www.kiro7.com Open in urlscan Pro
2.16.186.170 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://bit.ly/3bToZ0L
Effective URL:
https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemploymen...
Submission: On August 24 via api (August 24th 2020, 5:00:09 pm UTC) from US

Summary HTTP 217 Redirects Links 34 Behaviour Indicators

Summary

This website contacted 61 IPs in 8 countries across 48 domains to perform 217 HTTP transactions. The main IP is 2.16.186.170, located in Ascension Island and belongs to AKAMAI-ASN1, EU. The main domain is www.kiro7.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on August 14th 2020. Valid for: 3 months.

This is the only time www.kiro7.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	67.199.248.10 67.199.248.10	396982 (GOOGLE-PR...) (GOOGLE-PRIVATE-CLOUD)
1 1	34.239.195.15 34.239.195.15	14618 (AMAZON-AES) (AMAZON-AES)
1 25	2.16.186.170 2.16.186.170	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	23.111.9.35 23.111.9.35	33438 (HIGHWINDS2) (HIGHWINDS2)
1	2a00:1450:400... 2a00:1450:4001:802::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	172.217.18.162 172.217.18.162	15169 (GOOGLE) (GOOGLE)
2 6	23.37.53.17 23.37.53.17	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	136.144.49.28 136.144.49.28	54825 (PACKET) (PACKET)
1 1	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:400c:c04::9d	15169 (GOOGLE) (GOOGLE)
2 4	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
1 13	2a00:1450:400... 2a00:1450:4001:81d::2002	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
2	2600:9000:214... 2600:9000:214f:dc00:a:588b:e680:93a1	16509 (AMAZON-02) (AMAZON-02)
5	13.226.145.204 13.226.145.204	16509 (AMAZON-02) (AMAZON-02)
1	104.111.215.236 104.111.215.236	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:81e::2003	15169 (GOOGLE) (GOOGLE)
2	104.111.216.19 104.111.216.19	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a02:26f0:6c0... 2a02:26f0:6c00:2be::3282	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a00:1450:400... 2a00:1450:4001:825::2002	15169 (GOOGLE) (GOOGLE)
4	52.86.141.129 52.86.141.129	14618 (AMAZON-AES) (AMAZON-AES)
6	151.101.13.44 151.101.13.44	54113 (FASTLY) (FASTLY)
2	2a02:26f0:6c0... 2a02:26f0:6c00:298::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a00:1450:400... 2a00:1450:4001:81b::2003	15169 (GOOGLE) (GOOGLE)
2	2600:9000:218... 2600:9000:2182:7200:18:1fcd:34e:d2a1	16509 (AMAZON-02) (AMAZON-02)
5	2606:4700::68... 2606:4700::6810:50a5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:218... 2600:9000:2182:5400:10:ce97:9fc0:93a1	16509 (AMAZON-02) (AMAZON-02)
16	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
2	151.101.113.181 151.101.113.181	54113 (FASTLY) (FASTLY)
1	92.122.252.200 92.122.252.200	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2600:9000:218... 2600:9000:2182:7800:16:b34:fdc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	70.42.32.31 70.42.32.31	13789 (INTERNAP-...) (INTERNAP-BLK3)
4	52.201.74.173 52.201.74.173	14618 (AMAZON-AES) (AMAZON-AES)
27	151.101.113.44 151.101.113.44	54113 (FASTLY) (FASTLY)
5	104.111.215.135 104.111.215.135	16625 (AKAMAI-AS) (AKAMAI-AS)
3 9	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
3	185.33.221.50 185.33.221.50	29990 (ASN-APPNEX) (ASN-APPNEX)
3	69.173.144.143 69.173.144.143	26667 (RUBICONPR...) (RUBICONPROJECT)
2	2a00:1450:400... 2a00:1450:4001:821::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81d::2001	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:81c::2001	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:1b:... 2a04:4e42:1b::714	54113 (FASTLY) (FASTLY)
5	35.168.135.69 35.168.135.69	14618 (AMAZON-AES) (AMAZON-AES)
1	2a02:26f0:6c0... 2a02:26f0:6c00:191::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	13.89.172.6 13.89.172.6	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	151.101.113.194 151.101.113.194	54113 (FASTLY) (FASTLY)
1	2600:9000:21f... 2600:9000:21f3:a200:d:77c3:2dc0:21	16509 (AMAZON-02) (AMAZON-02)
3	3.134.241.231 3.134.241.231	16509 (AMAZON-02) (AMAZON-02)
1 2	52.57.212.105 52.57.212.105	16509 (AMAZON-02) (AMAZON-02)
2	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	18.203.164.24 18.203.164.24	16509 (AMAZON-02) (AMAZON-02)
1	185.86.139.95 185.86.139.95	201081 (SMARTADSE...) (SMARTADSERVER)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3	151.101.13.194 151.101.13.194	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:4001:817::2001	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:6c0... 2a02:26f0:6c00:28d::3282	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	15.236.175.233 15.236.175.233	16509 (AMAZON-02) (AMAZON-02)
1	104.111.215.68 104.111.215.68	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.226.155.128 13.226.155.128	16509 (AMAZON-02) (AMAZON-02)
217	61

