd=161
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
84e9bce65c4414c9570abb9e2ebcc04eb5c0a5dafbde5887f50458298d3dac03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 18 Mar 2021 00:05:15 GMT
x-content-type-options
nosniff
last-modified
Wed, 23 Dec 2020 10:42:47 GMT
server
sffe
age
165673
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28225
x-xss-protection
0
expires
Fri, 18 Mar 2022 00:05:15 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/ Frame D99E 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2892341250670811&output=html&h=250&slotname=3169902014&adk=330464824&adf=3248438070&pi=t.ma~as.3169902014&w=300&psa=0&format=300x250&url=https%3A%2F%2Fappleinsider.com%2Farticles%2F21%2F02%2F26%2Fhacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500&ea=0&flash=0&wgl=1&dt=1616191587717&bpp=1&bdt=642&idt=154&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3D06a4eaed7430a784-22351c0ed5ba0033%3AT%3D1616191585%3AS%3DALNI_MbvdyYlthAWt6y8LWCaQJ45xTTQMg&correlator=6820821975866&frm=23&ife=4&pv=1&ga_vid=1444797335.1616191588&ga_sid=1616191588&ga_hid=1876596505&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1103&ady=1161&biw=1600&bih=1200&isw=300&ish=250&ifk=1834859746&scr_x=0&scr_y=0&eid=44736524%2C44739387&oid=3&pvsid=4343791204405116&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.3m3cfz4yhsyd&fsb=1&dtd=161
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
849218b5e3074469cfb7a5af5e80ec8916f16ab5b83448df8b348e102ca8ca70
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:05:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
62
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7120
x-xss-protection
0
server
cafe
etag
15132876316592709121
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 02 Apr 2021 22:05:26 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame D99E 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2892341250670811&output=html&h=250&slotname=3169902014&adk=330464824&adf=3248438070&pi=t.ma~as.3169902014&w=300&psa=0&format=300x250&url=https%3A%2F%2Fappleinsider.com%2Farticles%2F21%2F02%2F26%2Fhacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500&ea=0&flash=0&wgl=1&dt=1616191587717&bpp=1&bdt=642&idt=154&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3D06a4eaed7430a784-22351c0ed5ba0033%3AT%3D1616191585%3AS%3DALNI_MbvdyYlthAWt6y8LWCaQJ45xTTQMg&correlator=6820821975866&frm=23&ife=4&pv=1&ga_vid=1444797335.1616191588&ga_sid=1616191588&ga_hid=1876596505&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1103&ady=1161&biw=1600&bih=1200&isw=300&ish=250&ifk=1834859746&scr_x=0&scr_y=0&eid=44736524%2C44739387&oid=3&pvsid=4343791204405116&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.3m3cfz4yhsyd&fsb=1&dtd=161
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1303
x-xss-protection
0
server
cafe
etag
14729628269804859526
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 02 Apr 2021 22:06:20 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D99E 		117 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2892341250670811&output=html&h=250&slotname=3169902014&adk=330464824&adf=3248438070&pi=t.ma~as.3169902014&w=300&psa=0&format=300x250&url=https%3A%2F%2Fappleinsider.com%2Farticles%2F21%2F02%2F26%2Fhacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500&ea=0&flash=0&wgl=1&dt=1616191587717&bpp=1&bdt=642&idt=154&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3D06a4eaed7430a784-22351c0ed5ba0033%3AT%3D1616191585%3AS%3DALNI_MbvdyYlthAWt6y8LWCaQJ45xTTQMg&correlator=6820821975866&frm=23&ife=4&pv=1&ga_vid=1444797335.1616191588&ga_sid=1616191588&ga_hid=1876596505&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1103&ady=1161&biw=1600&bih=1200&isw=300&ish=250&ifk=1834859746&scr_x=0&scr_y=0&eid=44736524%2C44739387&oid=3&pvsid=4343791204405116&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.3m3cfz4yhsyd&fsb=1&dtd=161
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
941c260356b6aa75782a27384179a63581c9e41b42155774982f36b0d84cde9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1615980836519751"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36389
x-xss-protection
0
expires
Fri, 19 Mar 2021 22:06:28 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame D99E 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2892341250670811&output=html&h=250&slotname=3169902014&adk=330464824&adf=3248438070&pi=t.ma~as.3169902014&w=300&psa=0&format=300x250&url=https%3A%2F%2Fappleinsider.com%2Farticles%2F21%2F02%2F26%2Fhacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500&ea=0&flash=0&wgl=1&dt=1616191587717&bpp=1&bdt=642&idt=154&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3D06a4eaed7430a784-22351c0ed5ba0033%3AT%3D1616191585%3AS%3DALNI_MbvdyYlthAWt6y8LWCaQJ45xTTQMg&correlator=6820821975866&frm=23&ife=4&pv=1&ga_vid=1444797335.1616191588&ga_sid=1616191588&ga_hid=1876596505&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1103&ady=1161&biw=1600&bih=1200&isw=300&ish=250&ifk=1834859746&scr_x=0&scr_y=0&eid=44736524%2C44739387&oid=3&pvsid=4343791204405116&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.3m3cfz4yhsyd&fsb=1&dtd=161
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
570c04b30a5c8fa6ceaff96ea6d3a0dfabd85dee3edae40e38b0344a7278f254
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:04:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
119
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5991
x-xss-protection
0
server
cafe
etag
8832118191516519848
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 02 Apr 2021 22:04:29 GMT
l
www.google.com/ads/measurement/ Frame D99E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaS0qKbazJBxExHmjOP2tpRKvI7qeqaJDb8B3xaidaq3IGPUtlwWCyfmiwsBwIg-md2hzgIoh6Ra-JP0TyHywGinJqiapg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2892341250670811&output=html&h=250&slotname=3169902014&adk=330464824&adf=3248438070&pi=t.ma~as.3169902014&w=300&psa=0&format=300x250&url=https%3A%2F%2Fappleinsider.com%2Farticles%2F21%2F02%2F26%2Fhacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500&ea=0&flash=0&wgl=1&dt=1616191587717&bpp=1&bdt=642&idt=154&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3D06a4eaed7430a784-22351c0ed5ba0033%3AT%3D1616191585%3AS%3DALNI_MbvdyYlthAWt6y8LWCaQJ45xTTQMg&correlator=6820821975866&frm=23&ife=4&pv=1&ga_vid=1444797335.1616191588&ga_sid=1616191588&ga_hid=1876596505&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1103&ady=1161&biw=1600&bih=1200&isw=300&ish=250&ifk=1834859746&scr_x=0&scr_y=0&eid=44736524%2C44739387&oid=3&pvsid=4343791204405116&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.3m3cfz4yhsyd&fsb=1&dtd=161
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
one_click_handler_one_afma_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/ Frame D99E 		25 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210316/r20110914/client/one_click_handler_one_afma_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2892341250670811&output=html&h=250&slotname=3169902014&adk=330464824&adf=3248438070&pi=t.ma~as.3169902014&w=300&psa=0&format=300x250&url=https%3A%2F%2Fappleinsider.com%2Farticles%2F21%2F02%2F26%2Fhacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500&ea=0&flash=0&wgl=1&dt=1616191587717&bpp=1&bdt=642&idt=154&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3D06a4eaed7430a784-22351c0ed5ba0033%3AT%3D1616191585%3AS%3DALNI_MbvdyYlthAWt6y8LWCaQJ45xTTQMg&correlator=6820821975866&frm=23&ife=4&pv=1&ga_vid=1444797335.1616191588&ga_sid=1616191588&ga_hid=1876596505&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1103&ady=1161&biw=1600&bih=1200&isw=300&ish=250&ifk=1834859746&scr_x=0&scr_y=0&eid=44736524%2C44739387&oid=3&pvsid=4343791204405116&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.3m3cfz4yhsyd&fsb=1&dtd=161
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
329059d559fdef07b7854e9550433cf721a2301c3279b96d5c04f32477fbb63b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 18:01:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
14705
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10816
x-xss-protection
0
server
cafe
etag
5325187549321947876
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 02 Apr 2021 18:01:23 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame D99E 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CgU-lYyBVYLmbN8HObtm8tOgOv-2i72H0yqGLiA2sh6mdgB4QASCm4vQBYJWKuILIB6ABh6Kp3ALIAQKoAwHIA8kEqgSNAk_QG4oImKrp9jrQT4qPMt5_u3xS0AYrT52BRUizPMZv-AbpmDJ-I8-hQyq1ZP9xfzgd8WhLvmI6pTKK7192BcfGp3CG3Zx7vAE4YUZPK2emn4WXtXVnKTbe1ahc0tTLKVXU1XxD3uTpVc-3sjuDWNNxRDC83YWLtu6SLzmM7FMvSGozwb25k1KXdDNpJjRjLlf8FUDRRkJ_EiSeY-lQKwEjuPt6e96SpSlNppCM3UOwOfQwUiLLq-8MWcWo6IP9y6B8aJXk1xti_HAczupZhMyvBZNo4GBWNKCGofZRqxxiMREEcg6I2bJgqDx9FO5eS_HuPXlCRl8oRgZ2FrIjHUOkcabOAvZGahdNMXBkwASfx6HrowOSBQQIBBgBkgUECAUYBKAGAoAH2P343QGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQ39Yu0ggJCIDhgBAQARgfgAoByAsB2BMMshcaChgIABIUcHViLTI4OTIzNDEyNTA2NzA4MTE&sigh=s1NoHKWPy3g&tpd=AGWhJmsFFJhCTlaoikefJmhFJ2Y2IjON1GNYBFq6DO-F6cON4Q
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2892341250670811&output=html&h=250&slotname=3169902014&adk=330464824&adf=3248438070&pi=t.ma~as.3169902014&w=300&psa=0&format=300x250&url=https%3A%2F%2Fappleinsider.com%2Farticles%2F21%2F02%2F26%2Fhacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500&ea=0&flash=0&wgl=1&dt=1616191587717&bpp=1&bdt=642&idt=154&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3D06a4eaed7430a784-22351c0ed5ba0033%3AT%3D1616191585%3AS%3DALNI_MbvdyYlthAWt6y8LWCaQJ45xTTQMg&correlator=6820821975866&frm=23&ife=4&pv=1&ga_vid=1444797335.1616191588&ga_sid=1616191588&ga_hid=1876596505&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1103&ady=1161&biw=1600&bih=1200&isw=300&ish=250&ifk=1834859746&scr_x=0&scr_y=0&eid=44736524%2C44739387&oid=3&pvsid=4343791204405116&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.3m3cfz4yhsyd&fsb=1&dtd=161
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2892341250670811&output=html&h=250&slotname=3169902014&adk=330464824&adf=3248438070&pi=t.ma~as.3169902014&w=300&psa=0&format=300x250&url=https%3A%2F%2Fappleinsider.com%2Farticles%2F21%2F02%2F26%2Fhacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500&ea=0&flash=0&wgl=1&dt=1616191587717&bpp=1&bdt=642&idt=154&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3D06a4eaed7430a784-22351c0ed5ba0033%3AT%3D1616191585%3AS%3DALNI_MbvdyYlthAWt6y8LWCaQJ45xTTQMg&correlator=6820821975866&frm=23&ife=4&pv=1&ga_vid=1444797335.1616191588&ga_sid=1616191588&ga_hid=1876596505&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1103&ady=1161&biw=1600&bih=1200&isw=300&ish=250&ifk=1834859746&scr_x=0&scr_y=0&eid=44736524%2C44739387&oid=3&pvsid=4343791204405116&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.3m3cfz4yhsyd&fsb=1&dtd=161
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Fri, 19 Mar 2021 22:06:28 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js
pagead2.googlesyndication.com/bg/ Frame 1863 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ed9e68daec65b2fde80938f332c6813249b5261d1b158b5703574e2c34a14c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 10:03:59 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 15 Mar 2021 13:45:00 GMT
server
sffe
age
43349
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5785
x-xss-protection
0
expires
Sat, 19 Mar 2022 10:03:59 GMT
integrator.js
adservice.google.de/adsid/ Frame 3EC9 		107 B
146 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=7248aea1662551ce2c5b3fc70bfff856.safeframe.googlesyndication.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210316/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2892341250670811&plah=7248aea1662551ce2c5b3fc70bfff856.safeframe.googlesyndication.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7248aea1662551ce2c5b3fc70bfff856.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 19 Mar 2021 22:06:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame 3EC9 		107 B
146 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=7248aea1662551ce2c5b3fc70bfff856.safeframe.googlesyndication.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210316/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2892341250670811&plah=7248aea1662551ce2c5b3fc70bfff856.safeframe.googlesyndication.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7248aea1662551ce2c5b3fc70bfff856.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 19 Mar 2021 22:06:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame B46E 		399 B
247 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2892341250670811&output=html&h=90&slotname=7494819475&adk=4001829064&adf=776186316&pi=t.ma~as.7494819475&w=728&psa=0&format=728x90&url=https%3A%2F%2Fappleinsider.com%2F&ea=0&flash=0&wgl=1&dt=1616191588413&bpp=3&bdt=194&idt=123&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&correlator=5405335395555&frm=24&ife=3&pv=2&ga_vid=1896391357.1616191589&ga_sid=1616191589&ga_hid=190411898&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3941273990&scr_x=-12245933&scr_y=-12245933&eid=31060287%2C44739387&oid=3&pvsid=1421703291686607&rx=0&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=1.344kf6xhzfdo&fsb=1&dtd=137
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210316/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2892341250670811&plah=7248aea1662551ce2c5b3fc70bfff856.safeframe.googlesyndication.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bbdd41d6d0842c77e915bb82eaf0ccc343538e010238fdfe0e0bcbcfa840e988
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-2892341250670811&output=html&h=90&slotname=7494819475&adk=4001829064&adf=776186316&pi=t.ma~as.7494819475&w=728&psa=0&format=728x90&url=https%3A%2F%2Fappleinsider.com%2F&ea=0&flash=0&wgl=1&dt=1616191588413&bpp=3&bdt=194&idt=123&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&correlator=5405335395555&frm=24&ife=3&pv=2&ga_vid=1896391357.1616191589&ga_sid=1616191589&ga_hid=190411898&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=-12245933&bih=-12245933&isw=0&ish=0&ifk=3941273990&scr_x=-12245933&scr_y=-12245933&eid=31060287%2C44739387&oid=3&pvsid=1421703291686607&rx=0&eae=2&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CE%7C&abl=CS&pfx=0&fu=8192&bc=31&ifi=1&uci=1.344kf6xhzfdo&fsb=1&dtd=137
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://7248aea1662551ce2c5b3fc70bfff856.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
DSID=NO_DATA; IDE=AHWqTUl7sSD16K_UaLe-_U6OFSgZzbf2cvPX5vSyL60bPTuWqaF29ZscVVY0sMoLVT0; test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://7248aea1662551ce2c5b3fc70bfff856.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 19 Mar 2021 22:06:29 GMT
server
cafe
content-length
200
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ Frame 3EC9 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210316/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2892341250670811&plah=7248aea1662551ce2c5b3fc70bfff856.safeframe.googlesyndication.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca625f204331905abf3b4d86a89dfb9799c63771723b9b15c5b54c1f9fb2b83c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7248aea1662551ce2c5b3fc70bfff856.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1615980824644616"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28204
x-xss-protection
0
expires
Fri, 19 Mar 2021 22:06:28 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 35B3 		1 KB
854 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2892341250670811&output=html&h=250&slotname=3169902014&adk=330464824&adf=3248438070&pi=t.ma~as.3169902014&w=300&psa=0&format=300x250&url=https%3A%2F%2Fappleinsider.com%2Farticles%2F21%2F02%2F26%2Fhacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500&ea=0&flash=0&wgl=1&dt=1616191587717&bpp=1&bdt=642&idt=154&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3D06a4eaed7430a784-22351c0ed5ba0033%3AT%3D1616191585%3AS%3DALNI_MbvdyYlthAWt6y8LWCaQJ45xTTQMg&correlator=6820821975866&frm=23&ife=4&pv=1&ga_vid=1444797335.1616191588&ga_sid=1616191588&ga_hid=1876596505&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1103&ady=1161&biw=1600&bih=1200&isw=300&ish=250&ifk=1834859746&scr_x=0&scr_y=0&eid=44736524%2C44739387&oid=3&pvsid=4343791204405116&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.3m3cfz4yhsyd&fsb=1&dtd=161
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
pagead2.googlesyndication.com
:scheme
https
:path
/pagead/s/cookie_push_onload.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Fri, 19 Mar 2021 03:14:09 GMT
expires
Sat, 20 Mar 2021 03:14:09 GMT
content-type
text/html; charset=UTF-8
etag
48472445140208031
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
724
x-xss-protection
0
age
67939
cache-control
public, max-age=86400
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
activeview
pagead2.googlesyndication.com/pcs/ Frame F708 		42 B
66 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssWWdOmx8eeO29vWk0VJHLXbpQ9zAb4nLq-uY741yzrFGXeqnkgxcOoPPTf1TV4V6TZxRCYJNYLNd8TJCRTSxfUWfppiQQt3TZj-PvEJaU&sig=Cg0ArKJSzBsf01zWyz9CEAE&id=osdim&mcvt=1040&p=82,436,176,1164&mtos=0,1040,1040,1040,1040&tos=0,1040,0,0,0&v=20210317&bin=7&avms=nio&bs=1600,1200&mc=0.96&app=0&itpl=19&adk=405679607&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1616191586141&dlt=0&rpt=646&isd=0&msd=0&r=v&uup=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Mar 2021 22:06:28 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame D99E 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
15598aea972a7707b479b9b8ac8a207e7423daf56e8d81fb67573008ada1cf9e

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
showad.js
ads.pubmatic.com/AdServer/js/ Frame 75BB 		37 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/showad.js
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-198.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e

Request headers

Host
ads.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
same-origin
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/AdServer/js/showad.js
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KTPCACOOKIE=true; KADUSERCOOKIE=81219A30-5BB3-4F24-BC35-55283A34ABDA; repi=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/AdServer/js/showad.js

