www.kiro7.com Open in urlscan Pro
2.16.187.51 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemploymen...
Submission: On August 03 via automatic, source phishtank (August 3rd 2020, 4:44:31 pm UTC)

Summary HTTP 194 Redirects Links 34 Behaviour Indicators

Summary

This website contacted 53 IPs in 8 countries across 42 domains to perform 194 HTTP transactions. The main IP is 2.16.187.51, located in Ascension Island and belongs to AKAMAI-ASN1, EU. The main domain is www.kiro7.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on May 27th 2020. Valid for: 3 months.

This is the only time www.kiro7.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 25	2.16.187.51 2.16.187.51	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	23.111.9.35 23.111.9.35	33438 (HIGHWINDS2) (HIGHWINDS2)
1	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
2	2600:9000:214... 2600:9000:214f:b600:a:588b:e680:93a1	16509 (AMAZON-02) (AMAZON-02)
5	99.86.0.120 99.86.0.120	16509 (AMAZON-02) (AMAZON-02)
1	23.210.250.13 23.210.250.13	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
1	23.210.250.44 23.210.250.44	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a02:26f0:6c0... 2a02:26f0:6c00:196::3282	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
10	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
2	52.9.74.36 52.9.74.36	16509 (AMAZON-02) (AMAZON-02)
12	151.101.113.44 151.101.113.44	54113 (FASTLY) (FASTLY)
2	2a02:26f0:6c0... 2a02:26f0:6c00:181::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a00:1450:400... 2a00:1450:4001:818::2003	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	172.217.21.226 172.217.21.226	15169 (GOOGLE) (GOOGLE)
2	2600:9000:205... 2600:9000:2057:ac00:18:1fcd:34e:d2a1	16509 (AMAZON-02) (AMAZON-02)
5	2606:4700::68... 2606:4700::6810:4ea5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	52.45.140.238 52.45.140.238	14618 (AMAZON-AES) (AMAZON-AES)
2 6	104.108.64.33 104.108.64.33	16625 (AKAMAI-AS) (AKAMAI-AS)
1 6	2a00:1450:400... 2a00:1450:4001:81a::2002	15169 (GOOGLE) (GOOGLE)
15	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
1	2600:9000:214... 2600:9000:214f:1e00:16:b34:fdc0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	151.101.13.181 151.101.13.181	54113 (FASTLY) (FASTLY)
1	23.210.248.65 23.210.248.65	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	2a00:1450:400... 2a00:1450:400c:c06::9d	15169 (GOOGLE) (GOOGLE)
2 4	2a00:1450:400... 2a00:1450:4001:817::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
1	54.85.197.32 54.85.197.32	14618 (AMAZON-AES) (AMAZON-AES)
1	64.202.112.191 64.202.112.191	23352 (SERVERCEN...) (SERVERCENTRAL)
1	2a04:4e42:1b:... 2a04:4e42:1b::714	54113 (FASTLY) (FASTLY)
5	23.210.249.164 23.210.249.164	16625 (AKAMAI-AS) (AKAMAI-AS)
3	185.33.220.242 185.33.220.242	29990 (ASN-APPNEX) (ASN-APPNEX)
3	213.19.162.21 213.19.162.21	3356 (LEVEL3) (LEVEL3)
3 9	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:816::2001	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:819::2001	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 2	52.95.123.167 52.95.123.167	16509 (AMAZON-02) (AMAZON-02)
1	13.89.172.6 13.89.172.6	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	151.101.13.194 151.101.13.194	54113 (FASTLY) (FASTLY)
15	151.101.13.44 151.101.13.44	54113 (FASTLY) (FASTLY)
2	3.128.54.90 3.128.54.90	16509 (AMAZON-02) (AMAZON-02)
3	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
3	151.101.113.194 151.101.113.194	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:81e::2001	15169 (GOOGLE) (GOOGLE)
1	23.210.249.92 23.210.249.92	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.224.194.68 13.224.194.68	16509 (AMAZON-02) (AMAZON-02)
1	18.204.98.179 18.204.98.179	14618 (AMAZON-AES) (AMAZON-AES)
1	2a02:26f0:6c0... 2a02:26f0:6c00:193::3282	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	15.188.154.177 15.188.154.177	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:6c0... 2a02:26f0:6c00:192::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
194	53

25 2.16.187.51 (Ascension Island) 1 redirects

ASN20940 (AKAMAI-ASN1, EU)
PTR: a2-16-187-51.deploy.static.akamaitechnologies.com

www.kiro7.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.111.9.35 (Phoenix, United States)

ASN33438 (HIGHWINDS2, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:214f:b600:a:588b:e680:93a1 (United States)

ASN16509 (AMAZON-02, US)

membercenter-sdk.cmg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 99.86.0.120 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-0-120.fra6.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.210.250.13 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-250-13.deploy.static.akamaitechnologies.com

s.ntv.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.210.250.44 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-250-44.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:196::3282 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

widgets.media.weather.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.9.74.36 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-9-74-36.us-west-1.compute.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 151.101.113.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
15.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00:181::11a6 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

s.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:818::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.21.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s13-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2057:ac00:18:1fcd:34e:d2a1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6810:4ea5 (United States)

ASN13335 (CLOUDFLARENET, US)

www.lightboxcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.45.140.238 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-140-238.compute-1.amazonaws.com

pr.realvu.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.108.64.33 (Netherlands) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-64-33.deploy.static.akamaitechnologies.com

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:81a::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:1e00:16:b34:fdc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

member-center-api.cmg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.13.181 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

widget.perfectmarket.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.210.248.65 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-248-65.deploy.static.akamaitechnologies.com

tcheck.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9d (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:817::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.85.197.32 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-85-197-32.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.202.112.191 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com

log.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:1b::714 (Ascension Island)

ASN54113 (FASTLY, US)

mab.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.210.249.164 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-249-164.deploy.static.akamaitechnologies.com

as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.220.242 (Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.19.162.21 (United Kingdom)

ASN3356 (LEVEL3, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 34.98.64.218 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

coxmediagroup-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

2b0b89c077c87173c841d62727a15297.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:819::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.95.123.167 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.89.172.6 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

lightboxapi.azurewebsites.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.13.194 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

includemodal.global.ssl.fastly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 151.101.13.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

images.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imprammp.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.128.54.90 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-128-54-90.us-east-2.compute.amazonaws.com

includemodal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

am-match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-vid-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.113.194 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

confiant-integrations.global.ssl.fastly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

198cd06afb5add1506af7e66b3238ef1.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.210.249.92 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-249-92.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.194.68 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-194-68.fra2.r.cloudfront.net

public.servenobid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.204.98.179 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-204-98-179.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:193::3282 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

widgets-green.media.weather.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.188.154.177 (Paris, France) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-15-188-154-177.eu-west-3.compute.amazonaws.com

twcimaxweb.112.2o7.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:192::11a6 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

685b3919.akstat.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	taboola.com cdn.taboola.com trc.taboola.com 15.taboola.com images.taboola.com vidstat.taboola.com am-match.taboola.com am-vid-events.taboola.com imprammp.taboola.com	935 KB
25	kiro7.com 1 redirects www.kiro7.com	597 KB
18	doubleclick.net 2 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net	202 KB
17	googlesyndication.com 2b0b89c077c87173c841d62727a15297.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com 198cd06afb5add1506af7e66b3238ef1.safeframe.googlesyndication.com	156 KB
9	openx.net 3 redirects coxmediagroup-d.openx.net eu-u.openx.net	2 KB
7	amazon-adsystem.com 1 redirects c.amazon-adsystem.com aax-eu.amazon-adsystem.com	31 KB
6	scorecardresearch.com 2 redirects sb.scorecardresearch.com	4 KB
6	googletagservices.com www.googletagservices.com	142 KB
5	fastly.net includemodal.global.ssl.fastly.net confiant-integrations.global.ssl.fastly.net	147 KB
5	google.com 2 redirects adservice.google.com www.google.com	2 KB
5	google.de adservice.google.de www.google.de	2 KB
5	realvu.net pr.realvu.net	74 KB
5	lightboxcdn.com www.lightboxcdn.com	125 KB
4	casalemedia.com as-sec.casalemedia.com	4 KB
4	fontawesome.com use.fontawesome.com	151 KB
3	rubiconproject.com fastlane.rubiconproject.com	5 KB
3	adnxs.com ib.adnxs.com	2 KB
3	chartbeat.com static.chartbeat.com mab.chartbeat.com	32 KB
3	facebook.net connect.facebook.net	177 KB
3	gstatic.com fonts.gstatic.com	33 KB
3	cmg.com membercenter-sdk.cmg.com member-center-api.cmg.com	487 KB
2	2o7.net 1 redirects twcimaxweb.112.2o7.net	557 B
2	includemodal.com includemodal.com	264 B
2	facebook.com www.facebook.com	483 B
2	chartbeat.net ping.chartbeat.net	336 B
2	outbrainimg.com tcheck.outbrainimg.com log.outbrainimg.com	744 B
2	perfectmarket.com widget.perfectmarket.com	32 KB
2	googleadservices.com www.googleadservices.com	13 KB
2	google-analytics.com 1 redirects www.google-analytics.com	19 KB
2	go-mpulse.net s.go-mpulse.net c.go-mpulse.net	52 KB
2	postrelease.com jadserve.postrelease.com	2 KB
2	weather.com widgets.media.weather.com widgets-green.media.weather.com	116 KB
1	akstat.io 685b3919.akstat.io	354 B
1	indexww.com js-sec.indexww.com
1	servenobid.com ads.servenobid.com Failed public.servenobid.com
1	pubmatic.com hbopenbid.pubmatic.com Failed ads.pubmatic.com
1	azurewebsites.net lightboxapi.azurewebsites.net	780 B
1	outbrain.com widgets.outbrain.com	47 KB
1	googletagmanager.com www.googletagmanager.com	50 KB
1	ntv.io s.ntv.io	96 KB
1	googleapis.com fonts.googleapis.com	1 KB
0	smartadserver.com Failed prg.smartadserver.com Failed
194	42

	Domain	Requested by
25	www.kiro7.com	1 redirects www.kiro7.com
15	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.kiro7.com
14	images.taboola.com	www.kiro7.com
10	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
7	cdn.taboola.com	www.kiro7.com cdn.taboola.com connect.facebook.net
6	eu-u.openx.net	3 redirects www.kiro7.com
6	sb.scorecardresearch.com	2 redirects www.kiro7.com cdn.taboola.com www.googletagmanager.com
6	www.googletagservices.com	www.kiro7.com securepubads.g.doubleclick.net pr.realvu.net
5	pagead2.googlesyndication.com	www.kiro7.com securepubads.g.doubleclick.net
5	pr.realvu.net	www.googletagmanager.com pr.realvu.net
5	www.lightboxcdn.com	www.kiro7.com www.lightboxcdn.com
5	c.amazon-adsystem.com	www.kiro7.com c.amazon-adsystem.com
4	as-sec.casalemedia.com	www.kiro7.com pr.realvu.net
4	www.google.com	2 redirects www.kiro7.com securepubads.g.doubleclick.net
4	use.fontawesome.com	www.kiro7.com
3	confiant-integrations.global.ssl.fastly.net	pr.realvu.net confiant-integrations.global.ssl.fastly.net
3	coxmediagroup-d.openx.net	www.kiro7.com
3	fastlane.rubiconproject.com	www.kiro7.com
3	ib.adnxs.com	www.kiro7.com
3	trc.taboola.com	cdn.taboola.com www.kiro7.com
3	www.google.de	www.kiro7.com
3	connect.facebook.net	www.googletagmanager.com connect.facebook.net
3	fonts.gstatic.com	www.kiro7.com
2	twcimaxweb.112.2o7.net	1 redirects
2	am-match.taboola.com	vidstat.taboola.com
2	includemodal.com	www.kiro7.com
2	includemodal.global.ssl.fastly.net	securepubads.g.doubleclick.net
2	aax-eu.amazon-adsystem.com	1 redirects c.amazon-adsystem.com
2	www.facebook.com	www.kiro7.com connect.facebook.net
2	ping.chartbeat.net	www.kiro7.com
2	googleads.g.doubleclick.net	1 redirects www.googleadservices.com
2	widget.perfectmarket.com	cdn.taboola.com widget.perfectmarket.com
2	adservice.google.de	www.googletagservices.com
2	static.chartbeat.com	www.kiro7.com www.googletagmanager.com
2	www.googleadservices.com	www.googletagmanager.com www.googleadservices.com
2	www.google-analytics.com	1 redirects www.googletagmanager.com
2	jadserve.postrelease.com	s.ntv.io www.kiro7.com
2	membercenter-sdk.cmg.com	www.kiro7.com membercenter-sdk.cmg.com
1	685b3919.akstat.io	s.go-mpulse.net
1	widgets-green.media.weather.com	widgets.media.weather.com
1	public.servenobid.com	pr.realvu.net
1	ads.pubmatic.com	pr.realvu.net
1	js-sec.indexww.com	pr.realvu.net
1	198cd06afb5add1506af7e66b3238ef1.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	imprammp.taboola.com	www.kiro7.com
1	am-vid-events.taboola.com	www.kiro7.com
1	vidstat.taboola.com	cdn.taboola.com
1	15.taboola.com	cdn.taboola.com
1	c.go-mpulse.net	s.go-mpulse.net
1	lightboxapi.azurewebsites.net	www.lightboxcdn.com
1	2b0b89c077c87173c841d62727a15297.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	mab.chartbeat.com	static.chartbeat.com
1	log.outbrainimg.com	widgets.outbrain.com
1	stats.g.doubleclick.net	1 redirects
1	tcheck.outbrainimg.com	widgets.outbrain.com
1	member-center-api.cmg.com	membercenter-sdk.cmg.com
1	adservice.google.com	www.googletagservices.com
1	s.go-mpulse.net	www.kiro7.com
1	widgets.media.weather.com	www.kiro7.com
1	widgets.outbrain.com	www.kiro7.com
1	www.googletagmanager.com	www.kiro7.com
1	s.ntv.io	www.kiro7.com
1	fonts.googleapis.com	www.kiro7.com
0	ads.servenobid.com Failed	pr.realvu.net
0	hbopenbid.pubmatic.com Failed	pr.realvu.net
0	prg.smartadserver.com Failed	pr.realvu.net
194	66

This site contains links to these domains. Also see Links.

Domain
jessejones.com
kiro7apps.com
storm.wnba.com
www.reignfc.com
jobs.coxenterprises.com
publicfiles.fcc.gov
membercenter.kiro7.com
www.agari.com
plarium.com
popup.taboola.com
jackpot.de
om.forgeofempires.com
investmentguru.com
ejnql.com
totalbattle.com
taongafarm.com
rfvtgb.doithouses.com
wlvvo.com
rfvtgb.learnitwise.com
www.appurse.com
www.coxmediagroup.com
cmg.jobs.net

Subject Issuer	Validity	Valid
cmg.cdn.arcpublishing.com Let's Encrypt Authority X3	`2020-05-27` - `2020-08-25`	3 months	crt.sh
*.fontawesome.com DigiCert SHA2 Secure Server CA	`2019-10-28` - `2020-12-23`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
cmg.com Amazon	`2020-06-04` - `2021-07-04`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2019-10-07` - `2020-09-29`	a year	crt.sh
*.ntv.io DigiCert SHA2 Secure Server CA	`2019-11-18` - `2021-02-16`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
*.outbrain.com DigiCert SHA2 Secure Server CA	`2020-03-09` - `2021-06-08`	a year	crt.sh
www.weather.com DigiCert Secure Site ECC CA-1	`2020-03-12` - `2021-03-12`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
*.postrelease.com Amazon	`2020-02-28` - `2021-03-28`	a year	crt.sh
*.taboola.com DigiCert SHA2 Secure Server CA	`2020-06-01` - `2020-09-10`	3 months	crt.sh
akstat.io DigiCert Secure Site ECC CA-1	`2020-05-06` - `2021-08-05`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-07-21` - `2020-10-12`	3 months	crt.sh
www.googleadservices.com GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2020-06-01` - `2021-06-02`	a year	crt.sh
ssl516460.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2020-05-19` - `2020-11-25`	6 months	crt.sh
ac.realvu.net Amazon	`2020-03-27` - `2021-04-27`	a year	crt.sh
sb.scorecardresearch.com DigiCert Secure Site ECC CA-1	`2020-07-17` - `2021-06-02`	a year	crt.sh
*.google.de GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
p.ssl.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2019-09-03` - `2021-02-22`	a year	crt.sh
*.outbrainimg.com DigiCert Secure Site ECC CA-1	`2020-03-26` - `2021-06-25`	a year	crt.sh
www.google.de GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2019-12-16` - `2020-12-30`	a year	crt.sh
f6.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-06-13` - `2021-04-24`	10 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2020-03-02` - `2021-04-01`	a year	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2020-06-24` - `2021-02-17`	8 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
www.google.com GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
aax-eu.amazon-adsystem.com Amazon	`2020-06-15` - `2021-06-15`	a year	crt.sh
*.azurewebsites.net Microsoft IT TLS CA 5	`2019-09-24` - `2021-09-24`	2 years	crt.sh
*.freetls.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-04-21` - `2021-04-22`	a year	crt.sh
includemodal.com Amazon	`2019-12-13` - `2021-01-13`	a year	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2020-02-26` - `2021-05-27`	a year	crt.sh
*.servenobid.com Amazon	`2020-04-06` - `2021-05-06`	a year	crt.sh
*.112.2o7.net DigiCert SHA2 High Assurance Server CA	`2019-04-23` - `2021-04-27`	2 years	crt.sh

This page contains 19 frames:

Primary Page: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Frame ID: 82B6FA5B2F548C59E6E52C1C035A0D91
Requests: 145 HTTP requests in this frame

Frame: https://s.go-mpulse.net/boomerang/2ARQK-4FEY5-2C44D-9TAQS-ZHZL7
Frame ID: E5652721300073A86B97D43A146E1B9E
Requests: 2 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=pm-db5_rbd_an-db5&dcc=t
Frame ID: B0957FFC887AA7DC17D92042DEB0AEE8
Requests: 1 HTTP requests in this frame

Frame: https://includemodal.global.ssl.fastly.net/pw.js
Frame ID: D751CB85DF0066EE1B4A0B3F2B5ACAE6
Requests: 9 HTTP requests in this frame

Frame: https://membercenter-sdk.cmg.com/sdk/hub.html
Frame ID: A66A633CEC6492FB14E9D62D2DF6FC94
Requests: 1 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V7UZ4CFgNSWsMbchQ1fQRSWsMbchQ1fQUAAAAGBvQHHMNhDCeEFWGzWMwGw8lkOVisBsPFcDhaDIfAMRzGcEJYETaLxWwwnEyGy8Vwt9xtdpvRagorxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPQa1mWD5Gg2Sw2K1hD02nw-e612udlr9vrvG7_VKX5_NyS_12l-cv9PveQofH67J83grLy605vRxmp93nFrruJsvL5HnrbW6102x2-u2et97mFvnNZofl85ZZ_m637uE5Ou0-09_uVt1dbsPZ73y77Ka35vk5vdx-OQAAAAA8AChhbkP8AAIARAAAAABIAAAAAFAEVPxbCFwAAAAAYAAQcG1pADxzLKzD6XlZHq6f5_QPAICHAhAAgAGFEAAAAAERAAAAgBEAAAAAEgCBv5oSAA-KJRMAgIC5WhqQiRMAAAAAAAAAAJb_____GIC86xQZgAytoB6ABx-AB6KC1CJGAAAAALmcr2tHkzqhsqgCACBItwK4AgAImKutofINAwAAEBhboIfF7zc77Bq_22UAAAAAAAAAAGb_Z_9oQj4o9mlA9wo9ar-AAABrv4AAAGzqBgDwJgAXdAStGAxWR0CbwWR2AAAAAHf_____eiCwco5ck-FqubJYFjPPxjAxjma-5cIyMk12K-Nse7WE5wBAWlKQfS3CMvt9BwXl9PSYXQZR0fW22B1Os-egVjMsH6NBMljsBuKDhmE5GQTzm7DFaDWZbJbD2XIxGQxHw9FofwK4GeAEDYeDxW6w2C0Ww8liMhosBwsUiMEEJ2Q42kxWo91qN1kOJ6PRbDPZIEWrVrPRZjBczSaz3W41HAyXoxFStGYxm0wWs9FytxksJ6PBcDIcIoytZh7XyrBYS0ab0Vq0WizXwonD4pYYRzPfxrYYThwet-j1Md0mi41nZNuiYMDeXgQX6UTjN761TsvfLbpdxBLNySKdyC77wso5ck2Gq-XKYlnMPBvDxDia-ZYLy8g02a2Ms31tNfO4VobFWjLajNai1WK5Fk4cFrfEOJr5NrbFcOLwuEWvj-k2WWw8I9u-sVrORrvJcjHcN1bL2Wi3GWx2-w6d4bv6nI3StMHWMdlmx8LtGzMdJC6DxftSn87DgrFg_X2OTqFEsSzqjH6_3-_3-_1-v99v0HoOZoPCNy0ejq_FSzq7pbyLWCI4XaQT0ct4uoglkqdFOpEYV47JyDlyWAyTjW3mMRlHNsvMsluZPL6ZbTSaiCVK00U60Utdns_LLfXbXZ6_0O97Cx0er8vyeSssL7fm9HKYnXafW-i6mywvk-ett7nVTrPZ6bd73nqbW-Q3mx2Wz1tm-bvduofn6LT7TH-7W3V3uQ1nv_Ptspvemufn9HJb1H98iOFqrljN5ordaq4Y7FYJAAAAAAAAAGAJU-ZNAAAAAE6DmG1mm91yAR4Qw3SBQQAAAAAAAHaJTaZLUu-WyosbP14Yv_GtdVr-btHtzJs9E8RarZY1AACAADYAAEAAt24!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: 44D1515FB9AF3F49011D3632E9B7E16E
Requests: 1 HTTP requests in this frame

Frame: https://includemodal.global.ssl.fastly.net/pw.js
Frame ID: 9B8EC005B3BE80B669F71F4D4457643E
Requests: 9 HTTP requests in this frame

Frame: https://confiant-integrations.global.ssl.fastly.net/5rVB4DsPmtXrz0O1uUnRC1WH1to/gpt_and_prebid/config.js
Frame ID: 4EBD1B59728BEE28831887E50CE4AE44
Requests: 15 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuysQWREO__fehh4A9IyB6AN8kITHZFLxYZ2juuojwwTeTqqBFud-w8u2T82cgkz1Tb3UDH2vg4SlkW6z97zBl3Mj6HEzH-3hB91PRtS3Vkn5EZSPzjvP5i7suiB3zpgEmk-sOZN1T5YiDH-9Vl9Y27wC1ZF67Redz2pVLBXyzy9qhtKoQ7tHab7jugZLNUDlLW1J-2jpBbEu1pzEALGOxltBA4vzIgPnDNp78BE8CCzvCXvKPQzTsTf2uoeOGpUjl_ezu_8bbE&sig=Cg0ArKJSzNRaUxCwpCwwEAE&urlfix=1&adurl=
Frame ID: 4349872E696EE8B3ED8F0DD678968239
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Frame ID: 7D96BCE89152187606A0B8A230046126
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvEa3oE-hXMKMsmH6ZOuoez3xS8iRSo4TjOfMMNLDbovMZz2RJsNWdc_sJWcTV8LMSXco1ni4XRyyXBBikJk_nM97lhoSP1jHdHIEzFbULBsKuXuWmI1A1PNRyC7Y1DFKNvfE2h6I7H0SEyVIA135cp1h1QqLzIO1G-2aRwB-Gn4If-0c45vMxR2OUwQgrUfYwcFmcDGtHAnkQGppNUF8M0JM5F-ESDBnIHWQT_lxujQiyZfSPNwxkAfYwM45dA8Uqo3_S7thE&sig=Cg0ArKJSzBEvz4_sk_mHEAE&urlfix=1&adurl=
Frame ID: 023E2EF66BB549DBDD8A8D14C389E9DB
Requests: 2 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=e31558e5-75b7-420e-989f-cbc513e3a26b&gdpr=0
Frame ID: 40FE4F96AC5D8CC06ED59972E48EEC07
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=e31558e5-75b7-420e-989f-cbc513e3a26b&gdpr=0
Frame ID: B76E319B4F15AF94CE3B1C76C778C13E
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=e31558e5-75b7-420e-989f-cbc513e3a26b&gdpr=0
Frame ID: 6022C30E1E64AE05C98E31989317DD3F
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 0E97FC45A9F2FF6055CF6F1751CC9F41
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 7B0FB4B7F611FB90C300DF1EA2A7715C
Requests: 1 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: 9814880866BBD24A8C7A478DF5C4F761
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Frame ID: 9F68003701F4FA7B08D47FEFA639E26A
Requests: 1 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V7UZ4CFgNSWsMbchQ1fQRSWsMbchQ1fQUAAAAGBvQHHMNhDCeEFWGzWMwGw8lkOVisBsPFcDhaDIfAMRzGcEJYETaLxWwwnEyGy8Vwt9xtdpvRagorxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPQa1mWD5Gg2Sw2K1hD02nw-e612udlr9vrvG7_VKX5_NyS_12l-cv9PveQofH67J83grLy605vRxmp93nFrruJsvL5HnrbW6102x2-u2et97mFvnNZofl85ZZ_m637uE5Ou0-09_uVt1dbsPZ73y77Ka35vk5vdx-OQAAAAA8AChhbkP8AAIARAAAAABIAAAAAFAEVPxbCFwAAAAAYAAQcG1pADxzLKzD6XlZHq6f5_QPAICHAhAAgAGFEAAAAAERAAAAgBEAAAAAEgCBv5oSAA-KJRMAgIC5WhqQiRMAAAAAAAAAAJb_____GIC86xQZgAytoB6ABx-AB6KC1CJGAAAAALmcr2tHkzqhsqgCACBItwK4AgAImKutofINAwAAEBhboIfF7zc77Bq_22UAAAAAAAAAAGb_Z_9oQj4o9mlA9wo9ar-AAABrv4AAAGzqBgDwJgAXdAStGAxWR0CbwWR2AAAAAHf_____eiCwco5ck-FqubJYFjPPxjAxjma-5cIyMk12K-Nse7WE5wBAWlKQfS3CMvt9BwXl9PSYXQZR0fW22B1Os-egVjMsH6NBMljsBuKDhmE5GQTzm7DFaDWZbJbD2XIxGQxHw9FofwK4GeAEDYeDxW6w2C0Ww8liMhosBwsUiMEEJ2Q42kxWo91qN1kOJ6PRbDPZIEWrVrPRZjBczSaz3W41HAyXoxFStGYxm0wWs9FytxksJ6PBcDIcIoytZh7XyrBYS0ab0Vq0WizXwonD4pYYRzPfxrYYThwet-j1Md0mi41nZNuiYMDeXgQX6UTjN761TsvfLbpdxBLNySKdyC77wso5ck2Gq-XKYlnMPBvDxDia-ZYLy8g02a2Ms31tNfO4VobFWjLajNai1WK5Fk4cFrfEOJr5NrbFcOLwuEWvj-k2WWw8I9u-sVrORrvJcjHcN1bL2Wi3GWx2-w6d4bv6nI3StMHWMdlmx8LtGzMdJC6DxftSn87DgrFg_X2OTqFEsSzqjH6_3-_3-_1-v99v0HoOZoPCNy0ejq_FSzq7pbyLWCI4XaQT0ct4uoglkqdFOpEYV47JyDlyWAyTjW3mMRlHNsvMsluZPL6ZbTSaiCVK00U60Utdns_LLfXbXZ6_0O97Cx0er8vyeSssL7fm9HKYnXafW-i6mywvk-ett7nVTrPZ6bd73nqbW-Q3mx2Wz1tm-bvduofn6LT7TH-7W3V3uQ1nv_Ptspvemufn9HJb1H98iOFqrljN5ordaq4Y7FYJAAAAAAAAAGAJU-ZNAAAAAE6DmG1mm91yAR4Qw3SBQQAAAAAAAHaJTaZLUu-WyosbP14Yv_GtdVr-btHtzJs9E8RarZY1AACAADYAAEAAt24!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: 47DFDB8AE8D29EDC9A8EEC6CFE44C062
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-wa... HTTP 301
https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-wa... Page URL

Detected technologies

Lua (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

OpenResty (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Lightbox (JavaScript Libraries) Expand

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

Page Statistics

194
Requests

96 %
HTTPS

43 %
IPv6

42
Domains

66
Subdomains

53
IPs

8
Countries

3732 kB
Transfer

11136 kB
Size

3
Cookies

34 Outgoing links

These are links going to different origins than the main page.