1 67.199.248.10 (United States) 1 redirects

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: bit.ly

bit.ly	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.239.195.15 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

jessejones.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2.16.186.170 (Ascension Island) 1 redirects

ASN20940 (AKAMAI-ASN1, EU)
PTR: a2-16-186-170.deploy.static.akamaitechnologies.com

www.kiro7.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.111.9.35 (Phoenix, United States)

ASN33438 (HIGHWINDS2, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s29-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 23.37.53.17 (Netherlands) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-53-17.deploy.static.akamaitechnologies.com

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 136.144.49.28 (Amsterdam, Netherlands) 1 redirects

ASN54825 (PACKET, US)

loadus.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9d (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:81d::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:214f:dc00:a:588b:e680:93a1 (United States)

ASN16509 (AMAZON-02, US)

membercenter-sdk.cmg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.226.145.204 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-145-204.dus51.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.215.236 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-236.deploy.static.akamaitechnologies.com

s.ntv.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.216.19 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-216-19.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:2be::3282 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

widgets.media.weather.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:825::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.86.141.129 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-86-141-129.compute-1.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.13.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00:298::11a6 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

s.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
6852bd07.akstat.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2182:7200:18:1fcd:34e:d2a1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6810:50a5 (United States)

ASN13335 (CLOUDFLARENET, US)

www.lightboxcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2182:5400:10:ce97:9fc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

tag.durationmedia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.113.181 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

widget.perfectmarket.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 92.122.252.200 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a92-122-252-200.deploy.static.akamaitechnologies.com

tcheck.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2182:7800:16:b34:fdc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

member-center-api.cmg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 70.42.32.31 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com

log.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.201.74.173 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-201-74-173.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 151.101.113.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
15.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imprammp.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c3.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.111.215.135 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-135.deploy.static.akamaitechnologies.com

as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 35.244.159.8 (Mountain View, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

coxmediagroup-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.221.50 (Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.143 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:821::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81d::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

a1b54cb1d5fc1f521fa76da0dc15e5c3.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:81c::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:1b::714 (Ascension Island)

ASN54113 (FASTLY, US)

mab.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.168.135.69 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-168-135-69.compute-1.amazonaws.com

pr.realvu.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:191::11a6 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

c.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.89.172.6 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

lightboxapi.azurewebsites.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.113.194 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

includemodal.global.ssl.fastly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:a200:d:77c3:2dc0:21 (United States)

ASN16509 (AMAZON-02, US)

d2s8wlbatk24s7.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.134.241.231 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-134-241-231.us-east-2.compute.amazonaws.com

includemodal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.57.212.105 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)

d.adtriba.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

am-match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-vid-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.203.164.24 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-164-24.eu-west-1.compute.amazonaws.com

ads.servenobid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.95 (France)

ASN201081 (SMARTADSERVER, FR)

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.13.194 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

confiant-integrations.global.ssl.fastly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:817::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

9f7f13ec165e9a529de1dbdd42c98c42.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:28d::3282 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

widgets-green.media.weather.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.236.175.233 (Paris, France) 1 redirects