Response headers

Last-Modified
Wed, 21 Oct 2020 18:57:52 GMT
ETag
"13006b6-94f8-5b232eca8cf5e"
Server
Apache/2.2.15 (CentOS)
Accept-Ranges
bytes
Content-Encoding
gzip
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
13837
Content-Type
text/html; charset=UTF-8
Cache-Control
public, max-age=36137
Expires
Sat, 20 Mar 2021 08:08:45 GMT
Date
Fri, 19 Mar 2021 22:06:28 GMT
Connection
keep-alive
Vary
Accept-Encoding
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ Frame B5D1 		139 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.28&th=8645007496&tagKey=3706711333&site=appleinsidercommobile&adSpace=ros&center=1&env=display&size=320x50&busted=1&url=https%3A%2F%2Fappleinsider.com%2Farticles%2F21%2F02%2F26%2Fhacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500&f=1&p=11506901&tKey=atmneMVcQT5bimnduqYqaOPTvqQMex81&a=7&adContainerId=richmedia_8&rnd=11515206
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
760943c5458d877bf9b8cb655c079df027c5f4d0814a7d39968101bbd5d36016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49851
x-xss-protection
0
server
cafe
etag
10627910760205795077
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 19 Mar 2021 22:06:28 GMT
p.media
s.tribalfusion.com/ Frame 9645 		199 B
302 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/p.media?clickID=aJmTR8ScUsStZbyYdfrTmfw4snY0FvZbT6Tw4A3hQmBB4WYy1tnDnt2N4PvT5GM9Vc3lUsbeRPFxWtZbWUbjP2betVabtVEYjSTJKQVjCQUAvRW79Wsr25FPqodeOXEev2HfFSGjZd26YZamdEyUHB7XrUb1UZblXq6tRbYHTUBYTtQWmbQmRUBNXEnn4Efc5E7XmaMHXUJaWt7TomrZbpsQwmHfJ5EZbg0WiFNivxas&mediaDataID=7665496&mediaName=frame.html
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.28&th=8645007496&tagKey=3706711333&site=appleinsidercommobile&adSpace=ros&center=1&env=display&size=320x50&busted=1&url=https%3A%2F%2Fappleinsider.com%2Farticles%2F21%2F02%2F26%2Fhacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500&f=1&p=11506901&tKey=atmneMVcQT5bimnduqYqaOPTvqQMex81&a=7&adContainerId=richmedia_8&rnd=11515206
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cb6259531180fe2e9301486176fda90fcc862e04ce47e525ef23b556e7783677

Request headers

:method
GET
:authority
s.tribalfusion.com
:scheme
https
:path
/p.media?clickID=aJmTR8ScUsStZbyYdfrTmfw4snY0FvZbT6Tw4A3hQmBB4WYy1tnDnt2N4PvT5GM9Vc3lUsbeRPFxWtZbWUbjP2betVabtVEYjSTJKQVjCQUAvRW79Wsr25FPqodeOXEev2HfFSGjZd26YZamdEyUHB7XrUb1UZblXq6tRbYHTUBYTtQWmbQmRUBNXEnn4Efc5E7XmaMHXUJaWt7TomrZbpsQwmHfJ5EZbg0WiFNivxas&mediaDataID=7665496&mediaName=frame.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://appleinsider.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
ANON_ID=asnteZbxZduBxRApTMrwFd5EKqUqXuR9iWGRupZanZbGoxZbUZbjVZbejPjH71cnBHi0xYHbvXmOYtWp73j7LfTjZcSHJLnDvI6cZaIXo
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://appleinsider.com/

Response headers

date
Fri, 19 Mar 2021 22:06:28 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=d1098895515c26b612a994ff0b58904f01616191588; expires=Sun, 18-Apr-21 22:06:28 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
102
x-reuse-index
1642
pragma
no-cache
cache-control
private, no-cache, no-store, proxy-revalidate
vary
Accept-Encoding
expires
0
cf-cache-status
DYNAMIC
cf-request-id
08ee1fa16400004e55b429e000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
632a02156fc34e55-FRA
content-encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
p.media
s.tribalfusion.com/ Frame B4D5 		300 B
355 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/p.media?clickID=aKmTR81E3t3TZbk4EUYnTFB1r7hTtrSmPQBnVnvpWUC5EY82WAM5PvKmF3JXsvS1cQTXV7xnTvW5FZbVVU7ZcVAU1QTj5QsnsSt3wYtFuWA3p2cB0XbMLUPPr2PQePPMA2tBrXWYDptZav363Y4cM6TsrcUcfkPAQuUdUWTrM05bEuWajoTTMlPqZbZcRVjZdQUupRt79VsvR2rytoWep0EXp4dbZdSGrHYPUywWr4wr&mediaDataID=6807466&mediaName=frame.html
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.28&th=8645007496&tagKey=3706711333&site=appleinsidercommobile&adSpace=ros&center=1&env=display&size=320x50&busted=1&url=https%3A%2F%2Fappleinsider.com%2Farticles%2F21%2F02%2F26%2Fhacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500&f=1&p=11506901&tKey=atmneMVcQT5bimnduqYqaOPTvqQMex81&a=7&adContainerId=richmedia_8&rnd=11515206
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0acb459554350c07d3a53593364def0548abeeb66090906c65348c85ccfe4e73

Request headers

:method
GET
:authority
s.tribalfusion.com
:scheme
https
:path
/p.media?clickID=aKmTR81E3t3TZbk4EUYnTFB1r7hTtrSmPQBnVnvpWUC5EY82WAM5PvKmF3JXsvS1cQTXV7xnTvW5FZbVVU7ZcVAU1QTj5QsnsSt3wYtFuWA3p2cB0XbMLUPPr2PQePPMA2tBrXWYDptZav363Y4cM6TsrcUcfkPAQuUdUWTrM05bEuWajoTTMlPqZbZcRVjZdQUupRt79VsvR2rytoWep0EXp4dbZdSGrHYPUywWr4wr&mediaDataID=6807466&mediaName=frame.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://appleinsider.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
ANON_ID=asnteZbxZduBxRApTMrwFd5EKqUqXuR9iWGRupZanZbGoxZbUZbjVZbejPjH71cnBHi0xYHbvXmOYtWp73j7LfTjZcSHJLnDvI6cZaIXo
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://appleinsider.com/

Response headers

date
Fri, 19 Mar 2021 22:06:28 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=d1098895515c26b612a994ff0b58904f01616191588; expires=Sun, 18-Apr-21 22:06:28 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
102
x-reuse-index
552
pragma
no-cache
cache-control
private, no-cache, no-store, proxy-revalidate
vary
Accept-Encoding
expires
0
cf-cache-status
DYNAMIC
cf-request-id
08ee1fa16500004e55b0b1b000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
632a02156fc44e55-FRA
content-encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
p.media
s.tribalfusion.com/ Frame 1279 		371 B
419 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/p.media?clickID=aLmTR8STYZcQVJJRbirPWjbUVQR2UusndZaOXaum3tYESG7Zd5PvEotXmUdfcXUvc1UZb7XqitRbJEWFJYVdYWnrbqQFMmYTvs3T3h2a3RnqFIYbUcUtbVn67ZcpGMwotfD3aBh5teM3PfZbprvEYVvPYsv3XGjMpEjT3UUVWFnEUAvTPTb0ScvMPWjw0WBwWAbv2GB0YrQZcVAms26QaRPZbK4WZbOXWBLsHAJuhWfuJ&mediaDataID=6546596&mediaName=frame.html
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.28&th=8645007496&tagKey=3706711333&site=appleinsidercommobile&adSpace=ros&center=1&env=display&size=320x50&busted=1&url=https%3A%2F%2Fappleinsider.com%2Farticles%2F21%2F02%2F26%2Fhacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500&f=1&p=11506901&tKey=atmneMVcQT5bimnduqYqaOPTvqQMex81&a=7&adContainerId=richmedia_8&rnd=11515206
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
447765f6779c5a5fcba99af3ee04bf05044848693b782acd7e23993480a2afad

Request headers

:method
GET
:authority
s.tribalfusion.com
:scheme
https
:path
/p.media?clickID=aLmTR8STYZcQVJJRbirPWjbUVQR2UusndZaOXaum3tYESG7Zd5PvEotXmUdfcXUvc1UZb7XqitRbJEWFJYVdYWnrbqQFMmYTvs3T3h2a3RnqFIYbUcUtbVn67ZcpGMwotfD3aBh5teM3PfZbprvEYVvPYsv3XGjMpEjT3UUVWFnEUAvTPTb0ScvMPWjw0WBwWAbv2GB0YrQZcVAms26QaRPZbK4WZbOXWBLsHAJuhWfuJ&mediaDataID=6546596&mediaName=frame.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://appleinsider.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
ANON_ID=asnteZbxZduBxRApTMrwFd5EKqUqXuR9iWGRupZanZbGoxZbUZbjVZbejPjH71cnBHi0xYHbvXmOYtWp73j7LfTjZcSHJLnDvI6cZaIXo
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://appleinsider.com/

Response headers

date
Fri, 19 Mar 2021 22:06:28 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=d1098895515c26b612a994ff0b58904f01616191588; expires=Sun, 18-Apr-21 22:06:28 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
102
x-reuse-index
2087
pragma
no-cache
cache-control
private, no-cache, no-store, proxy-revalidate
vary
Accept-Encoding
expires
0
cf-cache-status
DYNAMIC
cf-request-id
08ee1fa16500004e55ef10e000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
632a02156fc64e55-FRA
content-encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
p.media
s.tribalfusion.com/ Frame C296 		228 B
299 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/p.media?clickID=ammTR82avYoTbCYbJgTtfQoA3CncnrotQJ3T382dZar3AjFmUUHXVfVXVM10sfvpTj25F3VVFnHUPf4PTrQPcvoPd3x1dFnT6jy4sMUYrrDT6ir46nhQPfF4WQO0dBKnHPu36Y03cM7VcUjVsjeRAvvWdQQWbf03bZaoVqjpTTQlQEBZcQVbCQUZawRtv6VsbU4r6qnHeo0EqO4WvDSsFZa2mJHmdXtStZbPxQv3LB&mediaDataID=6680176&mediaName=frame.html
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.28&th=8645007496&tagKey=3706711333&site=appleinsidercommobile&adSpace=ros&center=1&env=display&size=320x50&busted=1&url=https%3A%2F%2Fappleinsider.com%2Farticles%2F21%2F02%2F26%2Fhacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500&f=1&p=11506901&tKey=atmneMVcQT5bimnduqYqaOPTvqQMex81&a=7&adContainerId=richmedia_8&rnd=11515206
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c44a3cee011134392959ed4be1308045816649fa1d50207010d9ff40f9b2eb04

Request headers

:method
GET
:authority
s.tribalfusion.com
:scheme
https
:path
/p.media?clickID=ammTR82avYoTbCYbJgTtfQoA3CncnrotQJ3T382dZar3AjFmUUHXVfVXVM10sfvpTj25F3VVFnHUPf4PTrQPcvoPd3x1dFnT6jy4sMUYrrDT6ir46nhQPfF4WQO0dBKnHPu36Y03cM7VcUjVsjeRAvvWdQQWbf03bZaoVqjpTTQlQEBZcQVbCQUZawRtv6VsbU4r6qnHeo0EqO4WvDSsFZa2mJHmdXtStZbPxQv3LB&mediaDataID=6680176&mediaName=frame.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://appleinsider.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
ANON_ID=asnteZbxZduBxRApTMrwFd5EKqUqXuR9iWGRupZanZbGoxZbUZbjVZbejPjH71cnBHi0xYHbvXmOYtWp73j7LfTjZcSHJLnDvI6cZaIXo
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://appleinsider.com/

Response headers

date
Fri, 19 Mar 2021 22:06:28 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=d1098895515c26b612a994ff0b58904f01616191588; expires=Sun, 18-Apr-21 22:06:28 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
102
x-reuse-index
1055
pragma
no-cache
cache-control
private, no-cache, no-store, proxy-revalidate
vary
Accept-Encoding
expires
0
cf-cache-status
DYNAMIC
cf-request-id
08ee1fa16600004e55e3b54000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
632a02157fc74e55-FRA
content-encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
p.media
s.tribalfusion.com/ Frame 0481 		322 B
371 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/p.media?clickID=anmTR8Rr6oPHvaWV3R5UioodZaoXauw3t3ZdQVbZd56rZamdZaOUt7eXrf8Xb7k0TaqPb3ZdWFYYVtJ4obYnPFbNXEnp4E3g4q30oTrH1rffTdFXmPfJmGrtoWnG5EQ73Hmq56rZaprMH0VvQ1cYV1VfxnEFU5UQPTUbEWAn4QEb1ScUMQdUNYtZbuWmYx3VM2YrZbJTAir5mQbRP7G4dQpXdnApd2o36BRXVnQMwmBGb&mediaDataID=5436426&mediaName=frame.html
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.28&th=8645007496&tagKey=3706711333&site=appleinsidercommobile&adSpace=ros&center=1&env=display&size=320x50&busted=1&url=https%3A%2F%2Fappleinsider.com%2Farticles%2F21%2F02%2F26%2Fhacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500&f=1&p=11506901&tKey=atmneMVcQT5bimnduqYqaOPTvqQMex81&a=7&adContainerId=richmedia_8&rnd=11515206
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d19093d19c9677180f389c262f19fc816f3536a42628ecdf3c0b5fce17caae6c

Request headers

:method
GET
:authority
s.tribalfusion.com
:scheme
https
:path
/p.media?clickID=anmTR8Rr6oPHvaWV3R5UioodZaoXauw3t3ZdQVbZd56rZamdZaOUt7eXrf8Xb7k0TaqPb3ZdWFYYVtJ4obYnPFbNXEnp4E3g4q30oTrH1rffTdFXmPfJmGrtoWnG5EQ73Hmq56rZaprMH0VvQ1cYV1VfxnEFU5UQPTUbEWAn4QEb1ScUMQdUNYtZbuWmYx3VM2YrZbJTAir5mQbRP7G4dQpXdnApd2o36BRXVnQMwmBGb&mediaDataID=5436426&mediaName=frame.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://appleinsider.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
ANON_ID=asnteZbxZduBxRApTMrwFd5EKqUqXuR9iWGRupZanZbGoxZbUZbjVZbejPjH71cnBHi0xYHbvXmOYtWp73j7LfTjZcSHJLnDvI6cZaIXo
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://appleinsider.com/

Response headers

date
Fri, 19 Mar 2021 22:06:28 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=d1098895515c26b612a994ff0b58904f01616191588; expires=Sun, 18-Apr-21 22:06:28 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
102
x-reuse-index
152
pragma
no-cache
cache-control
private, no-cache, no-store, proxy-revalidate
vary
Accept-Encoding
expires
0
cf-cache-status
DYNAMIC
cf-request-id
08ee1fa16700004e55920eb000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
632a02157fc84e55-FRA
content-encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
p.media
s.tribalfusion.com/ Frame 3444 		307 B
361 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/p.media?clickID=aomTR8T6Mu4sY20F3ZdT6Xp2PB8QABA3drO0HQDmt6v36U04V3fTsJ7VVFlR6UwWdQ5Wbb03b2nUabpVEYlPTrKRGYZaPbEsPHf9UVY55bXxmtqmXqqy3WnASGfZa4AJZboHTsVWJe0rvb1UF91qatRrrGWUU5Td33mrBnQUrq1E3y5EUl2aURoa7A1bjaTdMRmmfZcmcMtmtrF5qQj5HAN3AvGprbZd5cr7qvEEXG&mediaDataID=8039566&mediaName=frame.html
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.28&th=8645007496&tagKey=3706711333&site=appleinsidercommobile&adSpace=ros&center=1&env=display&size=320x50&busted=1&url=https%3A%2F%2Fappleinsider.com%2Farticles%2F21%2F02%2F26%2Fhacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500&f=1&p=11506901&tKey=atmneMVcQT5bimnduqYqaOPTvqQMex81&a=7&adContainerId=richmedia_8&rnd=11515206
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a19eee4cfdca0add988805524f0c339406fba42291d46982b03933fb65fbe97d

Request headers

:method
GET
:authority
s.tribalfusion.com
:scheme
https
:path
/p.media?clickID=aomTR8T6Mu4sY20F3ZdT6Xp2PB8QABA3drO0HQDmt6v36U04V3fTsJ7VVFlR6UwWdQ5Wbb03b2nUabpVEYlPTrKRGYZaPbEsPHf9UVY55bXxmtqmXqqy3WnASGfZa4AJZboHTsVWJe0rvb1UF91qatRrrGWUU5Td33mrBnQUrq1E3y5EUl2aURoa7A1bjaTdMRmmfZcmcMtmtrF5qQj5HAN3AvGprbZd5cr7qvEEXG&mediaDataID=8039566&mediaName=frame.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://appleinsider.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
ANON_ID=asnteZbxZduBxRApTMrwFd5EKqUqXuR9iWGRupZanZbGoxZbUZbjVZbejPjH71cnBHi0xYHbvXmOYtWp73j7LfTjZcSHJLnDvI6cZaIXo
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://appleinsider.com/

Response headers

date
Fri, 19 Mar 2021 22:06:28 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=d1098895515c26b612a994ff0b58904f01616191588; expires=Sun, 18-Apr-21 22:06:28 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
102
x-reuse-index
486
pragma
no-cache
cache-control
private, no-cache, no-store, proxy-revalidate
vary
Accept-Encoding
expires
0
cf-cache-status
DYNAMIC
cf-request-id
08ee1fa16700004e55c7858000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
632a02157fca4e55-FRA
content-encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
p.media
s.tribalfusion.com/ Frame 903C 		240 B
454 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/p.media?clickID=apmTR8oTbD1rZb8UHb1om3IpG3oodYL2Er73d6M4PFZbprnHYcYYYsF01sBynafW5UQ4TUfEWA73RTj1Qs3MPt7w0dnsVmYM4sJ00UnDUPTw4AZb6PAFI2HvmXW3AnW2u5AZbS3srfVsYcUc78SAUuUtvVWrf25rIoWqMpWTJbSTYFSGQJRrZavStM8Vsr35b6nmWqmYTqN4WvDSsfA2AvHmdXyVWQ65FrUNDGvdB&mediaDataID=4056396&mediaName=frame.html
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.28&th=8645007496&tagKey=3706711333&site=appleinsidercommobile&adSpace=ros&center=1&env=display&size=320x50&busted=1&url=https%3A%2F%2Fappleinsider.com%2Farticles%2F21%2F02%2F26%2Fhacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500&f=1&p=11506901&tKey=atmneMVcQT5bimnduqYqaOPTvqQMex81&a=7&adContainerId=richmedia_8&rnd=11515206
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35935208cd992c0ffa52a07a5e5c4df5c02a09a3c42d46e545b7db01927249b9