URL: https://jessejones.com/
Title: Jesse Jones

Search URL Search Domain Scan URL

URL: https://kiro7apps.com/
Title: KIRO 7 Apps

Search URL Search Domain Scan URL

URL: https://storm.wnba.com/news/
Title: Seattle Storm

Search URL Search Domain Scan URL

URL: https://www.reignfc.com/#news
Title: Seattle Reign FC

Search URL Search Domain Scan URL

URL: https://jobs.coxenterprises.com/Businesses/Cox-Media-Group?prefilters=none&CloudSearchLocation=none
Title: Jobs with KIRO 7

Search URL Search Domain Scan URL

URL: https://publicfiles.fcc.gov/tv-profile/kiro-tv
Title: KIRO 7 Public File

Search URL Search Domain Scan URL

URL: https://publicfiles.fcc.gov/tv-profile/kiro-tv/equal-employment-opportunity-records/additional-documents/eeo-public-file-reports/13c34945-0d96-22eb-dfe4-c48013168eea/
Title: KIRO 7 FCC EEO Report

Search URL Search Domain Scan URL

URL: https://membercenter.kiro7.com/newsletters
Title: Newsletter Sign-up

Search URL Search Domain Scan URL

URL: https://jessejones.com/scammers-swoop-in-swipe-washington-unemployment-benefits/
Title: impostor fraud

Search URL Search Domain Scan URL

URL: https://www.agari.com/email-security-blog/covid-19-unemployment-fraud-cares-act/
Title: Scattered Canary

Search URL Search Domain Scan URL

URL: https://jessejones.com/victims-of-unemployment-fraud-have-assets-frozen-by-bank/
Title: Victims of unemployment fraud have assets frozen by bank

Search URL Search Domain Scan URL

URL: https://jessejones.com/impostor-fraud-continues-seattle-mans-information-used-to-apply-for-unemployment-benefits-in-three-states/
Title: Impostor fraud continues: Seattle man's information used to apply for unemployment benefits in three states

Search URL Search Domain Scan URL

URL: https://jessejones.com/at-least-55000-people-in-washington-wait-for-unemployment-decisions/
Title: At least 55,000 people in Washington wait for unemployment decisions

Search URL Search Domain Scan URL

URL: https://jessejones.com/delays-denials-as-coronavirus-fuels-demand-for-unemployment-benefits/
Title: Delays, denials as Coronavirus fuels demand for unemployment benefits

Search URL Search Domain Scan URL

URL: https://plarium.com/landings/de/vikings/encyclopedia_f001_a?publisherID=2883407970&placement=cox-kiro-tv&click_Id=GiB7ToMxI9qSWDm-h5mBfxeTH49FA8Yo_iUzcYzWp0h8pCD4rkE&adpartnerset=452213&plid=128923&pxl=taboola_fr#tblciGiB7ToMxI9qSWDm-h5mBfxeTH49FA8Yo_iUzcYzWp0h8pCD4rkE
Title: Vikings: Gratis Online Spiel

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=cox-kiro-tv&utm_medium=referral&utm_content=thumbs-feed-01-b:Below%20Article%20Thumbnails%20-March%202017%20|%20Card%201:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://jackpot.de/lp/merkurslots1x1r1f1b0a0e0/?aid=tbl-ch&utm_source=cox-kiro-tv&utm_medium=native&utm_campaign=Jackpot.de-CH-Desktop-Merkur-LP-SmartBid&utm_content=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F6e2051ea622795551a62636cb64d9a06.jpg&utm_term=2858172952&tblci=GiB7ToMxI9qSWDm-h5mBfxeTH49FA8Yo_iUzcYzWp0h8pCCG1UY#tblciGiB7ToMxI9qSWDm-h5mBfxeTH49FA8Yo_iUzcYzWp0h8pCCG1UY
Title: Jackpot.de - Social Casino

Search URL Search Domain Scan URL

URL: https://om.forgeofempires.com/foe/de/?ref=tab_de_de&&external_param=2896555037&pid=cox-kiro-tv&bid=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F0aaf5560c4837bf0ccdfc65ee9dea847.jpeg&tblci=GiB7ToMxI9qSWDm-h5mBfxeTH49FA8Yo_iUzcYzWp0h8pCDJqD8#tblciGiB7ToMxI9qSWDm-h5mBfxeTH49FA8Yo_iUzcYzWp0h8pCDJqD8
Title: Forge Of Empires - Free Online Game

Search URL Search Domain Scan URL

URL: https://plarium.com/landings/de/vikings/encyclopedia_f002_prelp001?publisherID=278415889&placement=cox-kiro-tv&click_Id=GiB7ToMxI9qSWDm-h5mBfxeTH49FA8Yo_iUzcYzWp0h8pCD4rkE&adpartnerset=452213&plid=128923&pxl=taboola_fr#tblciGiB7ToMxI9qSWDm-h5mBfxeTH49FA8Yo_iUzcYzWp0h8pCD4rkE
Title: Vikings: Gratis Online Spiel

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=cox-kiro-tv&utm_medium=referral&utm_content=thumbs-feed-01-a-2x1:Below%20Article%20Thumbnails%20-March%202017%20|%20Card%202:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://investmentguru.com/trending/meet-better-halves-successful-celebrities/?utm_source=taboola&utm_medium=cox-kiro-tv&utm_campaign=4731917&utm_term=At+75%2C++Tom+Selleck+And+His+Partner+Are+Still+Together&utm_content=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2Fde021fd53a2d06a480422fcbd701322d.jpg
Title: InvestmentGuru

Search URL Search Domain Scan URL

URL: http://ejnql.com/cid/2a27dd44-099d-4e01-a9be-b3a186cd96be?campaignid=5231024&site=cox-kiro-tv&thumbnail=http%3A%2F%2Fejnql.com%2Fcontent%2F40c8ef90-07c7-487a-84df-63d93500c1a4.jpg&title=So+wenig+kosten+Zahnimplantat+in+Zollikofen+wirklich&timestamp=2020-08-03+16%3A43%3A57&platform=Desktop&campaignitemid=2910375104#tblciGiB7ToMxI9qSWDm-h5mBfxeTH49FA8Yo_iUzcYzWp0h8pCDlok0
Title: Implantat Zahn Kosten | Gesponserte Links

Search URL Search Domain Scan URL

URL: https://totalbattle.com/en/lp/city9alike2_webgl_dark_po_2/3?adgp=ads&prtr=taboola&acc=main&adsite=cox-kiro-tv&cpn=4382244&iid=2895272168&clickid=GiB7ToMxI9qSWDm-h5mBfxeTH49FA8Yo_iUzcYzWp0h8pCCakUM#tblciGiB7ToMxI9qSWDm-h5mBfxeTH49FA8Yo_iUzcYzWp0h8pCCakUM
Title: Total Battle: Tactical War Game

Search URL Search Domain Scan URL

URL: https://taongafarm.com/de/landings/gp/25?ref=W_010520_CH_Click_Image&mng=VK&utm_source=taboola&utm_term=1017953_cox-kiro-tv&utm_content=2905250078#tblciGiB7ToMxI9qSWDm-h5mBfxeTH49FA8Yo_iUzcYzWp0h8pCDJpEc
Title: Taonga: Die tropische Farm

Search URL Search Domain Scan URL

URL: https://totalbattle.com/en/lp/parallax1_webgl_dark_po_2/3?adgp=ads&prtr=taboola&acc=main&adsite=cox-kiro-tv&cpn=4382244&iid=2895272182&clickid=GiB7ToMxI9qSWDm-h5mBfxeTH49FA8Yo_iUzcYzWp0h8pCCakUM#tblciGiB7ToMxI9qSWDm-h5mBfxeTH49FA8Yo_iUzcYzWp0h8pCCakUM
Title: Total Battle: Tactical War Game

Search URL Search Domain Scan URL

URL: https://rfvtgb.doithouses.com/worldwide/nomake-ta-ge?utm_medium=taboola&utm_source=taboola&utm_campaign=ta-dh-nomake-s-des-3s-03080&utm_term=cox-kiro-tv
Title: Do It Houses

Search URL Search Domain Scan URL

URL: http://wlvvo.com/cid/d088f1c6-2645-45fd-8052-1cf69268c48b?campaignid=5341809&site=cox-kiro-tv&thumbnail=http%3A%2F%2Fwlvvo.com%2Fcontent%2Fab0735b3-a418-4e65-82d8-d55cf27f8ea8.jpg&title=So+viel+sollten+Zahnimplantate+in+Zollikofen+kosten&timestamp=2020-08-03+16%3A43%3A57&platform=Desktop&campaignitemid=2912463674#tblciGiB7ToMxI9qSWDm-h5mBfxeTH49FA8Yo_iUzcYzWp0h8pCDlok0
Title: Implantat Zahn Schmerzen | Sponsored Listings

Search URL Search Domain Scan URL

URL: https://rfvtgb.learnitwise.com/worldwide/nomake-ta-ge?utm_medium=taboola&utm_source=taboola&utm_campaign=ta-lw-nomake-s-des-3s-03080&utm_term=cox-kiro-tv
Title: Learn It Wise

Search URL Search Domain Scan URL

URL: https://www.appurse.com/articles/see-what-tiger-woods-ex-looks-like-now.html?utm_source=cox-kiro-tv&utm_medium=taboola&utm_campaign=4044834&utm_content=2887100520#tblciGiB7ToMxI9qSWDm-h5mBfxeTH49FA8Yo_iUzcYzWp0h8pCDe0T8
Title: Appurse

Search URL Search Domain Scan URL

URL: https://www.coxmediagroup.com/
Title: Cox Media Group

Search URL Search Domain Scan URL

URL: https://cmg.jobs.net/
Title: Cox Media Group

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system HTTP 301
https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 41

https://sb.scorecardresearch.com/b?c1=2&c2=32816940&ns__t=1596473037142&ns_c=UTF-8&c8=How%20hackers%20are%20stealing%20hundreds%20of%20millions%20of%20dollars%20from%20Washington%E2%80%99s%20unemployment%20system&c7=https%3A%2F%2Fwww.kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=32816940&ns__t=1596473037142&ns_c=UTF-8&c8=How%20hackers%20are%20stealing%20hundreds%20of%20millions%20of%20dollars%20from%20Washington%E2%80%99s%20unemployment%20system&c7=https%3A%2F%2Fwww.kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F&c9=&cs_ak_ss=1

Request Chain 59

https://www.google-analytics.com/r/collect?v=1&_v=j83&a=494244444&t=pageview&_s=1&dl=https%3A%2F%2Fwww.kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F&ul=en-us&de=UTF-8&dt=How%20hackers%20are%20stealing%20hundreds%20of%20millions%20of%20dollars%20from%20Washington%E2%80%99s%20unemployment%20system&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=1150563544&gjid=1595793165&cid=105589155.1596473037&tid=UA-69447481-1&_gid=892080592.1596473037&_r=1&gtm=2wg7m1WJW4B46&cd1=tv&cd2=kiro-tv&cd3=wa%3A%20seattle&cd4=core&cd5=news&cd6=responsive%20site&cd7=kiro7.com&cd8=https%3A%2F%2Fwww.kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F&cd9=how%20hackers%20are%20stealing%20hundreds%20of%20millions%20of%20dollars%20from%20washington%E2%80%99s%20unemployment%20system&cd10=news&cd11=jesse%20jones&cd12=&cd14=article&cd15=WXYQ2IBHV45AXZSL3LOLK4ZUQM&cd17=202005211745&cd18=20200730918&cd19=&cd20=&cd22=standalone%20page&cd26=arc&cd27=%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F&cd29=coronavirus%2Ccybercrime%2Cfraud%2Cgovernment-waste%2Cjesses-story-of-the-day%2CJesseJones&cd48=www.kiro7.com&cd149=coronavirus%2Ccybercrime%2Cfraud%2Cgovernment-waste%2Cjesses-story-of-the-day%2CJesseJones&z=100947741 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-69447481-1&cid=105589155.1596473037&jid=1150563544&_gid=892080592.1596473037&gjid=1595793165&_v=j83&z=100947741 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-69447481-1&cid=105589155.1596473037&jid=1150563544&_v=j83&z=100947741 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-69447481-1&cid=105589155.1596473037&jid=1150563544&_v=j83&z=100947741&slf_rd=1&random=3459656024

Request Chain 89

https://sb.scorecardresearch.com/b?c1=7&c2=13739933&c3=20121515121&ns__t=1596473037570&ns_c=UTF-8&cv=3.5&c8=How%20hackers%20are%20stealing%20hundreds%20of%20millions%20of%20dollars%20from%20Washington%E2%80%99s%20unemployment%20system&c7=https%3A%2F%2Fwww.kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1596473037570&ns_c=UTF-8&cv=3.5&c8=How%20hackers%20are%20stealing%20hundreds%20of%20millions%20of%20dollars%20from%20Washington%E2%80%99s%20unemployment%20system&c7=https%3A%2F%2Fwww.kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F&c9=&cs_ak_ss=1

Request Chain 91

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/767680447/?random=1109118593&cv=9&fst=*&num=1&value=0&label=c_PNCPmS2poBEL-_h-4C&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7m1&sendb=1&ig=1&frm=0&url=https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/&tiba=How%20hackers%20are%20stealing%20hundreds%20of%20millions%20of%20dollars%20from%20Washington%E2%80%99s%20unemployment%20system&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=zT4oX66nFvqL7_UP28-M-Ak&sscte=1&crd=&eitems=ChAI8Oue-QUQlaPnocD-3-lYEh0ADOG3zn0M2oTJYsJQsPHa6CaV6KX0kwWerP00Bw HTTP 302
https://www.google.com/pagead/1p-conversion/767680447/?random=1109118593&cv=9&fst=*&num=1&value=0&label=c_PNCPmS2poBEL-_h-4C&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7m1&sendb=1&ig=1&frm=0&url=https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/&tiba=How%20hackers%20are%20stealing%20hundreds%20of%20millions%20of%20dollars%20from%20Washington%E2%80%99s%20unemployment%20system&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=zT4oX66nFvqL7_UP28-M-Ak&eitems=ChAI8Oue-QUQlaPnocD-3-lYEh0ADOG3zmHflzz59NM-70ElLIgBiciOxLu2o_Oasg&random=872104740&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/767680447/?random=1109118593&cv=9&fst=*&num=1&value=0&label=c_PNCPmS2poBEL-_h-4C&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7m1&sendb=1&ig=1&frm=0&url=https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/&tiba=How%20hackers%20are%20stealing%20hundreds%20of%20millions%20of%20dollars%20from%20Washington%E2%80%99s%20unemployment%20system&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=zT4oX66nFvqL7_UP28-M-Ak&eitems=ChAI8Oue-QUQlaPnocD-3-lYEh0ADOG3zmHflzz59NM-70ElLIgBiciOxLu2o_Oasg&random=872104740&resp=GooglemKTybQhCsO&ipr=y

Request Chain 97

https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=pm-db5_rbd_an-db5 HTTP 302
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=pm-db5_rbd_an-db5&dcc=t

Request Chain 179

https://eu-u.openx.net/w/1.0/pd?plm=6&ph=e31558e5-75b7-420e-989f-cbc513e3a26b&gdpr=0 HTTP 302
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=e31558e5-75b7-420e-989f-cbc513e3a26b&gdpr=0

Request Chain 180

https://eu-u.openx.net/w/1.0/pd?plm=6&ph=e31558e5-75b7-420e-989f-cbc513e3a26b&gdpr=0 HTTP 302
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=e31558e5-75b7-420e-989f-cbc513e3a26b&gdpr=0

Request Chain 181

https://eu-u.openx.net/w/1.0/pd?plm=6&ph=e31558e5-75b7-420e-989f-cbc513e3a26b&gdpr=0 HTTP 302
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=e31558e5-75b7-420e-989f-cbc513e3a26b&gdpr=0

Request Chain 190

https://twcimaxweb.112.2o7.net/b/ss/twcimaxweb/1?pageName=www.kiro7.com&v3=138459890&events=event1 HTTP 302
https://twcimaxweb.112.2o7.net/b/ss/twcimaxweb/1?AQB=1&pccr=true&pageName=www.kiro7.com&v3=138459890&events=event1&AQE=1

194 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Redirect Chain

https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system
https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

105 KB
21 KB

190ms
125ms

Document
text/html

2.16.187.51
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.187.51 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a2-16-187-51.deploy.static.akamaitechnologies.com

Software

openresty /

Resource Hash

f160f126fb44b72a76e11f7b10e6145c0c61be59606f6e9fb79f530612efe82b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

:method: GET
:authority: www.kiro7.com
:scheme: https
:path: /jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: AKA_A2=A
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
content-type: text/html;charset=UTF-8
server: openresty
pb-rid: rF4EmW1Kh2SsUr
pb-pid: kiro-article
arc-version: __default__
x-akamai-transformed: 9 - 0 pmb=mRUM,2
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=60
expires: Mon, 03 Aug 2020 16:44:56 GMT
date: Mon, 03 Aug 2020 16:43:56 GMT
content-length: 20310
server-timing: cdn-cache; desc=HIT edge; dur=1
link: <https://use.fontawesome.com/releases/v5.2.0/webfonts/fa-brands-400.woff2>;rel="preload";as="font";type="font/woff2";crossorigin,<https://use.fontawesome.com/releases/v5.2.0/webfonts/fa-solid-900.woff2>;rel="preload";as="font";type="font/woff2";crossorigin,<https://use.fontawesome.com/releases/v5.2.0/webfonts/fa-regular-400.woff2>;rel="preload";as="font";type="font/woff2";crossorigin <https://www.googletagmanager.com>;rel="preconnect",<https://c.amazon-adsystem.com>;rel="preconnect",<https://widgets.media.weather.com>;rel="preconnect",<https://widgets.outbrain.com>;rel="preconnect",<https://connect.facebook.net>;rel="preconnect",<https://static.chartbeat.com>;rel="preconnect",<https://membercenter-sdk.cmg.com>;rel="preconnect",<https://cdn.taboola.com>;rel="preconnect"
content-security-policy: upgrade-insecure-requests

Redirect headers

status: 301
content-type: text/html
content-length: 166
server: openresty
location: /jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
cache-control: max-age=1
expires: Mon, 03 Aug 2020 16:43:57 GMT
date: Mon, 03 Aug 2020 16:43:56 GMT
set-cookie: AKA_A2=A; expires=Mon, 03-Aug-2020 17:43:56 GMT; path=/; domain=kiro7.com; secure; HttpOnly
server-timing: cdn-cache; desc=HIT edge; dur=14
link: <https://use.fontawesome.com/releases/v5.2.0/webfonts/fa-brands-400.woff2>;rel="preload";as="font";type="font/woff2";crossorigin,<https://use.fontawesome.com/releases/v5.2.0/webfonts/fa-solid-900.woff2>;rel="preload";as="font";type="font/woff2";crossorigin,<https://use.fontawesome.com/releases/v5.2.0/webfonts/fa-regular-400.woff2>;rel="preload";as="font";type="font/woff2";crossorigin <https://www.googletagmanager.com>;rel="preconnect",<https://c.amazon-adsystem.com>;rel="preconnect",<https://widgets.media.weather.com>;rel="preconnect",<https://widgets.outbrain.com>;rel="preconnect",<https://connect.facebook.net>;rel="preconnect",<https://static.chartbeat.com>;rel="preconnect",<https://membercenter-sdk.cmg.com>;rel="preconnect",<https://cdn.taboola.com>;rel="preconnect"
content-security-policy: upgrade-insecure-requests

GET
H2 200 fa-brands-400.woff2
use.fontawesome.com/releases/v5.2.0/webfonts/ 63 KB
63 KB 146ms
89ms Font
font/woff2 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.2.0/webfonts/fa-brands-400.woff2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 4d0130d314f1669c9ea5a911d401d6250f96386a52b0c38f7b3fb43cdcd10589

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Origin: https://www.kiro7.com

Response headers

date: Mon, 03 Aug 2020 16:43:56 GMT
last-modified: Mon, 23 Jul 2018 17:07:09 GMT
server: NetDNA-cache/2.2
status: 200
etag: "6814d0e8136d34e313623eb7129d538e"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT
accept-ranges: bytes
content-length: 64144

GET
H2 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.2.0/webfonts/ 61 KB
61 KB 115ms
58ms Font
font/woff2 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.2.0/webfonts/fa-solid-900.woff2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 5c7df99df232586111917083a85aa31b82ee29e48ca2990e13fae0c0663a923f

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Origin: https://www.kiro7.com

Response headers

date: Mon, 03 Aug 2020 16:43:56 GMT
last-modified: Mon, 23 Jul 2018 17:07:14 GMT
server: NetDNA-cache/2.2
status: 200
etag: "b75b4bfe0d58faeced5006c785eaae23"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT
accept-ranges: bytes
content-length: 62472

GET
H2 200 fa-regular-400.woff2
use.fontawesome.com/releases/v5.2.0/webfonts/ 15 KB
15 KB 158ms
102ms Font
font/woff2 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.2.0/webfonts/fa-regular-400.woff2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 0ecd9f5bb492be71e3aacc8ca4f170c8f9890242a25e2c6ec9a42f13561b028f

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Origin: https://www.kiro7.com

Response headers

date: Mon, 03 Aug 2020 16:43:56 GMT
last-modified: Mon, 23 Jul 2018 17:07:12 GMT
server: NetDNA-cache/2.2
status: 200
etag: "8d9ab84bfe87a3f77112a6698cf639fb"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT
accept-ranges: bytes
content-length: 14888

GET
H2 200 all.css
use.fontawesome.com/releases/v5.2.0/css/ 46 KB
12 KB 86ms
32ms Stylesheet
text/css 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.2.0/css/all.css
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 8891a160f8a2afb81de5259f9f68e5af3782348ea2927ad9e969bc88c7d39984

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Origin: https://www.kiro7.com

Response headers

date: Mon, 03 Aug 2020 16:43:56 GMT
content-encoding: gzip
last-modified: Mon, 23 Jul 2018 17:06:58 GMT
server: NetDNA-cache/2.2
status: 200
etag: W/"20a9ce516eaea76da29a23adc43e8998"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT

GET
H2 200 css
fonts.googleapis.com/ 14 KB
1 KB 38ms
25ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,400i,500,500i,700,700i

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fabbb74833cdd9063a2219ddd3240bb4f71a499e8838ec1d90e396548afc9d56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 03 Aug 2020 16:35:16 GMT
server: ESF
date: Mon, 03 Aug 2020 16:43:56 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 03 Aug 2020 16:43:56 GMT

GET
H2 200 cmg-framework0b08a005255398cce0d2.css
www.kiro7.com/pb/resources/dist/0b08a005255398cce0d2/cmg/ 32 KB
6 KB 39ms
37ms Stylesheet
text/css 2.16.187.51
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kiro7.com/pb/resources/dist/0b08a005255398cce0d2/cmg/cmg-framework0b08a005255398cce0d2.css?v=95

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.187.51 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a2-16-187-51.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

e212e3161632a4224e3e49b5af5d23622235d08db416499aa4c24aa2c83a9ca8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, upgrade-insecure-requests

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests, upgrade-insecure-requests
content-encoding: br
etag: "ba32167271cdd7a75ece23cd323645dd"
x-akamai-ro-tunnel-origin-edge-control: max-age=365d, downstream-ttl=365d
status: 200
server-timing: cdn-cache; desc=HIT, edge; dur=1
x-amz-request-id: 9WFJ2T0PCX0PCW8J
x-amz-id-2: bZJlFXJ31+pcJ9NhJW1jsnKSrOqY152n8yNDjWDPUR2+eDst4v0FKytDHeIeTxWbYivKNShgbPM=
accept-ranges: bytes
arc-version: 95
last-modified: Tue, 21 Jul 2020 20:31:33 GMT
server: Akamai Resource Optimizer
date: Mon, 03 Aug 2020 16:43:56 GMT
vary: Accept-Encoding
x-amz-version-id: yzHmsAdpfv1z1xUKz7cgSpcHGs12qbfs
access-control-allow-origin: *
cache-control: max-age=31536000
content-length: 6086
content-type: text/css; charset=utf-8
expires: Tue, 03 Aug 2021 16:43:56 GMT

GET
H2 200 cmg-features0b08a005255398cce0d2.css
www.kiro7.com/pb/resources/dist/0b08a005255398cce0d2/cmg/ 35 KB
5 KB 44ms
43ms Stylesheet
text/css 2.16.187.51
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kiro7.com/pb/resources/dist/0b08a005255398cce0d2/cmg/cmg-features0b08a005255398cce0d2.css?v=95

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.187.51 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a2-16-187-51.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

680168566ee9750e5db2b29af40845da0bf6ae8a6647f71f2feaa85948b6499d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, upgrade-insecure-requests

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests, upgrade-insecure-requests
content-encoding: br
etag: "5503d7fbb19c29fb8994d8644b693d60"
x-akamai-ro-tunnel-origin-edge-control: max-age=365d, downstream-ttl=365d
status: 200
server-timing: cdn-cache; desc=HIT, edge; dur=1
x-amz-request-id: 38032BC44E9B7E92
x-amz-id-2: C8Rw7HAymAI5AmbfE6ScgTfxZTE/uZeobJW3BOYDW0Zbn/k6rQ+ZK2QKvQVJpL6GYIIR5hPc/GY=
accept-ranges: bytes
arc-version: 95
last-modified: Tue, 21 Jul 2020 20:18:51 GMT
server: Akamai Resource Optimizer
date: Mon, 03 Aug 2020 16:43:56 GMT
vary: Accept-Encoding
x-amz-version-id: msjWCi19VtaJKIQbimxUXkEWXHx5XOOX
access-control-allow-origin: *
cache-control: max-age=31536000
content-length: 4698
content-type: text/css; charset=utf-8
expires: Tue, 03 Aug 2021 16:43:56 GMT

GET
H2 200 cmg-services0b08a005255398cce0d2.css
www.kiro7.com/pb/resources/dist/0b08a005255398cce0d2/cmg/ 0
482 B 50ms
48ms Stylesheet
text/css 2.16.187.51
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kiro7.com/pb/resources/dist/0b08a005255398cce0d2/cmg/cmg-services0b08a005255398cce0d2.css?v=95

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.187.51 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a2-16-187-51.deploy.static.akamaitechnologies.com

Software

openresty /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, upgrade-insecure-requests

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: iCE1gr9HaYWV49S6h2B.YhExj.D1.Wc1
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-amz-request-id: 6CC6F4E5A39735A2
status: 200
date: Mon, 03 Aug 2020 16:43:56 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 0
x-amz-id-2: u6GLHQbIYhz0pVGwr7FyrM8LHwHXsqeED7hwhp5/tiWqksw4qmo12Nl38e1cU//4tuWuckMSSUA=
arc-version: 95
last-modified: Fri, 17 Jul 2020 21:11:52 GMT
server: openresty
x-edgeconnect-cache-status: 1
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: upgrade-insecure-requests, upgrade-insecure-requests
accept-ranges: bytes
expires: Tue, 03 Aug 2021 16:43:56 GMT

GET
H2 200 main.min.js Show response
membercenter-sdk.cmg.com/sdk/ 3 MB
475 KB 49ms
10ms Script
application/javascript 2600:9000:214f:b600:a:588b:e680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://membercenter-sdk.cmg.com/sdk/main.min.js
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:b600:a:588b:e680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cbdd20706135f61957fc52135a64586fa2a836d06f9fbba78f973c7ba96b5fba

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 16:43:14 GMT
content-encoding: gzip
last-modified: Thu, 23 Jul 2020 18:50:46 GMT
server: AmazonS3
age: 43
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: vQl10Z_76rPXZgkc8e4cKBXc8UlR6oHNkyKDEylNhbwazgrbeMJ6gA==
via: 1.1 7d89b6cf83f15400102bd86c47585040.cloudfront.net (CloudFront)

GET
H2 200 js-cookie-2.2.1.min.js Show response
www.kiro7.com/pb/resources/scripts/ 2 KB
1 KB 54ms
53ms Script
application/javascript 2.16.187.51
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kiro7.com/pb/resources/scripts/js-cookie-2.2.1.min.js

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.187.51 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a2-16-187-51.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

15222558c59d8869576c6579a2b115258dc1a73efbdd38eafddd044a92756768

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, upgrade-insecure-requests

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests, upgrade-insecure-requests
content-encoding: br
etag: "bdb32"
x-akamai-ro-tunnel-origin-edge-control: max-age=365d, downstream-ttl=365d
status: 200
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 965
arc-version: __default__
last-modified: Thu, 09 Jul 2020 17:25:11 GMT
server: Akamai Resource Optimizer
date: Mon, 03 Aug 2020 16:43:56 GMT
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Tue, 03 Aug 2021 16:43:56 GMT

GET
H2 200 prebid2.41.0.js Show response
www.kiro7.com/pb/resources/scripts/ 170 KB
47 KB 39ms
38ms Script
application/javascript 2.16.187.51
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kiro7.com/pb/resources/scripts/prebid2.41.0.js

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.187.51 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a2-16-187-51.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

fa44b74a77714d909c063e148f48d8c6ee818985a299dd9b408d40a50c209bab

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, upgrade-insecure-requests

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests, upgrade-insecure-requests
content-encoding: br
etag: "ea0ae"
x-akamai-ro-tunnel-origin-edge-control: max-age=365d, downstream-ttl=365d
status: 200
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 47271
arc-version: __default__
last-modified: Wed, 08 Jul 2020 22:39:49 GMT
server: Akamai Resource Optimizer
date: Mon, 03 Aug 2020 16:43:56 GMT
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Tue, 03 Aug 2021 16:43:56 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 102 KB
26 KB 108ms
56ms Script
application/javascript 99.86.0.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.86.0.120 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-0-120.fra6.r.cloudfront.net
Software: Server /
Resource Hash: 7301462cb27dcb0cf467822211f6cdd478be091ed9d776b29f426ce78c4a414f

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 16:31:09 GMT
content-encoding: gzip
server: Server
age: 767
etag: b586b236f6b3db3c4ca9410451195336
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: public, max-age=900
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: KkFq_2N6n7cPMQEVh-re-KJd6GOTf88JGFxnXFcsZE_Byau_wJ9kxg==
via: 1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)

GET
H2 200 84612eb819.js Show response
www.kiro7.com/pb/gr/c/default/rF4EmW1Kh2SsUr/arcAdsJS/ 13 KB
4 KB 60ms
59ms Script
application/javascript 2.16.187.51
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kiro7.com/pb/gr/c/default/rF4EmW1Kh2SsUr/arcAdsJS/84612eb819.js?v=95

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.187.51 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a2-16-187-51.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

68632f1c4edadde25df7c227f597bc41ec7c9a019cc6e0196d7060907e10b298

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, upgrade-insecure-requests

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests, upgrade-insecure-requests
content-encoding: br
etag: "d8dc7"
x-akamai-ro-tunnel-origin-edge-control: max-age=365d, downstream-ttl=365d
status: 200
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 3907
arc-version: 95
last-modified: Tue, 21 Jul 2020 20:36:56 GMT
server: Akamai Resource Optimizer
date: Mon, 03 Aug 2020 16:43:56 GMT
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Tue, 03 Aug 2021 16:43:56 GMT

GET
H/1.1 200
OK load.js Show response
s.ntv.io/serve/ 327 KB
96 KB 124ms
59ms Script
application/x-javascript 23.210.250.13
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ntv.io/serve/load.js
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.250.13 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-13.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 64174c77b5a80870cf978e69f024e86c45f235a3f59c7041010074031b9fe2fb

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 03 Aug 2020 16:43:56 GMT
Content-Encoding: gzip
x-amz-request-id: B63996ABC76C38B7
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
x-amz-id-2: D2IDsa9Cf//vX76/gCPoLxMoj4dJ1NmIf+3PWeHf9g+le2Z0kukBig5TvWOooqBJEbfCWBazI4E=
Last-Modified: Thu, 30 Jul 2020 00:22:46 GMT
Server: AmazonS3
ETag: "089c54e1b3f2bf79c74b9194c7697ea2"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2 200 DF7LUBGFVANPTYKOOV6SRGBSCM.jpg
www.kiro7.com/resizer/NylGT7CnIOla-jl-r_LpdKgx2OI=/1200x675/cloudfront-us-east-1.images.arcpublishing.com/cmg/ 44 KB
44 KB 51ms
50ms Image
image/webp 2.16.187.51
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.kiro7.com/resizer/NylGT7CnIOla-jl-r_LpdKgx2OI=/1200x675/cloudfront-us-east-1.images.arcpublishing.com/cmg/DF7LUBGFVANPTYKOOV6SRGBSCM.jpg

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.187.51 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a2-16-187-51.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

a489da137c52471d00bcf24ce4d6ac81e6798419f0ac07f4828244498942f6cd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 16:43:56 GMT
last-modified: Thu, 30 Jul 2020 13:17:00 GMT
server: Akamai Image Manager
etag: "c13db246989ffae6ef261bf8f6001a7bcb14283f"
content-type: image/webp
status: 200
cache-control: private, no-transform, max-age=31178132
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 45156
expires: Fri, 30 Jul 2021 13:19:28 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 172 KB
50 KB 29ms
14ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WJW4B46

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

921dc7697fdde21fbeb8b1d305a491f670af0883df8d8fb10f76dd151f1e195a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 16:43:56 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50222
x-xss-protection: 0
last-modified: Mon, 03 Aug 2020 16:14:28 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 03 Aug 2020 16:43:56 GMT

GET
H2 200 NSOXY2MHWVBYJO3XKCR3WCEJWQ.jpg
www.kiro7.com/resizer/mbY1xNp4bXiwlA1GUrgbENIEomc=/0x10/cloudfront-us-east-1.images.arcpublishing.com/cmg/ 1 KB
2 KB 42ms
39ms Image
image/jpeg 2.16.187.51
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.kiro7.com/resizer/mbY1xNp4bXiwlA1GUrgbENIEomc=/0x10/cloudfront-us-east-1.images.arcpublishing.com/cmg/NSOXY2MHWVBYJO3XKCR3WCEJWQ.jpg

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.187.51 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a2-16-187-51.deploy.static.akamaitechnologies.com

Software

Akamai Image Server /

Resource Hash

7503420f025be01af76aa693b684595b1259f2551125f17259f16d3130fc268c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, upgrade-insecure-requests

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests, upgrade-insecure-requests
last-modified: Thu, 01 Jan 1970 00:00:01 GMT
server: Akamai Image Server
etag: "58aae92c0a5d70c80df1f567b1280088ba878a1e"
content-type: image/jpeg
status: 200
cache-control: private, max-age=549
date: Mon, 03 Aug 2020 16:43:57 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 1234
expires: Mon, 03 Aug 2020 16:53:06 GMT