ASN16509 (AMAZON-02, US)

twcimaxweb.112.2o7.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.215.68 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-68.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.155.128 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-155-128.dus51.r.cloudfront.net

public.servenobid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	taboola.com cdn.taboola.com trc.taboola.com 15.taboola.com images.taboola.com vidstat.taboola.com imprammp.taboola.com c3.taboola.com am-match.taboola.com am-vid-events.taboola.com	1 MB
25	kiro7.com 1 redirects www.kiro7.com	722 KB
21	googlesyndication.com a1b54cb1d5fc1f521fa76da0dc15e5c3.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com 9f7f13ec165e9a529de1dbdd42c98c42.safeframe.googlesyndication.com	191 KB
19	doubleclick.net 2 redirects stats.g.doubleclick.net googleads.g.doubleclick.net securepubads.g.doubleclick.net	215 KB
9	openx.net 3 redirects coxmediagroup-d.openx.net eu-u.openx.net	2 KB
7	googletagservices.com www.googletagservices.com	173 KB
6	fastly.net includemodal.global.ssl.fastly.net confiant-integrations.global.ssl.fastly.net	193 KB
6	google.com 2 redirects www.google.com adservice.google.com	2 KB
6	scorecardresearch.com 2 redirects sb.scorecardresearch.com	4 KB
5	realvu.net pr.realvu.net	74 KB
5	lightboxcdn.com www.lightboxcdn.com	125 KB
5	amazon-adsystem.com c.amazon-adsystem.com	31 KB
5	google.de www.google.de adservice.google.de	1005 B
4	casalemedia.com as-sec.casalemedia.com	4 KB
4	chartbeat.net ping.chartbeat.net	672 B
4	postrelease.com jadserve.postrelease.com	2 KB
4	cmg.com membercenter-sdk.cmg.com member-center-api.cmg.com	136 KB
4	fontawesome.com use.fontawesome.com	151 KB
3	includemodal.com includemodal.com	420 B
3	rubiconproject.com fastlane.rubiconproject.com	5 KB
3	adnxs.com ib.adnxs.com	2 KB
3	chartbeat.com static.chartbeat.com mab.chartbeat.com	32 KB
3	gstatic.com fonts.gstatic.com	33 KB
3	facebook.net connect.facebook.net	177 KB
2	2o7.net 1 redirects twcimaxweb.112.2o7.net	557 B
2	pubmatic.com hbopenbid.pubmatic.com ads.pubmatic.com	115 B
2	servenobid.com ads.servenobid.com public.servenobid.com	380 B
2	adtriba.com 1 redirects d.adtriba.com	757 B
2	outbrainimg.com tcheck.outbrainimg.com log.outbrainimg.com	743 B
2	perfectmarket.com widget.perfectmarket.com	32 KB
2	go-mpulse.net s.go-mpulse.net c.go-mpulse.net	51 KB
2	weather.com widgets.media.weather.com widgets-green.media.weather.com	116 KB
2	outbrain.com widgets.outbrain.com	48 KB
2	facebook.com www.facebook.com	354 B
2	exelator.com 1 redirects loadus.exelator.com	2 KB
2	googleadservices.com www.googleadservices.com	12 KB
2	google-analytics.com 1 redirects www.google-analytics.com	18 KB
1	indexww.com js-sec.indexww.com
1	akstat.io 6852bd07.akstat.io	201 B
1	smartadserver.com prg.smartadserver.com	1 KB
1	cloudfront.net d2s8wlbatk24s7.cloudfront.net	14 KB
1	azurewebsites.net lightboxapi.azurewebsites.net	758 B
1	durationmedia.net tag.durationmedia.net	997 B
1	ntv.io s.ntv.io	96 KB
1	googleapis.com fonts.googleapis.com	1 KB
1	googletagmanager.com www.googletagmanager.com	52 KB
1	jessejones.com 1 redirects jessejones.com	161 B
1	bit.ly 1 redirects bit.ly	201 B
217	48