Request headers

:method
GET
:authority
s.tribalfusion.com
:scheme
https
:path
/p.media?clickID=apmTR8oTbD1rZb8UHb1om3IpG3oodYL2Er73d6M4PFZbprnHYcYYYsF01sBynafW5UQ4TUfEWA73RTj1Qs3MPt7w0dnsVmYM4sJ00UnDUPTw4AZb6PAFI2HvmXW3AnW2u5AZbS3srfVsYcUc78SAUuUtvVWrf25rIoWqMpWTJbSTYFSGQJRrZavStM8Vsr35b6nmWqmYTqN4WvDSsfA2AvHmdXyVWQ65FrUNDGvdB&mediaDataID=4056396&mediaName=frame.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://appleinsider.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
ANON_ID=asnteZbxZduBxRApTMrwFd5EKqUqXuR9iWGRupZanZbGoxZbUZbjVZbejPjH71cnBHi0xYHbvXmOYtWp73j7LfTjZcSHJLnDvI6cZaIXo
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://appleinsider.com/

Response headers

date
Fri, 19 Mar 2021 22:06:28 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=d1098895515c26b612a994ff0b58904f01616191588; expires=Sun, 18-Apr-21 22:06:28 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
102
x-reuse-index
876
pragma
no-cache
cache-control
private, no-cache, no-store, proxy-revalidate
vary
Accept-Encoding
expires
0
cf-cache-status
DYNAMIC
cf-request-id
08ee1fa16800004e55c13ea000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
632a02157fcb4e55-FRA
content-encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
p.media
s.tribalfusion.com/ Frame 7B9D 		257 B
336 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/p.media?clickID=aqmTR8PHvdUVMU4bTvnHys0quu3WQDSsZbZa46YEptatVWFeYFYjYFYl1TZamRUYEWUUQTdQ3mrQoRFMqYTUy4T7h5qf2mEBF1r3cWHBXn6QBnV7poHMA3TYk5tiN5mvZanUfZc0GnY1sU3XGbnmEfT3FvWTFbCUPr4PEr1PcZbtStZbr1dvpT6Qp2Vn5XUMLUPim46ZbdQA7H4dQpXd3ZapWio36BY3sj7SGUVxZdZa7Bp&mediaDataID=2713736&mediaName=frame.html
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.28&th=8645007496&tagKey=3706711333&site=appleinsidercommobile&adSpace=ros&center=1&env=display&size=320x50&busted=1&url=https%3A%2F%2Fappleinsider.com%2Farticles%2F21%2F02%2F26%2Fhacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500&f=1&p=11506901&tKey=atmneMVcQT5bimnduqYqaOPTvqQMex81&a=7&adContainerId=richmedia_8&rnd=11515206
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04b953285b103f08ba891095d67355a7f0e583f36d29270f23f82fe64ecfd241

Request headers

:method
GET
:authority
s.tribalfusion.com
:scheme
https
:path
/p.media?clickID=aqmTR8PHvdUVMU4bTvnHys0quu3WQDSsZbZa46YEptatVWFeYFYjYFYl1TZamRUYEWUUQTdQ3mrQoRFMqYTUy4T7h5qf2mEBF1r3cWHBXn6QBnV7poHMA3TYk5tiN5mvZanUfZc0GnY1sU3XGbnmEfT3FvWTFbCUPr4PEr1PcZbtStZbr1dvpT6Qp2Vn5XUMLUPim46ZbdQA7H4dQpXd3ZapWio36BY3sj7SGUVxZdZa7Bp&mediaDataID=2713736&mediaName=frame.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://appleinsider.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
ANON_ID=asnteZbxZduBxRApTMrwFd5EKqUqXuR9iWGRupZanZbGoxZbUZbjVZbejPjH71cnBHi0xYHbvXmOYtWp73j7LfTjZcSHJLnDvI6cZaIXo
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://appleinsider.com/

Response headers

date
Fri, 19 Mar 2021 22:06:28 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=d1098895515c26b612a994ff0b58904f01616191588; expires=Sun, 18-Apr-21 22:06:28 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
102
x-reuse-index
1864
pragma
no-cache
cache-control
private, no-cache, no-store, proxy-revalidate
vary
Accept-Encoding
expires
0
cf-cache-status
DYNAMIC
cf-request-id
08ee1fa16a00004e5509226000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
632a02157fd14e55-FRA
content-encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
p.media
s.tribalfusion.com/ Frame 7FFC 		277 B
473 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/p.media?clickID=armTR84sY40UULUPqr2AY7R6rD3dMt1WvAntZan4mMR3svfUGvkWsMkS6MOUWUTWrfR5rEoWqjmTEBbQEQFRVbZbQbmtRW36UVjP2F2xnHZaOXaey3WfGQcvD2mUHoWXsTt370bnj1FJeXaeMSrYHUFMXTt31obFnPUbqXEFs3TZba4q7YoTJI1bZbcWtnQn6fLns7rpdrE5qQj5Hio3mJGprbE0GfQ4GYjrMIHmg&mediaDataID=9148826&mediaName=frame.html
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/j.ad?flashVer=0&ver=1.28&th=8645007496&tagKey=3706711333&site=appleinsidercommobile&adSpace=ros&center=1&env=display&size=320x50&busted=1&url=https%3A%2F%2Fappleinsider.com%2Farticles%2F21%2F02%2F26%2Fhacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500&f=1&p=11506901&tKey=atmneMVcQT5bimnduqYqaOPTvqQMex81&a=7&adContainerId=richmedia_8&rnd=11515206
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2d8a3709607ba099cca5f17196a94cf188ba8e97e5e5b1162831292658fad7a

Request headers

:method
GET
:authority
s.tribalfusion.com
:scheme
https
:path
/p.media?clickID=armTR84sY40UULUPqr2AY7R6rD3dMt1WvAntZan4mMR3svfUGvkWsMkS6MOUWUTWrfR5rEoWqjmTEBbQEQFRVbZbQbmtRW36UVjP2F2xnHZaOXaey3WfGQcvD2mUHoWXsTt370bnj1FJeXaeMSrYHUFMXTt31obFnPUbqXEFs3TZba4q7YoTJI1bZbcWtnQn6fLns7rpdrE5qQj5Hio3mJGprbE0GfQ4GYjrMIHmg&mediaDataID=9148826&mediaName=frame.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://appleinsider.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
ANON_ID=asnteZbxZduBxRApTMrwFd5EKqUqXuR9iWGRupZanZbGoxZbUZbjVZbejPjH71cnBHi0xYHbvXmOYtWp73j7LfTjZcSHJLnDvI6cZaIXo
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://appleinsider.com/

Response headers

date
Fri, 19 Mar 2021 22:06:29 GMT
content-type
text/html; charset=utf-8
set-cookie
__cfduid=d1098895515c26b612a994ff0b58904f01616191588; expires=Sun, 18-Apr-21 22:06:28 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
102
x-reuse-index
1389
pragma
no-cache
cache-control
private, no-cache, no-store, proxy-revalidate
vary
Accept-Encoding
expires
0
cf-cache-status
DYNAMIC
cf-request-id
08ee1fa16900004e55d987f000000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
632a02157fd64e55-FRA
content-encoding
gzip
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
dpixel
cms.quantserve.com/ Frame 35B3 		35 B
462 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEJi4wKMZVRJcbFAtYIDs-Eo&google_cver=1&google_push=AQvitUJdNioOfY9OKjfTytIdr7vUUe3bIhKfUN_PMSoYbRsaeXYtDa0vyhyCnhQOh9azUOwEDUwF-HjWYwq5ii8ZN4rjN6oO9UDKug
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2892341250670811&output=html&h=250&slotname=3169902014&adk=330464824&adf=3248438070&pi=t.ma~as.3169902014&w=300&psa=0&format=300x250&url=https%3A%2F%2Fappleinsider.com%2Farticles%2F21%2F02%2F26%2Fhacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500&ea=0&flash=0&wgl=1&dt=1616191587717&bpp=1&bdt=642&idt=154&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3D06a4eaed7430a784-22351c0ed5ba0033%3AT%3D1616191585%3AS%3DALNI_MbvdyYlthAWt6y8LWCaQJ45xTTQMg&correlator=6820821975866&frm=23&ife=4&pv=1&ga_vid=1444797335.1616191588&ga_sid=1616191588&ga_hid=1876596505&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1103&ady=1161&biw=1600&bih=1200&isw=300&ish=250&ifk=1834859746&scr_x=0&scr_y=0&eid=44736524%2C44739387&oid=3&pvsid=4343791204405116&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.3m3cfz4yhsyd&fsb=1&dtd=161
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Mar 2021 22:06:28 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 35B3
Redirect Chain
  • https://d.agkn.com/pixel/2175/?google_gid=CAESEIyjXgbzsGZHMOJjBc3YVP8&google_cver=1&google_push=AQvitUIUmFtBOAfEHgPXrkFXLU7nT73Mei8eSKbbyBJ5AEaleu2z9iyoYd2nS8vOrf_6LfFGPfD7jPSTM_aR3aCwng6SGm0DESnkcg
  • https://cm.g.doubleclick.net/pixel?google_nid=akneustar_dmp&google_cm&google_hm=Q0FFU0VJeWpYZ2J6c0daSE1PSmpCYzNZVlA4
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=akneustar_dmp&google_cm&google_hm=Q0FFU0VJeWpYZ2J6c0daSE1PSmpCYzNZVlA4
Requested by
Host: appleinsider.com
URL: https://appleinsider.com/articles/21/02/26/hacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Mar 2021 22:06:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 19 Mar 2021 22:06:28 GMT
Server
Apache-Coyote/1.1
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=akneustar_dmp&google_cm&google_hm=Q0FFU0VJeWpYZ2J6c0daSE1PSmpCYzNZVlA4
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Sat, 01 Jan 2000 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 35B3
Redirect Chain
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitUIzeXPj...
  • https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAQvitUIzeXPj...
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTAzMTkyMjA2MzE1Njk3ODIxNDQ2NDE1MQ%3D%3D&google_push=AQvitUIzeXPjYxawsOXh_gUAESrwH8naSm-x7N6molNZrlOQFBy4maLFU2_q_mQweWnFhC...
  • https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTAzMTkyMjA2MzE1Njk3ODIxNDQ2NDE1MQ%3D%3D&google_push=AQvitUIzeXPjYxawsOXh_gUAESrwH8naSm-x7N6molNZrlOQFBy4maLFU2_q_mQweWnFhC...
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTAzMTkyMjA2MzE1Njk3ODIxNDQ2NDE1MQ%3D%3D&google_push=AQvitUIzeXPjYxawsOXh_gUAESrwH8naSm-x7N6molNZrlOQFBy4maLFU2_q_mQweWnFhCJIRwtjIcc7StLbxjZ_70Hqmlnn5GCC7A&google_tc=
Requested by
Host: appleinsider.com
URL: https://appleinsider.com/articles/21/02/26/hacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Mar 2021 22:06:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 19 Mar 2021 22:06:31 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMTAzMTkyMjA2MzE1Njk3ODIxNDQ2NDE1MQ%3D%3D&google_push=AQvitUIzeXPjYxawsOXh_gUAESrwH8naSm-x7N6molNZrlOQFBy4maLFU2_q_mQweWnFhCJIRwtjIcc7StLbxjZ_70Hqmlnn5GCC7A&google_tc=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
449
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
odr.mookie1.com/t/v2/ Frame 35B3 		43 B
606 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEIj7Yqg-WSMlzxto71Tp0D8&google_push=AQvitUKpi-GxZsX4AWoelXTARQmX0O7tzjWUgoZYj7zJw8cEFZTYNSsqgA-4d3f-_ZTEODv0JPer-5icJi5W6at5p_4O_CYjGs6rMg&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2892341250670811&output=html&h=250&slotname=3169902014&adk=330464824&adf=3248438070&pi=t.ma~as.3169902014&w=300&psa=0&format=300x250&url=https%3A%2F%2Fappleinsider.com%2Farticles%2F21%2F02%2F26%2Fhacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500&ea=0&flash=0&wgl=1&dt=1616191587717&bpp=1&bdt=642&idt=154&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3D06a4eaed7430a784-22351c0ed5ba0033%3AT%3D1616191585%3AS%3DALNI_MbvdyYlthAWt6y8LWCaQJ45xTTQMg&correlator=6820821975866&frm=23&ife=4&pv=1&ga_vid=1444797335.1616191588&ga_sid=1616191588&ga_hid=1876596505&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1103&ady=1161&biw=1600&bih=1200&isw=300&ish=250&ifk=1834859746&scr_x=0&scr_y=0&eid=44736524%2C44739387&oid=3&pvsid=4343791204405116&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.3m3cfz4yhsyd&fsb=1&dtd=161
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Mar 2021 22:06:28 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
clear
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 35B3
Redirect Chain
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=gSGaMFuzTyS8NVUoOjSr2g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=gSGaMFuzTyS8NVUoOjSr2g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUIMgfRGQh1EeEKDE4hkzhUIVAda_3bJIAWkk-33Kkug7ClizspBkjmlu40DUZfZFDYOl3W88EMLFFDOPIyfzfwQUzZe5dD5XQ
Requested by
Host: appleinsider.com
URL: https://appleinsider.com/articles/21/02/26/hacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Mar 2021 22:06:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=gSGaMFuzTyS8NVUoOjSr2g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AQvitUIMgfRGQh1EeEKDE4hkzhUIVAda_3bJIAWkk-33Kkug7ClizspBkjmlu40DUZfZFDYOl3W88EMLFFDOPIyfzfwQUzZe5dD5XQ
Date
Fri, 19 Mar 2021 22:06:27 GMT
P3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length
0
Content-Type
text/html; charset=UTF-8
pixel
cm.g.doubleclick.net/ Frame 35B3
Redirect Chain
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEF_StH2kqKvYQTuPHi43fmk&google_cver=1&google_push=AQvitUKmilY49usroyl5RFIsTTJR1B1wo1meflMsnPL5frNaAthEuC3aWjnQ7heBgaaHJ5BtQzM...
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01HVVFSM04tVi0yQ0lS&google_push=AQvitUKmilY49usroyl5RFIsTTJR1B1wo1meflMsnPL5frNaAthEuC3aWjnQ7heBgaaHJ5BtQzMxxzvuFUhm90cxCj8oecoxEKbRPA
170 B
190 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01HVVFSM04tVi0yQ0lS&google_push=AQvitUKmilY49usroyl5RFIsTTJR1B1wo1meflMsnPL5frNaAthEuC3aWjnQ7heBgaaHJ5BtQzMxxzvuFUhm90cxCj8oecoxEKbRPA
Requested by
Host: appleinsider.com
URL: https://appleinsider.com/articles/21/02/26/hacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Mar 2021 22:06:28 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S01HVVFSM04tVi0yQ0lS&google_push=AQvitUKmilY49usroyl5RFIsTTJR1B1wo1meflMsnPL5frNaAthEuC3aWjnQ7heBgaaHJ5BtQzMxxzvuFUhm90cxCj8oecoxEKbRPA
Cache-Control
no-cache,no-store,must-revalidate
Content-Type
text/html
content-length
0
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Expires
0
trk
ag.innovid.com/ Frame 35B3 		43 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ag.innovid.com/trk?tid=11711&google_gid=CAESEO88KulhzdV0yIbm9qT2O1E&google_cver=1&google_push=AQvitUL1xLYKi7dRKW9NmxhdNi8cZECkIuNayoW2gPEWid_tlp8_Rbw9OPr4UhaCAdfK7s_5cTKE76PP4CJc7JKL8vYXdxVCqPpr
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2892341250670811&output=html&h=250&slotname=3169902014&adk=330464824&adf=3248438070&pi=t.ma~as.3169902014&w=300&psa=0&format=300x250&url=https%3A%2F%2Fappleinsider.com%2Farticles%2F21%2F02%2F26%2Fhacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500&ea=0&flash=0&wgl=1&dt=1616191587717&bpp=1&bdt=642&idt=154&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3D06a4eaed7430a784-22351c0ed5ba0033%3AT%3D1616191585%3AS%3DALNI_MbvdyYlthAWt6y8LWCaQJ45xTTQMg&correlator=6820821975866&frm=23&ife=4&pv=1&ga_vid=1444797335.1616191588&ga_sid=1616191588&ga_hid=1876596505&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1103&ady=1161&biw=1600&bih=1200&isw=300&ish=250&ifk=1834859746&scr_x=0&scr_y=0&eid=44736524%2C44739387&oid=3&pvsid=4343791204405116&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.3m3cfz4yhsyd&fsb=1&dtd=161
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d01c:1d8:8102:73b:46ad:270f:ab37 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Mar 2021 22:06:28 GMT
cache-control
no-cache
content-type
image/gif
content-length
43
request-time
1
expires
-1
attr
cm.g.doubleclick.net/pixel/ Frame 35B3 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K-WZ4-hzXRRKjRLkLoI67PvMtuR-jOOFgJ2TheYjKjnrzMsTOtu4KTi9_Yr0MnGBvnjz6J
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2892341250670811&output=html&h=250&slotname=3169902014&adk=330464824&adf=3248438070&pi=t.ma~as.3169902014&w=300&psa=0&format=300x250&url=https%3A%2F%2Fappleinsider.com%2Farticles%2F21%2F02%2F26%2Fhacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500&ea=0&flash=0&wgl=1&dt=1616191587717&bpp=1&bdt=642&idt=154&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3D06a4eaed7430a784-22351c0ed5ba0033%3AT%3D1616191585%3AS%3DALNI_MbvdyYlthAWt6y8LWCaQJ45xTTQMg&correlator=6820821975866&frm=23&ife=4&pv=1&ga_vid=1444797335.1616191588&ga_sid=1616191588&ga_hid=1876596505&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1103&ady=1161&biw=1600&bih=1200&isw=300&ish=250&ifk=1834859746&scr_x=0&scr_y=0&eid=44736524%2C44739387&oid=3&pvsid=4343791204405116&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.3m3cfz4yhsyd&fsb=1&dtd=161
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:28 GMT
server
HTTP server (unknown)
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
view
securepubads.g.doubleclick.net/pcs/ Frame 2118 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstNXuFS828q7ZTxEYNbRFgVT6mtPyc_CuSvH25AwC0UKQtbnN1FjoCnzqfKNb5IGb5NI0NKS_ZfaATWxVhOGyJi9JAdA9dSmUi-aLOEw9mJ9fhNf-o8BPQPimOCeR_mfeXRKf8_jsQORt9gQ4uZeR1uyOT3ylRW8IKSq1WtAN3Hha6DTGfEP-VjgMWwlyJwwEvN3hmz-XU-VB8jRkonFPIXyd6bSO7hqrWi1Vc1vZax1dvUpEWPTwcXvVtbsPKoriM0rjyMYkY2kUKyyt5n2hPg4eFx0ZPSem2ms1arFQphjsF2hXlYjdm8-1pCjyP5jhCYNPr08y2laZbdKf_G6QMrTM5mezuB4t54&sai=AMfl-YQsL-K6zaWgj0jagwulmoM3y0BjcUMQhkZ3GbMtBZMg3z1spto49AwLzD2dikwtobOJ0z99bqUiYu4Dy5IdAIjKlAj7Z5ZQoTOFqT-nZGsixPxAG2VZJNfovA1ZZ8O7&sig=Cg0ArKJSzD0e8bCBlHN1EAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 19 Mar 2021 22:06:28 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 19 Mar 2021 22:06:28 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 2118 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210316&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210316/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2892341250670811&plah=appleinsider.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4087993f59427f316b2ec698bb70e247b2f16b7ce4d3be31a0229077cf2a475d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 19 Mar 2021 22:06:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6500
x-xss-protection
0
Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js
pagead2.googlesyndication.com/bg/ Frame 0D82 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2892341250670811&output=html&h=250&slotname=3169902014&adk=330464824&adf=3248438070&pi=t.ma~as.3169902014&w=300&psa=0&format=300x250&url=https%3A%2F%2Fappleinsider.com%2Farticles%2F21%2F02%2F26%2Fhacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500&ea=0&flash=0&wgl=1&dt=1616191587717&bpp=1&bdt=642&idt=154&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3D06a4eaed7430a784-22351c0ed5ba0033%3AT%3D1616191585%3AS%3DALNI_MbvdyYlthAWt6y8LWCaQJ45xTTQMg&correlator=6820821975866&frm=23&ife=4&pv=1&ga_vid=1444797335.1616191588&ga_sid=1616191588&ga_hid=1876596505&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1103&ady=1161&biw=1600&bih=1200&isw=300&ish=250&ifk=1834859746&scr_x=0&scr_y=0&eid=44736524%2C44739387&oid=3&pvsid=4343791204405116&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.3m3cfz4yhsyd&fsb=1&dtd=161
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ed9e68daec65b2fde80938f332c6813249b5261d1b158b5703574e2c34a14c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 10:03:59 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 15 Mar 2021 13:45:00 GMT
server
sffe
age
43349
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5785
x-xss-protection
0
expires
Sat, 19 Mar 2022 10:03:59 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 2118 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210316/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2892341250670811&plah=appleinsider.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1611170586013198"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6403
x-xss-protection
0
expires
Fri, 19 Mar 2021 22:06:28 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210316/r20190131/ Frame B5D1 		226 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210316/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2892341250670811&plah=appleinsider.com&amaexp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
76de05ef38c3493027e88617f808b48e1683e54a4e2989862d1afc85933f01eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
86501
x-xss-protection
0
server
cafe
etag
16342648926818324530
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 19 Mar 2021 22:06:28 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 75BB 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=46889046&p=156657&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
be982910788270ab48b30d36a318a2d588bdfb542b55721a15470c313ee7e6cf