GET
H2 200 UDF65SSESRBV3HUCAWXLMJWX6I.jpg
www.kiro7.com/resizer/w43oH7HJR6eye73W-Pb6asNYYTM=/0x10/cloudfront-us-east-1.images.arcpublishing.com/cmg/ 1 KB
1 KB 52ms
49ms Image
image/jpeg 2.16.187.51
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.kiro7.com/resizer/w43oH7HJR6eye73W-Pb6asNYYTM=/0x10/cloudfront-us-east-1.images.arcpublishing.com/cmg/UDF65SSESRBV3HUCAWXLMJWX6I.jpg

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.187.51 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a2-16-187-51.deploy.static.akamaitechnologies.com

Software

Akamai Image Server /

Resource Hash

2cd7ad5d864759e260673f64f07a2d8f5567a65c9fcd892708931f3fc86d2212

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, upgrade-insecure-requests

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests, upgrade-insecure-requests
last-modified: Thu, 01 Jan 1970 00:00:01 GMT
server: Akamai Image Server
etag: "0264519252c5ab35edad9d9794b8683523d22a11"
content-type: image/jpeg
status: 200
cache-control: private, max-age=781
date: Mon, 03 Aug 2020 16:43:57 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 1179
expires: Mon, 03 Aug 2020 16:56:58 GMT

GET
H2 200 4L7PX4MY2JCKHJLFLZWMSFKZPM.jpg
www.kiro7.com/resizer/LgcNO7ijrVaWiYZbKgb81UJYgfs=/0x10/cloudfront-us-east-1.images.arcpublishing.com/cmg/ 200 B
523 B 61ms
58ms Image
image/webp 2.16.187.51
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.kiro7.com/resizer/LgcNO7ijrVaWiYZbKgb81UJYgfs=/0x10/cloudfront-us-east-1.images.arcpublishing.com/cmg/4L7PX4MY2JCKHJLFLZWMSFKZPM.jpg

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.187.51 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a2-16-187-51.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

b8dd969db14964f46b631f0ba1459c57fc0f8422206a8a0c366950308b32dbcf

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 16:43:57 GMT
x-check-cacheable: YES
server: Akamai Image Manager
etag: "60544dcded9675cdea9e42d0b84631693f8d7df5"
x-serial: 1201
content-type: image/webp
status: 200
cache-control: private, no-transform, max-age=31533760
last-modified: Mon, 03 Aug 2020 16:06:24 GMT
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 200
expires: Tue, 03 Aug 2021 16:06:37 GMT

GET
H2 200 t_7f96ba098cb9400aa4e45dad0ee25471_name_7B417BD5094946898C502201ED61A079.jpg
www.kiro7.com/resizer/692LXtf4mgoNa-AFz1GGXAJljqU=/0x10/d1hfln2sfez66z.cloudfront.net/08-03-2020/ 695 B
1 KB 70ms
67ms Image
image/jpeg 2.16.187.51
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.kiro7.com/resizer/692LXtf4mgoNa-AFz1GGXAJljqU=/0x10/d1hfln2sfez66z.cloudfront.net/08-03-2020/t_7f96ba098cb9400aa4e45dad0ee25471_name_7B417BD5094946898C502201ED61A079.jpg

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.187.51 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a2-16-187-51.deploy.static.akamaitechnologies.com

Software

Akamai Image Server /

Resource Hash

0fa854ada74938dcb0997979bc25880d48219922ea67a0c27166ef8d21b31c62

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, upgrade-insecure-requests

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests, upgrade-insecure-requests
last-modified: Thu, 01 Jan 1970 00:00:01 GMT
server: Akamai Image Server
etag: "d5d0e90555e098e8e5bc06b5e9568f1953bfd756"
content-type: image/jpeg
status: 200
cache-control: private, max-age=296
date: Mon, 03 Aug 2020 16:43:57 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
x-akamai-note: original-image
content-length: 695
expires: Mon, 03 Aug 2020 16:48:53 GMT

GET
H2 200 6Y2EQN65YFFSHGDM5YEKHXVLZ4.jpg
www.kiro7.com/resizer/JSiWDL3vfgsjUgUBDVd8TvUORPk=/0x10/cloudfront-us-east-1.images.arcpublishing.com/cmg/ 790 B
1 KB 77ms
74ms Image
image/webp 2.16.187.51
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.kiro7.com/resizer/JSiWDL3vfgsjUgUBDVd8TvUORPk=/0x10/cloudfront-us-east-1.images.arcpublishing.com/cmg/6Y2EQN65YFFSHGDM5YEKHXVLZ4.jpg

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.187.51 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a2-16-187-51.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

34719aea4e443860422169ebf51a057ef51c19942ed3d5adb65154d3659200bd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 16:43:57 GMT
x-check-cacheable: YES
server: Akamai Image Manager
etag: "4930a272a1d14177ff9988328f17c7e92fc1ca0b"
x-serial: 1056
content-type: image/webp
status: 200
cache-control: private, no-transform, max-age=31529076
last-modified: Mon, 03 Aug 2020 14:48:01 GMT
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 790
expires: Tue, 03 Aug 2021 14:48:33 GMT

GET
H2 200 outbrain.js Show response
widgets.outbrain.com/ 140 KB
47 KB 97ms
33ms Script
application/x-javascript 23.210.250.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/outbrain.js
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.250.44 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-44.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: b7c75ced414597a228d7dcb267cc769ce75fed381b3b6eda6b6397eec4052f13

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 16:43:57 GMT
content-encoding: gzip
last-modified: Thu, 30 Jul 2020 11:49:39 GMT
status: 200
etag: W/"231e2-929MIpk5DXzowNgBR+1d0WJIa4c"
vary: Accept-Encoding
edge-cache-tag: widget-cheetah
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
timing-allow-origin: *
content-length: 47978
expires: Mon, 03 Aug 2020 20:43:57 GMT

GET
H2 200 wxwidget.loader.js Show response
widgets.media.weather.com/ 480 KB
115 KB 32ms
8ms Script
text/javascript 2a02:26f0:6c00:196::3282
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.weather.com/wxwidget.loader.js?cid=138459890

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

2a02:26f0:6c00:196::3282 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

nginx/1.16.1 / Express

Resource Hash

678411243c99862b378011c1c8ce74be91ccf15481b2eb8d7596d88a7439a67f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
etag: W/"781b9-UhHZMltauYQzxZEqvWoggWokm/c"
server: nginx/1.16.1
status: 200
x-powered-by: Express
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=45678
date: Mon, 03 Aug 2020 16:43:57 GMT
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 116774
expires: Tue, 04 Aug 2020 05:25:15 GMT

GET
H2 200 render.js Show response
www.kiro7.com/pb/gr/p/default/rF4EmW1Kh2SsUr/ 5 KB
1 KB 84ms
82ms Script
application/javascript 2.16.187.51
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kiro7.com/pb/gr/p/default/rF4EmW1Kh2SsUr/render.js?v=95

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.187.51 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a2-16-187-51.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

0e6dfa442177b789845d0ccd6d0ee0123d1cd971aec7da66f9ee0baef2bfd953

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, upgrade-insecure-requests

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests, upgrade-insecure-requests
content-encoding: br
etag: "3523a"
x-akamai-ro-tunnel-origin-edge-control: max-age=365d, downstream-ttl=365d
status: 200
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 1048
arc-version: 95
last-modified: Tue, 21 Jul 2020 20:25:17 GMT
server: Akamai Resource Optimizer
date: Mon, 03 Aug 2020 16:43:57 GMT
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Tue, 03 Aug 2021 16:43:57 GMT

GET
H2 200 cmg-index0b08a005255398cce0d2.js Show response
www.kiro7.com/pb/resources/dist/0b08a005255398cce0d2/cmg/ 379 KB
77 KB 91ms
89ms Script
application/javascript 2.16.187.51
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kiro7.com/pb/resources/dist/0b08a005255398cce0d2/cmg/cmg-index0b08a005255398cce0d2.js

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.187.51 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a2-16-187-51.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

36ad80a8bbf3902b110f7c30e7f1573bf449fb2cf7bbf9bbada7e6c93662a833

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, upgrade-insecure-requests

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests, upgrade-insecure-requests
content-encoding: br
etag: "26525"
x-akamai-ro-tunnel-origin-edge-control: max-age=365d, downstream-ttl=365d
status: 200
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 78502
arc-version: __default__
last-modified: Tue, 21 Jul 2020 20:23:44 GMT
server: Akamai Resource Optimizer
date: Mon, 03 Aug 2020 16:43:57 GMT
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Tue, 03 Aug 2021 16:43:57 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 84ms
29ms XHR
application/javascript 99.86.0.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.86.0.120 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-0-120.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 08:01:29 GMT
content-encoding: gzip
vary: Origin
age: 31348
x-cache: Hit from cloudfront
status: 200
access-control-allow-origin: *
last-modified: Tue, 23 Jun 2020 10:10:39 GMT
server: AmazonS3
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 3095e870e1a1a1b03178e40ab1872de5.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: EGBjjxV4QMwBuosjoRVr5RC3_vIkuMoU1-VBb2JV2_3zzmrApVe4sA==

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 48 KB
17 KB 61ms
39ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/pb/gr/c/default/rF4EmW1Kh2SsUr/arcAdsJS/84612eb819.js?v=95

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5bb3e58fd048eed36978e4549137819e9d959f9e98cf17db21f11ae63caa3704

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 16:43:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "590 / 374 of 1000 / last-modified: 1596471782"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 16581
x-xss-protection: 0
expires: Mon, 03 Aug 2020 16:43:57 GMT

GET
H2 200 t Show response
jadserve.postrelease.com/ 1 KB
1 KB 646ms
268ms Script
text/javascript 52.9.74.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fwww.kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F&ntv_mvi
Requested by: Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.9.74.36 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-9-74-36.us-west-1.compute.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: e184588224db3f76eff3655c775cede9016efddcf00551aa2834b5ef02f49eb5

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Aug 2020 16:43:57 GMT
content-encoding: gzip
server: nginx/1.12.1
status: 200
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: text/javascript;charset=UTF-8
content-length: 699
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/cox-network/ 500 KB
55 KB 83ms
30ms Script
application/javascript 151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/cox-network/loader.js
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: obaker.88.1.2-10.243 /
Resource Hash: d8e3bef1f24aaf618f20d0c3415c7a7432b51d8545e78c3df1260c1015e2661d

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: j7Rxc4o7gjgHoy6vw9GmLakYSUmT5fpj
content-encoding: gzip
etag: "e9f2810d074d9caf873894b75372cb4220da08a7"
age: 3660
x-cache: HIT
status: 200
content-length: 56218
x-amz-id-2: f9VRtlpPgtI3hdoXfzg+9T6lkqb9adETD8l/ynFcLChaXKTUPwd5lmd9VJmCqRDp3n1L6q96xT0=
x-served-by: cache-hhn4080-HHN
x-from-cache: 1
access-control-allow-origin: *
last-modified: Mon, 03 Aug 2020 13:40:07 UTC
server: obaker.88.1.2-10.243
x-timer: S1596473037.046928,VS0,VE1
date: Mon, 03 Aug 2020 16:43:57 GMT
vary: Accept-Encoding, Accept-Encoding
x-amz-request-id: 1CE69658DBE272C0
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 4
x-cache-hits: 1

GET
H2 200 2ARQK-4FEY5-2C44D-9TAQS-ZHZL7 Show response
s.go-mpulse.net/boomerang/ Frame E565 202 KB
51 KB 26ms
10ms Script
application/javascript 2a02:26f0:6c00:181::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.go-mpulse.net/boomerang/2ARQK-4FEY5-2C44D-9TAQS-ZHZL7
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:181::11a6 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: 95a439c4e11ace2484e8d42c30ff56cf7db5ea7c6463df9ce2fdafa7f6ccbf54

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 16:43:56 GMT
content-encoding: br
last-modified: Mon, 15 Jun 2020 22:23:49 GMT
x-n: S
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
status: 200
cache-control: max-age=604800
timing-allow-origin: *
content-length: 51580

GET
H2 200 kiro-logo.png
www.kiro7.com/pb/resources/images/cmg_icons/ 4 KB
4 KB 99ms
98ms Image
image/webp 2.16.187.51
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.kiro7.com/pb/resources/images/cmg_icons/kiro-logo.png?v=95

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.187.51 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a2-16-187-51.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

b67b0f1771650f302642d45e7f9aacc8f93ad163d316b43dd98721193102f300

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 16:43:57 GMT
last-modified: Tue, 21 Jul 2020 20:12:30 GMT
server: Akamai Image Manager
etag: "6dffb9465cdfff128f115becd11a3113"
status: 200
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=30425292
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 4100
expires: Wed, 21 Jul 2021 20:12:09 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 24ms
12ms Font
font/woff2 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:400,400i,500,500i,700,700i
Origin: https://www.kiro7.com

Response headers

date: Wed, 29 Jul 2020 23:10:45 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 408792
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Thu, 29 Jul 2021 23:10:45 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 18ms
6ms Font
font/woff2 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:400,400i,500,500i,700,700i
Origin: https://www.kiro7.com

Response headers

date: Wed, 29 Jul 2020 22:18:12 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 411945
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11020
x-xss-protection: 0
expires: Thu, 29 Jul 2021 22:18:12 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 19ms
8ms Font
font/woff2 2a00:1450:4001:818::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:400,400i,500,500i,700,700i
Origin: https://www.kiro7.com

Response headers

date: Thu, 09 Jul 2020 02:32:55 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:48 GMT
server: sffe
age: 2211062
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11056
x-xss-protection: 0
expires: Fri, 09 Jul 2021 02:32:55 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 25ms
13ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJW4B46

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 Jun 2020 23:38:14 GMT
server: Golfe2
age: 616
date: Mon, 03 Aug 2020 16:33:41 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18469
expires: Mon, 03 Aug 2020 18:33:41 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 134 KB
34 KB 29ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJW4B46

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f630c6ea4e44c35a93c0ee2950e68857311d9500d6025abe4a5db3ecaf270e3c

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 34220
x-xss-protection: 0
pragma: public
x-fb-debug: 0+fL4YZGvahujti/+vzvyPQYGl5N0LPCnFhcViC4XNEbWoP2leaavV9pddAcVBwrVm1Xh/VwXZzaeCMo/t2zEQ==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Mon, 03 Aug 2020 16:43:57 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 29 KB
12 KB 93ms
37ms Script
text/javascript 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJW4B46

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f2.1e100.net

Software

cafe /

Resource Hash

6718a07fa13fa05273a15a3442277d187b1b712d9eccef98fba120ef9442e975

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 16:43:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 11328
x-xss-protection: 0
server: cafe
etag: 4229961699705442162
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 03 Aug 2020 16:43:57 GMT

GET
H2 200 chartbeat_video.js Show response
static.chartbeat.com/js/ 69 KB
23 KB 36ms
6ms Script
application/x-javascript 2600:9000:2057:ac00:18:1fcd:34e:d2a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_video.js
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2057:ac00:18:1fcd:34e:d2a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: ba607af2c8d414ab6d4bac90c526d90a939cb0adf507b6ba063265347479159d

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 14:58:15 GMT
content-encoding: gzip
last-modified: Fri, 24 Apr 2020 00:58:19 GMT
server: nginx
age: 6342
etag: W/"5ea239ab-11347"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=7200
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: rDkqB97flGIC-W3LWXCvv38udNJeyf8GTbYTkQjzNx_rAKp45C6USQ==
via: 1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
expires: Mon, 03 Aug 2020 16:58:15 GMT

GET
H2 200 chartbeat_mab.js Show response
static.chartbeat.com/js/ 19 KB
8 KB 37ms
7ms Script
application/x-javascript 2600:9000:2057:ac00:18:1fcd:34e:d2a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_mab.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJW4B46
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2057:ac00:18:1fcd:34e:d2a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: c1acfa727754dab58bedc79995a642e235c6fde6449824c4fba4318fc060c91c

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 15:01:57 GMT
content-encoding: gzip
last-modified: Wed, 14 Aug 2019 01:44:12 GMT
server: nginx
age: 6120
etag: W/"5d53676c-4a99"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=7200
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: azogI-FRaX5fiqgYBoDNVR6sE3lxDG3LT3qud74y9AhKY8M7jIH6fA==
via: 1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
expires: Mon, 03 Aug 2020 17:01:57 GMT

GET
H2 200 lightbox_cox.js Show response
www.lightboxcdn.com/static/ 1 KB
1 KB 46ms
15ms Script
text/javascript 2606:4700::6810:4ea5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/static/lightbox_cox.js
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:4ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e56ce6a9217ef5d350cbff4f936b54330265c12481627a604b20567e5fc7ca2e

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 03 Aug 2020 16:43:57 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: Aps0dZUf+zH8VCPP3Ccpcg==
age: 240508
cf-polished: origSize=1761
status: 200
last-modified: Fri, 08 May 2020 21:48:15 GMT
cf-request-id: 0456ce69780000073ea7169200000001
x-ms-lease-status: unlocked
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
x-ms-request-id: 3a96601f-c01e-0012-0482-2561dd000000
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
cf-ray: 5bd180225ca5073e-FRA
expires: Tue, 03 Aug 2021 16:43:57 GMT

GET
H/1.1 200
OK c=E5NS_f=site_si=1407 Show response
pr.realvu.net/flip/2/ 24 KB
10 KB 430ms
129ms Script
application/javascript 52.45.140.238
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pr.realvu.net/flip/2/c=E5NS_f=site_si=1407
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJW4B46
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.140.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-140-238.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b8bd830f3757aa64431697b39faa92cda6bfb040be54c4337356f1eb179ab814

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 03 Aug 2020 16:43:57 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=21600
Connection: keep-alive
Content-Length: 9960
X-Proxy-Cache: BYPASS

GET
H/1.1

204
No Content

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=32816940&ns__t=1596473037142&ns_c=UTF-8&c8=How%20hackers%20are%20stealing%20hundreds%20of%20millions%20of%20dollars%20from%20Washington%E2%80%99s%20unempl...
https://sb.scorecardresearch.com/b2?c1=2&c2=32816940&ns__t=1596473037142&ns_c=UTF-8&c8=How%20hackers%20are%20stealing%20hundreds%20of%20millions%20of%20dollars%20from%20Washington%E2%80%99s%20unemp...

0
528 B

36ms
32ms

Image
text/plain

104.108.64.33
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=32816940&ns__t=1596473037142&ns_c=UTF-8&c8=How%20hackers%20are%20stealing%20hundreds%20of%20millions%20of%20dollars%20from%20Washington%E2%80%99s%20unemployment%20system&c7=https%3A%2F%2Fwww.kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F&c9=&cs_ak_ss=1
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.64.33 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-64-33.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 03 Aug 2020 16:43:57 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/b2?c1=2&c2=32816940&ns__t=1596473037142&ns_c=UTF-8&c8=How%20hackers%20are%20stealing%20hundreds%20of%20millions%20of%20dollars%20from%20Washington%E2%80%99s%20unemployment%20system&c7=https%3A%2F%2Fwww.kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F&c9=&cs_ak_ss=1
Pragma: no-cache
Date: Mon, 03 Aug 2020 16:43:57 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
829 B 29ms
15ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.kiro7.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 03 Aug 2020 16:43:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
829 B 31ms
17ms Script
application/javascript 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.kiro7.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 03 Aug 2020 16:43:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2020073001.js Show response
securepubads.g.doubleclick.net/gpt/ 257 KB
91 KB 117ms
62ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020073001.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

sffe /

Resource Hash

1a1d846a5bf4af0e523bf1fc12389d7c73c2ff454e632372af5570afc5eb06cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 16:43:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Jul 2020 13:10:45 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 92315
x-xss-protection: 0
expires: Mon, 03 Aug 2020 16:43:57 GMT

GET
H2 200 / Show response
member-center-api.cmg.com/api/v1/configs/ 71 KB
11 KB 583ms
582ms Fetch
application/json 2600:9000:214f:1e00:16:b34:fdc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://member-center-api.cmg.com/api/v1/configs/?station=kiro-tv
Requested by: Host: membercenter-sdk.cmg.com
URL: https://membercenter-sdk.cmg.com/sdk/main.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:1e00:16:b34:fdc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 558927ad5d1d06e0802f36ca4ab513a74d6cc3cf03187dc6ec163327f21c6919

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
x-api-key: Ac36ZEKNDB4pjb2SXGbsI8X2LuWyyJz347mAWfJk

Response headers

date: Mon, 03 Aug 2020 16:43:57 GMT
via: 1.1 57d93b321db68494cc6755a0d3fb29cd.cloudfront.net (CloudFront), 1.1 e0064d0a2437e206ed082e1fa1cdae61.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2, FRA53-C1
status: 200
x-amzn-requestid: c638554e-98a9-4be7-9b40-ed86e620dbb5
vary: Accept-Encoding
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: *
cache-control: no-store
x-amzn-trace-id: Root=1-5f283ecd-5aa12d51c783bbea7285f90d;Sampled=0
x-cache: Miss from cloudfront
content-encoding: gzip
x-amz-apigw-id: Qs7ALHbnoAMFkbA=
x-amz-cf-id: X2gTAlILGmtptzKrkAOtPlVDAefG79OXykIx7IyTGX7Met94bI_LTQ==

GET
H2 200 load.js Show response
widget.perfectmarket.com/cox-network/ 4 KB
2 KB 233ms
182ms Script
application/javascript 151.101.13.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.perfectmarket.com/cox-network/load.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/cox-network/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.181 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fbb0e86ccce48b6e3624ebec3313ede4b3a5fce48047f324267f65110b40acad

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: IZ8OTIoenzcg.cleqFwBPbWlbDW1hgyb
content-encoding: gzip
etag: "8e2dc1f5b2d46f4b95f576b6989d0a3a"
age: 161
x-cache: HIT, MISS
status: 200
content-length: 1384
x-amz-id-2: mGFEmEkf4Z2NlYAKtx1qtrkW6YqxSTIozF1FlaCVz0NBthY8GAusgACb8h8GC8bSv1wpaMIBYyY=
x-served-by: cache-lax8641-LAX, cache-fra19139-FRA
last-modified: Wed, 18 Mar 2020 08:48:23 GMT
server: AmazonS3
x-timer: S1596473037.322669,VS0,VE152
date: Mon, 03 Aug 2020 16:43:57 GMT
vary: Accept-Encoding,,
x-amz-request-id: 34C7F03FFD16BC00
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=300
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 1, 0

GET
H2 200 impl.20200530-2-RELEASE.js Show response
cdn.taboola.com/libtrc/ 446 KB
126 KB 27ms
26ms Script
application/javascript 151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20200530-2-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/cox-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 90b4e75447421dd257aa7717c257c6ad2ebaf1344b126daba025464f37eb5587

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: qxE2o7j8pllWXJVkb4BVAOAvDbxQBnMa
content-encoding: gzip
etag: "e056c7bc9ee1c3aa0360ff6568409237"
age: 21
x-cache: HIT
status: 200
x-amz-replication-status: COMPLETED
content-length: 128888
x-amz-id-2: 44c30C84fodawNi1D+wLEhnpMABCVy2R7jtO7B4oQ6HfYdXb+I2L3KGuRWp4rSP5MnJCb8eORTo=
x-served-by: cache-hhn4080-HHN
last-modified: Sun, 31 May 2020 08:40:22 GMT
server: AmazonS3
x-timer: S1596473037.270557,VS0,VE0
date: Mon, 03 Aug 2020 16:43:57 GMT
vary: Accept-Encoding
x-amz-request-id: BA454FEE93506CFB
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 18
x-cache-hits: 6

GET
H/1.1 200
OK beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 91ms
32ms Script
application/x-javascript 104.108.64.33
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/cox-network/loader.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.64.33 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-64-33.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 03 Aug 2020 16:43:57 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 884
Expires: Tue, 04 Aug 2020 16:43:57 GMT

GET
H2 200 tr5
cdn.taboola.com/libtrc/ 3 B
78 B 47ms
46ms Image
text/html 151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/tr5?abgroup=dsbl-ccpa-2_ctrl
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 16:43:57 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1596473037.270676,VS0,VE0
x-served-by: cache-hhn4080-HHN
x-cache: HIT
content-type: text/html
status: 200
cache-control: private,max-age=14400
accept-ranges: bytes
content-length: 3
retry-after: 0
x-cache-hits: 0

GET
H/1.1 200
OK d3d3Lmtpcm83LmNvbQ== Show response
tcheck.outbrainimg.com/tcheck/check/ 16 B
419 B 99ms
32ms XHR
application/json 23.210.248.65
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tcheck.outbrainimg.com/tcheck/check/d3d3Lmtpcm83LmNvbQ==
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.248.65 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-248-65.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 03 Aug 2020 16:43:57 GMT
ETag: W/"10-us8lSJutAxKqLzf8c1+n5XstcwY"
Access-Control-Max-Age: 43200
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=39511
Access-Control-Allow-Credentials: false
Connection: keep-alive
Content-Length: 16
Expires: Tue, 04 Aug 2020 03:42:28 GMT

GET
H2 200 / Show response
www.kiro7.com/api/classic-collection/4WSAXOA2OFHE3LLQRTO3VKK7MQ/ 411 B
536 B 42ms
39ms XHR
application/json 2.16.187.51
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kiro7.com/api/classic-collection/4WSAXOA2OFHE3LLQRTO3VKK7MQ/?outputType=json&query=9&filter=0&source=%257B%2522schema%2522%253A%2522ans%2522%257D

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/pb/resources/dist/0b08a005255398cce0d2/cmg/cmg-index0b08a005255398cce0d2.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.187.51 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a2-16-187-51.deploy.static.akamaitechnologies.com

Software

openresty /

Resource Hash

37c950ed2fef062f761b7b2e4c8d4f230718b3824fe8b2be6cc714b83b55b01b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 16:43:57 GMT
content-encoding: gzip
server: openresty
etag: W/"19b-cRxGH0MseZt+l9qDzyd7Ibz/X4c"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
status: 200
cache-control: max-age=60
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 265
expires: Mon, 03 Aug 2020 16:44:57 GMT

GET
H2 404 / Show response
www.kiro7.com/api/classic-collection/5KTBI4FNIZAZNAIF3DGUFOPYUI/ 9 B
253 B 48ms
46ms XHR
text/plain 2.16.187.51
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kiro7.com/api/classic-collection/5KTBI4FNIZAZNAIF3DGUFOPYUI/?outputType=json&query=9&filter=0&source=%257B%2522schema%2522%253A%2522ans%2522%257D

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/pb/resources/dist/0b08a005255398cce0d2/cmg/cmg-index0b08a005255398cce0d2.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.187.51 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a2-16-187-51.deploy.static.akamaitechnologies.com

Software

openresty /

Resource Hash

0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 16:43:57 GMT
server: openresty
etag: W/"9-0gXL1ngzMqISxa6S1zx3F4wtLyg"
content-type: text/plain; charset=utf-8
status: 404
cache-control: max-age=1
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 9
expires: Mon, 03 Aug 2020 16:43:58 GMT

GET
H2 404 feature Show response
www.kiro7.com/pb/api/v2/render/ 71 B
313 B 54ms
53ms XHR
application/json 2.16.187.51
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kiro7.com/pb/api/v2/render/feature?name=weather-alerts-bar&uri=%2Fkiro-weather-alerts%2F&_website=kiro&contentConfig=%7B%7D&customFields=%7B%7D&wrapper=true

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/pb/resources/dist/0b08a005255398cce0d2/cmg/cmg-index0b08a005255398cce0d2.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.187.51 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a2-16-187-51.deploy.static.akamaitechnologies.com

Software

openresty /

Resource Hash

d701f1aeeca64b8b1deacc747a73af64c787d04fc83403663461e9c8cd045884

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 16:43:57 GMT
arc-version: __default__
server: openresty
status: 404
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=120
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 71
expires: Mon, 03 Aug 2020 16:45:57 GMT

GET
H2 200 NSOXY2MHWVBYJO3XKCR3WCEJWQ.jpg
www.kiro7.com/resizer/LnXoiFMctv0jr0ALMZAyN1hwT8M=/1200x675/cloudfront-us-east-1.images.arcpublishing.com/cmg/ 106 KB
107 KB 63ms
61ms Image
image/jpeg 2.16.187.51
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.kiro7.com/resizer/LnXoiFMctv0jr0ALMZAyN1hwT8M=/1200x675/cloudfront-us-east-1.images.arcpublishing.com/cmg/NSOXY2MHWVBYJO3XKCR3WCEJWQ.jpg

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.187.51 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a2-16-187-51.deploy.static.akamaitechnologies.com

Software

Akamai Image Server /

Resource Hash

29c91e831894114cbf1267410830f80eb32e92ba01eaa0480414b94a04eb534f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, upgrade-insecure-requests

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests, upgrade-insecure-requests
last-modified: Thu, 01 Jan 1970 00:00:01 GMT
server: Akamai Image Server
etag: "7c0fe06a8807f9aa5a7984cbdfb775fdb1ab883f"
content-type: image/jpeg
status: 200
cache-control: private, max-age=593
date: Mon, 03 Aug 2020 16:43:57 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
x-akamai-note: original-image
content-length: 108564
expires: Mon, 03 Aug 2020 16:53:50 GMT

GET
H2 200 UDF65SSESRBV3HUCAWXLMJWX6I.jpg
www.kiro7.com/resizer/SOQ8RFzIeKqAspHpekj8EelUHvY=/1200x675/cloudfront-us-east-1.images.arcpublishing.com/cmg/ 63 KB
63 KB 74ms
72ms Image
image/webp 2.16.187.51
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.kiro7.com/resizer/SOQ8RFzIeKqAspHpekj8EelUHvY=/1200x675/cloudfront-us-east-1.images.arcpublishing.com/cmg/UDF65SSESRBV3HUCAWXLMJWX6I.jpg

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.187.51 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a2-16-187-51.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

8984b550e516ee14f476d8c0e82d2f4f65d4fff8acf5df581f2a57017685ed1e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 16:43:57 GMT
last-modified: Mon, 03 Aug 2020 16:25:26 GMT
server: Akamai Image Manager
etag: "030ccb5699533f8116d5414bfd907b4ee197dc4a"
content-type: image/webp
status: 200
cache-control: private, no-transform, max-age=31535035
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 64156
expires: Tue, 03 Aug 2021 16:27:52 GMT

GET
H2 200 4L7PX4MY2JCKHJLFLZWMSFKZPM.jpg
www.kiro7.com/resizer/M_ohn4wWevgVYe5U8I7HC0MWsj8=/1200x675/cloudfront-us-east-1.images.arcpublishing.com/cmg/ 108 KB
109 KB 87ms
85ms Image
image/jpeg 2.16.187.51
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.kiro7.com/resizer/M_ohn4wWevgVYe5U8I7HC0MWsj8=/1200x675/cloudfront-us-east-1.images.arcpublishing.com/cmg/4L7PX4MY2JCKHJLFLZWMSFKZPM.jpg

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.187.51 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a2-16-187-51.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

0a3f7c98e6aec5059a8ddb49b53cbf700036153e34d646aebcee714eaae3e6d0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 16:43:57 GMT
x-check-cacheable: YES
server: Akamai Image Manager
etag: "2a6a387753e4f1dba741d8494c4b586750c4b453"
x-serial: 738
content-type: image/jpeg
status: 200
cache-control: private, no-transform, max-age=31533659
last-modified: Mon, 03 Aug 2020 16:06:18 GMT
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 110894
expires: Tue, 03 Aug 2021 16:04:56 GMT