	Domain	Requested by
25	www.kiro7.com	1 redirects www.kiro7.com
16	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.kiro7.com
14	images.taboola.com	www.kiro7.com
13	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
7	www.googletagservices.com	www.kiro7.com securepubads.g.doubleclick.net pr.realvu.net
6	eu-u.openx.net	3 redirects www.kiro7.com
6	cdn.taboola.com	www.kiro7.com cdn.taboola.com
6	sb.scorecardresearch.com	2 redirects www.kiro7.com cdn.taboola.com www.googletagmanager.com
5	pagead2.googlesyndication.com	www.kiro7.com securepubads.g.doubleclick.net
5	vidstat.taboola.com	cdn.taboola.com vidstat.taboola.com
5	pr.realvu.net	tag.durationmedia.net pr.realvu.net
5	www.lightboxcdn.com	www.kiro7.com www.lightboxcdn.com
5	c.amazon-adsystem.com	www.kiro7.com c.amazon-adsystem.com
4	as-sec.casalemedia.com	www.kiro7.com pr.realvu.net
4	ping.chartbeat.net	www.kiro7.com
4	jadserve.postrelease.com	s.ntv.io www.kiro7.com
4	www.google.com	2 redirects www.kiro7.com securepubads.g.doubleclick.net
4	use.fontawesome.com	www.kiro7.com
3	confiant-integrations.global.ssl.fastly.net	pr.realvu.net confiant-integrations.global.ssl.fastly.net
3	includemodal.com	www.kiro7.com
3	includemodal.global.ssl.fastly.net	securepubads.g.doubleclick.net
3	fastlane.rubiconproject.com	www.kiro7.com
3	ib.adnxs.com	www.kiro7.com
3	coxmediagroup-d.openx.net	www.kiro7.com
3	trc.taboola.com	cdn.taboola.com www.kiro7.com
3	fonts.gstatic.com	fonts.googleapis.com
3	www.google.de	www.kiro7.com
3	connect.facebook.net	www.googletagmanager.com connect.facebook.net
2	twcimaxweb.112.2o7.net	1 redirects
2	9f7f13ec165e9a529de1dbdd42c98c42.safeframe.googlesyndication.com	securepubads.g.doubleclick.net confiant-integrations.global.ssl.fastly.net
2	imprammp.taboola.com	www.kiro7.com
2	d.adtriba.com	1 redirects www.kiro7.com
2	15.taboola.com	cdn.taboola.com
2	adservice.google.com	securepubads.g.doubleclick.net
2	adservice.google.de	securepubads.g.doubleclick.net
2	member-center-api.cmg.com	membercenter-sdk.cmg.com
2	widget.perfectmarket.com	cdn.taboola.com widget.perfectmarket.com
2	static.chartbeat.com	www.kiro7.com www.googletagmanager.com
2	widgets.outbrain.com	www.kiro7.com widgets.outbrain.com
2	membercenter-sdk.cmg.com	www.kiro7.com membercenter-sdk.cmg.com
2	www.facebook.com	www.kiro7.com connect.facebook.net
2	googleads.g.doubleclick.net	1 redirects www.googleadservices.com
2	loadus.exelator.com	1 redirects www.kiro7.com
2	www.googleadservices.com	www.googletagmanager.com www.googleadservices.com
2	www.google-analytics.com	1 redirects www.googletagmanager.com
1	public.servenobid.com	pr.realvu.net
1	js-sec.indexww.com	pr.realvu.net
1	ads.pubmatic.com	pr.realvu.net
1	6852bd07.akstat.io	s.go-mpulse.net
1	widgets-green.media.weather.com	widgets.media.weather.com
1	hbopenbid.pubmatic.com	pr.realvu.net
1	prg.smartadserver.com	pr.realvu.net
1	ads.servenobid.com	pr.realvu.net
1	am-vid-events.taboola.com	www.kiro7.com
1	am-match.taboola.com	vidstat.taboola.com
1	c3.taboola.com	www.kiro7.com
1	d2s8wlbatk24s7.cloudfront.net	includemodal.global.ssl.fastly.net
1	lightboxapi.azurewebsites.net	www.lightboxcdn.com
1	c.go-mpulse.net	s.go-mpulse.net
1	mab.chartbeat.com	static.chartbeat.com
1	a1b54cb1d5fc1f521fa76da0dc15e5c3.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	log.outbrainimg.com	widgets.outbrain.com
1	tcheck.outbrainimg.com	widgets.outbrain.com
1	tag.durationmedia.net	www.googletagmanager.com
1	s.go-mpulse.net	www.kiro7.com
1	widgets.media.weather.com	www.kiro7.com
1	s.ntv.io	www.kiro7.com
1	fonts.googleapis.com	www.kiro7.com
1	stats.g.doubleclick.net	1 redirects
1	www.googletagmanager.com	www.kiro7.com
1	jessejones.com	1 redirects
1	bit.ly	1 redirects
217	72