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 19 Mar 2021 22:06:27 GMT
P3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
runner.html
tpc.googlesyndication.com/sodar/sodar2/221/ Frame C5A9 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/221/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://appleinsider.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://appleinsider.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4984
date
Fri, 19 Mar 2021 17:36:09 GMT
expires
Sat, 19 Mar 2022 17:36:09 GMT
last-modified
Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
16219
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cookie.js
partner.googleadservices.com/gampad/ Frame B5D1 		12 B
82 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=appleinsider.com&callback=_gfp_s_&client=ca-pub-2892341250670811&cookie=ID%3D421fbb2dfabfb201-2217660bd5ba002d%3AT%3D1616191585%3AS%3DALNI_MZcKTASn5Za2QJnnAf9AnDoir_CJQ
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210316/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2892341250670811&plah=appleinsider.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ Frame B5D1 		107 B
146 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=appleinsider.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210316/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2892341250670811&plah=appleinsider.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 19 Mar 2021 22:06:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ Frame B5D1 		107 B
146 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=appleinsider.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210316/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2892341250670811&plah=appleinsider.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 19 Mar 2021 22:06:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 5382 		399 B
224 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2892341250670811&output=html&h=50&slotname=1473676963&adk=4238659372&adf=406754587&pi=t.ma~as.1473676963&w=320&psa=0&format=320x50&url=https%3A%2F%2Fappleinsider.com%2Farticles%2F21%2F02%2F26%2Fhacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500&ea=0&flash=0&wgl=1&dt=1616191588809&bpp=34&bdt=1534&idt=190&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3D421fbb2dfabfb201-2217660bd5ba002d%3AT%3D1616191585%3AS%3DALNI_MZcKTASn5Za2QJnnAf9AnDoir_CJQ&correlator=6820821975866&rume=1&frm=23&ife=4&pv=1&ga_vid=1749031965.1616191589&ga_sid=1616191589&ga_hid=1995671848&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=0&ish=0&ifk=836652087&scr_x=0&scr_y=0&eid=42530672%2C44739523%2C44739387%2C21066613%2C21066614&oid=3&pvsid=2504569723169334&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CEr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.yzqu1oxgvx10&fsb=1&dtd=197
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210316/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2892341250670811&plah=appleinsider.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ddf12af80a625ffe9674838c7a71a1889961913de377ea143a504ab9ff3f7e73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-2892341250670811&output=html&h=50&slotname=1473676963&adk=4238659372&adf=406754587&pi=t.ma~as.1473676963&w=320&psa=0&format=320x50&url=https%3A%2F%2Fappleinsider.com%2Farticles%2F21%2F02%2F26%2Fhacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500&ea=0&flash=0&wgl=1&dt=1616191588809&bpp=34&bdt=1534&idt=190&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3D421fbb2dfabfb201-2217660bd5ba002d%3AT%3D1616191585%3AS%3DALNI_MZcKTASn5Za2QJnnAf9AnDoir_CJQ&correlator=6820821975866&rume=1&frm=23&ife=4&pv=1&ga_vid=1749031965.1616191589&ga_sid=1616191589&ga_hid=1995671848&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=0&ish=0&ifk=836652087&scr_x=0&scr_y=0&eid=42530672%2C44739523%2C44739387%2C21066613%2C21066614&oid=3&pvsid=2504569723169334&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7CEr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.yzqu1oxgvx10&fsb=1&dtd=197
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://appleinsider.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
DSID=NO_DATA; IDE=AHWqTUl7sSD16K_UaLe-_U6OFSgZzbf2cvPX5vSyL60bPTuWqaF29ZscVVY0sMoLVT0; test_cookie=CheckForPermission
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://appleinsider.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 19 Mar 2021 22:06:29 GMT
server
cafe
content-length
199
x-xss-protection
0
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ Frame B5D1 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210316/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2892341250670811&plah=appleinsider.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca625f204331905abf3b4d86a89dfb9799c63771723b9b15c5b54c1f9fb2b83c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1615980824644616"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28204
x-xss-protection
0
expires
Fri, 19 Mar 2021 22:06:29 GMT
Cookie set Pug
image2.pubmatic.com/AdServer/ Frame B95E
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8470772502363522023
42 B
769 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8470772502363522023
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=46889046&p=156657&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
image2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KRTBCOOKIE_153=1923-uazix72s4cai_rSWuar6xbf_58aipeXKvv1lc4ie&KRTB&19420-uazix72s4cai_rSWuar6xbf_58aipeXKvv1lc4ie&KRTB&22979-uazix72s4cai_rSWuar6xbf_58aipeXKvv1lc4ie; PUBMDCID=3; KRTBCOOKIE_80=16514-CAESEMWZ7hjsbc6Y5hPDmqbyYms&KRTB&22987-CAESEMWZ7hjsbc6Y5hPDmqbyYms&KRTB&23025-CAESEMWZ7hjsbc6Y5hPDmqbyYms; KRTBCOOKIE_57=22776-3127976995046796571; KRTBCOOKIE_22=14911-2594586110779443962; KRTBCOOKIE_377=6810-88dee563-8bf1-42ea-b937-d2c41c2c14dd&KRTB&22918-88dee563-8bf1-42ea-b937-d2c41c2c14dd&KRTB&23031-88dee563-8bf1-42ea-b937-d2c41c2c14dd; KRTBCOOKIE_218=22978-YFUgZwAAAGV9fyrK&KRTB&23194-YFUgZwAAAGV9fyrK&KRTB&23209-YFUgZwAAAGV9fyrK&KRTB&23244-YFUgZwAAAGV9fyrK; KRTBCOOKIE_466=16530-d3a1162b-2e29-4341-84f9-dd4918d40629; KRTBCOOKIE_27=16735-uid:46816055-2066-4100-a82a-a4a0b1d39bfa&KRTB&16736-uid:46816055-2066-4100-a82a-a4a0b1d39bfa&KRTB&23019-uid:46816055-2066-4100-a82a-a4a0b1d39bfa&KRTB&23114-uid:46816055-2066-4100-a82a-a4a0b1d39bfa; KRTBCOOKIE_188=3189-c5080193-0f7d-41c9-8f4f-17e46381293a-60552067-4348; KRTBCOOKIE_1101=23040-6941490031714564249; PugT=1616191590
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Fri, 19 Mar 2021 22:06:32 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_336=5844-8470772502363522023; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 18-Apr-2021 22:06:32 GMT; path=/ PugT=1616191592; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 18-Apr-2021 22:06:32 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 17-Jun-2021 22:06:32 GMT; path=/
X-lat
lhrpug003:0:416
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8470772502363522023
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
dis.criteo.com/dis/ Frame EC4D 		43 B
284 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=46889046&p=156657&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method
GET
:authority
dis.criteo.com
:scheme
https
:path
/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache
pragma
no-cache
content-type
image/gif
expires
Fri, 19 Mar 2021 00:00:00 GMT
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks
1132
date
Fri, 19 Mar 2021 22:06:31 GMT
content-length
43
redir
rtb-csync.smartadserver.com/ Frame CA80
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFHR2prN0Fxa0VBQUJJV1F6TklNQQ&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://rtb-csync.smartadserver.com/redir
43 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb-csync.smartadserver.com/redir
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=46889046&p=156657&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.115 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Host
rtb-csync.smartadserver.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Fri, 19 Mar 2021 22:06:31 GMT
content-type
image/gif
transfer-encoding
chunked

Redirect headers

Date
Fri, 19 Mar 2021 22:06:32 GMT
location
https://rtb-csync.smartadserver.com/redir
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
Content-Length
0
Connection
keep-alive
Cookie set Pug
simage2.pubmatic.com/AdServer/ Frame 7FEF
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6941490031714564249
42 B
771 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6941490031714564249
Requested by
Host: image6.pubmatic.com
URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=46889046&p=156657&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host
simage2.pubmatic.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
KRTBCOOKIE_153=1923-uazix72s4cai_rSWuar6xbf_58aipeXKvv1lc4ie&KRTB&19420-uazix72s4cai_rSWuar6xbf_58aipeXKvv1lc4ie&KRTB&22979-uazix72s4cai_rSWuar6xbf_58aipeXKvv1lc4ie; PUBMDCID=3; KRTBCOOKIE_80=16514-CAESEMWZ7hjsbc6Y5hPDmqbyYms&KRTB&22987-CAESEMWZ7hjsbc6Y5hPDmqbyYms&KRTB&23025-CAESEMWZ7hjsbc6Y5hPDmqbyYms; KRTBCOOKIE_57=22776-3127976995046796571; KRTBCOOKIE_22=14911-2594586110779443962; KRTBCOOKIE_377=6810-88dee563-8bf1-42ea-b937-d2c41c2c14dd&KRTB&22918-88dee563-8bf1-42ea-b937-d2c41c2c14dd&KRTB&23031-88dee563-8bf1-42ea-b937-d2c41c2c14dd; KRTBCOOKIE_218=22978-YFUgZwAAAGV9fyrK&KRTB&23194-YFUgZwAAAGV9fyrK&KRTB&23209-YFUgZwAAAGV9fyrK&KRTB&23244-YFUgZwAAAGV9fyrK; KRTBCOOKIE_466=16530-d3a1162b-2e29-4341-84f9-dd4918d40629; KRTBCOOKIE_27=16735-uid:46816055-2066-4100-a82a-a4a0b1d39bfa&KRTB&16736-uid:46816055-2066-4100-a82a-a4a0b1d39bfa&KRTB&23019-uid:46816055-2066-4100-a82a-a4a0b1d39bfa&KRTB&23114-uid:46816055-2066-4100-a82a-a4a0b1d39bfa; KRTBCOOKIE_188=3189-c5080193-0f7d-41c9-8f4f-17e46381293a-60552067-4348; PugT=1616191591
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
nginx
Date
Fri, 19 Mar 2021 22:06:30 GMT
Content-Type
image/gif; charset=utf-8
Content-Length
42
Connection
keep-alive
Set-Cookie
KRTBCOOKIE_1101=23040-6941490031714564249; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 18-Apr-2021 22:06:30 GMT; path=/ PugT=1616191590; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 18-Apr-2021 22:06:30 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 17-Jun-2021 22:06:30 GMT; path=/
X-lat
amspug018:0:286
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Fri, 19 Mar 2021 22:06:32 GMT
Transfer-Encoding
chunked
Connection
keep-alive
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie
UserID1=6941490031714564249; Max-Age=7776000; domain=.adfarm1.adition.com; Path=/; SameSite=None; Secure
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6941490031714564249
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 9FC5 		43 B
344 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?id=81219A30-5BB3-4F24-BC35-55283A34ABDA&ex=pubmatic.com
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.95.116.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Host
aax-eu.amazon-adsystem.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Server
Server
Date
Fri, 19 Mar 2021 22:06:31 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Vary
User-Agent
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 75BB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=gSGaMFuzTyS8NVUoOjSr2g%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
184.30.20.198 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-198.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 19 Mar 2021 22:06:31 GMT
Content-Encoding
gzip
Last-Modified
Wed, 21 Oct 2020 18:57:29 GMT
Server
Apache/2.2.15 (CentOS)
ETag
"1300708-1f78-5b232eb4914bb"
Vary
Accept-Encoding
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
max-age=41470
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
text/html; charset=UTF-8
Content-Length
2654
Expires
Sat, 20 Mar 2021 09:37:41 GMT

Redirect headers

pragma
no-cache
date
Fri, 19 Mar 2021 22:06:31 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 75BB 		95 B
596 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=81219A30-5BB3-4F24-BC35-55283A34ABDA
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:29 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
632a0217f87c4eb6-FRA
access-control-allow-headers
*
content-length
95
cf-request-id
08ee1fa2f700004eb6131ff000000001
info
uipglob.semasio.net/pubmatic/1/ Frame 75BB 		42 B
253 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=81219A30-5BB3-4F24-BC35-55283A34ABDA&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
uip-response-status
FallbackResponse
date
Fri, 19 Mar 2021 22:06:32 GMT
frontend-id
8
content-length
42
routing-server-id
-1
content-type
image/gif
Artemis
aud.pubmatic.com/AdServer/ Frame 75BB
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=81219A30-5BB3-4F24-BC35-55283A34ABDA&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=81219A30-5BB3-4F24-BC35-55283A34ABDA&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=81219A30-5BB3-4F24-BC35-55283A34ABDA&addseg=31
7 B
147 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=81219A30-5BB3-4F24-BC35-55283A34ABDA&addseg=31
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.64.189.249 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 19 Mar 2021 22:06:32 GMT
Connection
keep-alive
Content-Length
7
Content-Type
text/plain; charset=utf-8

Redirect headers

date
Fri, 19 Mar 2021 22:06:32 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=81219A30-5BB3-4F24-BC35-55283A34ABDA&addseg=31
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
135
Pug
simage2.pubmatic.com/AdServer/ Frame 75BB
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=88dee563-8bf1-42ea-b937-d2c41c2c14dd
42 B
882 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=88dee563-8bf1-42ea-b937-d2c41c2c14dd
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 19 Mar 2021 22:06:30 GMT
X-lat
amspug019:0:484
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Fri, 19 Mar 2021 22:06:31 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=88dee563-8bf1-42ea-b937-d2c41c2c14dd
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
simage2.pubmatic.com/AdServer/ Frame 75BB
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=557150446999398645
42 B
799 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=557150446999398645
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 19 Mar 2021 22:06:31 GMT
X-lat
amspug013:0:353
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Fri, 19 Mar 2021 22:06:32 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=557150446999398645
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
0
expires
-1
Pug
image2.pubmatic.com/AdServer/ Frame 75BB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMWZ7hjsbc6Y5hPDmqbyYms&google_cver=1
42 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMWZ7hjsbc6Y5hPDmqbyYms&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 19 Mar 2021 22:06:31 GMT
X-lat
lhrpug002:0:448
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Fri, 19 Mar 2021 22:06:31 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEMWZ7hjsbc6Y5hPDmqbyYms&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 75BB
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:46816055-2066-4100-a82a-a4a0b1d39bfa&gdpr=0&gdpr_consent=
42 B
946 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:46816055-2066-4100-a82a-a4a0b1d39bfa&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 19 Mar 2021 22:06:29 GMT
X-lat
amspug009:0:485
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Date
Fri, 19 Mar 2021 22:06:29 GMT
Server
MT3 3611 f10363c master zrh-pixel-x5
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:46816055-2066-4100-a82a-a4a0b1d39bfa&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Fri, 19 Mar 2021 22:06:28 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 75BB
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3127976995046796571&gdpr=0&gdpr_consent=
42 B
769 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3127976995046796571&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 19 Mar 2021 22:06:31 GMT
X-lat
lhrpug016:0:288
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Pragma
no-cache
Date
Fri, 19 Mar 2021 22:06:31 GMT
X-Proxy-Origin
185.156.175.187; 185.156.175.187; 693.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.153:80
AN-X-Request-Uuid
55b9eefa-551c-4f23-81d3-4f722d801b42
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3127976995046796571&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 75BB
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://ads.programattik.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
  • https://ads.programattik.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic
  • https://x.bidswitch.net/sync?dsp_id=156&expires=14&user_id=08ebade7-96b4-4d68-a8d1-4f0e15257c5f&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=d3a1162b-2e29-4341-84f9-dd4918d40629&gdpr=&gdpr_consent=&gdpr_pd=
1 B
746 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=d3a1162b-2e29-4341-84f9-dd4918d40629&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 19 Mar 2021 22:06:30 GMT
X-lat
amspug003:0:2341
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=d3a1162b-2e29-4341-84f9-dd4918d40629&gdpr=&gdpr_consent=&gdpr_pd=
date
Fri, 19 Mar 2021 22:06:31 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
81219A30-5BB3-4F24-BC35-55283A34ABDA
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 75BB 		43 B
840 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/81219A30-5BB3-4F24-BC35-55283A34ABDA?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:29 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame 75BB
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=81219A30-5BB3-4F24-BC35-55283A34ABDA&redir=true&gdpr=0&gdpr_consent=
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=81219A30-5BB3-4F24-BC35-55283A34ABDA&redir=true&gdpr=0&gdpr_consent=&verify=true
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-GqxxfIBE2uVJP7dnvxe_Wi_VkRJfaL0-~A&gdpr=0&gdpr_consent=
0
573 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-GqxxfIBE2uVJP7dnvxe_Wi_VkRJfaL0-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 19 Mar 2021 22:06:31 GMT
Cache-Control
no-store, no-cache, private
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Fri, 19 Mar 2021 22:06:32 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-GqxxfIBE2uVJP7dnvxe_Wi_VkRJfaL0-~A&gdpr=0&gdpr_consent=
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame 75BB
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=uazix72s4cai_rSWuar6xbf_58aipeXKvv1lc4ie
42 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=uazix72s4cai_rSWuar6xbf_58aipeXKvv1lc4ie
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 19 Mar 2021 22:06:31 GMT
X-lat
lhrpug005:0:554
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Fri, 19 Mar 2021 22:06:29 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=uazix72s4cai_rSWuar6xbf_58aipeXKvv1lc4ie
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 75BB
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YFUgZwAAAGV9fyrK&gdpr=0&gdpr_consent=&_test=YFUgZwAAAGV9fyrK
1 B
809 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YFUgZwAAAGV9fyrK&gdpr=0&gdpr_consent=&_test=YFUgZwAAAGV9fyrK
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 19 Mar 2021 22:06:30 GMT
X-lat
amspug017:0:461
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

pragma
no-cache
date
Fri, 19 Mar 2021 22:06:31 GMT
via
1.1 varnish
server
Varnish
x-timer
S1616191591.173437,VS0,VE0
x-served-by
cache-hhn4073-HHN
x-cache
HIT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YFUgZwAAAGV9fyrK&gdpr=0&gdpr_consent=&_test=YFUgZwAAAGV9fyrK
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
Pug
simage2.pubmatic.com/AdServer/ Frame 75BB
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2594586110779443962&gdpr=0&gdpr_consent=&us_privacy=
1 B
727 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2594586110779443962&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 19 Mar 2021 22:06:28 GMT
X-lat
amspug016:0:405
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
1