GET
H2 200 t_7f96ba098cb9400aa4e45dad0ee25471_name_7B417BD5094946898C502201ED61A079.jpg
www.kiro7.com/resizer/Vlz1xNU-4cYYEvcHG8xJPgg5rac=/1200x675/d1hfln2sfez66z.cloudfront.net/08-03-2020/ 55 KB
56 KB 95ms
94ms Image
image/webp 2.16.187.51
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.kiro7.com/resizer/Vlz1xNU-4cYYEvcHG8xJPgg5rac=/1200x675/d1hfln2sfez66z.cloudfront.net/08-03-2020/t_7f96ba098cb9400aa4e45dad0ee25471_name_7B417BD5094946898C502201ED61A079.jpg

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.187.51 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a2-16-187-51.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

3f97abe7bd4941d63d3773754603e83c3988c9d89d333cd3742bfa9ba63de133

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 16:43:57 GMT
last-modified: Mon, 03 Aug 2020 16:11:14 GMT
server: Akamai Image Manager
etag: "b5a709888141464d4a962fa7966c52e7ca909985"
content-type: image/webp
status: 200
cache-control: private, no-transform, max-age=31534034
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 56452
expires: Tue, 03 Aug 2021 16:11:11 GMT

GET
H2 200 6Y2EQN65YFFSHGDM5YEKHXVLZ4.jpg
www.kiro7.com/resizer/Km3gDt4lRGF8Iks6qkAZb5O_R8Y=/1200x675/cloudfront-us-east-1.images.arcpublishing.com/cmg/ 42 KB
42 KB 106ms
105ms Image
image/webp 2.16.187.51
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.kiro7.com/resizer/Km3gDt4lRGF8Iks6qkAZb5O_R8Y=/1200x675/cloudfront-us-east-1.images.arcpublishing.com/cmg/6Y2EQN65YFFSHGDM5YEKHXVLZ4.jpg

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.187.51 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a2-16-187-51.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

ea5b566c75154c9714bf3ee063881cf5e74b40daea30152eda0c9ac2df341e16

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 16:43:57 GMT
last-modified: Mon, 03 Aug 2020 15:15:27 GMT
server: Akamai Image Manager
etag: "4a97e00e3c6317f53f4dfca2f83d7b6b65cec1f3"
content-type: image/webp
status: 200
cache-control: private, no-transform, max-age=31530734
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 42524
expires: Tue, 03 Aug 2021 15:16:11 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j83&a=494244444&t=pageview&_s=1&dl=https%3A%2F%2Fwww.kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washin...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-69447481-1&cid=105589155.1596473037&jid=1150563544&_gid=892080592.1596473037&gjid=1595793165&_v=j83&z=100947741
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-69447481-1&cid=105589155.1596473037&jid=1150563544&_v=j83&z=100947741
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-69447481-1&cid=105589155.1596473037&jid=1150563544&_v=j83&z=100947741&slf_rd=1&random=3459656024

42 B
106 B

40ms
37ms

Image
image/gif

2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-69447481-1&cid=105589155.1596473037&jid=1150563544&_v=j83&z=100947741&slf_rd=1&random=3459656024

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Aug 2020 16:43:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 03 Aug 2020 16:43:57 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-69447481-1&cid=105589155.1596473037&jid=1150563544&_v=j83&z=100947741&slf_rd=1&random=3459656024
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 identity.js Show response
connect.facebook.net/signals/plugins/ 43 KB
11 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.22

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b72031ab9ee0b637634d8b4c5ea7d5c9c1286acaa1a5f3f8c43d3a8f5fa82664

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 10760
x-xss-protection: 0
pragma: public
x-fb-debug: m5TIg32HTwFnl+VOvZB3EPc3d/0fCko6/Bl/4LkdGnindul1r+/yZjtDs22zalT0yrFS9s14zFBs1nTlimgXzg==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Mon, 03 Aug 2020 16:43:57 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 281660582191764 Show response
connect.facebook.net/signals/config/ 523 KB
132 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/281660582191764?v=2.9.22&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3f764ec8a7f6f38ab5fe952f51ed580321c0af7c46edf61562b6616b0df79b4b

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 134940
x-xss-protection: 0
pragma: public
x-fb-debug: chGbhU6nX4YHhfcdTw2j2Jv7Q0i4nLZbxwS3JBjcrWhjooneVhTZKIUZlUyhuF2DmZP/R78mcBCVHNcg1851fA==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Mon, 03 Aug 2020 16:43:57 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 lightbox.js Show response
www.lightboxcdn.com/vendor/458eb58b-8ae1-48ae-b99e-cfbb948d1b54/ 326 B
322 B 28ms
27ms Script
application/javascript 2606:4700::6810:4ea5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/vendor/458eb58b-8ae1-48ae-b99e-cfbb948d1b54/lightbox.js?cb=1596473037335
Requested by: Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/static/lightbox_cox.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:4ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: d20beb8bd7c6778095f019514f2008592a9c74a5204bb4b5993bcd10ee38ba4d

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 16:43:57 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
server: cloudflare
age: 263454
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cf-ray: 5bd180235f91073e-FRA
cf-request-id: 0456ce6a190000073ea716e200000001

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/767680447/ 2 KB
1 KB 37ms
35ms Script
text/javascript 172.217.21.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/767680447/?random=1596473037341&cv=9&fst=1596473037341&num=1&value=0&label=c_PNCPmS2poBEL-_h-4C&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7m1&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F&tiba=How%20hackers%20are%20stealing%20hundreds%20of%20millions%20of%20dollars%20from%20Washington%E2%80%99s%20unemployment%20system&hn=www.googleadservices.com&bttype=purchase&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f2.1e100.net

Software

cafe /

Resource Hash

e07293cc219bd9c25192a1f4a8010774d5408927cea0e7bbc6e945b75b503f01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Aug 2020 16:43:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1266
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/767680447/ 2 KB
2 KB 36ms
16ms Script
text/javascript 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/767680447/?random=1596473037344&cv=9&fst=1596473037344&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7m1&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F&tiba=How%20hackers%20are%20stealing%20hundreds%20of%20millions%20of%20dollars%20from%20Washington%E2%80%99s%20unemployment%20system&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f1672ee2cb2be33db34383566920c4f2ceb6a1daed75a5d955e47136cecc6f9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Aug 2020 16:43:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1107
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ping
ping.chartbeat.net/ 43 B
168 B 372ms
123ms Image
image/gif 54.85.197.32
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=kiro7.com&p=%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F&u=fnPRKDfxTuFCN5M98&d=kiro7.com&g=31585&g0=news&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=3842&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=1118&t=CdWE7-CFCGYGCq8BGsCCLEQ7CWr3ld&V=120&i=how%20hackers%20are%20stealing%20hundreds%20of%20millions%20of%20dollars%20from%20washington%E2%80%99s%20unemployment%20system&tz=-120&sn=1&sv=DRSkozDRcPkyfUYQXBOg2xhDzLbA1&sd=3&im=067b2ffa&_
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.85.197.32 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-85-197-32.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
pragma: no-cache
date: Mon, 03 Aug 2020 16:43:57 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

GET
H2 200 json Show response
trc.taboola.com/cox-kiro-tv/trc/3/ 29 KB
10 KB 511ms
510ms Script
application/javascript 151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/cox-kiro-tv/trc/3/json?tim=18%3A43%3A57.459&lti=dsbl-ccpa-2_ctrl&data=%7B%22id%22%3A146%2C%22ii%22%3A%22%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%22%2C%22it%22%3A%22text%22%2C%22sd%22%3A%22v2_0e9d52859eb21f3c0b84f79a2d427e86_65fc5e01-2434-4519-8bab-b84f7c618bac-tuct621c3d6_1596472918_1596472957_CNawjgYQ4ZA-GLe10Km7LiACKAEwKziy0A1AuogQSPDb2QNQ____________AVgAYABo4qaqkbKtl-Jw%22%2C%22ui%22%3A%2265fc5e01-2434-4519-8bab-b84f7c618bac-tuct621c3d6%22%2C%22uifp%22%3Anull%2C%22vi%22%3A1596473037449%2C%22cv%22%3A%2220200530-2-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fkiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22pev%22%3A3017%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A3842%2C%22nsid%22%3A%22cox-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A8%2C%22uim%22%3A%22alternating-thumbnails-e%3Apub%3Dcox-network%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%20-March%202017%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%20-March%202017%22%2C%22cd%22%3A3431.515625%2C%22mw%22%3A1280%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22dsbl-ccpa-2_ctrl%22%7D
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20200530-2-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 06c9511509b3989aae791a0938c44c411473725e2c014870dd68ce58d40d1631

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 484
date: Mon, 03 Aug 2020 16:43:57 GMT
content-encoding: gzip
access-control-allow-origin: *
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
x-served-by: cache-hhn4080-HHN
server: nginx
x-timer: S1596473037.478857,VS0,VE484
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H/1.1 200
OK dwce_cheq_events Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 436ms
109ms XHR
application/json 64.202.112.191
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1596473037478&sessionId=b2dced67-8647-0d68-e796-e679d7841b03&url=www.kiro7.com&cheqSource=1&cheqEvent=0&exitReason=2
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.191 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 03 Aug 2020 16:43:57 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 314b299686a6c6f7f8c2115fbaba05c2
Content-Length: 4
Expires: 0

GET
H2 200 / Show response
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 256 B
513 B 27ms
7ms XHR
application/json 2a04:4e42:1b::714
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=kiro7.com&domain=kiro7.com&path=%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F
Requested by: Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::714 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 930a3fd7f254f3bb339528ae7f05669aa8faa93ef0fe2eaaae7af7cc66b6a5ac

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 16:43:57 GMT
content-encoding: gzip
age: 198
x-cache: HIT
status: 200
x-cache-hits: 1
content-length: 192
x-served-by: cache-hhn4080-HHN
access-control-allow-origin: *
x-timer: S1596473038.507250,VS0,VE1
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: application/json
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
cache-control: no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges: bytes
expires: Sat, 01 Aug 2020 16:40:39 GMT

GET
H/1.1 200
OK cygnus Show response
as-sec.casalemedia.com/ 24 B
986 B 160ms
96ms XHR
application/json 23.210.249.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/cygnus?s=220808&v=7.2&r=%7B%22id%22%3A%2210cdca272b1e3e%22%2C%22imp%22%3A%5B%7B%22id%22%3A%222ae51055574355%22%2C%22ext%22%3A%7B%22siteID%22%3A%22220808%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%7D&ac=j&sd=1&
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/pb/resources/scripts/prebid2.41.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.164 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-164.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 74c7c5d32d77cec7aaa1501ce9e6506dc481c06b6f8ccc68e632a2f947b8527a

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Aug 2020 16:43:57 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin: https://www.kiro7.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 44
Expires: Mon, 03 Aug 2020 16:43:57 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 53 B
746 B 155ms
70ms XHR
application/json 185.33.220.242
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/pb/resources/scripts/prebid2.41.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.242 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Aug 2020 16:43:57 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 724.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.60:80
AN-X-Request-Uuid: c7ec9fce-555c-4999-a9be-e5a99e4e4129
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.kiro7.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 53
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 260 B
2 KB 462ms
299ms XHR
application/json 213.19.162.21
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21718&site_id=297328&zone_id=1501256&size_id=2&alt_size_ids=55&rf=https%3A%2F%2Fwww.kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F&tk_flint=pbjs_lite_v2.41.0&x_source.tid=371c1179-cf58-494c-b3db-f2def909861e&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.6855822315191828
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/pb/resources/scripts/prebid2.41.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 213.19.162.21 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: b86eb14fc7751d06dbaba2ef8e02b288f95e4f9d5f73ba3df7697c1af7d6f839

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Aug 2020 16:43:57 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.kiro7.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 260
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 arj Show response
coxmediagroup-d.openx.net/w/1.0/ 173 B
360 B 153ms
111ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://coxmediagroup-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.0&dddid=371c1179-cf58-494c-b3db-f2def909861e&nocache=1596473037507&aus=970x90%2C728x90%2C728x90%2C320x50&divIds=ad846&auid=539739792&
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/pb/resources/scripts/prebid2.41.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.190.0 /
Resource Hash: 67db1e3e59c2d37ec6ddfd23403e6aedb4c02e864c371db85a4127f679ae1d67

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 03 Aug 2020 16:43:57 GMT
content-encoding: gzip
server: OXGW/16.190.0
status: 200
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.kiro7.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 164
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 119 B
502 B 153ms
152ms XHR
text/javascript 99.86.0.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=3185&u=https%3A%2F%2Fwww.kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F&pid=iXjs28ce4VHUq&cb=0&ws=1600x1200&v=7.52.00&t=2000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F12523293%2FSeattle_TV%2Fkiro_web_default%2Fnews%2Fjesse_jones%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.86.0.120 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-0-120.fra6.r.cloudfront.net
Software: Server /
Resource Hash: 3cd39cb32bd2edb00a2f3b7d724fd4c7d7f09f4b2e5885bbc86b9b37fb1d96a7

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 16:43:57 GMT
content-encoding: gzip
server: Server
x-amz-cf-pop: FRA6-C1
status: 200
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.kiro7.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 127
via: 1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
x-amz-cf-id: DTxpuZ0IhiSKLxlqdEjbITaJ4d9A60caBBrtpyK5mHM5DgQEHw4Gog==

GET
H2 200 arj Show response
coxmediagroup-d.openx.net/w/1.0/ 173 B
356 B 144ms
111ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://coxmediagroup-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.0&dddid=6a136cfd-551f-4379-9a40-6a24ebf347b8&nocache=1596473037516&aus=300x250%2C300x250%2C300x250&divIds=ad1435&auid=539872219&
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/pb/resources/scripts/prebid2.41.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.190.0 /
Resource Hash: 028827b1c4e320391b5b24f3111fb3305284d93a158056e658133f4753721549

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 03 Aug 2020 16:43:57 GMT
content-encoding: gzip
server: OXGW/16.190.0
status: 200
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.kiro7.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 164
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 241 B
2 KB 291ms
128ms XHR
application/json 213.19.162.21
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21718&site_id=297328&zone_id=1501270&size_id=15&rf=https%3A%2F%2Fwww.kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F&tk_flint=pbjs_lite_v2.41.0&x_source.tid=6a136cfd-551f-4379-9a40-6a24ebf347b8&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.8560906601214586
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/pb/resources/scripts/prebid2.41.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 213.19.162.21 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 06cbc115d73b1db210dad2f2e343ca9b5a2017b1a9d042e100f9697c322dce34

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Aug 2020 16:43:57 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.kiro7.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 241
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 53 B
747 B 144ms
68ms XHR
application/json 185.33.220.242
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/pb/resources/scripts/prebid2.41.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.242 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Aug 2020 16:43:57 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 724.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.244:80
AN-X-Request-Uuid: 306c2625-a068-4aca-a7c5-45b79bb80b3c
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.kiro7.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 53
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK cygnus Show response
as-sec.casalemedia.com/ 25 B
987 B 148ms
81ms XHR
application/json 23.210.249.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/cygnus?s=260241&v=7.2&r=%7B%22id%22%3A%22157e01c21151a58%22%2C%22imp%22%3A%5B%7B%22id%22%3A%221650f9e84ababfc%22%2C%22ext%22%3A%7B%22siteID%22%3A%22260241%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%7D&ac=j&sd=1&
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/pb/resources/scripts/prebid2.41.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.164 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-164.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: d9ca68102c5106e95f3e94dd8dd9ed7d06eb0f8c20909447b2d612d53e7a4284

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Aug 2020 16:43:57 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin: https://www.kiro7.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 45
Expires: Mon, 03 Aug 2020 16:43:57 GMT

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 119 B
501 B 183ms
183ms XHR
text/javascript 99.86.0.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=3185&u=https%3A%2F%2Fwww.kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F&pid=iXjs28ce4VHUq&cb=1&ws=1600x1200&v=7.52.00&t=2000&slots=%5B%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F12523293%2FSeattle_TV%2Fkiro_web_default%2Fnews%2Fjesse_jones%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.86.0.120 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-0-120.fra6.r.cloudfront.net
Software: Server /
Resource Hash: 6c8a38e7a5cf21c2e725e23283a36abf4de52b1e994d37d5a5fbace8d212364e

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 16:43:57 GMT
content-encoding: gzip
server: Server
x-amz-cf-pop: FRA6-C1
status: 200
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.kiro7.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 127
via: 1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
x-amz-cf-id: w6QnpTbnG5luctuN6b7P4xs7AbSZJi5c7_86sVMlII1YfHSdXBrPaQ==

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 53 B
747 B 140ms
57ms XHR
application/json 185.33.220.242
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/pb/resources/scripts/prebid2.41.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.242 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Aug 2020 16:43:57 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 724.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.235:80
AN-X-Request-Uuid: 1fe8a8b1-001a-4b65-bbe0-0f8595c7dde5
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.kiro7.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 53
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 arj Show response
coxmediagroup-d.openx.net/w/1.0/ 173 B
560 B 101ms
75ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://coxmediagroup-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.0&dddid=396aed3f-b53f-4da2-9f2f-0e9982be8a8f&nocache=1596473037523&aus=300x250%2C300x250%2C300x250&divIds=ad187&auid=539739793&
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/pb/resources/scripts/prebid2.41.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.190.0 /
Resource Hash: f1f4b59fd2e055cdd63da086456203a17d5ee02e195147f439cba69f7a83d4bd

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 03 Aug 2020 16:43:57 GMT
content-encoding: gzip
server: OXGW/16.190.0
status: 200
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.kiro7.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 165
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK cygnus Show response
as-sec.casalemedia.com/ 25 B
987 B 142ms
79ms XHR
application/json 23.210.249.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/cygnus?s=220809&v=7.2&r=%7B%22id%22%3A%222125483c45a6071%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2222080bef975a811%22%2C%22ext%22%3A%7B%22siteID%22%3A%22220809%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%7D&ac=j&sd=1&
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/pb/resources/scripts/prebid2.41.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.164 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-164.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 5c825d3b5e126104be23ef131bc5eb639bbf1a4b14e596e294cae82781366890

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Aug 2020 16:43:57 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin: https://www.kiro7.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 45
Expires: Mon, 03 Aug 2020 16:43:57 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 241 B
2 KB 342ms
139ms XHR
application/json 213.19.162.21
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21718&site_id=297328&zone_id=1501260&size_id=15&rf=https%3A%2F%2Fwww.kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F&tk_flint=pbjs_lite_v2.41.0&x_source.tid=396aed3f-b53f-4da2-9f2f-0e9982be8a8f&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.814527875505423
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/pb/resources/scripts/prebid2.41.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 213.19.162.21 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: e25daba47cce6c049e00e6a356e3973cdc9b4b0e3090c6c797b8e05074f3285a

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Aug 2020 16:43:57 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.kiro7.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 241
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 119 B
502 B 272ms
272ms XHR
text/javascript 99.86.0.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=3185&u=https%3A%2F%2Fwww.kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F&pid=iXjs28ce4VHUq&cb=2&ws=1600x1200&v=7.52.00&t=2000&slots=%5B%7B%22sd%22%3A%222%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F12523293%2FSeattle_TV%2Fkiro_web_default%2Fnews%2Fjesse_jones%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.86.0.120 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-0-120.fra6.r.cloudfront.net
Software: Server /
Resource Hash: 1ada6cba8fa53b338e731e5e8813a53ed00637c9b6a44ce728e34c46959120b1

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 16:43:57 GMT
content-encoding: gzip
server: Server
x-amz-cf-pop: FRA6-C1
status: 200
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.kiro7.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 127
via: 1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
x-amz-cf-id: 2gRAjaSbK-RawwAoFt7d1L2LQPwff8kj1_U1M9XdzKK1IFg-Lh5FgQ==

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 432 B
856 B 66ms
65ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=327709670132435&correlator=1793761991616186&output=ldjh&impl=fifs&adsid=NT&eid=44723444&vrg=2020073001&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200803&iu_parts=12523293%2CSeattle_TV%2Ckiro_web_default%2Cnews%2Cjesse_jones&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=1x1&prev_scp=ad_slot%3DWP01%26position%3D%255Bobject%2520Object%255D%26pt%3Da%26cid%3DWXYQ2IBHV45AXZSL3LOLK4ZUQM%26category%3Dnews%26breakpoint%3D992px%26type_name%3Dstory%26topics%3Dcoronavirus%252C%2520cybercrime%252C%2520fraud%252C%2520government-waste%252C%2520jesses-story-of-the-day%252C%2520JesseJones&eri=1&cust_params=weather%3D26%26temp_range%3D65%2520to%252069%26sky%3DCloudy%26obj_id%3Dkiro%252FWXYQ2IBHV45AXZSL3LOLK4ZUQM%26type_name%3Dstory&cookie_enabled=1&bc=31&abxe=1&lmt=1596473037&dt=1596473037539&dlt=1596473036673&idt=816&frm=20&biw=1600&bih=1200&oid=3&adxs=800&adys=147&adks=1508554112&ucis=1&ifi=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F&dssz=60&icsg=261458894863&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x1&msz=1x1&ga_vid=105589155.1596473037&ga_sid=1596473038&ga_hid=494244444&fws=0&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020073001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

3814ba41228b3db597942953bbf8f0686e63ec914a2ebad8b609fb7618854123

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 16:43:57 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 233
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.kiro7.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
2b0b89c077c87173c841d62727a15297.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 58ms
15ms Other
text/html 2a00:1450:4001:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://2b0b89c077c87173c841d62727a15297.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020073001.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:816::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 20ms
5ms Other
text/html 2a00:1450:4001:819::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020073001.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 19 KB
6 KB 294ms
293ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=327709670132435&correlator=1793761991616186&output=ldjh&impl=fifs&adsid=NT&eid=44723444&vrg=2020073001&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200803&iu_parts=12523293%2CSeattle_TV%2Ckiro_web_default%2Cnews%2Cjesse_jones&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=300x250&prev_scp=ad_slot%3DRP02%26position%3D%255Bobject%2520Object%255D%26pt%3Da%26cid%3DWXYQ2IBHV45AXZSL3LOLK4ZUQM%26category%3Dnews%26breakpoint%3D992px%26type_name%3Dstory%26topics%3Dcoronavirus%252C%2520cybercrime%252C%2520fraud%252C%2520government-waste%252C%2520jesses-story-of-the-day%252C%2520JesseJones&eri=1&cust_params=weather%3D26%26temp_range%3D65%2520to%252069%26sky%3DCloudy%26obj_id%3Dkiro%252FWXYQ2IBHV45AXZSL3LOLK4ZUQM%26type_name%3Dstory&cookie_enabled=1&bc=31&abxe=1&lmt=1596473037&dt=1596473037553&dlt=1596473036673&idt=816&frm=20&biw=1600&bih=1200&oid=3&adxs=1085&adys=885&adks=4275131618&ucis=2&ifi=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F&dssz=60&icsg=261458894863&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=409x250&msz=300x250&ga_vid=105589155.1596473037&ga_sid=1596473038&ga_hid=494244444&fws=0&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020073001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

fa8b64d1fad753621212cf923d9bbb40926778a6e89865de968ef16f3771e3fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 16:43:57 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5761
x-xss-protection: 0
google-lineitem-id: 5345428960
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138316827124
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.kiro7.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 455 B
426 B 280ms
279ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=327709670132435&correlator=1793761991616186&output=ldjh&impl=fifs&adsid=NT&eid=44723444&vrg=2020073001&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200803&iu_parts=12523293%2CSeattle_TV%2Ckiro_web_default%2Cnews%2Cjesse_jones&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=1x1&prev_scp=ad_slot%3DPX01%26position%3D%255Bobject%2520Object%255D%26pt%3Da%26cid%3DWXYQ2IBHV45AXZSL3LOLK4ZUQM%26category%3Dnews%26breakpoint%3D992px%26type_name%3Dstory%26topics%3Dcoronavirus%252C%2520cybercrime%252C%2520fraud%252C%2520government-waste%252C%2520jesses-story-of-the-day%252C%2520JesseJones&eri=1&cust_params=weather%3D26%26temp_range%3D65%2520to%252069%26sky%3DCloudy%26obj_id%3Dkiro%252FWXYQ2IBHV45AXZSL3LOLK4ZUQM%26type_name%3Dstory&cookie_enabled=1&bc=31&abxe=1&lmt=1596473037&dt=1596473037559&dlt=1596473036673&idt=816&frm=20&biw=1600&bih=1200&oid=3&adxs=1235&adys=1175&adks=1508511219&ucis=3&ifi=3&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F&dssz=60&icsg=261458894863&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=409x1&msz=1x1&ga_vid=105589155.1596473037&ga_sid=1596473038&ga_hid=494244444&fws=0&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020073001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

cb5e60718cead03882071e2a1ac65f9c9f33ef46d9b4270ca7f65b720590eada

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 16:43:57 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 257
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.kiro7.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

204
No Content

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=13739933&c3=20121515121&ns__t=1596473037570&ns_c=UTF-8&cv=3.5&c8=How%20hackers%20are%20stealing%20hundreds%20of%20millions%20of%20dollars%20from%20Washing...
https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1596473037570&ns_c=UTF-8&cv=3.5&c8=How%20hackers%20are%20stealing%20hundreds%20of%20millions%20of%20dollars%20from%20Washin...

0
528 B

42ms
40ms

Image
text/plain

104.108.64.33
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1596473037570&ns_c=UTF-8&cv=3.5&c8=How%20hackers%20are%20stealing%20hundreds%20of%20millions%20of%20dollars%20from%20Washington%E2%80%99s%20unemployment%20system&c7=https%3A%2F%2Fwww.kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F&c9=&cs_ak_ss=1
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.64.33 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-64-33.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 03 Aug 2020 16:43:57 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1596473037570&ns_c=UTF-8&cv=3.5&c8=How%20hackers%20are%20stealing%20hundreds%20of%20millions%20of%20dollars%20from%20Washington%E2%80%99s%20unemployment%20system&c7=https%3A%2F%2Fwww.kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F&c9=&cs_ak_ss=1
Pragma: no-cache
Date: Mon, 03 Aug 2020 16:43:57 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 user.js Show response
www.lightboxcdn.com/vendor/458eb58b-8ae1-48ae-b99e-cfbb948d1b54/ 616 KB
122 KB 31ms
29ms Script
application/javascript 2606:4700::6810:4ea5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/vendor/458eb58b-8ae1-48ae-b99e-cfbb948d1b54/user.js?cb=637298881634715824
Requested by: Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/458eb58b-8ae1-48ae-b99e-cfbb948d1b54/lightbox.js?cb=1596473037335
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:4ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80f5317ac5620c70618497fb3930ca9d235971a466e99b5b0c2b590489228afd

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 03 Aug 2020 16:43:57 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: ClA/mRoTb4aqqHHOFqjo8A==
age: 263089
cf-polished: origSize=1047669
status: 200
last-modified: Fri, 03 Jul 2020 15:22:34 GMT
cf-request-id: 0456ce6b120000073ea7181200000001
x-ms-lease-status: unlocked
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
x-ms-request-id: 0421b526-401e-012e-58cf-569353000000
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
cf-ray: 5bd18024ed29073e-FRA
expires: Tue, 03 Aug 2021 16:43:57 GMT

GET
H2

200

/
www.google.de/pagead/1p-conversion/767680447/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/767680447/?random=1109118593&cv=9&fst=*&num=1&value=0&label=c_PNCPmS2poBEL-_h-4C&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_a...
https://www.google.com/pagead/1p-conversion/767680447/?random=1109118593&cv=9&fst=*&num=1&value=0&label=c_PNCPmS2poBEL-_h-4C&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd...
https://www.google.de/pagead/1p-conversion/767680447/?random=1109118593&cv=9&fst=*&num=1&value=0&label=c_PNCPmS2poBEL-_h-4C&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=...