This site contains links to these domains. Also see Links.

Domain
jessejones.com
kiro7apps.com
storm.wnba.com
www.reignfc.com
jobs.coxenterprises.com
publicfiles.fcc.gov
membercenter.kiro7.com
www.agari.com
om.forgeofempires.com
popup.taboola.com
affluenttimes.com
mackeeper.com
diesel24.de
bewertung.hausgold.de
ad.doubleclick.net
www.conflictnations.com
www.deutsche-treppenlift-beratung.de
marketing.net.brillen.de
www.gutes-hoeren.de
www.aroundhome.de
planbarfinanz-kredite.de
aktion.faz.net
www.coxmediagroup.com
cmg.jobs.net

Subject Issuer	Validity	Valid
cmg.cdn.arcpublishing.com Let's Encrypt Authority X3	`2020-08-14` - `2020-11-12`	3 months	crt.sh
*.fontawesome.com DigiCert SHA2 Secure Server CA	`2019-10-28` - `2020-12-23`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-08-11` - `2020-11-03`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-07-21` - `2020-10-12`	3 months	crt.sh
www.googleadservices.com GTS CA 1O1	`2020-08-11` - `2020-11-03`	3 months	crt.sh
sb.scorecardresearch.com DigiCert Secure Site ECC CA-1	`2020-07-17` - `2021-06-02`	a year	crt.sh
*.exelator.com Go Daddy Secure Certificate Authority - G2	`2019-05-17` - `2021-06-25`	2 years	crt.sh
www.google.de GTS CA 1O1	`2020-08-11` - `2020-11-03`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-08-11` - `2020-11-03`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2020-08-11` - `2020-11-03`	3 months	crt.sh
cmg.com Amazon	`2020-06-04` - `2021-07-04`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2020-08-04` - `2021-08-02`	a year	crt.sh
*.ntv.io DigiCert SHA2 Secure Server CA	`2019-11-18` - `2021-02-16`	a year	crt.sh
*.google.com GTS CA 1O1	`2020-08-11` - `2020-11-03`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-08-11` - `2020-11-03`	3 months	crt.sh
*.outbrain.com DigiCert SHA2 Secure Server CA	`2020-03-09` - `2021-06-08`	a year	crt.sh
www.weather.com DigiCert Secure Site ECC CA-1	`2020-03-12` - `2021-03-12`	a year	crt.sh
*.postrelease.com Amazon	`2020-02-28` - `2021-03-28`	a year	crt.sh
*.taboola.com DigiCert SHA2 Secure Server CA	`2020-08-10` - `2021-12-31`	a year	crt.sh
akstat.io DigiCert Secure Site ECC CA-1	`2020-05-06` - `2021-08-05`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2020-08-11` - `2020-11-03`	3 months	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2020-06-01` - `2021-06-02`	a year	crt.sh
ssl516460.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2020-05-19` - `2020-11-25`	6 months	crt.sh
*.durationmedia.net Amazon	`2019-09-20` - `2020-10-20`	a year	crt.sh
p.ssl.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2019-09-03` - `2021-02-22`	a year	crt.sh
*.outbrainimg.com DigiCert Secure Site ECC CA-1	`2020-03-26` - `2021-06-25`	a year	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2019-12-16` - `2020-12-30`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2020-03-02` - `2021-04-01`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-01-10` - `2021-01-14`	2 years	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-08-11` - `2020-11-03`	3 months	crt.sh
f6.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-08-17` - `2021-04-24`	8 months	crt.sh
ac.realvu.net Amazon	`2020-03-27` - `2021-04-27`	a year	crt.sh
*.azurewebsites.net Microsoft IT TLS CA 5	`2019-09-24` - `2021-09-24`	2 years	crt.sh
*.freetls.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-04-21` - `2021-04-22`	a year	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2020-05-26` - `2021-04-21`	a year	crt.sh
includemodal.com Amazon	`2019-12-13` - `2021-01-13`	a year	crt.sh
*.adtriba.com Amazon	`2020-06-14` - `2021-07-15`	a year	crt.sh
www.google.com GTS CA 1O1	`2020-08-11` - `2020-11-03`	3 months	crt.sh
*.servenobid.com Amazon	`2020-03-12` - `2021-04-12`	a year	crt.sh
*.smartadserver.com DigiCert Global CA G2	`2020-02-03` - `2022-02-03`	2 years	crt.sh
*.pubmatic.com Sectigo RSA Organization Validation Secure Server CA	`2019-02-22` - `2021-02-21`	2 years	crt.sh
*.112.2o7.net DigiCert SHA2 High Assurance Server CA	`2019-04-23` - `2021-04-27`	2 years	crt.sh