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2594586110779443962&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Fri, 19 Mar 2021 22:06:30 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 75BB
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:20737ce4-0bb3-42d8-8739-59004e3237f5&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:20737ce4-0bb3-42d8-8739-59004e3237f5&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 19 Mar 2021 22:06:30 GMT
X-lat
amspug011:0:360
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:20737ce4-0bb3-42d8-8739-59004e3237f5&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Fri, 19 Mar 2021 22:06:31 GMT
Server
Apache/2.4.41 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Pug
image2.pubmatic.com/AdServer/ Frame 75BB
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=c5080193-0f7d-41c9-8f4f-17e46381293a-60552067-4348&gdpr=0&gdpr_consent=
42 B
800 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=c5080193-0f7d-41c9-8f4f-17e46381293a-60552067-4348&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 19 Mar 2021 22:06:31 GMT
X-lat
lhrpug008:0:474
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

pragma
no-cache
date
Fri, 19 Mar 2021 22:06:30 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=c5080193-0f7d-41c9-8f4f-17e46381293a-60552067-4348&gdpr=0&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
current
pubmatic-match.dotomi.com/match/bounce/ Frame 75BB 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=81219A30-5BB3-4F24-BC35-55283A34ABDA&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1400 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Mar 2021 22:06:31 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
pubmatic
um.simpli.fi/ Frame 75BB 		43 B
607 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS
bc.80.fd9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:31 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Thu, 18 Mar 2021 22:06:31 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 75BB
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3127976995046796571
42 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3127976995046796571
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Fri, 19 Mar 2021 22:06:31 GMT
X-lat
amspug005:0:274
Server
nginx
P3P
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif; charset=utf-8
Content-Length
42

Redirect headers

Pragma
no-cache
Date
Fri, 19 Mar 2021 22:06:31 GMT
X-Proxy-Origin
185.156.175.187; 185.156.175.187; 693.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.110:80
AN-X-Request-Uuid
48903873-d510-48af-b492-227f54eacab3
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3127976995046796571
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
i.match
a.tribalfusion.com/ Frame 9645
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212295768&_puid=18072662209258333470
  • https://a.tribalfusion.com/i.match?p=b23&u=266530603730003112570
43 B
598 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tribalfusion.com/i.match?p=b23&u=266530603730003112570
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=aJmTR8ScUsStZbyYdfrTmfw4snY0FvZbT6Tw4A3hQmBB4WYy1tnDnt2N4PvT5GM9Vc3lUsbeRPFxWtZbWUbjP2betVabtVEYjSTJKQVjCQUAvRW79Wsr25FPqodeOXEev2HfFSGjZd26YZamdEyUHB7XrUb1UZblXq6tRbYHTUBYTtQWmbQmRUBNXEnn4Efc5E7XmaMHXUJaWt7TomrZbpsQwmHfJ5EZbg0WiFNivxas&mediaDataID=7665496&mediaName=frame.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer
https://s.tribalfusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Mar 2021 22:06:32 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
632a022aee624e55-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
content-type
image/gif; charset=utf-8
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
cf-request-id
08ee1faed300004e55d307a000000001
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 19 Mar 2021 22:06:32 GMT
server
AAWebServer
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location
https://a.tribalfusion.com/i.match?p=b23&u=266530603730003112570
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
dspreply
public-prod-dspcookiematching.dmxleo.com/ Frame 3444
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b24&u=18072662209258333470&redirect=https%3A%2F%2Fpublic-prod-dspcookiematching.dmxleo.com%2Fdspreply%3FdspId%3D15%26dspUserId%3D%24TF_USER_ID_ENC%24
  • https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=15&dspUserId=18072662209258333470
0
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=15&dspUserId=18072662209258333470
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=aomTR8T6Mu4sY20F3ZdT6Xp2PB8QABA3drO0HQDmt6v36U04V3fTsJ7VVFlR6UwWdQ5Wbb03b2nUabpVEYlPTrKRGYZaPbEsPHf9UVY55bXxmtqmXqqy3WnASGfZa4AJZboHTsVWJe0rvb1UF91qatRrrGWUU5Td33mrBnQUrq1E3y5EUl2aURoa7A1bjaTdMRmmfZcmcMtmtrF5qQj5HAN3AvGprbZd5cr7qvEEXG&mediaDataID=8039566&mediaName=frame.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.25.144 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s.tribalfusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:32 GMT
via
1.1 google
alt-svc
clear
content-length
0

Redirect headers

pragma
no-cache
date
Fri, 19 Mar 2021 22:06:29 GMT
cf-cache-status
DYNAMIC
x-function
209
server
cloudflare
x-reuse-index
2
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
632a0217eb634e55-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://public-prod-dspcookiematching.dmxleo.com/dspreply?dspId=15&dspUserId=18072662209258333470
cache-control
no-cache, private
content-type
text/html
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08ee1fa2f200004e55c9b39000000001
expires
Thu, 01 Jan 1970 00:00:00 GMT
i.match
a.tribalfusion.com/ Frame C296
Redirect Chain
  • https://ads.stickyadstv.com/user-registering?dataProviderId=377&userId=18072662209258333470&redirectId=1001
  • https://a.tribalfusion.com/i.match?p=b21&u=aff01178a87149a57df8916f3ea1374a
43 B
428 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tribalfusion.com/i.match?p=b21&u=aff01178a87149a57df8916f3ea1374a
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=ammTR82avYoTbCYbJgTtfQoA3CncnrotQJ3T382dZar3AjFmUUHXVfVXVM10sfvpTj25F3VVFnHUPf4PTrQPcvoPd3x1dFnT6jy4sMUYrrDT6ir46nhQPfF4WQO0dBKnHPu36Y03cM7VcUjVsjeRAvvWdQQWbf03bZaoVqjpTTQlQEBZcQVbCQUZawRtv6VsbU4r6qnHeo0EqO4WvDSsFZa2mJHmdXtStZbPxQv3LB&mediaDataID=6680176&mediaName=frame.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer
https://s.tribalfusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Mar 2021 22:06:32 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
632a022b1ea34e55-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
content-type
image/gif; charset=utf-8
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
cf-request-id
08ee1faef200004e550d398000000001
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 19 Mar 2021 22:06:32 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://a.tribalfusion.com/i.match?p=b21&u=aff01178a87149a57df8916f3ea1374a
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1616191591756084-116
Expires
Fri, 19 Mar 2021 22:06:32 GMT
usermatch.gif
beacon.krxd.net/ Frame B4D5
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b22&u=18072662209258333470&redirect=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dexponential%26partner_uid%3D%24TF_USER_ID_ENC%24
  • https://beacon.krxd.net/usermatch.gif?partner=exponential&partner_uid=18072662209258333470
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=exponential&partner_uid=18072662209258333470
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=aKmTR81E3t3TZbk4EUYnTFB1r7hTtrSmPQBnVnvpWUC5EY82WAM5PvKmF3JXsvS1cQTXV7xnTvW5FZbVVU7ZcVAU1QTj5QsnsSt3wYtFuWA3p2cB0XbMLUPPr2PQePPMA2tBrXWYDptZav363Y4cM6TsrcUcfkPAQuUdUWTrM05bEuWajoTTMlPqZbZcRVjZdQUupRt79VsvR2rytoWep0EXp4dbZdSGrHYPUywWr4wr&mediaDataID=6807466&mediaName=frame.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.252.7.224 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s.tribalfusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:32 GMT
cache-control
private, no-cache, no-store
x-request-time
D=31 t=1616191592
x-served-by
beacon-n005-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Fri, 19 Mar 2021 22:06:29 GMT
cf-cache-status
DYNAMIC
x-function
209
server
cloudflare
x-reuse-index
4933
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
632a0217eb644e55-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://beacon.krxd.net/usermatch.gif?partner=exponential&partner_uid=18072662209258333470
cache-control
no-cache, private
content-type
text/html
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08ee1fa2f200004e559ba9d000000001
expires
Thu, 01 Jan 1970 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3D84 		0
46 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BCNxkYyBVYJa5PPOx7_UPl9a9yAsAAAAAOAHgBAI&bg=!cHOlczfNAAbUo7L91KM7ACkAdvg8WlLbrGc0jkgyMK83bAhlTZaCRaYw2sGabnemPP33xP2f9lExMgIAAAFkUgAAAINoAQcKAE8ReKGn_BNSZCMOSJLWoqMCoeVQxYiLiDGRAU1yASKPbzIARWmlWBKm3borjXVxMaWGTIds3z0Dj9Ior5NLAZmrMG33NJ_sI_uQZJIUNE0rmQJsXwAKPE0czCvKGIllKl1XWg0S1sfJM_gx9vGjD_jrXx53jifPO8XEy5Pci5WMUydKLYLDujwognTJbZ-hVVllaPIVb9VsNGBNyNQzsYnu0Zx59vEXvt2pQ9dx2GYQHaDpVeHb1fTpGH3wXVqhXcKqbDRFo9SZjsC5OlJ0G6pZqZVC5WPhjZNf8YJxArdBESdZa7QCJdJk0dypc1dJEuuT8WyiLRHlHLOHH7m1PBCjUyiKadBuDK1DQ6UVNjG5cqmm69H10doW6NGNxASIGa6k1FwRyk2DxFFqSZVwlCpV0C3hvA7Vm8inu4PkSdH9UFBcNG6tL11kOXeHrz6pr8ZG_utxXbZgZHaVK2lG8rto26QYzqJ7cVTXa4obwhRjilj73hjBrylV_7OVHg71gXiNB1H_CXTHmWniPJaLdjDmuAfJviziMLkoLGhblVBYxtO5D6oa1njc0UIUVZIOyS2QFn5xSvIRy7swOP2JVZOYgZMH1YRhsxRfogrzYhtJhyD44dgD1Jj_A_cqOaZoyAjsucHzRYEsyX6QcR3B8ykf-5M_2YlOZAj_jnxdjxuuMqbv1thBaAT6hIb1rsSuPPGsbsyoT3L9qxuGxMetU2hnJumEbRayQY29WSZYIDwvXjetncFUbd_MFHPK-ZfMf-KK-wJxyWDBUrdd864PdUfOBGZkggAP0hkKxRvDxoEjn850zjy7k_B4x30JhVKqlZ0Qz7d7a9CC8IeggamnaHRrpRYqUTzgFQuCY4zBk0X40irrBOVtzmviNDU3NT7vAdDnj6U5DivqHHw0gxJqtFL7Qh0ZR50bS7buprVrQ4o
Requested by
Host: appleinsider.com
URL: https://appleinsider.com/articles/21/02/26/hacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Mar 2021 22:06:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
i.match
s.tribalfusion.com/z/ Frame 1279
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?id=b9f5c7de-85f6-48cc-ba86-351b90373b6b&r=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db12%26redirect%3Dhttps%253A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%253Fid%253D...
  • https://us-u.openx.net/w/1.0/cm?cc=1&id=b9f5c7de-85f6-48cc-ba86-351b90373b6b&r=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db12%26redirect%3Dhttps%253A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%253Fid...
  • https://a.tribalfusion.com/i.match?p=b12&redirect=https%3A//us-u.openx.net/w/1.0/sd%3Fid%3D537141727%26val%3D%24TF_USER_ID_ENC%24&u=5361887f-cb5f-4c63-88d7-c2b98d17b5d3
  • https://s.tribalfusion.com/z/i.match?p=b12&redirect=https%3A//us-u.openx.net/w/1.0/sd%3Fid%3D537141727%26val%3D%24TF_USER_ID_ENC%24&u=5361887f-cb5f-4c63-88d7-c2b98d17b5d3
43 B
397 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b12&redirect=https%3A//us-u.openx.net/w/1.0/sd%3Fid%3D537141727%26val%3D%24TF_USER_ID_ENC%24&u=5361887f-cb5f-4c63-88d7-c2b98d17b5d3
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=aLmTR8STYZcQVJJRbirPWjbUVQR2UusndZaOXaum3tYESG7Zd5PvEotXmUdfcXUvc1UZb7XqitRbJEWFJYVdYWnrbqQFMmYTvs3T3h2a3RnqFIYbUcUtbVn67ZcpGMwotfD3aBh5teM3PfZbprvEYVvPYsv3XGjMpEjT3UUVWFnEUAvTPTb0ScvMPWjw0WBwWAbv2GB0YrQZcVAms26QaRPZbK4WZbOXWBLsHAJuhWfuJ&mediaDataID=6546596&mediaName=frame.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer
https://s.tribalfusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Mar 2021 22:06:31 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
632a02258efd4e55-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
content-type
image/gif; charset=utf-8
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
cf-request-id
08ee1fab7900004e55f9a29000000001
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 19 Mar 2021 22:06:31 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
465
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
632a02247d624e55-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://s.tribalfusion.com/z/i.match?p=b12&redirect=https%3A//us-u.openx.net/w/1.0/sd%3Fid%3D537141727%26val%3D%24TF_USER_ID_ENC%24&u=5361887f-cb5f-4c63-88d7-c2b98d17b5d3
cache-control
no-cache, private
content-type
text/html
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08ee1faace00004e55c78e2000000001
expires
Thu, 01 Jan 1970 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 0481
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b10&u=18072662209258333470&redirect=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D111756%26nid%3D3856%26put%3D%24TF_USER_ID_ENC%24%26expires%3D180
  • https://pixel.rubiconproject.com/tap.php?v=111756&nid=3856&put=18072662209258333470&expires=180
42 B
767 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=111756&nid=3856&put=18072662209258333470&expires=180
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=anmTR8Rr6oPHvaWV3R5UioodZaoXauw3t3ZdQVbZd56rZamdZaOUt7eXrf8Xb7k0TaqPb3ZdWFYYVtJ4obYnPFbNXEnp4E3g4q30oTrH1rffTdFXmPfJmGrtoWnG5EQ73Hmq56rZaprMH0VvQ1cYV1VfxnEFU5UQPTUbEWAn4QEb1ScUMQdUNYtZbuWmYx3VM2YrZbJTAir5mQbRP7G4dQpXdnApd2o36BRXVnQMwmBGb&mediaDataID=5436426&mediaName=frame.html
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://s.tribalfusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length
42
X-RPHost
4cdacfaa68e4ab216fffbcc107c5b898
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Fri, 19 Mar 2021 22:06:29 GMT
cf-cache-status
DYNAMIC
x-function
209
server
cloudflare
x-reuse-index
874
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
632a0217fb8e4e55-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://pixel.rubiconproject.com/tap.php?v=111756&nid=3856&put=18072662209258333470&expires=180
cache-control
no-cache, private
content-type
text/html
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08ee1fa2ff00004e55f1364000000001
expires
Thu, 01 Jan 1970 00:00:00 GMT
i.match
a.tribalfusion.com/ Frame 7B9D
Redirect Chain
  • https://tags.bluekai.com/site/4229?id=18072662209258333470&redir=https%3A%2F%2Fa.tribalfusion.com%2Fi.match%3Fp%3Db3%26u%3D%24_BK_UUID
  • https://a.tribalfusion.com/i.match?p=b3&u=xQ261Q9999e%2B1aPQ
43 B
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.tribalfusion.com/i.match?p=b3&u=xQ261Q9999e%2B1aPQ
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=aqmTR8PHvdUVMU4bTvnHys0quu3WQDSsZbZa46YEptatVWFeYFYjYFYl1TZamRUYEWUUQTdQ3mrQoRFMqYTUy4T7h5qf2mEBF1r3cWHBXn6QBnV7poHMA3TYk5tiN5mvZanUfZc0GnY1sU3XGbnmEfT3FvWTFbCUPr4PEr1PcZbtStZbr1dvpT6Qp2Vn5XUMLUPim46ZbdQA7H4dQpXd3ZapWio36BY3sj7SGUVxZdZa7Bp&mediaDataID=2713736&mediaName=frame.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer
https://s.tribalfusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Mar 2021 22:06:32 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
632a022bef964e55-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
content-type
image/gif; charset=utf-8
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
cf-request-id
08ee1faf7500004e5599130000000001
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://a.tribalfusion.com/i.match?p=b3&u=xQ261Q9999e%2B1aPQ
Date
Fri, 19 Mar 2021 22:06:32 GMT
Connection
keep-alive
Content-Length
0
BK-Server
1933
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
i.match
s.tribalfusion.com/z/ Frame 903C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=exp&google_cm&google_sc&google_ula=2786954&google_hm=18072662209258333470
  • https://a.tribalfusion.com/i.match?p=b6&u=adx&google_gid=CAESEBU31uoAtmX23ME90Z-vP7Y&google_cver=1&google_ula=2786954,0
  • https://s.tribalfusion.com/z/i.match?p=b6&u=adx&google_gid=CAESEBU31uoAtmX23ME90Z-vP7Y&google_cver=1&google_ula=2786954,0
43 B
440 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b6&u=adx&google_gid=CAESEBU31uoAtmX23ME90Z-vP7Y&google_cver=1&google_ula=2786954,0
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=apmTR8oTbD1rZb8UHb1om3IpG3oodYL2Er73d6M4PFZbprnHYcYYYsF01sBynafW5UQ4TUfEWA73RTj1Qs3MPt7w0dnsVmYM4sJ00UnDUPTw4AZb6PAFI2HvmXW3AnW2u5AZbS3srfVsYcUc78SAUuUtvVWrf25rIoWqMpWTJbSTYFSGQJRrZavStM8Vsr35b6nmWqmYTqN4WvDSsfA2AvHmdXyVWQ65FrUNDGvdB&mediaDataID=4056396&mediaName=frame.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer
https://s.tribalfusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Mar 2021 22:06:31 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
632a02255e984e55-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
content-type
image/gif; charset=utf-8
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
cf-request-id
08ee1fab5600004e55a3143000000001
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 19 Mar 2021 22:06:31 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
521
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
632a02243d0e4e55-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://s.tribalfusion.com/z/i.match?p=b6&u=adx&google_gid=CAESEBU31uoAtmX23ME90Z-vP7Y&google_cver=1&google_ula=2786954,0
cache-control
no-cache, private
content-type
text/html
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08ee1faaa500004e55ae3cf000000001
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
emxhb.emxdgt.com/biddr/ 		22 B
152 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://emxhb.emxdgt.com/biddr/
Requested by
Host: biddr.brealtime.com
URL: https://biddr.brealtime.com/77432379-1625.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.89.230.82 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
ea7d9ca482caf5f3c4c5f27281d5154db2d933c602412b82073bfd956da3c2d3