42 B
107 B

19ms
19ms

Image
image/gif

2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/767680447/?random=1109118593&cv=9&fst=*&num=1&value=0&label=c_PNCPmS2poBEL-_h-4C&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7m1&sendb=1&ig=1&frm=0&url=https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/&tiba=How%20hackers%20are%20stealing%20hundreds%20of%20millions%20of%20dollars%20from%20Washington%E2%80%99s%20unemployment%20system&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=zT4oX66nFvqL7_UP28-M-Ak&eitems=ChAI8Oue-QUQlaPnocD-3-lYEh0ADOG3zmHflzz59NM-70ElLIgBiciOxLu2o_Oasg&random=872104740&resp=GooglemKTybQhCsO&ipr=y

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Aug 2020 16:43:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 03 Aug 2020 16:43:57 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/767680447/?random=1109118593&cv=9&fst=*&num=1&value=0&label=c_PNCPmS2poBEL-_h-4C&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7m1&sendb=1&ig=1&frm=0&url=https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/&tiba=How%20hackers%20are%20stealing%20hundreds%20of%20millions%20of%20dollars%20from%20Washington%E2%80%99s%20unemployment%20system&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=zT4oX66nFvqL7_UP28-M-Ak&eitems=ChAI8Oue-QUQlaPnocD-3-lYEh0ADOG3zmHflzz59NM-70ElLIgBiciOxLu2o_Oasg&random=872104740&resp=GooglemKTybQhCsO&ipr=y
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/767680447/ 42 B
164 B 22ms
19ms Image
image/gif 2a00:1450:4001:817::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/767680447/?random=1596473037344&cv=9&fst=1596470400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7m1&sendb=1&frm=0&url=https%3A%2F%2Fwww.kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F&tiba=How%20hackers%20are%20stealing%20hundreds%20of%20millions%20of%20dollars%20from%20Washington%E2%80%99s%20unemployment%20system&async=1&fmt=3&is_vtc=1&random=2563053139&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:817::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Aug 2020 16:43:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/767680447/ 42 B
539 B 30ms
18ms Image
image/gif 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/767680447/?random=1596473037344&cv=9&fst=1596470400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7m1&sendb=1&frm=0&url=https%3A%2F%2Fwww.kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F&tiba=How%20hackers%20are%20stealing%20hundreds%20of%20millions%20of%20dollars%20from%20Washington%E2%80%99s%20unemployment%20system&async=1&fmt=3&is_vtc=1&random=2563053139&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Aug 2020 16:43:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
378 B 49ms
34ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=281660582191764&ev=PageView&dl=https%3A%2F%2Fwww.kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F&rl=&if=false&ts=1596473037609&sw=1600&sh=1200&v=2.9.22&r=stable&ec=0&o=30&fbp=fb.1.1596473037608.1215266733&it=1596473037333&coo=false&tm=1&rqm=GET

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 16:43:57 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 03 Aug 2020 16:43:57 GMT

GET
H2 200 pmk-202002191.24.js Show response
widget.perfectmarket.com/cox-network/ 111 KB
31 KB 41ms
39ms Script
application/javascript 151.101.13.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.perfectmarket.com/cox-network/pmk-202002191.24.js
Requested by: Host: widget.perfectmarket.com
URL: https://widget.perfectmarket.com/cox-network/load.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.181 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9c088796f9990e19374762ed19b3101f2ce74f08dcff8959c260f6a596adcbc9

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: ei3mj3MCMsmfeLhxEHizVjAML_x7dBYM
content-encoding: gzip
etag: "7c53f5a4bb6d69f0e058c85d17cbe74e"
age: 11951733
x-cache: HIT, HIT
status: 200
content-length: 30933
x-amz-id-2: 0tXChLZoXOLqzyrlHSKx+d7VFfo9mbexieUmSBxMcRB/Z0meSzHQNYqZGW+g0N42Owyd9u/tNzY=
x-served-by: cache-lax8637-LAX, cache-fra19139-FRA
last-modified: Wed, 18 Mar 2020 08:48:22 GMT
server: AmazonS3
x-timer: S1596473038.642141,VS0,VE0
date: Mon, 03 Aug 2020 16:43:57 GMT
vary: Accept-Encoding,,
x-amz-request-id: 6A7CB9547A1656ED
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=31536000
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 5245, 2

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
624 B 190ms
190ms Image
image/gif 52.9.74.36
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_ui=e87ede5e-d438-4f5d-90c4-1dee0f264dd6&ntv_fl=5j6K0SrXS9BkMDZOoNh3cuJnhCEcD23SoBEcEF-LzWz44N8J-Ken1PgqGBxqzsPnZpcDiPFh0gZuc0mkUjNhXE36nXwBUpsZlbUpmZd2wQY=&ntv_ht=zT4oXwA&ntv_at=303,302&ntv_a=AAAAAAAAAA4nkQA&ord=1596473037668&ntv_dpl=1009,1011,1028,1001,1050,1003,1019,1007&ntv_it
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.9.74.36 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-9-74-36.us-west-1.compute.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Aug 2020 16:43:57 GMT
server: nginx/1.12.1
status: 200
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H/1.1

200
OK

Cookie set iu3
aax-eu.amazon-adsystem.com/s/ Frame B095
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=pm-db5_rbd_an-db5
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=pm-db5_rbd_an-db5&dcc=t

0
0

214ms
213ms

Document
text/html

52.95.123.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=pm-db5_rbd_an-db5&dcc=t
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.123.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash

Request headers

Host: aax-eu.amazon-adsystem.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ad-id=A09AguX9KkNHoR3-yrgeQw8|t
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Response headers

Server: Server
Date: Mon, 03 Aug 2020 16:43:58 GMT
Content-Type: text/html;charset=ISO-8859-1
Content-Length: 196
Connection: keep-alive
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Set-Cookie: ad-id=A09AguX9KkNHoR3-yrgeQw8; Domain=.amazon-adsystem.com; Expires=Thu, 01-Apr-2021 16:43:58 GMT; Path=/; Secure; HttpOnly; SameSite=None ad-privacy=0; Domain=.amazon-adsystem.com; Expires=Wed, 01-Oct-2025 16:43:58 GMT; Path=/; Secure; HttpOnly; SameSite=None
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip

Redirect headers

Server: Server
Date: Mon, 03 Aug 2020 16:43:58 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=pm-db5_rbd_an-db5&dcc=t
Set-Cookie: ad-id=A09AguX9KkNHoR3-yrgeQw8|t; Domain=.amazon-adsystem.com; Expires=Thu, 01-Apr-2021 16:43:58 GMT; Path=/; Secure; HttpOnly; SameSite=None
Vary: User-Agent

GET
H2 200 fb_lightbox.2.1.5.css
www.lightboxcdn.com/static/ 4 KB
1 KB 16ms
15ms Stylesheet
text/css 2606:4700::6810:4ea5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/static/fb_lightbox.2.1.5.css?cb=637293865540854657
Requested by: Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/458eb58b-8ae1-48ae-b99e-cfbb948d1b54/user.js?cb=637298881634715824
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:4ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b9028c7ecccf4f31fafcfca176cd6ed38197d7b3d6ea4c107b98af8eecc525b

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 03 Aug 2020 16:43:57 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: q4B4xYJoZwx9ikt94o1nCA==
age: 263537
cf-polished: origSize=6016
x-ms-meta-cbmodifiedtime: Wed, 10 Apr 2019 18:50:43 GMT
status: 200
last-modified: Wed, 10 Apr 2019 19:06:17 GMT
cf-request-id: 0456ce6b870000073ea718b200000001
x-ms-lease-status: unlocked
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
x-ms-request-id: 7aad5c57-901e-0045-1a4e-518850000000
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
cf-ray: 5bd18025af96073e-FRA
expires: Tue, 03 Aug 2021 16:43:57 GMT

GET
H/1.1 200
OK z Show response
lightboxapi.azurewebsites.net/z9gd/42629/www.kiro7.com/jsonp/ 526 B
780 B 654ms
143ms Script
application/javascript 13.89.172.6
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://lightboxapi.azurewebsites.net/z9gd/42629/www.kiro7.com/jsonp/z?cb=1596473037713&callback=jQuery17105780508637631054_1596473037695&_=1596473037714
Requested by: Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/458eb58b-8ae1-48ae-b99e-cfbb948d1b54/user.js?cb=637298881634715824
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.89.172.6 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ebb95661386e94f5ee60b582d964d9864fef0562603b3b827aed2c16a5352cfd

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 03 Aug 2020 16:43:57 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H2 200 t.gif
www.lightboxcdn.com/z9g/ 35 B
281 B 17ms
17ms Image
image/gif 2606:4700::6810:4ea5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.lightboxcdn.com/z9g/t.gif?c=1596473037702&h=www.kiro7.com&e=p&u=42629
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:4ea5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 03 Aug 2020 16:43:57 GMT
cf-cache-status: HIT
content-md5: KNaBTzCeoon4R8ac+RGUxg==
age: 1021585
cf-polished: status=not_needed
x-ms-meta-cbmodifiedtime: Tue, 26 Feb 2019 00:59:40 GMT
status: 200
content-length: 35
cf-request-id: 0456ce6b930000073ea718d200000001
x-ms-lease-status: unlocked
last-modified: Tue, 26 Feb 2019 01:15:02 GMT
server: cloudflare
etag: 0x8D69B87D5A1B25F
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
x-ms-request-id: ac5326e6-701e-00aa-4564-84832e000000
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 5bd18025bff9073e-FRA
cf-bgj: imgq:85

GET
H/1.1 200
OK config.json Show response
c.go-mpulse.net/api/ Frame E565 588 B
861 B 253ms
239ms XHR
application/json 2a02:26f0:6c00:181::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=2ARQK-4FEY5-2C44D-9TAQS-ZHZL7&d=www.kiro7.com&t=5321577&v=1.632.0&if=&sl=0&si=k5v4mdne3v-qehyh9&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,Angular,Backbone,Ember,History,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,LOGN&acao=&ak.ai=576087
Requested by: Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/2ARQK-4FEY5-2C44D-9TAQS-ZHZL7
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:181::11a6 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: b351490cd05f959f00f76dbf0ad6576b1a413a19dd0ed20b6630ac2932381adb

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 03 Aug 2020 16:43:58 GMT
Cache-Control: private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 588
Content-Type: application/json

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 338 B
223 B 373ms
372ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=327709670132435&correlator=1793761991616186&output=ldjh&impl=fifs&adsid=NT&eid=44723444&vrg=2020073001&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200803&iu_parts=12523293%2CSeattle_TV%2Ckiro_web_default%2Cnews%2Cjesse_jones&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=300x250&prev_scp=ad_slot%3DRP04%26position%3D%255Bobject%2520Object%255D%26breakpoint%3D992px%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=weather%3D26%26temp_range%3D65%2520to%252069%26sky%3DCloudy%26obj_id%3Dkiro%252FWXYQ2IBHV45AXZSL3LOLK4ZUQM%26type_name%3Dstory&cookie=ID%3Dce2205245b809a09%3AT%3D1596473037%3AS%3DALNI_Mar7cs0z_Yno4rZoOETb939tcG2Dw&bc=31&abxe=1&lmt=1596473037&dt=1596473037814&dlt=1596473036673&idt=816&frm=20&biw=1600&bih=1200&oid=3&adxs=430&adys=1153&adks=4275152065&ucis=4&ifi=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F&dssz=65&icsg=1045835579407&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x250&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=105589155.1596473037&ga_sid=1596473038&ga_hid=494244444&fws=0&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020073001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

5402c68a3d6c370f965523f37326cc6472a5645db502b794b099ef525887d73f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 16:43:58 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 148
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.kiro7.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK pw.js Show response
includemodal.global.ssl.fastly.net/ Frame D751 86 KB
29 KB 90ms
26ms Script
application/javascript 151.101.13.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://includemodal.global.ssl.fastly.net/pw.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020073001.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5a5f150d0d3fb38f9df3cfab7a435bd79a8e518b6806af856c2481069f4b97a3

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 03 Aug 2020 16:43:57 GMT
Content-Encoding: gzip
Age: 2865
X-Cache: HIT
Connection: keep-alive
Content-Length: 28895
x-amz-id-2: JV9He8Hf24slJikkkGPw2IYt7JsMWU5q/56TXX21VWZlTjdxRccM/b+BoaSlb45cDUtB7qEHLcQ=
X-Served-By: cache-fra19140-FRA
Last-Modified: Mon, 03 Aug 2020 15:54:21 GMT
Server: AmazonS3
X-Timer: S1596473038.943224,VS0,VE0
ETag: "8ea852dca932197e501c5887486ca752"
Vary: Accept-Encoding
x-amz-request-id: 81E9F1D4EF73E4CB
Via: 1.1 varnish
Cache-Control: max-age=3600
Accept-Ranges: bytes
Content-Type: application/javascript
X-Cache-Hits: 25

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame D751 0
0 65ms
63ms Fetch
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssYqrd7y1EyOnOtFROt2MhjOM4lNM_FH0bWcu9E-zgdjyUYjiUkEoWkBjazXm7zMJCC7IjmUfYcBALN_TgJxR9smuIhqsq1FndzG58B8Gi2gxKrNPe0KgT3aVN-gmVWoZd3_dbf6_pkq1TPkXIVMuW0GYHs6SAXAImZMxj4jwnBh-ylgC5_t2c0nUjiE1p0-IsK07-VCsgi7fKrRDaM9fea8MHxe3-vhNgE4o1snSZkWlgWzGGGM-VoRTHkTYzG8WGmMDANdRJ9H4NmRW--2nkwLQAJr9tahVrcj3hU7hbKaSA&sig=Cg0ArKJSzDKbFZ3pc0GjEAE&adurl=

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 03 Aug 2020 16:43:57 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20200729/r20110914/client/ Frame D751 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:819::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20200729/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020073001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57514090aa4e30755dfb478a8e596474b2c1dcb0c4258a6a2b324853d73840e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 29 Jul 2020 15:51:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 435143
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 8966445102869121928
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 Aug 2020 15:51:34 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame D751 73 KB
28 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020073001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a144a0ddb054805ab87d8603010836d660aa41bef7a38d962781cd3af6c4e864

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 16:43:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1596194598985842"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28389
x-xss-protection: 0
expires: Mon, 03 Aug 2020 16:43:57 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame D751 0
0 15ms
14ms Image
text/html 2a00:1450:4001:817::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSPdQpV-EZKtL0kBxb6TNYbiYUTZn0c-fLyKvFF3RV3FeFPou1Fqec709aOHdZUQVzdEatkj6FO-hRBdzms11aLCxoTBg
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020073001.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:817::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 6689646930131180015
tpc.googlesyndication.com/simgad/ Frame D751 70 KB
71 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:819::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6689646930131180015

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020073001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c0883d747f2f0715eabe46219a1ccfc1a366c06d71cbf62ffae9abd2674235ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 23 Jul 2020 00:23:50 GMT
x-content-type-options: nosniff
age: 1009207
x-dns-prefetch-control: off
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72094
x-xss-protection: 0
last-modified: Tue, 07 Jul 2020 23:59:41 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 23 Jul 2021 00:23:50 GMT

GET
H/1.1 200
OK c=E5NS_f=spot_si=1407_s=300x250_lid=5345428960 Show response
pr.realvu.net/flip/2/ 1 KB
893 B 131ms
130ms Script
application/javascript 52.45.140.238
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pr.realvu.net/flip/2/c=E5NS_f=spot_si=1407_s=300x250_lid=5345428960
Requested by: Host: pr.realvu.net
URL: https://pr.realvu.net/flip/2/c=E5NS_f=site_si=1407
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.140.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-140-238.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 38db8016c9a71b8590311347a397e56764effd444da1db744884e551a48fefe4

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 03 Aug 2020 16:43:57 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=3600
Connection: keep-alive
Content-Length: 601
X-Proxy-Cache: BYPASS

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 71 KB
27 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020073001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a6a77d4af8485f801196e0abb887d745c1ebaf38df310027cf720ad7517e9b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 16:43:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1596194598985842"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27106
x-xss-protection: 0
expires: Mon, 03 Aug 2020 16:43:57 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 338 B
219 B 524ms
524ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=327709670132435&correlator=1793761991616186&output=ldjh&impl=fifs&adsid=NT&eid=44723444&vrg=2020073001&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200803&iu_parts=12523293%2CSeattle_TV%2Ckiro_web_default%2Cnews%2Cjesse_jones&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=300x250%7C300x600&prev_scp=ad_slot%3DRP01%26position%3D%255Bobject%2520Object%255D%26pt%3Da%26cid%3DWXYQ2IBHV45AXZSL3LOLK4ZUQM%26category%3Dnews%26breakpoint%3D992px%26type_name%3Dstory%26topics%3Dcoronavirus%252C%2520cybercrime%252C%2520fraud%252C%2520government-waste%252C%2520jesses-story-of-the-day%252C%2520JesseJones%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=weather%3D26%26temp_range%3D65%2520to%252069%26sky%3DCloudy%26obj_id%3Dkiro%252FWXYQ2IBHV45AXZSL3LOLK4ZUQM%26type_name%3Dstory&cookie=ID%3D04ca9d020d8eb830%3AT%3D1596473037%3AS%3DALNI_Ma3-ya2CY_0L-eee4UKdkYHgzkg9w&bc=31&abxe=1&lmt=1596473037&dt=1596473037873&dlt=1596473036673&idt=816&frm=20&biw=1600&bih=1200&oid=3&adxs=1085&adys=193&adks=2386064162&ucis=5&ifi=5&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F&dssz=67&icsg=1045835579407&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=409x250&msz=300x250&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H8WsxbTAR0h01Kv_kcJzROiJAL5t3cnmJdRH2N2CgLKgB1rZhoM5nmCqdyjCcLDMM2NMFwt5P_TiqQn2xl118INJRM4KhIn%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=105589155.1596473037&ga_sid=1596473038&ga_hid=494244444&fws=0&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020073001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

e61fd35d987ab2f9b808a6b2e91a62ddc13cc91d5fe317200efdefba070bd731

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 16:43:58 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 148
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.kiro7.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame D751 0
54 B 64ms
64ms Image
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv7ePFP4JfMgqvWI3heD1-PWFRTlxd07YqcLizTKXn53QoLCfrKqqVz_4j5YX0fE4MkzeHQ3YuPS5eFJqRLvK6T1YwIWysZklV_3HcTDks7PMK9sE9oDe2-pq_dQBxNRos3y9V2vedXdUMYoud2nCfFqviyjer2cKtiCywIEgROstjZiu6Vz-lBtevxBPNvWBqq_AJuQBT3CyXQeYP7I9GpYOAe4Iwy7pVw1WylmPX4ciYNKBE4BjJ-WK_CwUMB9OyuzOZJbTGq396IuMRXy50h6FPci1_sw9gKY0yb_gmQzFfkaw&sig=Cg0ArKJSzOemN7EJ4x61EAE&adurl=

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 03 Aug 2020 16:43:57 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame D751 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cd4a7bf97c5381abba0b3090730d0239544a981c3def814338199edc50487e72

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 19 KB
6 KB 602ms
602ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=327709670132435&correlator=1793761991616186&output=ldjh&impl=fifs&adsid=NT&eid=44723444&vrg=2020073001&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200803&iu_parts=12523293%2CSeattle_TV%2Ckiro_web_default%2Cnews%2Cjesse_jones&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=970x90%7C728x90&prev_scp=ad_slot%3DHP01%26position%3D%255Bobject%2520Object%255D%26pt%3Da%26cid%3DWXYQ2IBHV45AXZSL3LOLK4ZUQM%26category%3Dnews%26breakpoint%3D992px%26type_name%3Dstory%26topics%3Dcoronavirus%252C%2520cybercrime%252C%2520fraud%252C%2520government-waste%252C%2520jesses-story-of-the-day%252C%2520JesseJones%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=weather%3D26%26temp_range%3D65%2520to%252069%26sky%3DCloudy%26obj_id%3Dkiro%252FWXYQ2IBHV45AXZSL3LOLK4ZUQM%26type_name%3Dstory&cookie=ID%3D04ca9d020d8eb830%3AT%3D1596473037%3AS%3DALNI_Ma3-ya2CY_0L-eee4UKdkYHgzkg9w&bc=31&abxe=1&lmt=1596473037&dt=1596473037973&dlt=1596473036673&idt=816&frm=20&biw=1600&bih=1200&oid=3&adxs=315&adys=107&adks=900421243&ucis=6&ifi=6&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F&dssz=67&icsg=1045835579407&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x114&msz=970x90&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H8WsxbTAR0h01Kv_kcJzROiJAL5t3cnmJdRH2N2CgLKgB1rZhoM5nmCqdyjCcLDMM2NMFwt5P_TiqQn2xl118INJRM4KhIn%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=105589155.1596473037&ga_sid=1596473038&ga_hid=494244444&fws=0&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020073001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

d6a1b84dee6b0f3b440b15122326acb38762f7b8f8024e359ce56abe5f0e626f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 16:43:58 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5548
x-xss-protection: 0
google-lineitem-id: 5345428960
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138316432290
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.kiro7.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 tb Show response
15.taboola.com/ 32 KB
11 KB 53ms
51ms Script
text/html 151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://15.taboola.com/tb?oid=15&pubnm=cox-kiro-tv&unitType=244&tbloc=&pageType=text&pstn=Below%20Article%20Thumbnails%20-March%202017&uuip=Feed%20-%20Below%20Article%20Thumbnails%20-March%202017&cisrf=&cirf=https%3A%2F%2Fkiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F&encoded=1&uid=65fc5e01-2434-4519-8bab-b84f7c618bac-tuct621c3d6&variant=-100|4302&callback=TRC.videoTagCallbacks.videoCallback1&cb=1596473037982&tagid=&cntry=CH&platform=1&normp={NORM_PLATFORM}&sesid=0e9d52859eb21f3c0b84f79a2d427e86&itemid=/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system&viewid=1596473037449&geolat=&geoing=&deviceifa=&appid=&sd=v2_0e9d52859eb21f3c0b84f79a2d427e86_65fc5e01-2434-4519-8bab-b84f7c618bac-tuct621c3d6_1596472918_1596473037_CNawjgYQ4ZA-GIml1am7LiADKAEwKziy0A1AuogQSPDb2QNQ____________AVgAYABo4qaqkbKtl-Jw&ri=b8e12d9dab02c6fcd8df2f27edc7f644&appname=&cdb=&gdprApplies=&rid=&sii=-4312527434450252827&oee=true&tpubid=1017953&uis=2&fagg=1&ccpaDns={CCPA_DNS}&ccpaPrivacy={CCPA_PRIVACY}&region={REGION}
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20200530-2-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 2c456d8ce088ba1a571f4d7db9c44cb8b25aaa9e30487be1afac06af0c4d9f78

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 16:43:58 GMT
content-encoding: gzip
machineid: 1449
x-cache: MISS
status: 200
x-cache-hits: 0
x-served-by: cache-hhn4080-HHN
pragma: no-cache
server: nginx
x-timer: S1596473038.006162,VS0,VE21
vary: Accept-Encoding
content-type: text/html;charset=ISO-8859-1
via: 1.1 varnish
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
accept-ranges: bytes
link: <https://am-wf.taboola.com>; rel=preconnect
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 feed-card-placeholder.20200530-2-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 5 KB
2 KB 31ms
31ms Script
application/javascript 151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/feed-card-placeholder.20200530-2-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/cox-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d45ada5c1a6c27d3c3b6d023ded26e6ff16b25659d49c9396248072378b29920

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: Xuyp0PbdtK8bmrqF8eM1p5CIL4lwLlUy
content-encoding: gzip
etag: "3b17fc71985e0b2b4889c246487671fd"
age: 25
x-cache: HIT
status: 200
x-amz-replication-status: COMPLETED
content-length: 1268
x-amz-id-2: wNZ70YGj1l5rOKJrnFuR3w9gX6Y1z3eAXTpBhsVs8lcU8u/7qQvgEbmmLZH1NiEdessK+CON+3A=
x-served-by: cache-hhn4080-HHN
last-modified: Sun, 31 May 2020 08:40:40 GMT
server: AmazonS3
x-timer: S1596473038.006147,VS0,VE0
date: Mon, 03 Aug 2020 16:43:58 GMT
vary: Accept-Encoding
x-amz-request-id: AS3VEQ9P8K1MFM5J
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 96
x-cache-hits: 4

GET
H2 200 f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 4 KB
2 KB 28ms
27ms Image
image/svg+xml 151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20200530-2-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding: gzip
etag: "b8b410e4b18d45aa2f3d9bc09cd335fb"
age: 82
via: 1.1 varnish
x-cache: HIT
status: 200
x-amz-replication-status: COMPLETED
content-length: 1758
x-amz-id-2: CNfaJbSeIUTY6623cAxcVGj457HVOdA+qlteHyo5COUXi/FcGzAcO9znnLfpAYvQh4b31ONN8uA=
x-served-by: cache-hhn4080-HHN
last-modified: Wed, 07 Feb 2018 11:15:52 GMT
server: AmazonS3
x-timer: S1596473038.006108,VS0,VE0
date: Mon, 03 Aug 2020 16:43:58 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: 6626B3AB6BC2A9CD
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: image/svg+xml
access-control-allow-headers: *
abp: 96
x-cache-hits: 337

GET
H2 200 userx.20200530-2-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 22 KB
8 KB 27ms
27ms Script
application/javascript 151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20200530-2-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/cox-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4330f13f7ef56eb8e9a7d96f3875958184b028bc0b4e018a9197bdddbc406f1e

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: RKz7Uvt8d12K2mLPgfi0e.kIgUAHlWCd
content-encoding: gzip
etag: "d13007725b70903c2c7b1574efe5062d"
age: 31
x-cache: HIT
status: 200
x-amz-replication-status: COMPLETED
content-length: 7711
x-amz-id-2: pg8fRwB81r5Yx9q4BBKuy6986ySg+JBl41a+Mus+X6DV9B+0/M+2hdAL0BdoGqO8GnD5wMe0gKA=
x-served-by: cache-hhn4080-HHN
last-modified: Sun, 31 May 2020 08:40:29 GMT
server: AmazonS3
x-timer: S1596473038.016449,VS0,VE1
date: Mon, 03 Aug 2020 16:43:58 GMT
vary: Accept-Encoding
x-amz-request-id: 02E4DD645B5503F4
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 96
x-cache-hits: 1

GET
H2 204 social
trc.taboola.com/cox-kiro-tv/log/3/ 0
343 B 39ms
39ms Image
image/gif 151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/cox-kiro-tv/log/3/social?route=AM:AM:V&lti=dsbl-ccpa-2_ctrl&ri=b8e12d9dab02c6fcd8df2f27edc7f644&sd=v2_0e9d52859eb21f3c0b84f79a2d427e86_65fc5e01-2434-4519-8bab-b84f7c618bac-tuct621c3d6_1596472918_1596473037_CNawjgYQ4ZA-GIml1am7LiADKAEwKziy0A1AuogQSPDb2QNQ____________AVgAYABo4qaqkbKtl-Jw&ui=65fc5e01-2434-4519-8bab-b84f7c618bac-tuct621c3d6&pi=/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system&wi=-4312527434450252827&pt=text&vi=1596473037449&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fwww.kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22%22%2C%22hdl%22%3A%22How%20hackers%20are%20stealing%20hundreds%20of%20millions%20of%20dollars%20from%20Washington%E2%80%99s%20unemployment%20system%22%2C%22sec%22%3A%22%22%2C%22aut%22%3A%5B%5D%2C%22img%22%3A%22https%3A%2F%2Fcloudfront-us-east-1.images.arcpublishing.com%2Fcmg%2FDF7LUBGFVANPTYKOOV6SRGBSCM.jpg%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=18%3A43%3A58.049&id=8128&llvl=1&cv=20200530-2-RELEASE&
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Mon, 03 Aug 2020 16:43:58 GMT
via: 1.1 varnish
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 204
x-served-by: cache-hhn4080-HHN
pragma: no-cache
server: nginx
x-timer: S1596473038.069950,VS0,VE9
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 Vk_ballista_b_B61455_600x500_No%2520OS_English%26IMG%3D1BF3.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gallery-pl.go-game.io/uploads/2018/10/ 36 KB
37 KB 80ms
26ms Image
image/jpeg 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gallery-pl.go-game.io/uploads/2018/10/Vk_ballista_b_B61455_600x500_No%2520OS_English%26IMG%3D1BF3.jpg
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 2e287ecbec5763b582bf2fc5edfb9061d703fe11ee257defecb25868af9be1c1

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Mon, 03 Aug 2020 16:43:58 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 1161651
edge-cache-tag: 486964190763993790079607802432425974845,321542333818713782252267784064847624608,29ecf9b93bbf306179626feeda1fab70
status: 200
expiration: expiry-date="Mon, 27 Apr 2020 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gallery-pl.go-game.io/uploads/2018/10/Vk_ballista_b_B61455_600x500_No%2520OS_English%26IMG%3D1BF3.jpg
content-length: 37192
x-served-by: cache-dca17731-DCA, cache-dca17732-DCA, cache-fra19128-FRA
last-modified: Fri, 27 Mar 2020 13:21:43 GMT
server: cloudinary
x-timer: S1596473038.126832,VS0,VE0
etag: "36ea9d2e24182136315679b3f8785f44"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 6

GET
H2 200 6e2051ea622795551a62636cb64d9a06.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 54 KB
54 KB 133ms
83ms Image
image/jpeg 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6e2051ea622795551a62636cb64d9a06.jpg
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: c254efeb85c50d89e39b1aea1653b1ff6e19f518704636a0cf3d193a36c971c2

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Mon, 03 Aug 2020 16:43:58 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 3178973
edge-cache-tag: 588929379061716387694395386348256173449,321542333818713782252267784064847624608,29ecf9b93bbf306179626feeda1fab70
status: 200
expiration: expiry-date="Sun, 19 Jul 2020 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6e2051ea622795551a62636cb64d9a06.jpg
content-length: 54962
x-served-by: cache-dca17767-DCA, cache-dca17753-DCA, cache-fra19128-FRA
last-modified: Thu, 18 Jun 2020 05:13:30 GMT
server: cloudinary
x-timer: S1596473038.126879,VS0,VE0
etag: "8769024fe432ee9a433200e0b1a86f7e"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 37

GET
H2 200 0aaf5560c4837bf0ccdfc65ee9dea847.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 57 KB
57 KB 105ms
56ms Image
image/jpeg 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0aaf5560c4837bf0ccdfc65ee9dea847.jpeg
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 9e45618e80b10e6c0e0cb67ac3297f5cb09640d01dd4656fd62a577916db0acf

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Mon, 03 Aug 2020 16:43:58 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 2202617
edge-cache-tag: 514749410978704298870247441584238254197,321542333818713782252267784064847624608,29ecf9b93bbf306179626feeda1fab70
status: 200, 200 OK
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0aaf5560c4837bf0ccdfc65ee9dea847.jpeg
content-length: 58404
x-request-id: f851101e4eb73a51167b9a835ca3149e
x-served-by: cache-dca17747-DCA, cache-dca17727-DCA, cache-fra19128-FRA
last-modified: Tue, 28 Apr 2020 10:53:13 GMT
server: cloudinary
x-timer: S1596473038.127110,VS0,VE0
etag: "c13644bc3aee69447df4d27b2ee7c6c9"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 3

GET
H2 200 /
includemodal.com/service/imp/5c69bc07-70d4-410b-9795-09e10e53fa8f/ Frame D751 42 B
132 B 656ms
137ms Image
image/gif 3.128.54.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://includemodal.com/service/imp/5c69bc07-70d4-410b-9795-09e10e53fa8f/?rand=9936797&referer=https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.128.54.90 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-128-54-90.us-east-2.compute.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Mon, 03 Aug 2020 16:43:58 GMT
server: nginx/1.10.3 (Ubuntu)
content-length: 42
content-type: image/gif

GET
H2 200 Flag_600x500%26IMG%3D10V8.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_445%2Cw_800%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gallery-pl.go-game.io/uploads/2017/11/ 45 KB
45 KB 76ms
56ms Image
image/jpeg 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_445%2Cw_800%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gallery-pl.go-game.io/uploads/2017/11/Flag_600x500%26IMG%3D10V8.png
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: df4a969300009281daa2b171080c6c305cb0f6284783f0c8543699802cb26215

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Mon, 03 Aug 2020 16:43:58 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 1868601
edge-cache-tag: 356357565479065212369978644376910973153,593403765205910191011298921050050489110,29ecf9b93bbf306179626feeda1fab70
status: 200
expiration: expiry-date="Wed, 05 Aug 2020 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_445%2Cw_800%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gallery-pl.go-game.io/uploads/2017/11/Flag_600x500%26IMG%3D10V8.png
content-length: 45910
x-served-by: cache-dca17731-DCA, cache-dca17755-DCA, cache-fra19128-FRA
last-modified: Sun, 05 Jul 2020 20:50:41 GMT
server: cloudinary
x-timer: S1596473038.127075,VS0,VE0
etag: "5e1ff03cfd1fe689f59dbd8f7d6721c9"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 3

GET
H2 200 de021fd53a2d06a480422fcbd701322d.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_445%2Cw_800%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 36 KB
37 KB 76ms
57ms Image
image/jpeg 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_445%2Cw_800%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/de021fd53a2d06a480422fcbd701322d.jpg
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 1b8c51afc45c1b453c9e415db2b7e20359f347baa62c98c67d18724ce90c7717

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Mon, 03 Aug 2020 16:43:58 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 4389181
edge-cache-tag: 475592417097332813435800215643896472212,593403765205910191011298921050050489110,29ecf9b93bbf306179626feeda1fab70
status: 200
expiration: expiry-date="Mon, 27 Apr 2020 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_445%2Cw_800%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/de021fd53a2d06a480422fcbd701322d.jpg
content-length: 36800
x-served-by: cache-dca17768-DCA, cache-dca17723-DCA, cache-fra19128-FRA
last-modified: Fri, 27 Mar 2020 08:58:20 GMT
server: cloudinary
x-timer: S1596473038.127299,VS0,VE0
etag: "9ca0518933dfe06e14af5ece00a4db29"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 2

GET
H2 200 40c8ef90-07c7-487a-84df-63d93500c1a4.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//ejnql.com/content/ 20 KB
21 KB 100ms
84ms Image
image/jpeg 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//ejnql.com/content/40c8ef90-07c7-487a-84df-63d93500c1a4.jpg
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: d8f1c105623165e8a632ee84c28863aa6ad5b4fb21b5f558ac4acf437a6d5517

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 03 Aug 2020 16:43:58 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 2187231
edge-cache-tag: 621293045940373875098618898656648785884,321542333818713782252267784064847624608,29ecf9b93bbf306179626feeda1fab70
status: 200
expiration: expiry-date="Sat, 01 Aug 2020 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//ejnql.com/content/40c8ef90-07c7-487a-84df-63d93500c1a4.jpg
content-length: 20789
x-served-by: cache-dca17750-DCA, cache-dca17739-DCA, cache-fra19128-FRA
last-modified: Wed, 01 Jul 2020 14:32:29 GMT
server: cloudinary
x-timer: S1596473038.127100,VS0,VE1
etag: "a11af96ce5f5179a1c53c012fa8edf93"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 15888874fdc379817f04dcc793347900.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 70 KB
70 KB 62ms
61ms Image
image/jpeg 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/15888874fdc379817f04dcc793347900.jpg
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 77873a17a6d4a69497239d572826ad5520f5d9939be4b05ab573da36effd2b2d