This page contains 20 frames:

Primary Page: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Frame ID: DE56D581A5A4842AB38DE48523AF949A
Requests: 161 HTTP requests in this frame

Frame: https://s.go-mpulse.net/boomerang/2ARQK-4FEY5-2C44D-9TAQS-ZHZL7
Frame ID: 913B249F1A123361D9FA2BF7D23E5461
Requests: 2 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Frame ID: 7C64956964EC064E8504B49B40EE069F
Requests: 1 HTTP requests in this frame

Frame: https://includemodal.global.ssl.fastly.net/pw.js
Frame ID: 4FCA6D4D5133801B88A1B270D6E0303D
Requests: 10 HTTP requests in this frame

Frame: https://membercenter-sdk.cmg.com/sdk/hub.html
Frame ID: 4E13FC5883C183A58A1402172E56E1C1
Requests: 1 HTTP requests in this frame

Frame: https://includemodal.global.ssl.fastly.net/pw.js
Frame ID: 76D6944C693149B68278E0DFC0C86E70
Requests: 10 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cipid=7991117&ttype=0&cirid=78F2E5E5FF450969542826300625&cicmp=1337627&cijs=1&dast=V7Jr0CFgMyQhGrP164qwQyQhGrP164qwUAAAAGBugHHDecUVasFWtGI60Gy9lyNVpsRsvhZjNarqZgsIXP6e5uwx-aTofPda_X_X53rdPy9801frdf6vJ8Xm6p3-7y_IV-31vo8Hhdls9bYXm5NaeXw-y0-9xC191keZk8b73NrXaazU6_3fPW29wiv9nssHzeMsvf7dY9PEen3Wf6292qu8ttOPudb5fd9NY8P6eX2y8HAAAAgAcAopZoiB3fhvYIAAAAAAmekWsFioCKfwuBCwAAAAAMAAKxcA0AKI6Ce5lcZn8AADwUgAAADCiQAAgkFpYAONwtngAAABzUyTxts_z____HAOS9N8kAUKRt3Bj0ADz4ADwIAQAAXAzxuuPxD9X9QBEVqBYxAgAAACjBy-Y-mtQJlUXV____vxXAFQBAAF1I2thW1s1JMWsYAACAwNgCPSx-v9lh1_jdLvv_________N_s_A0ATsopiTwva4EpR4xm5Vlj7BQQAYHs3AIA3ATiYA7ADAAAAuPv____PAwAAUNmjZHutxrNHWe8z2MLndHfXb8IWo9VkslkOZ8vFZDAcDUej_QngZoATNBwOFrvBYrdYDCeLyWiwHCxQIAYTnJDhaDNZjXar3WQ5nIxGs81kgxStWs1Gm8FwNZvMdrvVcDBcjkZI0ZrFbDJZzEbL3WawnIwGw8lwiDAzWm1czt3CrdssbGvRyuFaC1eGzVo4Wg43s9nCObE43KLXx3TbjHy74WiPDrObKyaDuWSxm0smg1UCAAAAAAAAAFjClHkTAAAAgNMgZrPJbrfixps9E8RarZY1AAAAALdu5AA!&excid=22&tst=1&docw=0&cs=false
Frame ID: 30642841F847B96755CA2578F5D07F09
Requests: 1 HTTP requests in this frame