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
*
date
Fri, 19 Mar 2021 22:06:32 GMT
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
22
content-type
text/plain
view
securepubads.g.doubleclick.net/pcs/ Frame 3EC9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu0HXVhAyVsGM5pUhG0PViY8P8sLLMRvhI6SrQtnv-mfL_HkHA-cAP0KZJ3O-3HUng2mrbBJcVRrosUHjeQoWQ3ZGtSMVNhC1EAISbqdJ4LMCgJDvgO_0mK92CoxJ8yTwzJSQZDN-qMnhjTZCEfFwzdKLf5elphA39KnY2AabKN4nmQ1OYJzOhNL1lfbbAvkCrYeO85636MVWmAL-kKs83WT0n-TgpSedrQ1BGMPQaouyfIhxOjvEeE14T0N_v2l6pyL7sGJidIEgKxFhDmm6QQPaq2G8n8O99N1JgUx-cvxboJMyS1r_pMx-PUammOWwW8nEtClLs&sai=AMfl-YSGyONOUCxS6GQppXaVrq5xrBUbsGoQ490gQ0ikxFp9mCk042HMZKltgHGfbFdNVknk_7MlOINgcurhzEwVU7zCuHHBC-onUa7KzuiM7saQUlnPjOfuqeNJwBFJaWo&sig=Cg0ArKJSzHjRL22b5kVEEAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7248aea1662551ce2c5b3fc70bfff856.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 19 Mar 2021 22:06:31 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 19 Mar 2021 22:06:31 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame 3EC9 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210316&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210316/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2892341250670811&plah=7248aea1662551ce2c5b3fc70bfff856.safeframe.googlesyndication.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
17565a491218a944b9fb0c65db937fb812438ccfde843992a25dbea94d7e42ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7248aea1662551ce2c5b3fc70bfff856.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 19 Mar 2021 22:06:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6500
x-xss-protection
0
i.match
s.tribalfusion.com/z/ Frame 7FFC
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=8731&uid=18072662209258333470&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db19%26u%3D$SPOTX_USER_ID
  • https://sync.search.spotxchange.com/partner?adv_id=8731&uid=18072662209258333470&redir=https%3A//a.tribalfusion.com/i.match%3Fp%3Db19%26u%3D$SPOTX_USER_ID&__user_check__=1&sync_id=5c3ec45b-88ff-11e...
  • https://a.tribalfusion.com/i.match?p=b19&u=5c3ec41f-88ff-11eb-b92c-1f932c7f4206
  • https://s.tribalfusion.com/z/i.match?p=b19&u=5c3ec41f-88ff-11eb-b92c-1f932c7f4206
43 B
716 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.tribalfusion.com/z/i.match?p=b19&u=5c3ec41f-88ff-11eb-b92c-1f932c7f4206
Requested by
Host: s.tribalfusion.com
URL: https://s.tribalfusion.com/p.media?clickID=armTR84sY40UULUPqr2AY7R6rD3dMt1WvAntZan4mMR3svfUGvkWsMkS6MOUWUTWrfR5rEoWqjmTEBbQEQFRVbZbQbmtRW36UVjP2F2xnHZaOXaey3WfGQcvD2mUHoWXsTt370bnj1FJeXaeMSrYHUFMXTt31obFnPUbqXEFs3TZba4q7YoTJI1bZbcWtnQn6fLns7rpdrE5qQj5Hio3mJGprbE0GfQ4GYjrMIHmg&mediaDataID=9148826&mediaName=frame.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer
https://s.tribalfusion.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Mar 2021 22:06:31 GMT
cf-cache-status
DYNAMIC
x-function
302
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
632a02258ef64e55-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
cache-control
no-cache, private
content-type
image/gif; charset=utf-8
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
cf-request-id
08ee1fab7800004e55068f3000000001
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 19 Mar 2021 22:06:31 GMT
cf-cache-status
DYNAMIC
x-function
206
server
cloudflare
x-reuse-index
71
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray
632a02247d614e55-FRA
p3p
CP="NOI DEVo TAIa OUR BUS"
location
https://s.tribalfusion.com/z/i.match?p=b19&u=5c3ec41f-88ff-11eb-b92c-1f932c7f4206
cache-control
no-cache, private
content-type
text/html
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id
08ee1faace00004e55dc8e1000000001
expires
Thu, 01 Jan 1970 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 3EC9 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210316/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2892341250670811&plah=7248aea1662551ce2c5b3fc70bfff856.safeframe.googlesyndication.com&amaexp=1
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7248aea1662551ce2c5b3fc70bfff856.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1611170586013198"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6403
x-xss-protection
0
expires
Fri, 19 Mar 2021 22:06:29 GMT
Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js
pagead2.googlesyndication.com/bg/ Frame C5A9 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ed9e68daec65b2fde80938f332c6813249b5261d1b158b5703574e2c34a14c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 10:03:59 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 15 Mar 2021 13:45:00 GMT
server
sffe
age
43350
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5785
x-xss-protection
0
expires
Sat, 19 Mar 2022 10:03:59 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 9A20 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gda_r20210316&jk=2386061136761195&bg=!Xl2lXRnNAAbUo7L91KM7ACkAdvg8Wgu6khKn3BvTco1JTt4Iz2J_gcp5t6l-0BUtECYFujaUZv_O7wIAAAI4UgAAAF9oAQcKAHdY83mdY-l0CaU_eRt_z-3E4c2fKaMBJxrWBXpdL7GPFKHCEpObzl7weR-FUSmTPqQm0uE9GU1nh9axSqB2m-1i8gEZFVGLn89Rjtdhc-2RV44kOyfqBNMHKVKxVGYzEVvpiL4n1EH6-Et05xJE-Ln43Mbf1BrktZkB5EUKsY26JRBEum0W9bI3tZlVMV5kFWdRWdq45A496UXcxizm3U_26KnM11jDAxEOpOLPMrumybNbgSBCBgZrNFC0Z0LIlB6nZ0Cw-9USBFYf12W8xW4HUW27C1WRHjX6X3zz3XGuwzfibRaxyNYxHDRkddJ0hE8rPeLQO9kMen3_a8-jIIgOoESBPoCTAIrsRB2p9eMXoIRnlessMh6SQWstpdjkaDNX3E1Oqi3HePoPyE_LR5GxJa4af9mI6ZMQceTqzr5vRVcdfgWWxzq4BODVPkQTf6rQVuJCYVklQo_axiytmnOw0qnIlVwdyBJw_QtYq7wiW4JMERucneZru0Q22qmwFATt95mnqU8puoLlW0nffSsC9jznUKbU4BgmJdWwvRRc9dKZr4q9aCBejZzroKJnwHGBQjj9eUmLv1wDTD7Gh_kxy1Ox1F-QVd4OZJadIT9VDEBJtSX1c3ssCRQpn6yhAD6HAPo_yMM59GacvPdeTr_7GCMJcui0fl4IPL89kpCr6l0TBoqja5w_iHrXZjNryCSfz_pqSOwwcqwxZjYrUb9kz3H8E5nxXhuwkBjNpFfjU8Cwe1_NItTuxxWV_bUkrz9TaBaZKrTa21L2cgLQG80gnQN3Anw8DLleTyipexY
Requested by
Host: appleinsider.com
URL: https://appleinsider.com/articles/21/02/26/hacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Mar 2021 22:06:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/221/ Frame E7C7 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/221/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://7248aea1662551ce2c5b3fc70bfff856.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://7248aea1662551ce2c5b3fc70bfff856.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4984
date
Fri, 19 Mar 2021 17:36:09 GMT
expires
Sat, 19 Mar 2022 17:36:09 GMT
last-modified
Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
16220
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js
pagead2.googlesyndication.com/bg/ Frame E7C7 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ed9e68daec65b2fde80938f332c6813249b5261d1b158b5703574e2c34a14c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 10:03:59 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 15 Mar 2021 13:45:00 GMT
server
sffe
age
43350
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5785
x-xss-protection
0
expires
Sat, 19 Mar 2022 10:03:59 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2118 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gda_r20210316&jk=4343791204405116&bg=!tbaltvLNAAbUo7L91KM7ACkAdvg8WuSxn0ncUw1yp4dCNDbyE9-5EMt4WnGsAvhxkdUIRRZ6e07plwIAAACbUgAAAEJoAQcKANB7yC7HEeZaAlQ6eCZB4WWlrN6D7URa1a3pj1JGXpyW9J0dcBQVKEZWhmzZOzkg7yV7BUROQzdcPhcfKHl1wRahDa9Ht1ssA2EGdCzgWzVxamA1NH1upar8yhY6-fl6TjNbzRCcZip3T0T4o6KZQtGLlIccN6_NwwzW2WnmquTbcliv1mKHkPCQiXygu3xExXgOwMxQBLKC-4YA9HnkvVDX163RiqTc0fm9J_7sVjkADV9Dlzy0Z59000ZS9y-BgWGS3drbB41yfuhPx0CWGNeUmQHt7IuLOrhVZRBd5Eukxv5joqudIoKW4mc49-w36LdUtgYlA90Z4E3RKP2fH7nag2EOb0m_XDdLIVE5re4o0d72DG4ac7bV1wiXfTxoqemn7e5W2Ff4l9YocFpxiAUM2v-P5OwblsPqIblmQhCJFsHJ-i9U55bwZxg5S1o0QAX0hrEFwi5hxhb9wb8llqvI7FtJICAWMIQGPwHSzqxDbmwR4taW9HcwxvCxOQU5xP0VnxLIKaIU_WZtJyuCLxZCe7K1ZEZf0xjJZSE7aisd5LsHIS2CjTvxJDMlEtDe4YNZL-CSl83t291n4b5_xDzVOd1t7k48AqRdrUKNtkibkkbvgEDSVC_maEe601AZtO0hB-S42XXQDMtd4OFeIILc01eAAxKlaF-Nw-RpzX-mJ36NKeCuqObfIJ3lbN3D44B8XcfpDrRuVEcr_P54c-htwfXkh_u9N6M4b_FgijaRi1JuoMdTDV26l_OOnKIWqUJDa6quJJ9-YkcEuikvUUigJ0sdU01LOmhto5cbovYBG7kQX2kt4_kzIAxF6a8PTBFt20hQpJDrhpIO0UsMEW4KaR-dpMJbEtmYO482B-Fex3tldgaSvZaJcs1XoIN9ULjUFyTP-ZvV2tAw5dbuApE1cgKdHOy-G2XuA2aQkkFbrQ
Requested by
Host: appleinsider.com
URL: https://appleinsider.com/articles/21/02/26/hacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Mar 2021 22:06:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 3EC9 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gda_r20210316&jk=1421703291686607&bg=!2dql2p7NAAbUo7L91KM7ACkAdvg8Wh4U3H-bsMeICE43D02yVVNwjYNa6MzNUd0zsNfgdidB1iE4WgIAAAC4UgAAAAloAQcKADWDPXRgw5zt30CIEs4ET-2MMmES3gCL5eqTnOD1yOK3SYfFlJ36s4VgqdhJWdlKKK4xMssqEJkCGKMrnXlBl06ZI9TKm8o4xV2W3k7MZLCwTm4Dm9L05HV2Oy7yN-VmFg56phNxGlG9P7YVua1kBmc0yAtGDn0t7VcDPktkwHe5bf2_D-mdBhhlDPh99qtttv10YCrMByXBVTt5kFZeYQYK8cAaZl8grJwLvAbN6uhDyMcVE_SzOYZ-jcGL3poWgJsMC6Dqe7Z8WlbLNlFcBfdehxq8xl6PTQNIF0aOFVC-rX0EFSHtLF_MJLHagkaYXPSfi2309LUUIJKD9QeRUZgqNUOnuAo_xofO7EbDrmF98cljsf6hYOWK--tM4TuJDzQW6Bd0rumA6SjoojigTofQjoSlWMwZXUMKxvAjfbL1JMbpGfAdLmw32ggZwtTjRTDg_O8cFFFUZqkGCN_XIo8M3ay-pWDT4oq7SdicnBeFFmNp3MSkkStIs4JQFy_7QLl_LdCBlDo5q2RATLlcgDIBG6wM1hGdq67W-YZ-QkfVVvdA0RyPfAi4_xNNDGM9uytseeAD5NTy67gF47-sfTDvEBCy1qRf4eYNdlvwGSEEB0ZLBj8O-z1n71klz_dehOuEq8ikr0vlJq2nHfkiWkmErJxrgCKPohiw40U4ptgQUDLBxjuw_os7VJ6mCFfoO7A_ZbWH9oG1yAKdAx3WmtgdONosNcwlm9ibSwCSIpYTrCTOVMR5anxG2GaXvxX9Cu8ZXS6VNyudHzpbw8XAooj2
Requested by
Host: appleinsider.com
URL: https://appleinsider.com/articles/21/02/26/hacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://7248aea1662551ce2c5b3fc70bfff856.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Mar 2021 22:06:29 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
liveMatching.php
live.sekindo.com/live/ Frame BAE2 		0
282 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.sekindo.com/live/liveMatching.php
Requested by
Host: live.sekindo.com
URL: https://live.sekindo.com/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032312D30332D32305F30307D7B7331343737313931327D7B433236307D7B535958427762475670626E4E705A4756794C6D4E7662513D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583430307D7B593232357D7B66317D7B7251554A554943386754334A6B5A584A555A584E30494338674D5341764947526C5A6D46316248513D7D7B4C383035377DFEFE&userIpAddr=185.156.175.187&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&debugInformation=ABT+%2F+OrderTest+%2F+1+%2F+default&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=25&c2pWaitTime=10&csuuid=60552060a6703&debugInfo=14771912_ABT+%2F+OrderTest+%2F+1+%2F+default&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=14771912&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed1d41lktxsnmj&secondaryContent=&x=400&y=225&pubUrl=https%3A%2F%2Fappleinsider.com%2Farticles%2F21%2F02%2F26%2Fhacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500&contentNum=1&flow_closeBtn=1&flowCloseTimeout=42300&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=2&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=47.394&geoLong=8.445&vpTemplate=8057&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.220 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Fri, 19 Mar 2021 22:06:31 GMT
content-encoding
gzip
server
nginx
age
0
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-store
view
securepubads.g.doubleclick.net/pcs/ Frame B5D1 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstiUwF8ClmBxGYaPuCFw69Yj3IQmEH2BPWTSy_4-xGh_JcjdCGgn_5KF84nYT9pV5bwanML3wHhuTGeWDVnH8I_frMptRqL4iRmnxdi6jy-tOe9eShuf4O8Mv8pvHc_Jq-NsH-wptLmK0vdQG3WkmYVwzeQoscXcmj52qZIq0ahcvEltvOMglJjEtRKhsF2zL7KBwSTH8Ac-VhD0SrK3ZyM6TbEyy1lbWFYWZ7QWGQHkfdfUydtpN-p-sy42TtR58Z62txKLtHJ6vEaSva4DrdUWPCB-UsD11-jdMHi7XWlVooxtJLrMHhxfmt4kGxB3iw3qXoX74pZhLAWtyQ23Xhm&sai=AMfl-YRnxlBZPcHIHmg_jZQkA_ndV9YNrYPL2YlioJRtJ_a5hg-iiTS09OVAl0QR81XqNmZlF0knbvJ55-yZAWWpq02rZY9jJKGqdW0HkiRwqKBkgcwB1LFlq4QeDpToLEM&sig=Cg0ArKJSzC1f52ebIG50EAE&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 19 Mar 2021 22:06:32 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Fri, 19 Mar 2021 22:06:32 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame B5D1 		8 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210316&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210316/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2892341250670811&plah=appleinsider.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
63a436d969f5f8d75c86eb170098bb02d8cbd03f7c596b6b2b66124d7083ff39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 19 Mar 2021 22:06:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6585
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame B5D1 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210316/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2892341250670811&plah=appleinsider.com&amaexp=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1611170586013198"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6403
x-xss-protection
0
expires
Fri, 19 Mar 2021 22:06:32 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/221/ Frame FFD9 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/221/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://appleinsider.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://appleinsider.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4984
date
Fri, 19 Mar 2021 17:36:09 GMT
expires
Sat, 19 Mar 2022 17:36:09 GMT
last-modified
Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
16223
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js
pagead2.googlesyndication.com/bg/ Frame FFD9 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ed9e68daec65b2fde80938f332c6813249b5261d1b158b5703574e2c34a14c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 10:03:59 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 15 Mar 2021 13:45:00 GMT
server
sffe
age
43353
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5785
x-xss-protection
0
expires
Sat, 19 Mar 2022 10:03:59 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B5D1 		0
46 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gda_r20210316&jk=2504569723169334&bg=!6Oul66_NAAbUo7L91KM7ACkAdvg8Wj_XLr_btKPZU5bceLudigFPk2Gl-hIIIrVpKbSUq66AWSKOSQIAAACJUgAAAAtoAQcKAEzFak3QMtGg70ZjOHL1HspHsLbmSdXDiPhtSdSJFaFUhShnM_yr5wMJ1TObmcN72iufjE8pppsUcyrPLS7ZMtDQ2dUAhbKOMK22F7aImQHt0PdyMHMwBIQ9opiUFDKHjc69QQZKKOKy2soy_os37rmiUIdk5V7RJ0C_1Wh289THxSIaOwKZt1KJz8OMWMfraMWwGf4ltyhcGdj99kkpS6jcoLymiKbtN_z1pdEwhDLksC9u3ktbX-kdKs_-FdDaT9l9pEIvSWwuKB3npnN9cULdckNCYdfNo5cup5999he1EZmnlRCVQ1JDfdyxJreJAVgfFqO8dsbOFn841zeqQsYJH1sdr6r88uOgejBEzG-2z6PV1jjzqwe3EyD_uY7wAcfp8-mawlOU6vjW8vxLhgj5z9L3a01vrnW4DhBKnUQEycycPRbZQPWURLyGNpIDyg_zPsDY5kZJtk0HfvxYGaJZ02blWWVLXnVj5_O1MEqmQVIBlpN3s4eeh2dYf3XOMw99LQ4RE4Drfm-sCdr62E5Yj2LpZsvxN-0z1-ZI1d1lpPX4OdnwMoQf7oaH6rwF-jvxcdenuqGaRO8OJ70Evsv14TK4buWd4mj7_yOq4EAx_3y1Vghkv4IvFYSM18pEw0l2F7V1U-eD8QOFrmP9DojjJ_KC8a1PAInj-FqlRzi0Q_jsfCM7L6ypLYXmafJlxgCKjTx1uUg8-G_aOKhk1LvjHbYyz_SFotHMibm0csAjBOC1K898cHvZX-REpw
Requested by
Host: appleinsider.com
URL: https://appleinsider.com/articles/21/02/26/hacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Mar 2021 22:06:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		8 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021031601&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e722f411cad1153771012623a9a17e3d0ba2bc4b8b7ee1733e891ff1a639fea6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 19 Mar 2021 22:06:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6512
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 22:06:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1611170586013198"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6403
x-xss-protection
0
expires
Fri, 19 Mar 2021 22:06:32 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 6FC1 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/221/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://appleinsider.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://appleinsider.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
4984
date
Fri, 19 Mar 2021 17:36:09 GMT
expires
Sat, 19 Mar 2022 17:36:09 GMT
last-modified
Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
16223
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js
pagead2.googlesyndication.com/bg/ Frame 6FC1 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ed9e68daec65b2fde80938f332c6813249b5261d1b158b5703574e2c34a14c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 19 Mar 2021 10:03:59 GMT
content-encoding
br
x-content-type-options
nosniff
last-modified
Mon, 15 Mar 2021 13:45:00 GMT
server
sffe
age
43353
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5785
x-xss-protection
0
expires
Sat, 19 Mar 2022 10:03:59 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
46 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gpt_2021031601&jk=4032750948166073&bg=!V1SlVBDNAAbUo7L91KM7ACkAdvg8WjjK_yRq-M64LjVnhPkn1sCBF2O6qz229Iqno9FZhAvWQdCBrwIAAAC5UgAAACNoAQcKAEHPfI4l0jVSl5AKBbk0KBfrP_d-n7u5jO2XujdPt2AnMPd6W-c5iWgD1sAKPG2hVuUcnlsZHI18EgeAmfJW8Ki-KZkB1U_zvb0kkXCwATpcYDfmHIky1Ncd4c13c89pKL8kz5DQlZL2jxTBYRKRvNqLJH32UlvCRgOqSbFapM16sVDnXcsvYnKxe1WQq2BiYLeRzPjRNVspgYoccfPhvx-TqGxi5YArmjcTRvTIYehpGsxvBkNqZgNWzYghuxnfgjBFStv2F7GDSqVKYItPihIZxmeGdsiib-sBZX4NzeI_Vm-8x2q645DGoWUid9Z6eZEfvlmAt8JAlmUuXvXvUMLOd7VrU9leT3-yTWDVUAlaUvb0A9R9ceVPuWVn1csZdI7BZQc6GgWnS7mV_XeHubqELI_R7inj2huWaYj5TkWoQKlF-VD9PmJOdmozYgtBQp2eMgqVD2aRb-VhEaO4ACeA0IrFi-e8G_IaWL7q4dF0DfioMwjcFUvqxdgaky0fsOptiKAI8vxaOgIEU9odmnDQaulnLX5-YlhQdVwtaixgurFpA6k28YlJRHxap6gvMtK0fyFF1_coBaenIeZ1zcFk8WASYF8Ju_NFDISK-OnnurKOWi5VqlbpaX23aZS_7ICBOSp59fWLq04F0AfLFgmmhFffBkdqB-GIbIVg_qBUwJMHfzV7bUP3lD86xjI8gGeJ_mmtbAx4x0I
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Mar 2021 22:06:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
liveView.php
live.sekindo.com/live/ 		0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.sekindo.com/live/liveView.php?njs=1&ito=1&vid_event=25&serverTime=1616191584&vid_playerVer=3.1.0&s=104577&sta=0&x=400&y=225&vid_passDomain=appleinsider.com&subId=appleinsider.com&debugInformation=ABT%20%2F%20OrderTest%20%2F%201%20%2F%20default&isApp=0&userIpAddr=185.156.175.187&userUA=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F89.0.4389.72%20Safari%2F537.36&csuuid=60552060a6703&contentFileId=0&mediaPlayListId=0&mediaListId=0&dur=1000&gdpr=1&gdprConsent=&isWePassGdpr=0&ccpa=0&ccpaConsent=&cbuster=1616191594998&uid=SekindoSPlayer60552060b3f59&pubUrl=https%3A%2F%2Fappleinsider.com%2Farticles%2F21%2F02%2F26%2Fhacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500&floatStatus=false
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.204.220 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://appleinsider.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Mar 2021 22:06:34 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/html; charset=UTF-8
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8A6C 		0
58 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=html5-mon&a0=layout&f0=layout&s0=0&d0=161.0000&a1=https&f1=layout_html&s1=0&d1=62.0000&i=497086060974&t=419&c=p&gqi=YiBVYPuUOc-X-wby25XYCQ&qqi=CP_Ht-uuve8CFdQAGwodL3UD7A
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 19 Mar 2021 22:06:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