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Mon, 03 Aug 2020 16:43:58 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 2225306
edge-cache-tag: 555752406956932302020596715822268475275,321542333818713782252267784064847624608,29ecf9b93bbf306179626feeda1fab70
status: 200, 200 OK
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/15888874fdc379817f04dcc793347900.jpg
content-length: 71349
x-request-id: f56478eff49978e8ab72a89dc7381f02
x-served-by: cache-dca17733-DCA, cache-dca17777-DCA, cache-fra19128-FRA
last-modified: Tue, 07 Jul 2020 03:57:39 GMT
server: cloudinary
x-timer: S1596473038.171902,VS0,VE0
etag: "eb29fb27c41706bd6335b1fbeafa15fe"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2, 7

GET
H2 200 5621182aa2da79674ae2e75f7fbbaceb.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 99 KB
100 KB 69ms
67ms Image
image/jpeg 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5621182aa2da79674ae2e75f7fbbaceb.jpg
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 5c42415b8134f156226e5be62b863648956e93fb55d652bd30d275208e4c52b1

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Mon, 03 Aug 2020 16:43:58 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 4735953
edge-cache-tag: 450265650731705506805175281380931797211,321542333818713782252267784064847624608,29ecf9b93bbf306179626feeda1fab70
status: 200, 200 OK
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/5621182aa2da79674ae2e75f7fbbaceb.jpg
content-length: 101713
x-request-id: 4c678afbb687e3cc2b46e5ad9990c5c4
x-served-by: cache-dca17744-DCA, cache-dca17736-DCA, cache-fra19128-FRA
last-modified: Tue, 09 Jun 2020 14:37:57 GMT
server: cloudinary
x-timer: S1596473038.172560,VS0,VE0
etag: "1f22bdc404f0883a8896bce30e540c3c"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 170

GET
H2 200 87416918c6e636f7bac29cda6a694ee0.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_445%2Cw_800%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 98 KB
99 KB 68ms
67ms Image
image/jpeg 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_445%2Cw_800%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/87416918c6e636f7bac29cda6a694ee0.png
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: bfa96713a1567680e71bfd0a7ca24382ed92d75626559e1cdf1f1dc2f14a449e

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Mon, 03 Aug 2020 16:43:58 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 1807540
edge-cache-tag: 436046152319165086094731219289787679628,593403765205910191011298921050050489110,29ecf9b93bbf306179626feeda1fab70
status: 200
expiration: expiry-date="Thu, 06 Aug 2020 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_445%2Cw_800%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/87416918c6e636f7bac29cda6a694ee0.png
content-length: 100848
x-served-by: cache-dca17758-DCA, cache-dca17763-DCA, cache-fra19128-FRA
last-modified: Mon, 06 Jul 2020 12:18:36 GMT
server: cloudinary
x-timer: S1596473038.172539,VS0,VE0
etag: "73e938cc7bb5e7b6183ccc6ca4eea4d2"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 6

GET
H2 200 1a416bf3cc54a71f6a62e984ff1f7c47.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_445%2Cw_800%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 46 KB
46 KB 68ms
67ms Image
image/jpeg 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_445%2Cw_800%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1a416bf3cc54a71f6a62e984ff1f7c47.jpg
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 855289cc19b5b5cfc67989b144ab2cd4639e16f76b7b99a8be4e7d522dad57d9

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Mon, 03 Aug 2020 16:43:58 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 10823
edge-cache-tag: 554759843170917150851805472516938174532,593403765205910191011298921050050489110,29ecf9b93bbf306179626feeda1fab70
status: 200, 200 OK
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_445%2Cw_800%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1a416bf3cc54a71f6a62e984ff1f7c47.jpg
content-length: 47112
x-request-id: 038505d2a588d99a4ca7cdb246994441
x-served-by: cache-dca17769-DCA, cache-dca17740-DCA, cache-fra19128-FRA
last-modified: Mon, 03 Aug 2020 13:35:42 GMT
server: cloudinary
x-timer: S1596473038.172488,VS0,VE0
etag: "2da26fd71625da397fe198a654da6b69"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 26

GET
H2 200 ab0735b3-a418-4e65-82d8-d55cf27f8ea8.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//wlvvo.com/content/ 17 KB
18 KB 74ms
72ms Image
image/jpeg 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//wlvvo.com/content/ab0735b3-a418-4e65-82d8-d55cf27f8ea8.jpg
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 745f4b11e491de328e1088fb94e7c5f3e7ee943369af5e3364776de7a87e86f9

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 03 Aug 2020 16:43:58 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 2246905
edge-cache-tag: 543613443482621803305007297850702500036,321542333818713782252267784064847624608,29ecf9b93bbf306179626feeda1fab70
status: 200, 200 OK
x-cache: MISS, MISS, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//wlvvo.com/content/ab0735b3-a418-4e65-82d8-d55cf27f8ea8.jpg
content-length: 17594
x-request-id: 6ba2d223a445592bc8dcdb719f96dd32
x-served-by: cache-dca17754-DCA, cache-dca17758-DCA, cache-fra19128-FRA
last-modified: Tue, 23 Jun 2020 16:10:53 GMT
server: cloudinary
x-timer: S1596473038.172459,VS0,VE1
etag: "a092bd2b6b6d82c94af7c5cf3e21dcb7"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1

GET
H2 200 622eb67b633ca3e1f01d14a6fdba5a98.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 29 KB
29 KB 68ms
66ms Image
image/jpeg 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/622eb67b633ca3e1f01d14a6fdba5a98.jpg
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: bcb9d2163cde368a8e75d8bf6a40c5fe20e1c5126884f076540eeef224f6d2f7

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Mon, 03 Aug 2020 16:43:58 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 9603
edge-cache-tag: 402718612007106904254082294271808418679,321542333818713782252267784064847624608,29ecf9b93bbf306179626feeda1fab70
status: 200, 200 OK
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/622eb67b633ca3e1f01d14a6fdba5a98.jpg
content-length: 29321
x-request-id: fa2c181241e13ad636cc4d8581d6c5c1
x-served-by: cache-dca17731-DCA, cache-dca17757-DCA, cache-fra19128-FRA
last-modified: Mon, 03 Aug 2020 13:35:42 GMT
server: cloudinary
x-timer: S1596473038.172444,VS0,VE0
etag: "052915de3be21b239ae420876e94440b"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 2

GET
H2 200 a05bca3ec477ff1317f9e282b6c6b74e.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 16 KB
16 KB 74ms
73ms Image
image/jpeg 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a05bca3ec477ff1317f9e282b6c6b74e.jpg
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: f7923da913970c6b2813790cfb4952653b8aadbcc74d5700a078b8b1b37c8ddc

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 03 Aug 2020 16:43:58 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 288929
edge-cache-tag: 376023566597610662212024876261279802473,321542333818713782252267784064847624608,29ecf9b93bbf306179626feeda1fab70
status: 200
expiration: expiry-date="Fri, 15 May 2020 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a05bca3ec477ff1317f9e282b6c6b74e.jpg
content-length: 15957
x-served-by: cache-dca17768-DCA, cache-dca17770-DCA, cache-fra19128-FRA
last-modified: Tue, 14 Apr 2020 17:55:20 GMT
server: cloudinary
x-timer: S1596473038.172386,VS0,VE1
etag: "426523381ef3ec2dd87813f10c96bf94"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2, 1

GET
H2 200 t_9349d200f2d745129e1c08843a549c1b_name_iNSLEE.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_445%2Cw_800%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.kiro7.com/resizer/K5vqkaeapTnXN8XGSMueoRAKwHE%3D/1200x628/d1hfln2sfez66z.clou... 64 KB
64 KB 73ms
72ms Image
image/jpeg 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_445%2Cw_800%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.kiro7.com/resizer/K5vqkaeapTnXN8XGSMueoRAKwHE%3D/1200x628/d1hfln2sfez66z.cloudfront.net/07-24-2020/t_9349d200f2d745129e1c08843a549c1b_name_iNSLEE.jpg
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 4749f95d6ba82bfeefaf03591643f873461c42ad2e0e973b21ace71c41bbfc81

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 03 Aug 2020 16:43:58 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 876832
edge-cache-tag: 596482821880013192175916407143236899484,593403765205910191011298921050050489110,29ecf9b93bbf306179626feeda1fab70
status: 200, 200 OK
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_445%2Cw_800%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.kiro7.com/resizer/K5vqkaeapTnXN8XGSMueoRAKwHE%3D/1200x628/d1hfln2sfez66z.cloudfront.net/07-24-2020/t_9349d200f2d745129e1c08843a549c1b_name_iNSLEE.jpg
content-length: 65334
x-request-id: f0f8bd13f161abf23c970e5e467082b7
x-served-by: cache-dca17727-DCA, cache-dca17740-DCA, cache-fra19128-FRA
last-modified: Fri, 24 Jul 2020 13:10:06 GMT
server: cloudinary
x-timer: S1596473038.172375,VS0,VE1
etag: "c4a73ba7778acbaf9b234583958810b9"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 UnitFeedManagerDesktop.min.js Show response
vidstat.taboola.com/lite-unit/2.1.3/ 88 KB
26 KB 29ms
26ms Script
application/javascript 151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/lite-unit/2.1.3/UnitFeedManagerDesktop.min.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20200530-2-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 79cf058fe61429a23dd4fe831fb68769c6bff837fee81b7015a6278622ece51e

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 16:43:58 GMT
via: 1.1 172e63b20fb363ed969de28ae3937e21.cloudfront.net (CloudFront), 1.1 varnish
age: 461753
x-cache: Miss from cloudfront, HIT
status: 200
content-encoding: gzip
content-length: 25922
x-served-by: cache-hhn4080-HHN
last-modified: Wed, 29 Jul 2020 08:25:47 GMT
server: AmazonS3
x-timer: S1596473038.154940,VS0,VE0
etag: "87fa3394791a9ba7833f9b770eabf0f0"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: VusVSMp0mx9MAUYjX-6_WzEusra6E9ge00-LGtXdQ4S9QsZtDl1tnQ==
x-cache-hits: 73232

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 254 B
716 B 28ms
27ms Image
image/png 151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: connect.facebook.net
URL: https://connect.facebook.net/signals/config/281660582191764?v=2.9.22&r=stable
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via: 1.1 varnish
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
age: 4303
x-cache: HIT
status: 200
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: grODyaFUyHwi27S6u2hd746yPHwUf+y1im5Wn93DxT7wozhn8KMFUP712WAAG3eD1t2rnF4k3Bs=
x-served-by: cache-hhn4080-HHN
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1596473038.157030,VS0,VE0
date: Mon, 03 Aug 2020 16:43:58 GMT
x-amz-request-id: 29D722C296265892
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: image/png
abp: 96
x-cache-hits: 7404

POST
H2 200 /
www.facebook.com/tr/ 0
105 B 6ms
5ms Other
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryQQG2fzicjUrThUeV

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Mon, 03 Aug 2020 16:43:58 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://www.kiro7.com
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

GET
H/1.1 200
OK c=E5NS_f=spot_si=1407_s=300x250_lid=null Show response
pr.realvu.net/flip/2/ 1 KB
889 B 129ms
129ms Script
application/javascript 52.45.140.238
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pr.realvu.net/flip/2/c=E5NS_f=spot_si=1407_s=300x250_lid=null
Requested by: Host: pr.realvu.net
URL: https://pr.realvu.net/flip/2/c=E5NS_f=site_si=1407
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.140.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-140-238.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 77eff823bfb895038c13cee3cda8bb2535aac178145763f9e21156d7072b18e5

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 03 Aug 2020 16:43:58 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=3600
Connection: keep-alive
Content-Length: 597
X-Proxy-Cache: BYPASS

GET
H2 200 hub.html
membercenter-sdk.cmg.com/sdk/ Frame A66A 0
0 9ms
8ms Document
text/html 2600:9000:214f:b600:a:588b:e680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://membercenter-sdk.cmg.com/sdk/hub.html
Requested by: Host: membercenter-sdk.cmg.com
URL: https://membercenter-sdk.cmg.com/sdk/main.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:b600:a:588b:e680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

:method: GET
:authority: membercenter-sdk.cmg.com
:scheme: https
:path: /sdk/hub.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Response headers

status: 200
content-type: text/html
content-length: 211
last-modified: Thu, 23 Jul 2020 18:50:46 GMT
accept-ranges: bytes
server: AmazonS3
date: Mon, 03 Aug 2020 16:42:01 GMT
etag: "acd60f16e40239bb3c813ef87db325b5"
x-cache: Hit from cloudfront
via: 1.1 7d89b6cf83f15400102bd86c47585040.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: 68JvlP1gIO137bdItovogQeAMITM1NJ8oZ5JjExNyvePZZjJfZTdcA==
age: 118

GET
H2 200 sync
am-match.taboola.com/ Frame 44D1 0
0 108ms
37ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V7UZ4CFgNSWsMbchQ1fQRSWsMbchQ1fQUAAAAGBvQHHMNhDCeEFWGzWMwGw8lkOVisBsPFcDhaDIfAMRzGcEJYETaLxWwwnEyGy8Vwt9xtdpvRagorxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPQa1mWD5Gg2Sw2K1hD02nw-e612udlr9vrvG7_VKX5_NyS_12l-cv9PveQofH67J83grLy605vRxmp93nFrruJsvL5HnrbW6102x2-u2et97mFvnNZofl85ZZ_m637uE5Ou0-09_uVt1dbsPZ73y77Ka35vk5vdx-OQAAAAA8AChhbkP8AAIARAAAAABIAAAAAFAEVPxbCFwAAAAAYAAQcG1pADxzLKzD6XlZHq6f5_QPAICHAhAAgAGFEAAAAAERAAAAgBEAAAAAEgCBv5oSAA-KJRMAgIC5WhqQiRMAAAAAAAAAAJb_____GIC86xQZgAytoB6ABx-AB6KC1CJGAAAAALmcr2tHkzqhsqgCACBItwK4AgAImKutofINAwAAEBhboIfF7zc77Bq_22UAAAAAAAAAAGb_Z_9oQj4o9mlA9wo9ar-AAABrv4AAAGzqBgDwJgAXdAStGAxWR0CbwWR2AAAAAHf_____eiCwco5ck-FqubJYFjPPxjAxjma-5cIyMk12K-Nse7WE5wBAWlKQfS3CMvt9BwXl9PSYXQZR0fW22B1Os-egVjMsH6NBMljsBuKDhmE5GQTzm7DFaDWZbJbD2XIxGQxHw9FofwK4GeAEDYeDxW6w2C0Ww8liMhosBwsUiMEEJ2Q42kxWo91qN1kOJ6PRbDPZIEWrVrPRZjBczSaz3W41HAyXoxFStGYxm0wWs9FytxksJ6PBcDIcIoytZh7XyrBYS0ab0Vq0WizXwonD4pYYRzPfxrYYThwet-j1Md0mi41nZNuiYMDeXgQX6UTjN761TsvfLbpdxBLNySKdyC77wso5ck2Gq-XKYlnMPBvDxDia-ZYLy8g02a2Ms31tNfO4VobFWjLajNai1WK5Fk4cFrfEOJr5NrbFcOLwuEWvj-k2WWw8I9u-sVrORrvJcjHcN1bL2Wi3GWx2-w6d4bv6nI3StMHWMdlmx8LtGzMdJC6DxftSn87DgrFg_X2OTqFEsSzqjH6_3-_3-_1-v99v0HoOZoPCNy0ejq_FSzq7pbyLWCI4XaQT0ct4uoglkqdFOpEYV47JyDlyWAyTjW3mMRlHNsvMsluZPL6ZbTSaiCVK00U60Utdns_LLfXbXZ6_0O97Cx0er8vyeSssL7fm9HKYnXafW-i6mywvk-ett7nVTrPZ6bd73nqbW-Q3mx2Wz1tm-bvduofn6LT7TH-7W3V3uQ1nv_Ptspvemufn9HJb1H98iOFqrljN5ordaq4Y7FYJAAAAAAAAAGAJU-ZNAAAAAE6DmG1mm91yAR4Qw3SBQQAAAAAAAHaJTaZLUu-WyosbP14Yv_GtdVr-btHtzJs9E8RarZY1AACAADYAAEAAt24!&excid=22&docw=0&cijs=1&nlb=true
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/2.1.3/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

:method: GET
:authority: am-match.taboola.com
:scheme: https
:path: /sync?dast=V7UZ4CFgNSWsMbchQ1fQRSWsMbchQ1fQUAAAAGBvQHHMNhDCeEFWGzWMwGw8lkOVisBsPFcDhaDIfAMRzGcEJYETaLxWwwnEyGy8Vwt9xtdpvRagorxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPQa1mWD5Gg2Sw2K1hD02nw-e612udlr9vrvG7_VKX5_NyS_12l-cv9PveQofH67J83grLy605vRxmp93nFrruJsvL5HnrbW6102x2-u2et97mFvnNZofl85ZZ_m637uE5Ou0-09_uVt1dbsPZ73y77Ka35vk5vdx-OQAAAAA8AChhbkP8AAIARAAAAABIAAAAAFAEVPxbCFwAAAAAYAAQcG1pADxzLKzD6XlZHq6f5_QPAICHAhAAgAGFEAAAAAERAAAAgBEAAAAAEgCBv5oSAA-KJRMAgIC5WhqQiRMAAAAAAAAAAJb_____GIC86xQZgAytoB6ABx-AB6KC1CJGAAAAALmcr2tHkzqhsqgCACBItwK4AgAImKutofINAwAAEBhboIfF7zc77Bq_22UAAAAAAAAAAGb_Z_9oQj4o9mlA9wo9ar-AAABrv4AAAGzqBgDwJgAXdAStGAxWR0CbwWR2AAAAAHf_____eiCwco5ck-FqubJYFjPPxjAxjma-5cIyMk12K-Nse7WE5wBAWlKQfS3CMvt9BwXl9PSYXQZR0fW22B1Os-egVjMsH6NBMljsBuKDhmE5GQTzm7DFaDWZbJbD2XIxGQxHw9FofwK4GeAEDYeDxW6w2C0Ww8liMhosBwsUiMEEJ2Q42kxWo91qN1kOJ6PRbDPZIEWrVrPRZjBczSaz3W41HAyXoxFStGYxm0wWs9FytxksJ6PBcDIcIoytZh7XyrBYS0ab0Vq0WizXwonD4pYYRzPfxrYYThwet-j1Md0mi41nZNuiYMDeXgQX6UTjN761TsvfLbpdxBLNySKdyC77wso5ck2Gq-XKYlnMPBvDxDia-ZYLy8g02a2Ms31tNfO4VobFWjLajNai1WK5Fk4cFrfEOJr5NrbFcOLwuEWvj-k2WWw8I9u-sVrORrvJcjHcN1bL2Wi3GWx2-w6d4bv6nI3StMHWMdlmx8LtGzMdJC6DxftSn87DgrFg_X2OTqFEsSzqjH6_3-_3-_1-v99v0HoOZoPCNy0ejq_FSzq7pbyLWCI4XaQT0ct4uoglkqdFOpEYV47JyDlyWAyTjW3mMRlHNsvMsluZPL6ZbTSaiCVK00U60Utdns_LLfXbXZ6_0O97Cx0er8vyeSssL7fm9HKYnXafW-i6mywvk-ett7nVTrPZ6bd73nqbW-Q3mx2Wz1tm-bvduofn6LT7TH-7W3V3uQ1nv_Ptspvemufn9HJb1H98iOFqrljN5ordaq4Y7FYJAAAAAAAAAGAJU-ZNAAAAAE6DmG1mm91yAR4Qw3SBQQAAAAAAAHaJTaZLUu-WyosbP14Yv_GtdVr-btHtzJs9E8RarZY1AACAADYAAEAAt24!&excid=22&docw=0&cijs=1&nlb=true
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: t_gid=65fc5e01-2434-4519-8bab-b84f7c618bac-tuct621c3d6
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Response headers

status: 200
server: nginx
date: Mon, 03 Aug 2020 16:43:58 GMT
content-type: text/html;charset=ISO-8859-1
machineid: 3403

GET
H2 200 st
am-vid-events.taboola.com/ 0
43 B 287ms
36ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=7984937&crid=4888795&dast=V7UZ4CFgNSWsMbchQ1fQRSWsMbchQ1fQUAAAAGBvQHHMNhDCeEFWGzWMwGw8lkOVisBsPFcDhaDIfAMRzGcEJYETaLxWwwnEyGy8Vwt9xtdpvRagorxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPQa1mWD5Gg2Sw2K1hD02nw-e612udlr9vrvG7_VKX5_NyS_12l-cv9PveQofH67J83grLy605vRxmp93nFrruJsvL5HnrbW6102x2-u2et97mFvnNZofl85ZZ_m637uE5Ou0-09_uVt1dbsPZ73y77Ka35vk5vdx-OQAAAAA8AChhbkP8AAIARAAAAABIAAAAAFAEVPxbCFwAAAAAYAAQcG1pADxzLKzD6XlZHq6f5_QPAICHAhAAgAGFEAAAAAERAAAAgBEAAAAAEgCBv5oSAA-KJRMAgIC5WhqQiRMAAAAAAAAAAJb_____GIC86xQZgAytoB6ABx-AB6KC1CJGAAAAALmcr2tHkzqhsqgCACBItwK4AgAImKutofINAwAAEBhboIfF7zc77Bq_22UAAAAAAAAAAGb_Z_9oQj4o9mlA9wo9ar-AAABrv4AAAGzqBgDwJgAXdAStGAxWR0CbwWR2AAAAAHf_____eiCwco5ck-FqubJYFjPPxjAxjma-5cIyMk12K-Nse7WE5wBAWlKQfS3CMvt9BwXl9PSYXQZR0fW22B1Os-egVjMsH6NBMljsBuKDhmE5GQTzm7DFaDWZbJbD2XIxGQxHw9FofwK4GeAEDYeDxW6w2C0Ww8liMhosBwsUiMEEJ2Q42kxWo91qN1kOJ6PRbDPZIEWrVrPRZjBczSaz3W41HAyXoxFStGYxm0wWs9FytxksJ6PBcDIcIoytZh7XyrBYS0ab0Vq0WizXwonD4pYYRzPfxrYYThwet-j1Md0mi41nZNuiYMDeXgQX6UTjN761TsvfLbpdxBLNySKdyC77wso5ck2Gq-XKYlnMPBvDxDia-ZYLy8g02a2Ms31tNfO4VobFWjLajNai1WK5Fk4cFrfEOJr5NrbFcOLwuEWvj-k2WWw8I9u-sVrORrvJcjHcN1bL2Wi3GWx2-w6d4bv6nI3StMHWMdlmx8LtGzMdJC6DxftSn87DgrFg_X2OTqFEsSzqjH6_3-_3-_1-v99v0HoOZoPCNy0ejq_FSzq7pbyLWCI4XaQT0ct4uoglkqdFOpEYV47JyDlyWAyTjW3mMRlHNsvMsluZPL6ZbTSaiCVK00U60Utdns_LLfXbXZ6_0O97Cx0er8vyeSssL7fm9HKYnXafW-i6mywvk-ett7nVTrPZ6bd73nqbW-Q3mx2Wz1tm-bvduofn6LT7TH-7W3V3uQ1nv_Ptspvemufn9HJb1H98iOFqrljN5ordaq4Y7FYJAAAAAAAAAGAJU-ZNAAAAAE6DmG1mm91yAR4Qw3SBQQAAAAAAAHaJTaZLUu-WyosbP14Yv_GtdVr-btHtzJs9E8RarZY1AACAADYAAEAAt24!&cmcv=&pix=31589837&cb=1596473038438&uv=28124&tms=1596473038438&abt=expl_vZ!ufm_vC&ft=0&su=2&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1596473036241.494!ts:1596473038437&mntl=1
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Mon, 03 Aug 2020 16:43:58 GMT
server: nginx
content-length: 0

GET
H2 200 st
imprammp.taboola.com/ 0
83 B 39ms
36ms Image
text/plain 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=7984937&crid=4888795&dast=V7UZ4CFgNSWsMbchQ1fQRSWsMbchQ1fQUAAAAGBvQHHMNhDCeEFWGzWMwGw8lkOVisBsPFcDhaDIfAMRzGcEJYETaLxWwwnEyGy8Vwt9xtdpvRagorxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPQa1mWD5Gg2Sw2K1hD02nw-e612udlr9vrvG7_VKX5_NyS_12l-cv9PveQofH67J83grLy605vRxmp93nFrruJsvL5HnrbW6102x2-u2et97mFvnNZofl85ZZ_m637uE5Ou0-09_uVt1dbsPZ73y77Ka35vk5vdx-OQAAAAA8AChhbkP8AAIARAAAAABIAAAAAFAEVPxbCFwAAAAAYAAQcG1pADxzLKzD6XlZHq6f5_QPAICHAhAAgAGFEAAAAAERAAAAgBEAAAAAEgCBv5oSAA-KJRMAgIC5WhqQiRMAAAAAAAAAAJb_____GIC86xQZgAytoB6ABx-AB6KC1CJGAAAAALmcr2tHkzqhsqgCACBItwK4AgAImKutofINAwAAEBhboIfF7zc77Bq_22UAAAAAAAAAAGb_Z_9oQj4o9mlA9wo9ar-AAABrv4AAAGzqBgDwJgAXdAStGAxWR0CbwWR2AAAAAHf_____eiCwco5ck-FqubJYFjPPxjAxjma-5cIyMk12K-Nse7WE5wBAWlKQfS3CMvt9BwXl9PSYXQZR0fW22B1Os-egVjMsH6NBMljsBuKDhmE5GQTzm7DFaDWZbJbD2XIxGQxHw9FofwK4GeAEDYeDxW6w2C0Ww8liMhosBwsUiMEEJ2Q42kxWo91qN1kOJ6PRbDPZIEWrVrPRZjBczSaz3W41HAyXoxFStGYxm0wWs9FytxksJ6PBcDIcIoytZh7XyrBYS0ab0Vq0WizXwonD4pYYRzPfxrYYThwet-j1Md0mi41nZNuiYMDeXgQX6UTjN761TsvfLbpdxBLNySKdyC77wso5ck2Gq-XKYlnMPBvDxDia-ZYLy8g02a2Ms31tNfO4VobFWjLajNai1WK5Fk4cFrfEOJr5NrbFcOLwuEWvj-k2WWw8I9u-sVrORrvJcjHcN1bL2Wi3GWx2-w6d4bv6nI3StMHWMdlmx8LtGzMdJC6DxftSn87DgrFg_X2OTqFEsSzqjH6_3-_3-_1-v99v0HoOZoPCNy0ejq_FSzq7pbyLWCI4XaQT0ct4uoglkqdFOpEYV47JyDlyWAyTjW3mMRlHNsvMsluZPL6ZbTSaiCVK00U60Utdns_LLfXbXZ6_0O97Cx0er8vyeSssL7fm9HKYnXafW-i6mywvk-ett7nVTrPZ6bd73nqbW-Q3mx2Wz1tm-bvduofn6LT7TH-7W3V3uQ1nv_Ptspvemufn9HJb1H98iOFqrljN5ordaq4Y7FYJAAAAAAAAAGAJU-ZNAAAAAE6DmG1mm91yAR4Qw3SBQQAAAAAAAHaJTaZLUu-WyosbP14Yv_GtdVr-btHtzJs9E8RarZY1AACAADYAAEAAt24!&cmcv=&pix=undefined&cb=1596473038438&uv=28124&tms=1596473038438&abt=expl_vZ!ufm_vC&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=CC18B0E031160822901508188418&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=false
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 16:43:58 GMT
via: 1.1 varnish
server: nginx
x-timer: S1596473038.463389,VS0,VE9
x-cache: MISS
status: 200
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-fra19128-FRA

GET
H/1.1 200
OK prebid3.23.js Show response
pr.realvu.net/ 197 KB
61 KB 135ms
134ms Script
application/javascript 52.45.140.238
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pr.realvu.net/prebid3.23.js
Requested by: Host: pr.realvu.net
URL: https://pr.realvu.net/flip/2/c=E5NS_f=site_si=1407
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.140.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-140-238.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 7183c63341a2b365ecdb3ccc70ef4c95eae74e4bfaae7e8df6b809b9a5f007d2

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 03 Aug 2020 16:43:58 GMT
Content-Encoding: gzip
Last-Modified: Fri, 31 Jul 2020 15:53:08 GMT
Server: nginx
ETag: "5f243e64-f337"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=43200
Connection: keep-alive
Content-Length: 62263

GET
H/1.1 200
OK pw.js Show response
includemodal.global.ssl.fastly.net/ Frame 9B8E 86 KB
29 KB 26ms
26ms Script
application/javascript 151.101.13.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://includemodal.global.ssl.fastly.net/pw.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020073001.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5a5f150d0d3fb38f9df3cfab7a435bd79a8e518b6806af856c2481069f4b97a3

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 03 Aug 2020 16:43:58 GMT
Content-Encoding: gzip
Age: 2866
X-Cache: HIT
Connection: keep-alive
Content-Length: 28895
x-amz-id-2: JV9He8Hf24slJikkkGPw2IYt7JsMWU5q/56TXX21VWZlTjdxRccM/b+BoaSlb45cDUtB7qEHLcQ=
X-Served-By: cache-fra19140-FRA
Last-Modified: Mon, 03 Aug 2020 15:54:21 GMT
Server: AmazonS3
X-Timer: S1596473039.600962,VS0,VE0
ETag: "8ea852dca932197e501c5887486ca752"
Vary: Accept-Encoding
x-amz-request-id: 81E9F1D4EF73E4CB
Via: 1.1 varnish
Cache-Control: max-age=3600
Accept-Ranges: bytes
Content-Type: application/javascript
X-Cache-Hits: 26

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9B8E 0
0 63ms
62ms Fetch
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssMEBXehrtFRVop_cEDCr9C9W012WWQU4gplaLaxu9-uvWKNlAW5hXNSSVE0W4OuCg2REUpXZP67H-AVVRyB86tsPGjyutCQcaqSP-YoWuz6IFyaRqASdjzQc_vIT28TNQwxfkhIKZM56YENo1VcalQVPrFj2FN7SYY79yCnBQRrglkec4Ppo9ImPmXAi6jBdaSKlp7B2pnUQ1m8hu0yc41yOjqKzbE-PIWFUpyG5v5niYslRciW_4VDT_X6jvRTqa86eYzvSJafUzSjIKnKha2lcj0H0E3xv-36vQ4R12q39g&sig=Cg0ArKJSzNyAi8g4iJKnEAE&adurl=

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 03 Aug 2020 16:43:58 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20200729/r20110914/client/ Frame 9B8E 2 KB
1 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:819::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20200729/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020073001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57514090aa4e30755dfb478a8e596474b2c1dcb0c4258a6a2b324853d73840e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 29 Jul 2020 15:51:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 435144
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 8966445102869121928
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 Aug 2020 15:51:34 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9B8E 73 KB
28 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020073001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a144a0ddb054805ab87d8603010836d660aa41bef7a38d962781cd3af6c4e864

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 16:43:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1596194598985842"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28389
x-xss-protection: 0
expires: Mon, 03 Aug 2020 16:43:58 GMT

GET
H2 200 5219350454417248838
tpc.googlesyndication.com/simgad/ Frame 9B8E 58 KB
59 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:819::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5219350454417248838

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020073001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf71e9cfbe72f2a8cc1964df9e47e4c8ad7339d4d514201344a0544d13b77081

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 30 Jul 2020 15:26:16 GMT
x-content-type-options: nosniff
age: 350262
x-dns-prefetch-control: off
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 59829
x-xss-protection: 0
last-modified: Tue, 07 Jul 2020 23:59:40 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 30 Jul 2021 15:26:16 GMT