Frame: https://includemodal.global.ssl.fastly.net/pw.js
Frame ID: 86D329E3EEB2C52B69387AFAE6018756
Requests: 8 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V7uYICFgMyQhGrP164qwQyQhGrP164qwUAAAAGBvQHG0UbbWYUDoMyWe4Ww-FkNljuZpvBcDJZDmGjaKPNjMJhUCbL3WI4nKyWw8lyt5pMBqsprBjLZTKoBRKW2e87KCinp8fsMoiKrrfF7nCaPQe1mmH5GA2SwWK3hj00nQ6f616vdVr-vrnG7_ZLXZ7Pyy31212ev9DvewsdHq_L8nkrLC-35vRymJ12n1voupssL5Pnrbe51U6z2em3e956m1vkN5sdls9bZvm73bqH5-i0-0x_u1t1d7kNZ7_z7bKb3prn5_Ry--UAAAAA8ACghLkN8QMIABABAAAAIAEAAABAEVDxbyFwAQAAAIABQMC1pQEAxVFwL5PL7A8AgIcCEACAAQUSAIG_mhIAD4qlEwAAAAAAAAAAlv____8YgLzrFBmADK2gHoAHH4AHogLFIkYAAAAAJXjZ3EeTOqGyqAIAIEi3ArgCAAigC0kbCwgDAAAQGFugh8XvNzvsGr_bZQAAAAAAAAAAZv9n_2hCVlHsaUEbXClqv4AAAGu_gAAAbOoGAPAmABd0BjVaDQaD1RHQZjCZHQAAAMDd____vx4Iznyj4cy3MQ5nK5PLZpmZFs7ZxLnxzEaumXM28V5P0350Pq1Bb1-LsMx-30FBOT09ZpdBVHS9LXaH0-w5qNUMy8dokAwWu4H4oGFYTgbB_CZsMVpNJpvlcLZcTAbD0XA02p8AbgY4QcPhYLEbLHaLxXCymIwGy8ECBWIwwQkZjjaT1Wi32k2Ww8loNNtMNkjRqtVstBkMV7PJbLdbDQfD5WiEFK1ZzCaTxWy03G0Gy8loMJwMhwgzo9XG5dwt3LrNwrYWrRyutXBl2KyFo-VwM5stnBOLwy16fUy3zci3G462KBggtxfBRTrR-I1vrdPyd4tuF7FEc7JIJ7LLvjjzjYYz38Y4nK1MLptlZlo4ZxPnxjMbuWbO2cTfGa02Ludu4dZtFra1aOVwrYUrw2YtHC2Hm9ls4ZxYHG7R62O6bUa-3XC0b6yWw8lwuBkO943VcjgZDjfD4b5DZ_iuPmejNG2wdWxShfCsfchMB4XLYPH-JKbFtDs7-DYX5dPnUy-LOqPw1j16DQrPwaM6DY_HpfO4DEtzB0UsEZwu0onoZTxdxBLJ0yKdqDzGmW_km9mMC5fHsTLNNiabaeNwjUweh2G38EzEEqXpIp3opS7P5-WW-u0uz1_o972FDo_XZfm8FZaXW3N6OcxOu88tdN1NlpfJ89bb3Gqn2ez02z1vvc0t8pvNDsvnLbP83W7dw3N02n2mv92turvchrPf-XbZTW_N83N6uS3qPzrMbq6YDOaSxW4umQxWCQAAAAAAAABgCXPmTQAAAABOg5htZpvdcgEeEMN0f7A14ICFbOF3iU2mS1LvlsqLGz9eGL_xrXVa_m7R7cybPRPEWq2WNQAAgAA2AABAALdu3gJCITk!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: 952D8A867A014911885F2F2FEB5B7F85
Requests: 1 HTTP requests in this frame