105 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| biddr object| _pbjsGlobals object| googletag object| pbjs object| adUnits object| emxdigital object| apstag object| ggeac object| google_js_reporting_queue string| vanilla_forum_url string| vanilla_identifier string| vanilla_discussion_id string| GoogleAnalyticsObject function| ga object| _qevents function| $ function| jQuery object| Handlebars object| Appleinsider function| pgAddReadMore undefined| error object| vanilla string| host_base_url function| onMessage function| checkHash function| stripParam function| processMessage function| scrollPosition function| setHeight function| vanillaUrl boolean| vanilla_lazy_load function| quantserve function| __qc object| ezt object| _qoptions function| qtrack object| google_tag_data object| gaplugins object| gaGlobal object| gaData boolean| apstagLOADED function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing boolean| CE_USER_SCRIPT object| CE2 string| CE_USER_DATA_URL string| CE_USER_COMMON_SCRIPT_URL object| CE2BH string| __INDIVIDUAL_ONE_VERSION_ev-store_ENFORCE_SINGLETON undefined| __INDIVIDUAL_ONE_VERSION_ev-store object| paramMatch object| viewPortSize object| debugIp object| debugId number| sekindoDisplayedPlacement function| constructsekindoParent940 boolean| sekindoFlowingPlayerOn object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| e9PageData object| google_reactive_ads_global_state object| google_ad_modifications number| google_global_correlator object| google_prev_clients object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms object| google_image_requests

20 Cookies

Domain/Path Name / Value
.rubiconproject.com/ Name: audit
Value: 1|pA76Y4s9n4wbd/k6C4pS0gPxt9vVRu/XloKlLUrIR496eP0zD2PV8PrfmuF1j5WFpeYW9Hk7QHUwHTRO1/p4iG+SaIEDnvuIGsWXjmLQ3PdOZm3JxukpuWzUKoox0yO4WKa8OeX7y7YqzSYLy8CFWL2UUgrhtPmiI/PfBjp7gqT9HsXPn9CGbQ==
.doubleclick.net/ Name: IDE
Value: AHWqTUm0w--zqf8r_gksr2YPZqqOx5wRpF8ByWUGlGH7yp9qZONZDMhg5gwUzVuoDrA
.pubmatic.com/ Name: KADUSERCOOKIE
Value: B9E94611-B518-4093-9068-52E41FFE3482
.rubiconproject.com/ Name: khaos
Value: KMGUQSUL-1G-8NZJ
.pubmatic.com/ Name: KRTBCOOKIE_218
Value: 22978-YFUgZwAAAGV9fyrK&KRTB&23194-YFUgZwAAAGV9fyrK&KRTB&23209-YFUgZwAAAGV9fyrK&KRTB&23244-YFUgZwAAAGV9fyrK
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-3127976995046796571
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-d3a1162b-2e29-4341-84f9-dd4918d40629
.pubmatic.com/ Name: PugT
Value: 1616191592
.pubmatic.com/ Name: KRTBCOOKIE_377
Value: 6810-88dee563-8bf1-42ea-b937-d2c41c2c14dd&KRTB&22918-88dee563-8bf1-42ea-b937-d2c41c2c14dd&KRTB&23031-88dee563-8bf1-42ea-b937-d2c41c2c14dd
.pubmatic.com/ Name: SPugT
Value: 1616191591
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-2594586110779443962
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-6941490031714564249
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 16514-CAESEMWZ7hjsbc6Y5hPDmqbyYms&KRTB&22987-CAESEMWZ7hjsbc6Y5hPDmqbyYms&KRTB&23025-CAESEMWZ7hjsbc6Y5hPDmqbyYms
.pubmatic.com/ Name: PUBMDCID
Value: 3
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-557150446999398645&KRTB&23263-557150446999398645
.pubmatic.com/ Name: KRTBCOOKIE_188
Value: 3189-c5080193-0f7d-41c9-8f4f-17e46381293a-60552067-4348
.pubmatic.com/ Name: KRTBCOOKIE_27
Value: 16735-uid:46816055-2066-4100-a82a-a4a0b1d39bfa&KRTB&16736-uid:46816055-2066-4100-a82a-a4a0b1d39bfa&KRTB&23019-uid:46816055-2066-4100-a82a-a4a0b1d39bfa&KRTB&23114-uid:46816055-2066-4100-a82a-a4a0b1d39bfa
.tribalfusion.com/ Name: ANON_ID
Value: amntPKy4ZawEBA9MAJT79DcIpUyqyNrW4eQ2d2E7EZdBPYk1ZaxAodo2kFMB2s9mFfZagiWYsL4quolDnltcMcJUQGQGjLC2
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-8470772502363522023
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-uazix72s4cai_rSWuar6xbf_58aipeXKvv1lc4ie&KRTB&19420-uazix72s4cai_rSWuar6xbf_58aipeXKvv1lc4ie&KRTB&22979-uazix72s4cai_rSWuar6xbf_58aipeXKvv1lc4ie

1 Console Messages

Source Level URL
Text
console-api info URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs(Line 10)
Message:
Powered by AMP ⚡ HTML – Version 2101070013000 https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2892341250670811&output=html&h=250&slotname=3169902014&adk=332698300&adf=432074505&pi=t.ma~as.3169902014&w=300&psa=0&format=300x250&url=https%3A%2F%2Fappleinsider.com%2Farticles%2F21%2F02%2F26%2Fhacker-allegedly-posed-as-apple-support-to-scam-user-out-of-1500&ea=0&flash=0&wgl=1&dt=1616191587262&bpp=2&bdt=595&idt=66&shv=r20210316&cbv=r20190131&ptt=9&saldr=aa&cookie=ID%3D6ddf312c3325c223-224230e9d5ba0063%3AT%3D1616191585%3AS%3DALNI_MZvLbSGq7W1MgXCMdujphbmx0XEcA&correlator=6820821975866&frm=23&ife=4&pv=1&ga_vid=1305290599.1616191587&ga_sid=1616191587&ga_hid=380335203&ga_fc=0&nhd=1&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=1103&ady=1960&biw=1600&bih=1200&isw=300&ish=250&ifk=2566836725&scr_x=0&scr_y=0&eid=44735931%2C44739387&oid=3&pvsid=2386061136761195&rx=0&eae=2&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C300%2C250&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=8196&bc=31&ifi=1&uci=1.5t0m5vyp89u8&btvi=1&fsb=1&dtd=73