GET
H/1.1 200
OK c=E5NS_f=spot_si=1407_s=970x90_lid=5345428960 Show response
pr.realvu.net/flip/2/ 1 KB
893 B 239ms
128ms Script
application/javascript 52.45.140.238
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pr.realvu.net/flip/2/c=E5NS_f=spot_si=1407_s=970x90_lid=5345428960
Requested by: Host: pr.realvu.net
URL: https://pr.realvu.net/flip/2/c=E5NS_f=site_si=1407
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.140.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-140-238.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 28fe59ea4fb3f127ce787154d8c46573c3d110a5c4e949b65b5612c64281cfe8

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 03 Aug 2020 16:43:58 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=3600
Connection: keep-alive
Content-Length: 601
X-Proxy-Cache: BYPASS

GET
H2 200 /
includemodal.com/service/imp/5c69bc07-70d4-410b-9795-09e10e53fa8f/ Frame 9B8E 42 B
132 B 143ms
142ms Image
image/gif 3.128.54.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://includemodal.com/service/imp/5c69bc07-70d4-410b-9795-09e10e53fa8f/?rand=8878095&referer=https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.128.54.90 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-128-54-90.us-east-2.compute.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Mon, 03 Aug 2020 16:43:58 GMT
server: nginx/1.10.3 (Ubuntu)
content-length: 42
content-type: image/gif

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9B8E 0
54 B 63ms
62ms Image
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsseRV3B6JqVvn8-GCHn1XpG2xg_kkPqxKG3v5xxCeQvVPCb_EMcHCQt3UPxruHoAckzeByIZ1fwGFmSCcl_wpGbo9qbZoDL_KkQFkEj5f0CdiEvF7DAGdDooTv0Xxehyfpw_KYlUuD6xXRWTlTwXqgtycl1X9Qg6UdHAuYN3ieKjL6GiOMDUJ9iAmZz9wAf6L_93YeZmnAIdXzKLTS2dPsxgxYrv_w3ekj-bWQ_pEOjtefBB_VSEs4TSJ3c88XyPS_vSwtk_EP6VnkPQs--25z40xwvNV_0e1nvjJZoDyctUUAhhA&sig=Cg0ArKJSzALqdaiKy1rZEAE&adurl=

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 03 Aug 2020 16:43:58 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 9B8E 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1ecf910d22884127d5d1bead25d5c3ae6b5db862657b9a22d6f8ab648b4c7266

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

POST v1
prg.smartadserver.com/prebid/ 0
0

POST translator
hbopenbid.pubmatic.com/ 0
0

GET
H/1.1 200
OK cygnus Show response
as-sec.casalemedia.com/ 24 B
1 KB 94ms
94ms XHR
application/json 23.210.249.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/cygnus?s=518771&v=7.2&r=%7B%22id%22%3A%2252e40267bcf504%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2265804eb5a67cf%22%2C%22ext%22%3A%7B%22siteID%22%3A518771%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22durationmedia.net%22%2C%22sid%22%3A%2221851507967%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D&ac=j&sd=1
Requested by: Host: pr.realvu.net
URL: https://pr.realvu.net/prebid3.23.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.164 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-164.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e0e25e7e96a947fc5cd11caa636d49b1079bde39f45024e1f672276a028d52d7

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Aug 2020 16:43:58 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin: https://www.kiro7.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 44
Expires: Mon, 03 Aug 2020 16:43:58 GMT

POST adreq
ads.servenobid.com/ 0
0

POST
H2 204 bulk Show response
trc.taboola.com/cox-kiro-tv/log/3/ 0
424 B 64ms
63ms XHR
image/gif 151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/cox-kiro-tv/log/3/bulk?route=AM%3AAM%3AV&lti=dsbl-ccpa-2_ctrl&bulkSize=6
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20200530-2-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 36
date: Mon, 03 Aug 2020 16:43:59 GMT
via: 1.1 varnish
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 204
x-served-by: cache-hhn4080-HHN
pragma: no-cache
server: nginx
x-timer: S1596473039.073303,VS0,VE36
content-type: image/gif
access-control-allow-origin: https://www.kiro7.com
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 9B8E 42 B
198 B 39ms
38ms Image
image/gif 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstnujY2LnaCKWNfp0777zdLAIdri-LYO--felFdWUGwQMU6RGcgBNBqppzNt-u8G1OlFxZYWgYj8mqxV98NQIFLdxYWxBFHvf9egDMvKZw&sig=Cg0ArKJSzN0dfyct4b5DEAE&adk=900421243&tt=-1&bs=1600%2C1200&mtos=1008,1008,1008,1008,1008&tos=1008,0,0,0,0&p=107,315,197,1285&mcvt=1008&rs=0&ht=0&tfs=2&tls=1010&mc=1&lte=1&bas=0&bac=0&met=mue&avms=nio&exg=1&md=2&btr=0&cpmav=0&lm=2&rst=1596473038587&dlt&rpt=68&isd=0&msd=0&ext&xdi=0&ps=1600%2C6555&ss=1600%2C1200&pt=-1&bin=4&deb=1-0-0-11-2-10-10-0-0-0&tvt=1010&is=970%2C90&iframe_loc=https%3A%2F%2Fwww.kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F&r=v&id=osdim&vs=4&uc=11&upc=1&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=970x90&itpl=3&v=20200731

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Aug 2020 16:43:59 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK config.js Show response
confiant-integrations.global.ssl.fastly.net/5rVB4DsPmtXrz0O1uUnRC1WH1to/gpt_and_prebid/ Frame 4EBD 77 KB
18 KB 78ms
26ms Script
text/javascript 151.101.113.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/5rVB4DsPmtXrz0O1uUnRC1WH1to/gpt_and_prebid/config.js
Requested by: Host: pr.realvu.net
URL: https://pr.realvu.net/flip/2/c=E5NS_f=site_si=1407
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7886aafe1c8c73c9302ffd4023ba2e8242347eaa7d2dbd49c822046c54e9fcf4

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 03 Aug 2020 16:43:59 GMT
Content-Encoding: gzip
Age: 557
X-Cache: HIT
Connection: keep-alive
Content-Length: 17942
x-amz-id-2: dycNheyuaP2k0Snc347bzXujPmCaO6RKcNj6EuYy689vQUyqrMLfNWxNI9/5DZb7sMYkFuHM1zM=
X-Served-By: cache-hhn4048-HHN
Last-Modified: Mon, 03 Aug 2020 16:12:37 GMT
Server: AmazonS3
X-Timer: S1596473040.794431,VS0,VE0
ETag: "186ae45e8d7f5f60ac15cd02f1f1bc19"
x-amz-request-id: 6M9P9R1J6R1H2PBT
Via: 1.1 varnish
Cache-Control: public, max-age=900, stale-while-revalidate=3600
Accept-Ranges: bytes
Content-Type: text/javascript
X-Cache-Hits: 119

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 4EBD 48 KB
16 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: pr.realvu.net
URL: https://pr.realvu.net/flip/2/c=E5NS_f=site_si=1407

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5bb3e58fd048eed36978e4549137819e9d959f9e98cf17db21f11ae63caa3704

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 16:43:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "590 / 719 of 1000 / last-modified: 1596471782"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 16581
x-xss-protection: 0
expires: Mon, 03 Aug 2020 16:43:59 GMT

GET
H2 200 pubads_impl_2020073001.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 4EBD 257 KB
90 KB 62ms
62ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020073001.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

sffe /

Resource Hash

1a1d846a5bf4af0e523bf1fc12389d7c73c2ff454e632372af5570afc5eb06cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 16:43:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 30 Jul 2020 13:10:45 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 92315
x-xss-protection: 0
expires: Mon, 03 Aug 2020 16:43:59 GMT

GET
H2 200 integrator.sync.js Show response
adservice.google.de/adsid/ Frame 4EBD 113 B
175 B 14ms
14ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.sync.js?domain=www.kiro7.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 03 Aug 2020 16:43:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 108
x-xss-protection: 0

GET
H/1.1 200
OK wrap.js Show response
confiant-integrations.global.ssl.fastly.net/gpt/202007291639/ Frame 4EBD 154 KB
49 KB 26ms
26ms Script
application/javascript 151.101.113.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202007291639/wrap.js
Requested by: Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/5rVB4DsPmtXrz0O1uUnRC1WH1to/gpt_and_prebid/config.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 00fbabc2017b4dbfa1cb1fcccd1b84051b0af07af7b6fd0aed403b5e30c6c80a

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 03 Aug 2020 16:43:59 GMT
Content-Encoding: gzip
Age: 471
X-Cache: HIT
Connection: keep-alive
Content-Length: 49623
x-amz-id-2: U+O0Y8LoFl8nhkCKHKJLfTW9ucG2v/NP4hSOEnvt9sCeLPFVaLQ95bI4qeGZ6MeHubnq4OCJWDk=
X-Served-By: cache-hhn4048-HHN
Last-Modified: Wed, 29 Jul 2020 20:40:31 GMT
Server: AmazonS3
X-Timer: S1596473040.843746,VS0,VE0
ETag: "b05c55dd0c64d4934ee7277de87ba333"
x-amz-request-id: E74F382363B8A56E
Via: 1.1 varnish
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
X-Cache-Hits: 1077

GET
H/1.1 200
OK wrap.js Show response
confiant-integrations.global.ssl.fastly.net/prebid/202007291639/ Frame 4EBD 69 KB
22 KB 77ms
26ms Script
application/javascript 151.101.113.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/prebid/202007291639/wrap.js
Requested by: Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/5rVB4DsPmtXrz0O1uUnRC1WH1to/gpt_and_prebid/config.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7c8a703a2805b5cb43af63206ed809cd4278f7f9b102e58b02ee197e9aec2eea

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 03 Aug 2020 16:43:59 GMT
Content-Encoding: gzip
Age: 683
X-Cache: HIT
Connection: keep-alive
Content-Length: 22251
x-amz-id-2: Pq0XccErxa9Ygr/1bFzFnqVXLCbedmxvyQLhBaRP1bmLGUlPeXrpCGV2wi4ZXg9m2QRK4yxKfOY=
X-Served-By: cache-hhn4048-HHN
Last-Modified: Wed, 29 Jul 2020 20:40:32 GMT
Server: AmazonS3
X-Timer: S1596473040.894461,VS0,VE0
ETag: "18b744726bfdb9bdc4c460d213755523"
x-amz-request-id: FE601FD39220EE89
Via: 1.1 varnish
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
X-Cache-Hits: 652

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 4EBD 4 KB
2 KB 159ms
158ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1651004891648158&correlator=2509314322444338&output=ldjh&impl=fif&eid=21066625&vrg=2020073001&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200803&iu_parts=21688424927%2Ccoxmediagroup%2Ckiro7&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&eri=6&cookie=ID%3D04ca9d020d8eb830%3AT%3D1596473037%3AS%3DALNI_Ma3-ya2CY_0L-eee4UKdkYHgzkg9w&cdm=www.kiro7.com&bc=31&abxe=1&lmt=1596473039&dt=1596473039897&dlt=1596473039723&idt=168&ea=0&frm=23&biw=1600&bih=1200&oid=3&adxs=1235&adys=533&adks=1324954882&ucis=romwxslmovcs&ifi=1&ifk=2066112500&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=kiro7.com&loc=https%3A%2F%2Fwww.kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F&top=www.kiro7.com&dssz=6&icsg=10&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x250&msz=0x250&ga_vid=1997000076.1596473040&ga_sid=1596473040&ga_hid=65048728&fws=256&ohw=0&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020073001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

f9bd04baa6ad3f8c8932f75939145adaa96a2aade838d61df813430898b97730

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 16:44:00 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2073
x-xss-protection: 0
google-lineitem-id: 5212383521
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138305585419
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.kiro7.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
198cd06afb5add1506af7e66b3238ef1.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 4EBD 0
0 48ms
13ms Other
text/html 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://198cd06afb5add1506af7e66b3238ef1.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020073001.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 4EBD 0
0 6ms
5ms Other
text/html 2a00:1450:4001:819::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020073001.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET view
securepubads.g.doubleclick.net/pcs/ Frame 4349 0
0

GET osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame 4349 0
0

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4EBD 71 KB
27 KB 121ms
121ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020073001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a6a77d4af8485f801196e0abb887d745c1ebaf38df310027cf720ad7517e9b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 16:44:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1596194598985842"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27106
x-xss-protection: 0
expires: Mon, 03 Aug 2020 16:44:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 4EBD 7 KB
6 KB 28ms
17ms XHR
application/json 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020073001&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020073001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58b20ab234967b117020e88661b505c6b12e64a2bfc59fa6beabcab10d4ae44a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 03 Aug 2020 16:44:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 5717
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 4EBD 14 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:819::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020073001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 16:44:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1591403518460474"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5540
x-xss-protection: 0
expires: Mon, 03 Aug 2020 16:44:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 4EBD 4 KB
2 KB 144ms
144ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1651004891648158&correlator=2509314322444338&output=ldjh&impl=fif&adsid=NT&eid=21066625&vrg=2020073001&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200803&iu_parts=64387298%2Cdurationmedia%2Ckiro7&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&eri=6&cookie=ID%3D04ca9d020d8eb830%3AT%3D1596473037%3AS%3DALNI_Ma3-ya2CY_0L-eee4UKdkYHgzkg9w&cdm=www.kiro7.com&bc=31&abxe=1&lmt=1596473040&dt=1596473040108&dlt=1596473039723&idt=168&ea=0&frm=23&biw=1600&bih=1200&oid=3&adxs=1235&adys=533&adks=3314034807&ucis=w4qln9ipju54&ifi=2&ifk=2066112500&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=kiro7.com&loc=https%3A%2F%2Fwww.kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F&top=www.kiro7.com&dssz=3&icsg=2&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x250&msz=0x250&ga_vid=1997000076.1596473040&ga_sid=1596473040&ga_hid=65048728&fws=256&ohw=0&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020073001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

d43551f7b2a632580f179c38600c2664f69267b332d61c3b01f3b0c03e9185c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 16:44:00 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2073
x-xss-protection: 0
google-lineitem-id: 5318450526
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138312203499
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.kiro7.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/210/ Frame 7D96 0
0 6ms
5ms Document
text/html 2a00:1450:4001:819::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/210/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4590
date: Mon, 03 Aug 2020 16:25:29 GMT
expires: Tue, 03 Aug 2021 16:25:29 GMT
last-modified: Wed, 26 Feb 2020 19:47:50 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1111
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET view
securepubads.g.doubleclick.net/pcs/ Frame 023E 0
0

GET osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame 023E 0
0

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4EBD 0
57 B 39ms
38ms Image
image/gif 2a00:1450:4001:81a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gpt_2020073001&jk=1651004891648158&bg=!LC-lLzdYGqTs0RMEQNICAAAAQVIAAAAQmQGbBL7Ohc4fwaAaYi0ymzdiHpVUTLBhfYEoHAgd6aZY0PE2cxinzxpftMfEDyo1ujY3nktuX1kiZ0Qd8MPj-zeOA3QxSTI_NUYDTt5DJz6QocAzPy_AiDNlL1ptJR8X847xuFT0wLkAY-OVOy2CDgMh5Nz5R-ojwxKNu9LoOFapx7jxKAq-6dnM4grysndOseQRirnIKBswhYpT5a4RSGPc1WkTPd4dgLqS1F4EOu2iBQF09E3RJwExyAe8q5JTqPIY8eEsIxv2CcH_h2NlMxKE7yO6rfnyxZ-GSfVNiclOcj7W7CXNAea0beaTl4CPakhYhU4sQZsE0mspdb_rvZJ9ciPUgxO0U64FGhcqQ-kcN117UqTu3HV1rlPFlbJOf857hkD_eUP6iFLiTwAgD0gXqO-8W4OIEGda2Ig7FPkGYYGN6waZmP6ZTn-luUmE6lU1DV-9VLd4BIN9gcG_h3-0649HOg7a30i8ZyLaWifUOkyvv8p7ag0_bg_SbHu1nJ0h0tpkVPvofEqpb7XZujq_9WGzyLmYU-HdM_k0

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Aug 2020 16:44:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 4EBD 465 B
428 B 305ms
305ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1651004891648158&correlator=2509314322444338&output=ldjh&impl=fif&adsid=NT&eid=21066625&vrg=2020073001&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200803&iu_parts=12523293%2CSeattle_TV%2Ckiro_web_default%2Cduration_passback&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250&eri=2&cookie_enabled=1&cdm=www.kiro7.com&bc=31&abxe=1&lmt=1596473040&dt=1596473040313&dlt=1596473039723&idt=168&ea=0&frm=23&biw=1600&bih=1200&oid=3&adxs=1235&adys=533&adks=2750529707&ucis=ez8fjr43u0ls&ifi=3&ifk=2066112500&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=https%3A%2F%2Fwww.kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F&top=https%3A%2F%2Fwww.kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F&dssz=3&icsg=2&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x250&msz=0x250&ga_vid=1997000076.1596473040&ga_sid=1596473040&ga_hid=65048728&fws=256&ohw=0&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020073001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

16bf95bf6827edd10966dabc7dd1824b9a3191c7165994bf475d7b440a8af8b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 16:44:00 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 259
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.kiro7.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pd
eu-u.openx.net/w/1.0/ Frame 40FE
Redirect Chain

https://eu-u.openx.net/w/1.0/pd?plm=6&ph=e31558e5-75b7-420e-989f-cbc513e3a26b&gdpr=0
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=e31558e5-75b7-420e-989f-cbc513e3a26b&gdpr=0

0
0

38ms
38ms

Document
text/html

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=e31558e5-75b7-420e-989f-cbc513e3a26b&gdpr=0
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/pb/resources/scripts/prebid2.41.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.190.0 /
Resource Hash

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?cc=1&plm=6&ph=e31558e5-75b7-420e-989f-cbc513e3a26b&gdpr=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=1e4b2bf0-8842-0305-240b-9cb0e2387ba7|1596473040
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Response headers

status: 200
vary: Accept, Accept-Encoding
set-cookie: i=1e4b2bf0-8842-0305-240b-9cb0e2387ba7|1596473040; Version=1; Expires=Tue, 03-Aug-2021 16:44:00 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1596473040|gekin0vNiygu; Version=1; Expires=Tue, 18-Aug-2020 16:44:00 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.190.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Mon, 03 Aug 2020 16:44:00 GMT
content-type: text/html
content-length: 418
content-encoding: gzip
via: 1.1 google
alt-svc: clear

Redirect headers

status: 302
set-cookie: i=1e4b2bf0-8842-0305-240b-9cb0e2387ba7|1596473040; Version=1; Expires=Tue, 03-Aug-2021 16:44:00 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.190.0
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=e31558e5-75b7-420e-989f-cbc513e3a26b&gdpr=0
date: Mon, 03 Aug 2020 16:44:00 GMT
content-length: 0
via: 1.1 google
alt-svc: clear

GET
H2

200

pd
eu-u.openx.net/w/1.0/ Frame B76E
Redirect Chain

https://eu-u.openx.net/w/1.0/pd?plm=6&ph=e31558e5-75b7-420e-989f-cbc513e3a26b&gdpr=0
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=e31558e5-75b7-420e-989f-cbc513e3a26b&gdpr=0

0
0

38ms
37ms

Document
text/html

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=e31558e5-75b7-420e-989f-cbc513e3a26b&gdpr=0
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/pb/resources/scripts/prebid2.41.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.190.0 /
Resource Hash

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?cc=1&plm=6&ph=e31558e5-75b7-420e-989f-cbc513e3a26b&gdpr=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=e3c2f8fe-cf36-0322-3690-0564cf44e807|1596473040
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Response headers

status: 200
vary: Accept, Accept-Encoding
set-cookie: i=e3c2f8fe-cf36-0322-3690-0564cf44e807|1596473040; Version=1; Expires=Tue, 03-Aug-2021 16:44:00 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1596473040|gekin0vNiygu; Version=1; Expires=Tue, 18-Aug-2020 16:44:00 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.190.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Mon, 03 Aug 2020 16:44:00 GMT
content-type: text/html
content-length: 417
content-encoding: gzip
via: 1.1 google
alt-svc: clear

Redirect headers

status: 302
set-cookie: i=e3c2f8fe-cf36-0322-3690-0564cf44e807|1596473040; Version=1; Expires=Tue, 03-Aug-2021 16:44:00 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.190.0
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=e31558e5-75b7-420e-989f-cbc513e3a26b&gdpr=0
date: Mon, 03 Aug 2020 16:44:00 GMT
content-length: 0
via: 1.1 google
alt-svc: clear

GET
H2

200

pd
eu-u.openx.net/w/1.0/ Frame 6022
Redirect Chain

https://eu-u.openx.net/w/1.0/pd?plm=6&ph=e31558e5-75b7-420e-989f-cbc513e3a26b&gdpr=0
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=e31558e5-75b7-420e-989f-cbc513e3a26b&gdpr=0

0
0

37ms
37ms

Document
text/html

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=e31558e5-75b7-420e-989f-cbc513e3a26b&gdpr=0
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/pb/resources/scripts/prebid2.41.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.190.0 /
Resource Hash

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?cc=1&plm=6&ph=e31558e5-75b7-420e-989f-cbc513e3a26b&gdpr=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=babda6e3-a851-0ade-0a38-53c879eb5540|1596473040
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Response headers

status: 200
vary: Accept, Accept-Encoding
set-cookie: i=babda6e3-a851-0ade-0a38-53c879eb5540|1596473040; Version=1; Expires=Tue, 03-Aug-2021 16:44:00 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1596473040|gekin0vNiygu; Version=1; Expires=Tue, 18-Aug-2020 16:44:00 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.190.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Mon, 03 Aug 2020 16:44:00 GMT
content-type: text/html
content-length: 418
content-encoding: gzip
via: 1.1 google
alt-svc: clear

Redirect headers

status: 302
set-cookie: i=babda6e3-a851-0ade-0a38-53c879eb5540|1596473040; Version=1; Expires=Tue, 03-Aug-2021 16:44:00 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.190.0
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=e31558e5-75b7-420e-989f-cbc513e3a26b&gdpr=0
date: Mon, 03 Aug 2020 16:44:00 GMT
content-length: 0
via: 1.1 google
alt-svc: clear

GET
H/1.1 200
OK ixmatch.html
js-sec.indexww.com/um/ Frame 0E97 0
0 97ms
31ms Document
text/html 23.210.249.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: pr.realvu.net
URL: https://pr.realvu.net/prebid3.23.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.164 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-164.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash

Request headers

Host: js-sec.indexww.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Response headers

Server: Apache
Last-Modified: Mon, 19 Jun 2017 19:18:19 GMT
ETag: "74087b-112-55254ff6699bb"
Accept-Ranges: bytes
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 211
Date: Mon, 03 Aug 2020 16:44:02 GMT
Connection: keep-alive

GET
H/1.1 200
OK showad.js
ads.pubmatic.com/AdServer/js/ Frame 7B0F 0
0 40ms
39ms Document
text/html 23.210.249.92
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: pr.realvu.net
URL: https://pr.realvu.net/prebid3.23.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.92 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-92.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: SPugT=1596473042
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Response headers

Last-Modified: Sat, 01 Aug 2020 14:58:34 GMT
ETag: "13006b6-94fd-5abd223c2ac92"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13837
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=149248
Expires: Wed, 05 Aug 2020 10:11:30 GMT
Date: Mon, 03 Aug 2020 16:44:02 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 sync.html
public.servenobid.com/ Frame 9814 0
0 109ms
29ms Document
text/html 13.224.194.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://public.servenobid.com/sync.html
Requested by: Host: pr.realvu.net
URL: https://pr.realvu.net/prebid3.23.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.224.194.68 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-194-68.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

:method: GET
:authority: public.servenobid.com
:scheme: https
:path: /sync.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Response headers

status: 200
content-type: text/html
last-modified: Sat, 01 Aug 2020 20:33:29 GMT
server: AmazonS3
content-encoding: gzip
date: Sun, 02 Aug 2020 21:06:05 GMT
cache-control: max-age=86400
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9e62923882d737ac8cd27f0d1b1c24cf.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: G0ARIM5mSxIQ5K-W6vTu4DikeUDy2GCec35GEu5MSclefftdU2o_ug==
age: 70678

GET
H2 200 ping
ping.chartbeat.net/ 43 B
168 B 373ms
123ms Image
image/gif 18.204.98.179
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=kiro7.com&p=%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F&u=fnPRKDfxTuFCN5M98&d=kiro7.com&g=31585&g0=news&g1=No%20Author&n=1&f=00001&c=0.25&x=0&m=0&y=6555&o=1600&w=1200&j=30&R=1&W=0&I=0&E=5&e=5&r=&b=1118&t=CdWE7-CFCGYGCq8BGsCCLEQ7CWr3ld&V=120&tz=-120&sn=2&sv=DRSkozDRcPkyfUYQXBOg2xhDzLbA1&sd=3&im=067b2ffa&_
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.204.98.179 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-204-98-179.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
pragma: no-cache
date: Mon, 03 Aug 2020 16:44:12 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

GET
H2 200 wxwidget.measurement.js Show response
widgets-green.media.weather.com/chunks/ 2 KB
1 KB 37ms
6ms Script
text/javascript 2a02:26f0:6c00:193::3282
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets-green.media.weather.com/chunks/wxwidget.measurement.js?v=32fc4b97e2c206e3a91b

Requested by

Host: widgets.media.weather.com
URL: https://widgets.media.weather.com/wxwidget.loader.js?cid=138459890

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

2a02:26f0:6c00:193::3282 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

ea1321d511a75cd158b307b8c4480f91f84f802a70a1d0c556ee9663c1fd2028

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx/1.16.1
status: 200
etag: W/"8d8-w3oHgFZXhvm52E/hPRrBHj8QoTg"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=46600
date: Mon, 03 Aug 2020 16:44:14 GMT
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 969
expires: Tue, 04 Aug 2020 05:40:54 GMT

GET
H/1.1 200
OK cs.js Show response
sb.scorecardresearch.com/c2/32816940/ 0
400 B 105ms
36ms Script
application/x-javascript 104.108.64.33
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/c2/32816940/cs.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJW4B46
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.64.33 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-64-33.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 03 Aug 2020 16:44:14 GMT
Content-Encoding: gzip
Last-Modified: Fri, 08 Apr 2011 23:11:26 GMT
ETag: "d41d8cd98f00b204e9800998ecf8427e:1349196464"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=259200
Connection: keep-alive
Content-Length: 20
Expires: Thu, 06 Aug 2020 16:44:14 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 7 KB
6 KB 30ms
17ms XHR
application/json 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020073001&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020073001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

34c11cb41852783fc96b461eaf225716e467e110058721f33f35ced3f8b87ad7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 03 Aug 2020 16:44:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 5677
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 14 KB
6 KB 26ms
14ms Script
text/javascript 2a00:1450:4001:819::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020073001.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 16:44:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1591403518460474"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5540
x-xss-protection: 0
expires: Mon, 03 Aug 2020 16:44:14 GMT

GET
H2

200

1
twcimaxweb.112.2o7.net/b/ss/twcimaxweb/
Redirect Chain

https://twcimaxweb.112.2o7.net/b/ss/twcimaxweb/1?pageName=www.kiro7.com&v3=138459890&events=event1
https://twcimaxweb.112.2o7.net/b/ss/twcimaxweb/1?AQB=1&pccr=true&pageName=www.kiro7.com&v3=138459890&events=event1&AQE=1

43 B
0

39ms
39ms

Fetch
image/gif

15.188.154.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://twcimaxweb.112.2o7.net/b/ss/twcimaxweb/1?AQB=1&pccr=true&pageName=www.kiro7.com&v3=138459890&events=event1&AQE=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.188.154.177 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-188-154-177.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 16:44:14 GMT
x-content-type-options: nosniff
x-c: master-1315.Ia06625.M0-426
p3p: CP="This is not a P3P policy"
status: 200
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Tue, 04 Aug 2020 16:44:14 GMT
server: jag
xserver: anedge-7447d85976-kdxlh
etag: 3428399778022916096-4614159218293158042
vary: *
content-type: image/gif;charset=utf-8
access-control-allow-origin: https://www.kiro7.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
expires: Sun, 02 Aug 2020 16:44:14 GMT

Redirect headers

date: Mon, 03 Aug 2020 16:44:14 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.kiro7.com
x-c: master-1315.Ia06625.M0-426
p3p: CP="This is not a P3P policy"
status: 302
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Tue, 04 Aug 2020 16:44:14 GMT
server: jag
xserver: anedge-7447d85976-lpqpb
content-type: text/plain;charset=utf-8
location: https://twcimaxweb.112.2o7.net/b/ss/twcimaxweb/1?AQB=1&pccr=true&pageName=www.kiro7.com&v3=138459890&events=event1&AQE=1
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
expires: Sun, 02 Aug 2020 16:44:14 GMT

POST
H/1.1 204
No Content /
685b3919.akstat.io/ 0
354 B 377ms
362ms Other
image/gif 2a02:26f0:6c00:192::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://685b3919.akstat.io/

Requested by

Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/2ARQK-4FEY5-2C44D-9TAQS-ZHZL7

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

2a02:26f0:6c00:192::11a6 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Mon, 03 Aug 2020 16:44:15 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: https://www.kiro7.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
X-XSS-Protection: 0
Expires: Mon, 03 Aug 2020 16:44:15 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/210/ Frame 9F68 0
0 6ms
5ms Document
text/html 2a00:1450:4001:819::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/210/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4590
date: Mon, 03 Aug 2020 15:41:46 GMT
expires: Tue, 03 Aug 2021 15:41:46 GMT
last-modified: Wed, 26 Feb 2020 19:47:50 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 3748
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
233 B 39ms
39ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gpt_2020073001&jk=327709670132435&bg=!NTalNi5YeAsSm5wx5jUCAAAAQ1IAAAAMmQGE6jYbdR4ahIMH3A2wfiAz155ZeJXkyVarp88IZQ416dkacs8oSVBWsXqnuOoKjySIPKaLu_i3EwS4hdoyswL0JmMrBzPEx_Pc6cok161m9aVrUif0XFMGhWnTnbcBcw3iP-DsIMrufZsLBr6qdwjb3X6p756OVsFDAbPC4_F6jyYrUYY7Yfld1fmTKSuvJup9tkj_aUp7QbooPYEJvrEHpI5fbQVSB_Al6IsMa6014rr2B_DijDgKjW4hFt8ypWw9yISYXYmx1vfm1xp5falWoYrXLHsSvlqYQOLR7kZG_6rpZ9E65jdx42UrxDmoByv18DmKsLnA-XJGPlbgv-Xmwsr_qknE2cVe54xDmjqwIb_cDyNZfnd62AG5LH8FQY0rJR0xDd_RX4eVxNUcrloAS1nrABte7YCCR7Rb_qA0jrQofdvefT1RJCl2SiI252pR1MyQZCofMR6zP5Z86e4DJlTRLVZNCNNBoEM9IAL1pCMXHBEPzL6y92QSTr15WWjGaK6LSg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Aug 2020 16:44:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sync
am-match.taboola.com/ Frame 47DF 0
0 108ms
37ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V7UZ4CFgNSWsMbchQ1fQRSWsMbchQ1fQUAAAAGBvQHHMNhDCeEFWGzWMwGw8lkOVisBsPFcDhaDIfAMRzGcEJYETaLxWwwnEyGy8Vwt9xtdpvRagorxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPQa1mWD5Gg2Sw2K1hD02nw-e612udlr9vrvG7_VKX5_NyS_12l-cv9PveQofH67J83grLy605vRxmp93nFrruJsvL5HnrbW6102x2-u2et97mFvnNZofl85ZZ_m637uE5Ou0-09_uVt1dbsPZ73y77Ka35vk5vdx-OQAAAAA8AChhbkP8AAIARAAAAABIAAAAAFAEVPxbCFwAAAAAYAAQcG1pADxzLKzD6XlZHq6f5_QPAICHAhAAgAGFEAAAAAERAAAAgBEAAAAAEgCBv5oSAA-KJRMAgIC5WhqQiRMAAAAAAAAAAJb_____GIC86xQZgAytoB6ABx-AB6KC1CJGAAAAALmcr2tHkzqhsqgCACBItwK4AgAImKutofINAwAAEBhboIfF7zc77Bq_22UAAAAAAAAAAGb_Z_9oQj4o9mlA9wo9ar-AAABrv4AAAGzqBgDwJgAXdAStGAxWR0CbwWR2AAAAAHf_____eiCwco5ck-FqubJYFjPPxjAxjma-5cIyMk12K-Nse7WE5wBAWlKQfS3CMvt9BwXl9PSYXQZR0fW22B1Os-egVjMsH6NBMljsBuKDhmE5GQTzm7DFaDWZbJbD2XIxGQxHw9FofwK4GeAEDYeDxW6w2C0Ww8liMhosBwsUiMEEJ2Q42kxWo91qN1kOJ6PRbDPZIEWrVrPRZjBczSaz3W41HAyXoxFStGYxm0wWs9FytxksJ6PBcDIcIoytZh7XyrBYS0ab0Vq0WizXwonD4pYYRzPfxrYYThwet-j1Md0mi41nZNuiYMDeXgQX6UTjN761TsvfLbpdxBLNySKdyC77wso5ck2Gq-XKYlnMPBvDxDia-ZYLy8g02a2Ms31tNfO4VobFWjLajNai1WK5Fk4cFrfEOJr5NrbFcOLwuEWvj-k2WWw8I9u-sVrORrvJcjHcN1bL2Wi3GWx2-w6d4bv6nI3StMHWMdlmx8LtGzMdJC6DxftSn87DgrFg_X2OTqFEsSzqjH6_3-_3-_1-v99v0HoOZoPCNy0ejq_FSzq7pbyLWCI4XaQT0ct4uoglkqdFOpEYV47JyDlyWAyTjW3mMRlHNsvMsluZPL6ZbTSaiCVK00U60Utdns_LLfXbXZ6_0O97Cx0er8vyeSssL7fm9HKYnXafW-i6mywvk-ett7nVTrPZ6bd73nqbW-Q3mx2Wz1tm-bvduofn6LT7TH-7W3V3uQ1nv_Ptspvemufn9HJb1H98iOFqrljN5ordaq4Y7FYJAAAAAAAAAGAJU-ZNAAAAAE6DmG1mm91yAR4Qw3SBQQAAAAAAAHaJTaZLUu-WyosbP14Yv_GtdVr-btHtzJs9E8RarZY1AACAADYAAEAAt24!&excid=22&docw=0&cijs=1&nlb=true
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/2.1.3/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

:method: GET
:authority: am-match.taboola.com
:scheme: https
:path: /sync?dast=V7UZ4CFgNSWsMbchQ1fQRSWsMbchQ1fQUAAAAGBvQHHMNhDCeEFWGzWMwGw8lkOVisBsPFcDhaDIfAMRzGcEJYETaLxWwwnEyGy8Vwt9xtdpvRagorxnKZDGqBhGX2-w4KyunpMbsMoqLrbbE7nGbPQa1mWD5Gg2Sw2K1hD02nw-e612udlr9vrvG7_VKX5_NyS_12l-cv9PveQofH67J83grLy605vRxmp93nFrruJsvL5HnrbW6102x2-u2et97mFvnNZofl85ZZ_m637uE5Ou0-09_uVt1dbsPZ73y77Ka35vk5vdx-OQAAAAA8AChhbkP8AAIARAAAAABIAAAAAFAEVPxbCFwAAAAAYAAQcG1pADxzLKzD6XlZHq6f5_QPAICHAhAAgAGFEAAAAAERAAAAgBEAAAAAEgCBv5oSAA-KJRMAgIC5WhqQiRMAAAAAAAAAAJb_____GIC86xQZgAytoB6ABx-AB6KC1CJGAAAAALmcr2tHkzqhsqgCACBItwK4AgAImKutofINAwAAEBhboIfF7zc77Bq_22UAAAAAAAAAAGb_Z_9oQj4o9mlA9wo9ar-AAABrv4AAAGzqBgDwJgAXdAStGAxWR0CbwWR2AAAAAHf_____eiCwco5ck-FqubJYFjPPxjAxjma-5cIyMk12K-Nse7WE5wBAWlKQfS3CMvt9BwXl9PSYXQZR0fW22B1Os-egVjMsH6NBMljsBuKDhmE5GQTzm7DFaDWZbJbD2XIxGQxHw9FofwK4GeAEDYeDxW6w2C0Ww8liMhosBwsUiMEEJ2Q42kxWo91qN1kOJ6PRbDPZIEWrVrPRZjBczSaz3W41HAyXoxFStGYxm0wWs9FytxksJ6PBcDIcIoytZh7XyrBYS0ab0Vq0WizXwonD4pYYRzPfxrYYThwet-j1Md0mi41nZNuiYMDeXgQX6UTjN761TsvfLbpdxBLNySKdyC77wso5ck2Gq-XKYlnMPBvDxDia-ZYLy8g02a2Ms31tNfO4VobFWjLajNai1WK5Fk4cFrfEOJr5NrbFcOLwuEWvj-k2WWw8I9u-sVrORrvJcjHcN1bL2Wi3GWx2-w6d4bv6nI3StMHWMdlmx8LtGzMdJC6DxftSn87DgrFg_X2OTqFEsSzqjH6_3-_3-_1-v99v0HoOZoPCNy0ejq_FSzq7pbyLWCI4XaQT0ct4uoglkqdFOpEYV47JyDlyWAyTjW3mMRlHNsvMsluZPL6ZbTSaiCVK00U60Utdns_LLfXbXZ6_0O97Cx0er8vyeSssL7fm9HKYnXafW-i6mywvk-ett7nVTrPZ6bd73nqbW-Q3mx2Wz1tm-bvduofn6LT7TH-7W3V3uQ1nv_Ptspvemufn9HJb1H98iOFqrljN5ordaq4Y7FYJAAAAAAAAAGAJU-ZNAAAAAE6DmG1mm91yAR4Qw3SBQQAAAAAAAHaJTaZLUu-WyosbP14Yv_GtdVr-btHtzJs9E8RarZY1AACAADYAAEAAt24!&excid=22&docw=0&cijs=1&nlb=true
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Response headers

status: 200
server: nginx
date: Mon, 03 Aug 2020 16:44:18 GMT
content-type: text/html;charset=ISO-8859-1
machineid: 3404

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: prg.smartadserver.com
URL: https://prg.smartadserver.com/prebid/v1

Domain: hbopenbid.pubmatic.com
URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client

Domain: ads.servenobid.com
URL: https://ads.servenobid.com/adreq?cb=5920

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuysQWREO__fehh4A9IyB6AN8kITHZFLxYZ2juuojwwTeTqqBFud-w8u2T82cgkz1Tb3UDH2vg4SlkW6z97zBl3Mj6HEzH-3hB91PRtS3Vkn5EZSPzjvP5i7suiB3zpgEmk-sOZN1T5YiDH-9Vl9Y27wC1ZF67Redz2pVLBXyzy9qhtKoQ7tHab7jugZLNUDlLW1J-2jpBbEu1pzEALGOxltBA4vzIgPnDNp78BE8CCzvCXvKPQzTsTf2uoeOGpUjl_ezu_8bbE&sig=Cg0ArKJSzNRaUxCwpCwwEAE&urlfix=1&adurl=

Domain: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvEa3oE-hXMKMsmH6ZOuoez3xS8iRSo4TjOfMMNLDbovMZz2RJsNWdc_sJWcTV8LMSXco1ni4XRyyXBBikJk_nM97lhoSP1jHdHIEzFbULBsKuXuWmI1A1PNRyC7Y1DFKNvfE2h6I7H0SEyVIA135cp1h1QqLzIO1G-2aRwB-Gn4If-0c45vMxR2OUwQgrUfYwcFmcDGtHAnkQGppNUF8M0JM5F-ESDBnIHWQT_lxujQiyZfSPNwxkAfYwM45dA8Uqo3_S7thE&sig=Cg0ArKJSzBEvz4_sk_mHEAE&urlfix=1&adurl=

Domain: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Verdicts & Comments Add Verdict or Comment

301 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.pubmatic.com/	1970-01-19 13:37:29	Name: PUBMDCID Value: 3
.pubmatic.com/	1970-01-19 12:11:05	Name: PugT Value: 1596473054
.pubmatic.com/	1970-01-19 12:11:05	Name: KRTBCOOKIE_336 Value: 5844-5825229706286180674

12 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	(Line 1) Message: digioh fired
console-api	log	URL: https://membercenter-sdk.cmg.com/sdk/main.min.js(Line 311) Message: [MemberCenter] SDK fetching tenantConfig
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020073001.js(Line 6) Message: Invalid GPT fixed size specification: [[[970,90],[728,90]],[[728,90]],[[320,50]]]
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020073001.js(Line 6) Message: Invalid GPT fixed size specification: [[[1,1]],[[1,1]],[[1,1]]]
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020073001.js(Line 6) Message: Invalid GPT fixed size specification: [[[300,250]],[[300,250]],[[300,250]]]
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020073001.js(Line 6) Message: Invalid GPT fixed size specification: [[[300,250],[300,600]],[[300,250]],[[300,250]]]
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020073001.js(Line 6) Message: Invalid GPT fixed size specification: [[[300,250]],[[300,250]],[[300,250]]]
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020073001.js(Line 6) Message: Invalid GPT fixed size specification: [[[1,1]],[[1,1]],[[1,1]]]
console-api	log	URL: https://www.kiro7.com/pb/gr/c/default/rF4EmW1Kh2SsUr/arcAdsJS/84612eb819.js?v=95(Line 1) Message: Bid Back Handler [object Object]
console-api	log	URL: https://www.kiro7.com/pb/gr/c/default/rF4EmW1Kh2SsUr/arcAdsJS/84612eb819.js?v=95(Line 1) Message: Bid Back Handler [object Object]
console-api	log	URL: https://www.kiro7.com/pb/gr/c/default/rF4EmW1Kh2SsUr/arcAdsJS/84612eb819.js?v=95(Line 1) Message: Bid Back Handler [object Object]
console-api	warning	URL: https://connect.facebook.net/en_US/fbevents.js(Line 23) Message: [Facebook Pixel] - Unable to parse JSON-LD tag. Malformed JSON found: ' { "@context": "http://schema.org", "@type": "NewsArticle", "mainEntityOfPage": { "@type": "WebPage", "@id": "" }, "headline": "How hackers are stealing hundreds of millions of dollars from Washington’s unemployment system", "datePublished": "2020-05-22T00:45:56Z", "dateModified": "2020-05-22T00:45:56Z", "articleBody": "Dawn Gately’s hair salon in Port Townsend has been shut down for months. When she applied for unemployment benefits, she received an all too familiar response.“Someone else had used my social security number and it also showed a strange email address,” says Dawn.Dawn is one of a growing number of victims of "impostor fraud" through the Employment Security Department, which administers unemployment benefits.ESD would not give precise figures, but now admits tens of thousands of fraudulent accounts have been created, and hundreds of millions of dollars have been paid out to impostors through May 21. Those numbers are for Washington alone, and may rise as more individuals and businesses come forward to report fraud.Federal investigators appear to be focusing on a cybercrime conglomerate in Nigeria. Armen Najarian, Chief Identity Officer with Silicon Valley-based internet security company Agari, has been tracking them, too.“They’re very good at what they do and they’ve been doing it for a long time,” says Armen.Agari has connected more than 140 of the first 700 fraudulent unemployment claims in our state to a Nigerian cybercrime group named Scattered Canary.“They’re diversified. They have a number of lines of businesses. One is business email compromise, where they might impersonate a CEO reaching a CFO asking for an urgent wire transfer,” says Armen. “They’re involved in real estate fraud scams where they are diverting a payment or mortgage transfer.”Armen says the group has found a way to have a single scammer obtain, and then use, hundreds of Gmail accounts to fraudulently apply for unemployment benefits using stolen social security numbers and other personal information. He adds that the Washington Employment Security Department’s rush to pay applicants may have made things easier for the thieves.“The law of unintended consequences, right? What was intended to be a pro-citizen policy has perhaps been exploited because maybe there wasn’t [sic] the in-depth verification checks that have existed if it wasn’t more locked down,” says Armen.The Commissioner of the Employment Security Department says additional measures recently put in place have blocked "hundreds of millions" in additional fraudulent claims, but would not explain how she got that number.Mike Hamilton, with the Seattle-based internet security company CI Security, has also been following the Scattered Canary developments. He believes American authorities may have to consider new incentives for countries known to harbor cyber-criminals, to prevent those groups from attacking american targets.“If we treat our logical borders like we treat our physical borders. and say you can’t control all the crime in your country that’s sucking money out of my country – great! We’re going to cut off legitimate business at the border router and we’re going to let your business community howl at you until you clean up your problem,” says Mike.And that could help cyber crime victims like Dawn get the benefits they desperately need.“It’s hard because I’ve gone through a lot of money on my own when I could have been receiving unemployment,” says Dawn. “A lot of savings for my retirement, so I’m going to be working when I’m 80.”You can check out our previous reporting for a checklist to see if you’ve been victimized, report the fraud, and protect your identity.UPDATE: Washington’s Employment Security Department says the Department of Justice is leading the fraud investigation. Here is a statement their Seattle office sent us after our story ran:“In any fraud investigation and prosecution, our focus is on finding and securing the proceeds of crime, so that we can return them to their rightful owner. This investigation is no different. A team of federal law enforcement agents is working hard to identify, and recover funds from, accounts that have been used in this fraud. Last week, a diligent financial institution, with which agents were working, was able to prevent $120 million from being distributed to criminals. Agents are assisting in recovering millions of additional dollars, with assistance from scores of other banks and credit unions. I commend the Social Security Administration Office of the Inspector General, the Secret Service, the FBI, and the Department of Labor Office of the Inspector General for their quick and urgent work to reclaim these funds and other criminal proceeds that we are working to identify.”See the rest of our reporting on Washington’s unemployment crisis:Victims of unemployment fraud have assets frozen by bankImpostor fraud continues: Seattle man's information used to apply for unemployment benefits in three statesScammers swoop in, swipe Washington unemployment benefits – and how to protect yourself if you're a victimAt least 55,000 people in Washington wait for unemployment decisionsDelays, denials as Coronavirus fuels demand for unemployment benefits", "author": [ { "@type": "Organization", "name": "Cox Media Group", "logo": { "@type": "ImageObject", "url": "https://www.kiro7.com/pb/resources/images/cmg_icons/kiro-logo.png?token=123", "width": 152, "height": 60 } } ], "publisher": { "@type": "Organization", "name": "Cox Media Group", "logo": { "@type": "ImageObject", "url": "https://www.kiro7.com/pb/resources/images/cmg_icons/kiro-logo.png?token=123", "width": 152, "height": 60 } } }, // will be empty for branded publishing "description": "May 21, 2020 Dawn Gately’s hair salon in Port Townsend has been shut down for months. When she applied for unemployment benefits, she received an all too familiar response. “Someone else had used my social security number and it also showed a strange email address,” says Dawn. Dawn is one of a growing number of […]" } '.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

15.taboola.com
198cd06afb5add1506af7e66b3238ef1.safeframe.googlesyndication.com
2b0b89c077c87173c841d62727a15297.safeframe.googlesyndication.com
685b3919.akstat.io
aax-eu.amazon-adsystem.com
ads.pubmatic.com
ads.servenobid.com
adservice.google.com
adservice.google.de
am-match.taboola.com
am-vid-events.taboola.com
as-sec.casalemedia.com
c.amazon-adsystem.com
c.go-mpulse.net
cdn.taboola.com
confiant-integrations.global.ssl.fastly.net
connect.facebook.net
coxmediagroup-d.openx.net
eu-u.openx.net
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hbopenbid.pubmatic.com
ib.adnxs.com
images.taboola.com
imprammp.taboola.com
includemodal.com
includemodal.global.ssl.fastly.net
jadserve.postrelease.com
js-sec.indexww.com
lightboxapi.azurewebsites.net
log.outbrainimg.com
mab.chartbeat.com
member-center-api.cmg.com
membercenter-sdk.cmg.com
pagead2.googlesyndication.com
ping.chartbeat.net
pr.realvu.net
prg.smartadserver.com
public.servenobid.com
s.go-mpulse.net
s.ntv.io
sb.scorecardresearch.com
securepubads.g.doubleclick.net
static.chartbeat.com
stats.g.doubleclick.net
tcheck.outbrainimg.com
tpc.googlesyndication.com
trc.taboola.com
twcimaxweb.112.2o7.net
use.fontawesome.com
vidstat.taboola.com
widget.perfectmarket.com
widgets-green.media.weather.com
widgets.media.weather.com
widgets.outbrain.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.kiro7.com
www.lightboxcdn.com
ads.servenobid.com
hbopenbid.pubmatic.com
prg.smartadserver.com
securepubads.g.doubleclick.net
www.googletagservices.com
104.108.64.33
13.224.194.68
13.89.172.6
141.226.228.48
15.188.154.177
151.101.113.194
151.101.113.44
151.101.13.181
151.101.13.194
151.101.13.44
172.217.21.226
18.204.98.179
185.33.220.242
2.16.187.51
213.19.162.21
216.58.212.162
23.111.9.35
23.210.248.65
23.210.249.164
23.210.249.92
23.210.250.13
23.210.250.44
2600:9000:2057:ac00:18:1fcd:34e:d2a1
2600:9000:214f:1e00:16:b34:fdc0:93a1
2600:9000:214f:b600:a:588b:e680:93a1
2606:4700::6810:4ea5
2a00:1450:4001:801::2003
2a00:1450:4001:801::200a
2a00:1450:4001:802::2002
2a00:1450:4001:806::2008
2a00:1450:4001:808::200e
2a00:1450:4001:816::2001
2a00:1450:4001:817::2004
2a00:1450:4001:818::2003
2a00:1450:4001:819::2001
2a00:1450:4001:81a::2002
2a00:1450:4001:81e::2001
2a00:1450:400c:c06::9d
2a02:26f0:6c00:181::11a6
2a02:26f0:6c00:192::11a6
2a02:26f0:6c00:193::3282
2a02:26f0:6c00:196::3282
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:1b::714
3.128.54.90
34.98.64.218
52.45.140.238
52.9.74.36
52.95.123.167
54.85.197.32
64.202.112.191
99.86.0.120
0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5
00fbabc2017b4dbfa1cb1fcccd1b84051b0af07af7b6fd0aed403b5e30c6c80a
028827b1c4e320391b5b24f3111fb3305284d93a158056e658133f4753721549
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06c9511509b3989aae791a0938c44c411473725e2c014870dd68ce58d40d1631
06cbc115d73b1db210dad2f2e343ca9b5a2017b1a9d042e100f9697c322dce34
08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c
0a3f7c98e6aec5059a8ddb49b53cbf700036153e34d646aebcee714eaae3e6d0
0b9028c7ecccf4f31fafcfca176cd6ed38197d7b3d6ea4c107b98af8eecc525b
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
0e6dfa442177b789845d0ccd6d0ee0123d1cd971aec7da66f9ee0baef2bfd953
0ecd9f5bb492be71e3aacc8ca4f170c8f9890242a25e2c6ec9a42f13561b028f
0fa854ada74938dcb0997979bc25880d48219922ea67a0c27166ef8d21b31c62
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
15222558c59d8869576c6579a2b115258dc1a73efbdd38eafddd044a92756768
16bf95bf6827edd10966dabc7dd1824b9a3191c7165994bf475d7b440a8af8b2
1a1d846a5bf4af0e523bf1fc12389d7c73c2ff454e632372af5570afc5eb06cc
1ada6cba8fa53b338e731e5e8813a53ed00637c9b6a44ce728e34c46959120b1
1b8c51afc45c1b453c9e415db2b7e20359f347baa62c98c67d18724ce90c7717
1ecf910d22884127d5d1bead25d5c3ae6b5db862657b9a22d6f8ab648b4c7266
28fe59ea4fb3f127ce787154d8c46573c3d110a5c4e949b65b5612c64281cfe8
29c91e831894114cbf1267410830f80eb32e92ba01eaa0480414b94a04eb534f
2c456d8ce088ba1a571f4d7db9c44cb8b25aaa9e30487be1afac06af0c4d9f78
2cd7ad5d864759e260673f64f07a2d8f5567a65c9fcd892708931f3fc86d2212
2e287ecbec5763b582bf2fc5edfb9061d703fe11ee257defecb25868af9be1c1
34719aea4e443860422169ebf51a057ef51c19942ed3d5adb65154d3659200bd
34c11cb41852783fc96b461eaf225716e467e110058721f33f35ced3f8b87ad7
36ad80a8bbf3902b110f7c30e7f1573bf449fb2cf7bbf9bbada7e6c93662a833
37c950ed2fef062f761b7b2e4c8d4f230718b3824fe8b2be6cc714b83b55b01b
3814ba41228b3db597942953bbf8f0686e63ec914a2ebad8b609fb7618854123
38db8016c9a71b8590311347a397e56764effd444da1db744884e551a48fefe4
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3cd39cb32bd2edb00a2f3b7d724fd4c7d7f09f4b2e5885bbc86b9b37fb1d96a7
3f764ec8a7f6f38ab5fe952f51ed580321c0af7c46edf61562b6616b0df79b4b
3f97abe7bd4941d63d3773754603e83c3988c9d89d333cd3742bfa9ba63de133
4330f13f7ef56eb8e9a7d96f3875958184b028bc0b4e018a9197bdddbc406f1e
4749f95d6ba82bfeefaf03591643f873461c42ad2e0e973b21ace71c41bbfc81
4d0130d314f1669c9ea5a911d401d6250f96386a52b0c38f7b3fb43cdcd10589
5402c68a3d6c370f965523f37326cc6472a5645db502b794b099ef525887d73f
558927ad5d1d06e0802f36ca4ab513a74d6cc3cf03187dc6ec163327f21c6919
57514090aa4e30755dfb478a8e596474b2c1dcb0c4258a6a2b324853d73840e4
58b20ab234967b117020e88661b505c6b12e64a2bfc59fa6beabcab10d4ae44a
5a5f150d0d3fb38f9df3cfab7a435bd79a8e518b6806af856c2481069f4b97a3
5bb3e58fd048eed36978e4549137819e9d959f9e98cf17db21f11ae63caa3704
5c42415b8134f156226e5be62b863648956e93fb55d652bd30d275208e4c52b1
5c7df99df232586111917083a85aa31b82ee29e48ca2990e13fae0c0663a923f
5c825d3b5e126104be23ef131bc5eb639bbf1a4b14e596e294cae82781366890
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
64174c77b5a80870cf978e69f024e86c45f235a3f59c7041010074031b9fe2fb
6718a07fa13fa05273a15a3442277d187b1b712d9eccef98fba120ef9442e975
678411243c99862b378011c1c8ce74be91ccf15481b2eb8d7596d88a7439a67f
67db1e3e59c2d37ec6ddfd23403e6aedb4c02e864c371db85a4127f679ae1d67
680168566ee9750e5db2b29af40845da0bf6ae8a6647f71f2feaa85948b6499d
68632f1c4edadde25df7c227f597bc41ec7c9a019cc6e0196d7060907e10b298
6a6a77d4af8485f801196e0abb887d745c1ebaf38df310027cf720ad7517e9b2
6c8a38e7a5cf21c2e725e23283a36abf4de52b1e994d37d5a5fbace8d212364e
7183c63341a2b365ecdb3ccc70ef4c95eae74e4bfaae7e8df6b809b9a5f007d2
7301462cb27dcb0cf467822211f6cdd478be091ed9d776b29f426ce78c4a414f
745f4b11e491de328e1088fb94e7c5f3e7ee943369af5e3364776de7a87e86f9
74c7c5d32d77cec7aaa1501ce9e6506dc481c06b6f8ccc68e632a2f947b8527a
7503420f025be01af76aa693b684595b1259f2551125f17259f16d3130fc268c
77873a17a6d4a69497239d572826ad5520f5d9939be4b05ab573da36effd2b2d
77eff823bfb895038c13cee3cda8bb2535aac178145763f9e21156d7072b18e5
7886aafe1c8c73c9302ffd4023ba2e8242347eaa7d2dbd49c822046c54e9fcf4
79cf058fe61429a23dd4fe831fb68769c6bff837fee81b7015a6278622ece51e
7c8a703a2805b5cb43af63206ed809cd4278f7f9b102e58b02ee197e9aec2eea
80f5317ac5620c70618497fb3930ca9d235971a466e99b5b0c2b590489228afd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
855289cc19b5b5cfc67989b144ab2cd4639e16f76b7b99a8be4e7d522dad57d9
8891a160f8a2afb81de5259f9f68e5af3782348ea2927ad9e969bc88c7d39984
8984b550e516ee14f476d8c0e82d2f4f65d4fff8acf5df581f2a57017685ed1e
90b4e75447421dd257aa7717c257c6ad2ebaf1344b126daba025464f37eb5587
921dc7697fdde21fbeb8b1d305a491f670af0883df8d8fb10f76dd151f1e195a
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f
930a3fd7f254f3bb339528ae7f05669aa8faa93ef0fe2eaaae7af7cc66b6a5ac
95a439c4e11ace2484e8d42c30ff56cf7db5ea7c6463df9ce2fdafa7f6ccbf54
9c088796f9990e19374762ed19b3101f2ce74f08dcff8959c260f6a596adcbc9
9e45618e80b10e6c0e0cb67ac3297f5cb09640d01dd4656fd62a577916db0acf
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a144a0ddb054805ab87d8603010836d660aa41bef7a38d962781cd3af6c4e864
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a489da137c52471d00bcf24ce4d6ac81e6798419f0ac07f4828244498942f6cd
a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73
b351490cd05f959f00f76dbf0ad6576b1a413a19dd0ed20b6630ac2932381adb
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b67b0f1771650f302642d45e7f9aacc8f93ad163d316b43dd98721193102f300
b72031ab9ee0b637634d8b4c5ea7d5c9c1286acaa1a5f3f8c43d3a8f5fa82664
b7c75ced414597a228d7dcb267cc769ce75fed381b3b6eda6b6397eec4052f13
b86eb14fc7751d06dbaba2ef8e02b288f95e4f9d5f73ba3df7697c1af7d6f839
b8bd830f3757aa64431697b39faa92cda6bfb040be54c4337356f1eb179ab814
b8dd969db14964f46b631f0ba1459c57fc0f8422206a8a0c366950308b32dbcf
ba607af2c8d414ab6d4bac90c526d90a939cb0adf507b6ba063265347479159d
bcb9d2163cde368a8e75d8bf6a40c5fe20e1c5126884f076540eeef224f6d2f7
bfa96713a1567680e71bfd0a7ca24382ed92d75626559e1cdf1f1dc2f14a449e
c0883d747f2f0715eabe46219a1ccfc1a366c06d71cbf62ffae9abd2674235ad
c1acfa727754dab58bedc79995a642e235c6fde6449824c4fba4318fc060c91c
c254efeb85c50d89e39b1aea1653b1ff6e19f518704636a0cf3d193a36c971c2
cb5e60718cead03882071e2a1ac65f9c9f33ef46d9b4270ca7f65b720590eada
cbdd20706135f61957fc52135a64586fa2a836d06f9fbba78f973c7ba96b5fba
cd4a7bf97c5381abba0b3090730d0239544a981c3def814338199edc50487e72
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf71e9cfbe72f2a8cc1964df9e47e4c8ad7339d4d514201344a0544d13b77081
d20beb8bd7c6778095f019514f2008592a9c74a5204bb4b5993bcd10ee38ba4d
d43551f7b2a632580f179c38600c2664f69267b332d61c3b01f3b0c03e9185c8
d45ada5c1a6c27d3c3b6d023ded26e6ff16b25659d49c9396248072378b29920
d6a1b84dee6b0f3b440b15122326acb38762f7b8f8024e359ce56abe5f0e626f
d701f1aeeca64b8b1deacc747a73af64c787d04fc83403663461e9c8cd045884
d8e3bef1f24aaf618f20d0c3415c7a7432b51d8545e78c3df1260c1015e2661d
d8f1c105623165e8a632ee84c28863aa6ad5b4fb21b5f558ac4acf437a6d5517
d9ca68102c5106e95f3e94dd8dd9ed7d06eb0f8c20909447b2d612d53e7a4284
df4a969300009281daa2b171080c6c305cb0f6284783f0c8543699802cb26215
e07293cc219bd9c25192a1f4a8010774d5408927cea0e7bbc6e945b75b503f01
e0e25e7e96a947fc5cd11caa636d49b1079bde39f45024e1f672276a028d52d7
e184588224db3f76eff3655c775cede9016efddcf00551aa2834b5ef02f49eb5
e212e3161632a4224e3e49b5af5d23622235d08db416499aa4c24aa2c83a9ca8
e25daba47cce6c049e00e6a356e3973cdc9b4b0e3090c6c797b8e05074f3285a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e56ce6a9217ef5d350cbff4f936b54330265c12481627a604b20567e5fc7ca2e
e61fd35d987ab2f9b808a6b2e91a62ddc13cc91d5fe317200efdefba070bd731
ea03bfd7fdda1eac185ebc3e8e74b33065b04c8e0adc48cbbd4136748dbd2742
ea1321d511a75cd158b307b8c4480f91f84f802a70a1d0c556ee9663c1fd2028
ea5b566c75154c9714bf3ee063881cf5e74b40daea30152eda0c9ac2df341e16
ebb95661386e94f5ee60b582d964d9864fef0562603b3b827aed2c16a5352cfd
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f160f126fb44b72a76e11f7b10e6145c0c61be59606f6e9fb79f530612efe82b
f1672ee2cb2be33db34383566920c4f2ceb6a1daed75a5d955e47136cecc6f9c
f1f4b59fd2e055cdd63da086456203a17d5ee02e195147f439cba69f7a83d4bd
f630c6ea4e44c35a93c0ee2950e68857311d9500d6025abe4a5db3ecaf270e3c
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f7923da913970c6b2813790cfb4952653b8aadbcc74d5700a078b8b1b37c8ddc
f9bd04baa6ad3f8c8932f75939145adaa96a2aade838d61df813430898b97730
fa44b74a77714d909c063e148f48d8c6ee818985a299dd9b408d40a50c209bab
fa8b64d1fad753621212cf923d9bbb40926778a6e89865de968ef16f3771e3fa
fabbb74833cdd9063a2219ddd3240bb4f71a499e8838ec1d90e396548afc9d56
fbb0e86ccce48b6e3624ebec3313ede4b3a5fce48047f324267f65110b40acad
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

www.kiro7.com Open in urlscan Pro 2.16.187.51 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

194 Requests

96 %HTTPS

43 %IPv6

42 Domains

66 Subdomains

53 IPs

8 Countries

3732 kBTransfer

11136 kBSize

3 Cookies

34 Outgoing links

Page URL History

Redirected requests

194 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.kiro7.com Open in urlscan Pro
2.16.187.51 Public Scan

Screenshot
Live screenshot

Full Image

194
Requests

96 %
HTTPS

43 %
IPv6

42
Domains

66
Subdomains

53
IPs

8
Countries

3732 kB
Transfer

11136 kB
Size

3
Cookies

194 HTTP transactions
2 data transactions