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

7248aea1662551ce2c5b3fc70bfff856.safeframe.googlesyndication.com
a.tribalfusion.com
aa.agkn.com
aax-eu.amazon-adsystem.com
ad.turn.com
ads.adaptv.advertising.com
ads.playground.xyz
ads.programattik.com
ads.pubmatic.com
ads.stickyadstv.com
ads.yahoo.com
adservice.google.ch
adservice.google.com
adservice.google.de
ag.innovid.com
amazon-tam-match.dotomi.com
ap.lijit.com
appleinsider.com
aud.pubmatic.com
beacon.krxd.net
biddr.brealtime.com
c.amazon-adsystem.com
c1.adform.net
cd8ba0b44a15c10065fd-24461f391e20b7336331d5789078af53.ssl.cf1.rackcdn.com
cdn.ampproject.org
cm.g.doubleclick.net
cms.quantserve.com
csi.gstatic.com
csync.loopme.me
d.agkn.com
d5p.de17a.com
dis.criteo.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
e.dlx.addthis.com
e1.emxdgt.com
emxhb.emxdgt.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
forums.appleinsider.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hb.emxdgt.com
ib.adnxs.com
id.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
live.sekindo.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.prod.bidr.io
mwzeom.zeotap.com
odr.mookie1.com
pagead2.googlesyndication.com
partner.googleadservices.com
photos5.appleinsider.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel.advertising.com
pixel.quantserve.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
prebid.a-mo.net
public-prod-dspcookiematching.dmxleo.com
pubmatic-match.dotomi.com
rtb-csync.smartadserver.com
rules.quantcount.com
s.tribalfusion.com
s0.2mdn.net
script.crazyegg.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
sync-tm.everesttech.net
sync.mathtag.com
sync.search.spotxchange.com
tags.bluekai.com
tags.expo9.exponential.com
token.rubiconproject.com
tpc.googlesyndication.com
u.openx.net
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
vanillicon.com
video.sekindo.com
visitor.fiftyt.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
104.108.41.56
104.108.50.124
104.17.120.107
116.202.114.114
13.226.158.204
136.144.59.88
142.250.185.194
142.250.185.98
142.250.186.162
151.101.114.49
159.253.128.188
178.250.0.163
178.62.202.251
18.194.215.242
18.195.155.181
18.196.104.43
184.30.20.141
184.30.20.198
184.30.20.241
185.220.204.220
185.29.133.52
185.64.189.110
185.64.189.114
185.64.189.115
185.64.189.249
185.64.190.80
185.86.139.115
185.94.180.126
2001:678:cb4:bbbb::11
213.155.156.166
216.52.2.30
23.210.250.154
2600:9000:2182:a00:6:44e3:f8c0:93a1
2606:4700:10::ac43:db6
2606:4700:20::6818:1259
2606:4700:20::ac43:529a
2606:4700:7::a29f:804f
2606:4700::6812:417
2606:4700::6812:c05
2606:4700::6813:9408
2620:116:800d:21:51e4:db4b:4436:b305
2a00:1288:110:c305::8000
2a00:1288:80:800::7001
2a00:1450:4001:800::2002
2a00:1450:4001:800::2003
2a00:1450:4001:801::2001
2a00:1450:4001:801::2002
2a00:1450:4001:801::200e
2a00:1450:4001:802::2002
2a00:1450:4001:808::2002
2a00:1450:4001:809::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2004
2a00:1450:4001:811::2003
2a00:1450:4001:812::2003
2a00:1450:4001:813::2002
2a00:1450:4001:813::2004
2a00:1450:4001:813::2006
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::200a
2a00:1450:400f:806::2003
2a02:fa8:8806:12::1400
2a02:fa8:8806:16::1400
2a05:d01c:1d8:8102:73b:46ad:270f:ab37
3.120.24.152
3.126.56.137
34.120.25.144
34.252.7.224
34.98.107.212
34.98.67.61
35.156.153.71
35.201.96.126
35.210.215.44
35.244.159.8
35.244.174.68
37.157.2.238
37.252.172.45
45.83.41.102
52.214.43.215
52.214.70.9
52.58.248.2
52.58.45.227
52.95.116.38
54.149.211.134
54.89.230.82
66.155.71.25
69.173.144.138
69.173.144.165
77.243.60.138
85.114.159.118
0219ec7b047e58c70c8bfd4d780e7b992db12ec7156f9eec2581833468c88eaf
0414d0221112224b4c926de91a6e316f9d9aba685aa8b05fd0654848d8fcdf55
04b953285b103f08ba891095d67355a7f0e583f36d29270f23f82fe64ecfd241
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0812a00aee80133b732c5cb2e0362ee2a52ae9f50c126d43e73f98163db9711f
088ad1b8f9db6e1ec5989a83190722ac4bb61fd5e0c6ffe25207a616dd556122
08dd0433dcfd7d8a38f55bf918be2132c881de283c98b4b3c09bf32da9ebb40e
0965d7aef99ff8aa80d1b807e0065dfc11611347233cc4e9343a62511785a1dd
0a45f9257ce66c3f408315f90a7356df06a46b435a83490ff451d7cd616aeaae
0acb459554350c07d3a53593364def0548abeeb66090906c65348c85ccfe4e73
0b1f6bfe4f72c20bff3541757537727990fd11d721e8ee3425bdf9fd22c77fcb
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ba5f0c45ee16ec16f40458857f751ca84a7a59a3822c05838d8aa0961546538
0cc4a20268cb6c7f0d9385354e7d7889e28302e738956d7c1f5409876fd1b535
0db4c4e8b18f8b97a2e31c6c9a73165c0aa88ef219b33bb4bc59fc633fba9aa8
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
1001ad98e4c727c3d83184a9fa50f1cca34b4ee53db28be1ec3499f8305f3783
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13ab06913444b6e3b4139e5487813073f11e082878ae8a5bf5213fdc6f95f5e0
14d2d52dd8df09e70e35011b01d91866465f6e85ae1e2e987e35e9f32546dcca
15093aaa254c019f5aefbdc893bdadc642353383ca96faff9fb2cf8b5a2d19da
153cf98de2d8701822c7f158b379f27a10c6fdc3204e473ef6ec42b80148fa87
154212eb976f7df7c79f5844fcb356740bcb6c51edacb2e8515108e2d7effa67
15598aea972a7707b479b9b8ac8a207e7423daf56e8d81fb67573008ada1cf9e
16d7d7227f6d8251224d32cd45c81633a3a9d63bf35cd84b1d99d389becb5030
17565a491218a944b9fb0c65db937fb812438ccfde843992a25dbea94d7e42ae
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
191039253fec46a4b0f43f37b44fe35e7812485f61049c14a2258682764ebcf7
194a2819816bb760d4c5ba2ba825cf1926b853c821842697c3024ec74a36f66c
1cfa4722d859ed9c23c266c38ff695c42c58ab322ac295f71a555c060ddbf3f2
1d572a9c421a1310ff8d40a62d9bdb3a783ba11b9fe0af4d99f48aad9ead81f8
2031270ae2c3fd43730a1f6f7312aa3493762d71bc5e8fe4682796dce73a8eb6
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e
237e58d4929062172ba4faa1a73496b655c51f55e5f2f4e3442354555acb18ed
24369e1b2461af9dcefecaf9cc93d64cf22a4c5bac32506100b9e21014507bcf
25b4e8175ad31491c6935d4581f1b529280bae31b512d56c51be98bc853d6763
26177f6f8267d81b44f39af5aacbd7aecd500a42d6edf0bde63ffcb8271efd1e
29f6da0a8c21c5681511bb9b08663d3fd2c5d09c9bd8054ec354c563b8c8b7c1
2ba791631934e793b9b3e99d3dc1359dcfe6dd228bf9ea807b8e89b7529f9ba6
2d8e6467a538ec3bbbd5836494f51dbf5df8565565bfc76075879fc3fb23cdae
2ef81a01b04a5daa160e0d3a765e5d78d21b112290534b76b0c4ab0fc25ecdc7
329059d559fdef07b7854e9550433cf721a2301c3279b96d5c04f32477fbb63b
33f27c7731513756192c4608d743e9af6697383a1c1ab9a7c3a55d327397412f
3477e8fe3b7becd59943c9497c9a6cdcb7768f59f5c0bba0bcf981c923b25c6b
34d7002be9cf6b6e6d901d7c836ddafe1faf456c54ae2601f3b64880ab4e72b7
35935208cd992c0ffa52a07a5e5c4df5c02a09a3c42d46e545b7db01927249b9
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3787e2f283651744e0b93d1fefb5936c7af26db8014c0def6651d050c56dd47e
37e4caae3508151d00a12bf57c48b7b6d430df206af4e3795e7e6c09a7ba2f1b
3aa6a293efb52fe8918829133d2af070fcd229f4637d2777a060c6d2f4239cc0
3c4535133ea6e5808fcca93c262aed87c8220ddc98677fed0e29ef6b78c872ba
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ef5caae394f3fcd94539da9c82807ea6dbb931f617a93c17644819a4a3bb2dd
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4087993f59427f316b2ec698bb70e247b2f16b7ce4d3be31a0229077cf2a475d
40e4ca785fbdd235ed59f15be7fb71c733d8dec51a75b5ff53943466e6376e3e
4140061ee9197acfbc4003459d37f5d28477f7d6a9b2bc98f8ceae15f89ccab0
447765f6779c5a5fcba99af3ee04bf05044848693b782acd7e23993480a2afad
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
488c82e054918ebc7cabbde48002abd5ca827a764da1f91204733a2c9a61e12c
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3
48c978eaee9473c367fd30eea148b6cd5233e58a317a36157c24e5dd2af62a97
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
4c559e3b5e990b0762f9b274e68a0187b0a2d7c46951990a0e10fe29d9c4069c
4d8b9a9fe89f8131a3d5eb0b75ed5a577b849110708e05bf0f8106a56f5bd741
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ed9e68daec65b2fde80938f332c6813249b5261d1b158b5703574e2c34a14c3
4f7cd55655bafca4db9b67255125ed52cd91d21b1727e9f28f71219aa1341de5
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5226a6ccbc50919e0dd5cc105b4373dd44872961f683346c9220a582eb2630e8
52ebcb2fd0e6862e1a58e1141685948d809d9b169fb7b44d3dcaf864b83c6cdc
531b890931ea5ac440e5d7aa3895a538f6cf7f65f6d632981e17e25ddf986fed
5364076cfe1c869d31b110dd1714ab0b434eb2d804098f2c072ce051e58b221a
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
570c04b30a5c8fa6ceaff96ea6d3a0dfabd85dee3edae40e38b0344a7278f254
57f33276aa42452582360f95e8da719a1989daa6fcab143638a61e88f03b615a
5bb08412d18881e3fc69fdb44226bfc6f66a77d45dfff3f10b98a100c09bc970
5c6abf5e7d05586effaa873a2a17d18a666cfa627ab6cdb9c987c29d5534cc59
5c7a760f8ea5ef5075d96014853297393af02e312a4c61c53ac005136c819283
60f05d358e0777fa5948d114025fac40231d57ee6e877d44c3629518927a5091
6126f659fda95d8b8e4aa98fa249da5f56d78f108ace1807d18593645e6a3dfa
62cfe66953f23f1199ecf39301c83f0e7665967adb41e7527b01c83be3ac6a2d
6321149c49d5453da9ad7651320ea17aa201b2c1a659c9f55f69ea26e3cdb6ef
63a436d969f5f8d75c86eb170098bb02d8cbd03f7c596b6b2b66124d7083ff39
65e1a28296d03f9a90d276fb38f293db5401bb2960c5ed583aba405563a3353f
6661d6dc1d39eb18523862313f826916e67f6b32fbb34b124184da4921f5fe49
6870a4e15d2e7022e0be24c3851da9993b67a5176cfe7165e0e7272a68ca133d
6cd9efafa48604ac9ccf5be48ae6a2bc7217372a798bed3b591779a2a0732579
70d82c6075989e0082b4917c6685f5f6bec1e673d0a80160eac61b3f1cdcb1a1
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
73b493c2b38c4c504a07946b51afcb29b5c57e39c07fcedcd9bef5cf036f01da
745e2282f1169eb555e5be229507f9045de9c4f6af5bd76d7fa77847b4863b1c
749aa04b7f357665b2c6e9135fc4774883e0d0d1774d99fbaa02fdce0bf02fd1
760943c5458d877bf9b8cb655c079df027c5f4d0814a7d39968101bbd5d36016
76102878c1198de858725194952ba1c6b35bdee0f870cc6a124e93d17385e64e
761f2b9137be3867352770b228e71a0bdd5f47c31237395213e0b9d7d4f7756c
765c7a04d561aae76c8dba4449ab5cd34136afda5749d06db3279779ad3f4059
76de05ef38c3493027e88617f808b48e1683e54a4e2989862d1afc85933f01eb
77b8d327de844bfaab4618c424bbe957523752f31633058281e9204a47e0d414
78dbc9cd19dd5259ac28d72cb3d37a550984ea3193f0c8a6d069d21e0431dd3f
79e1a87df94f3cdc2c6942636750f5093ad5e96e980fc63bf6d62e87a4780561
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
81b73c8b3cc1d3951cf7404d0f1206e8f802e483a32ed8d89b02af6f2f4e0107
8220d81d935da596097a07d0b0fb1152c7ab8367345ea4e59746890096b07761
8370fc202af542c0ecc594e4da76c3c603857fc1c6ee98fbcae83b370c4727e7
840dda9350b05523e4b89181044ead329a29421b30ebca38812d73ebc9d5b290
849218b5e3074469cfb7a5af5e80ec8916f16ab5b83448df8b348e102ca8ca70
84e9bce65c4414c9570abb9e2ebcc04eb5c0a5dafbde5887f50458298d3dac03
8687e90791df4582658ad44eb7a20b332e8593811f9ae96d5b1a37b6086953ce
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202
86cef609c85d2c2ce6a507af54e77a9c150e2fa408043e1454082614c4b0ce2b
875b95ebe5108bd2cd6a65e4b7634ea2349d423188716a9169a4c75a6d6f18e4
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a1ea0e81bde6e9742dfa4366d766b6a7d5c1bcea45776e6f9bce1f3c40bcc64
8a618ba4c932510f5eada2df0d46557e914c254380831688bf36f5e43f10f2ab
8b087d701da74f3300ebac7597c74681ed9e9e03c0635517c52463f958d64d5f
8bbdfbf5803af9dbb2c970b18bf01291b038f6549f44bbca7d86e7cae4ee5507
8bc74e6e7162be3b24e66a45c1b8394dca58ffa02cda223dc7a47f95357c829a
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
9253810d1bec934a4f882c5f0023d4728b7c4f188face11cef590230d4763eb8
941c260356b6aa75782a27384179a63581c9e41b42155774982f36b0d84cde9c
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
981f6ac4a0eed80f6a40eef39d86ce7876f6e360d8b3a2f57f2617bb12895dc3
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a9b45c0ca49b03d148d40405cc2d81602e647ad078b12aca5902efdd60535c6
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9af11e9250e89490528ec7ebd34b5b3f9aabb217409251700349924b446d426f
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a068ed9e2b725182be730cf4615e366cdf43ff33a01d018c3a73bfcbe4c2e831
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a19eee4cfdca0add988805524f0c339406fba42291d46982b03933fb65fbe97d
a1c9daffa7c687103de5918335c011196f0c7f6c136996f1e73d2bbc76624006
a3023508b88d3a78447bfbc530364b51d090ec6c9dec0577fe3e5792a9446c0d
a3336e3373c170b40764f5a62d121335bec4243b0034e561937194dfe2e413fd
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4b238a114d6b3927bbce04f21463ad293517b32674e90e81f0f9f7fcaf12b16
a66b22a30f49218c29ce4dc5c69ee665cd8eff6ca3da8e45febfcf296b146642
a6fcb160686a9f95ed8f2709c613e4edf551d759734a4eac9406473285f4eb55
a7ca1e762fafb354a5eb894c613b964f135a23fffec363e43386f07dc457ed5e
a802db4ddb49c167fccfb0314a37d3a645d2741bd4c25371f5bce66dadb3db31
ac3582c00c3a13a4157cd7a5403f119215308c21266c2b8adad49f1a548ab414
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
aecc2be0ad7b8c706927a1856b0a171e832decaef5e337609357d64fb2ee74a3
aed9fe2b609631c6841e9319489de8c42a054b5e8fb8c39352d27ca8d166943a
af4e8aaef5ec46cd2f63b641d34fecd3acbc73b3b15aad726a6350ac3381f9ec
b07bd6568b3e77539af2d0279bf4f3796424a97efee11a1d53ff702c5ae95373
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b33a285ba101f6414c3ab0033391f4c9ea8b8c74fa31272d39c95b806cfb7d42
b3d2a5e0adda124add8f8d7d4b040b2413a75e0fcd47f29482db86a0b87c6f5e
b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae
b73974e03f8b91aac7c1c821d0db3365903643ad36608216be96b9a8ed0d70bc
bbdd41d6d0842c77e915bb82eaf0ccc343538e010238fdfe0e0bcbcfa840e988
bc0d00bf52fe78da5f3063118cb3cf355785cdb37f78f75c07cd590a9bc20934
bcac4d62c8c5688db1aed2bc7461df4e0c8db673fb204efb2bb64ba48a22d79d
be982910788270ab48b30d36a318a2d588bdfb542b55721a15470c313ee7e6cf
befc61b78e3323ca219ba3e9e088eb78cc30e30a8b5aa226f1fdefc9ccd7b326
bf1ee0fcbc592d8fdae64f59ec2c10c497f9722193dab57f4c001c3b5072dcd1
c119eb1fefdf0d48b4eddbcb8c30680212e8d59728a0e466d69b8628a7fc2682
c152a166a717e7ebc5878e087bd97a4a056d63c3e8c4c0130bc6b4119b7ad9ef
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c4024d5169b2506f3421052b45f5d66154de796baf2443d9326ac40107ce5cfb
c44a3cee011134392959ed4be1308045816649fa1d50207010d9ff40f9b2eb04
c44ef8885a1386dad99986e4de63457883d50b1a966d27b502f37d691d7bd770
c7fa743da4cd37829cd0e7c02e877f094400036be87c8e1fd9d2c3f5f68a8fa5
c906f952ff36925693d427252714fde102f7f663f21d97d83b62f250f8d6156d
c9f94366ef7123559757e28fd3a0163ce8678403548505a768b8557ebd1a0c11
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca625f204331905abf3b4d86a89dfb9799c63771723b9b15c5b54c1f9fb2b83c
ca8cd7434534c33d1a91d567b31d06170780d91aa1dcdaa0e7aff6c7ef28e9fb
cacbe8d075be5b96af1d81fa4753efcb5fdf25ae5acfbf8b6fe16fba1197eace
cae7b340613b2a060e0e200528f7e962baa13a44d868036cb2ea02fd7034e6d6
cb61467facf9663317770c8e7283f8d177fef1029a791a2cc5719264e941a03b
cb6259531180fe2e9301486176fda90fcc862e04ce47e525ef23b556e7783677
cc964a9e581ef2b8bd999a51bc96bc8e9f5012a1796dce4fdcd77c5fcb92f23b
cd0bdd24280f8b22eb04178ebcb13bcd3ca6e8556a8de013645984074fd6519a
cd43194795f55e3d871219c1a4059746526a815273a0804dbdb06b62ef4a3de5
cd872851125ba6270e1b3245a3af9817eb638999f3b64345974f150596dca268
ce1ed2e9be8ff9df278edca25d9eb912161fdd5d36e8c9a9fa5394637ffa1455
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d16a0a443fca75e32beb193844badf4022625c4fbda6defa604f8cfb68249588
d19093d19c9677180f389c262f19fc816f3536a42628ecdf3c0b5fce17caae6c
d28aa7a8683ab9aca322b2e19dc2d40d71d0578e389d57146f14da8ae96ca2f5
d344632c01d1ca55dc380216de660c9b8a5a3174e7d7afa6784aff50c945e1cc
d4728ab04d11f6495ca98ef06ac6c2acaf249b0472b0c6cc7d7d31e15de30a87
d534282691b4fc487d5ce2daf030c690f69438fd04f56346da8473a2e07cc018
d538fc0da4c0569e6d9b9f9b6bdcd7753a1e53e4c3a6bd30ae928ff85ef1e87b
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d7ba57e3ccc2e3b2bdf8cc9e613194b802607682bf473293c2e3e29de82c9491
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
ddc2a4f78ecebd49ce5ea49157110f4054215e780baa67c9811074e3f09ab23d
ddf12af80a625ffe9674838c7a71a1889961913de377ea143a504ab9ff3f7e73
e0381bf6144d8fc893ff00dc28935e0b600aaae38704b5be266960c520b09036
e17eb4cf197771ccfa5c6a4a7d7ab36a0d99197a8a7a40e30895c6407a6ef419
e1a3d5a75c5be3856a2b41ff77a078ef952465c2d46e3c7d9189fe85a080b9bb
e2d8a3709607ba099cca5f17196a94cf188ba8e97e5e5b1162831292658fad7a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e70f46ce29bc22961327a3240b545cf419346d8c52316f774c7a7b2685914b8e
e722f411cad1153771012623a9a17e3d0ba2bc4b8b7ee1733e891ff1a639fea6
e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee
e8df9eafb05c0b87064966e3f68769b532e0caeadf8723bfdb0d5a0354e76f46
e9e3cb8e0e3c49ad5d2ec238f15f4541f0c9ac788a8658504c1db05502a368f3
ea7d9ca482caf5f3c4c5f27281d5154db2d933c602412b82073bfd956da3c2d3
eb8e0bbc156073718ecca75b1b84ac2d2fa70f7035e31d87eb99ee2e760e79ec
ed0bd5970fead47fd26fc0d0047e5cd509c6714132ea7f35bb44f7c27ee52f30
edcdf3f60252a5987bedc9c86b5422d972ba509bbbe60d58925310c744a33e28
ee09ed289051de96284c56db9ad4ca6f0325707cca78f4b0c3c0daca8b666643
eea4a3705b3e19174b9f0f127702bfc02cda65dff1f5b25e65f48a9c65ce9a7e
eefd3a56fd15759a72dbb2f579e7afd77eae3a881f62533e5454cd24c5b00164
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f098fa8c61bc58c6ae865f2decbb29789a4c4fae617c04fe1ac929da40cc895f
f0defd578dff86cd848a54aced67da9fa9345d7fdb8111c472c9992b24da3d72
f24bd9007a64984a1fac394d0ed07ecdf282d143fb22cc331bb2fa8b0a12fd91
f571817942f4304a56e8b8b77d38e73f619f50d0709875e03cd076520cec55f3
f8662e8699404832e3a07ef1cfdba7901823be6a87b190ae0b93d0da68de6ad2
f9f11198f0ab7cfd020549a59766b4679b32cc8abda972f04100388e77df1d1b
facdac93f2611a381e216862be3c314c5e9a07f741cb91afcc31a67646dfaf96
fae99115f3157b9b3dbca9ebdbf689d7d8b790de1b18f9f7bc2371059bcbfb51
fd30a4edcb1669898c389ea6591911eb61caca46f1a52c7d1442ac44a4db1fb7
fe185d11a49676890d47bb783312a0cda5a44c4039214094e7957b4c040ef11c