Frame: https://confiant-integrations.global.ssl.fastly.net/5rVB4DsPmtXrz0O1uUnRC1WH1to/gpt_and_prebid/config.js
Frame ID: 889416BE18CF7ECD20D4C4A2F5ECC799
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Frame ID: 23607ECCC63A542B039C251CAFD66BB4
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu3fYlbBOdJjBxUFAth7RPp9ZP-BDl53PdJX-sYgJgI3z_2CwcK4uhCehZsyf8Mup7CwgoQMjodqifedkEe4zMOx1adjTxouz07qlDFvMHnjaScT4HkjytdwCzDUeaqa0cX0IJaBSWuhG2BtKf6D31-pQK9LiyoDR04wbJ2nhyttTaD_QIxbtpSUa68w5BhgSnn6vm6qKzcD65KzIZwAumof_rOg-asKo-MdHE0LzRMXYi1cddE1vNs45jBcWZNScbqnC0rEnqB7g0&sig=Cg0ArKJSzBpsZTxyOJnTEAE&urlfix=1&adurl=
Frame ID: 4DF79BF46917719204EAF7009F241C72
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Frame ID: B287EC3BF18FF53D716D49BA51E2BA7F
Requests: 1 HTTP requests in this frame

Frame: https://9f7f13ec165e9a529de1dbdd42c98c42.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Frame ID: D779DACED3FA5E07165E0B7E40761E4A
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=e31558e5-75b7-420e-989f-cbc513e3a26b&gdpr=1
Frame ID: EA83A689CC66C06C524EE06E18C2736F
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=e31558e5-75b7-420e-989f-cbc513e3a26b&gdpr=1
Frame ID: FC08ECAC88D3B3085B64E5A4BAD543A7
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=e31558e5-75b7-420e-989f-cbc513e3a26b&gdpr=1
Frame ID: 2AAE9FEAF6055A658C09CB2A353E469E
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 69431B6268A80B8E94E3822215656E1B
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: E1BA926240D5C493EDA83E4FDE65B247
Requests: 1 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: EAEB6E8ED194FC7BEB2D01112AFF5E86
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://bit.ly/3bToZ0L HTTP 301
https://jessejones.com/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-une... HTTP 301
http://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-wa... HTTP 301
https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-wa... Page URL

Detected technologies

Lua (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

OpenResty (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Lightbox (JavaScript Libraries) Expand

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

Page Statistics

217
Requests

98 %
HTTPS

45 %
IPv6

48
Domains

72
Subdomains

61
IPs

8
Countries

4144 kB
Transfer

10182 kB
Size

15
Cookies

34 Outgoing links

These are links going to different origins than the main page.

URL: https://jessejones.com/
Title: Jesse Jones

Search URL Search Domain Scan URL

URL: https://kiro7apps.com/
Title: KIRO 7 Apps

Search URL Search Domain Scan URL

URL: https://storm.wnba.com/news/
Title: Seattle Storm

Search URL Search Domain Scan URL

URL: https://www.reignfc.com/#news
Title: Seattle Reign FC

Search URL Search Domain Scan URL

URL: https://jobs.coxenterprises.com/Businesses/Cox-Media-Group?prefilters=none&CloudSearchLocation=none
Title: Jobs with KIRO 7

Search URL Search Domain Scan URL

URL: https://publicfiles.fcc.gov/tv-profile/kiro-tv
Title: KIRO 7 Public File

Search URL Search Domain Scan URL

URL: https://publicfiles.fcc.gov/tv-profile/kiro-tv/equal-employment-opportunity-records/additional-documents/eeo-public-file-reports/13c34945-0d96-22eb-dfe4-c48013168eea/
Title: KIRO 7 FCC EEO Report

Search URL Search Domain Scan URL

URL: https://membercenter.kiro7.com/newsletters
Title: Newsletter Sign-up

Search URL Search Domain Scan URL

URL: https://jessejones.com/scammers-swoop-in-swipe-washington-unemployment-benefits/
Title: impostor fraud

Search URL Search Domain Scan URL

URL: https://www.agari.com/email-security-blog/covid-19-unemployment-fraud-cares-act/
Title: Scattered Canary

Search URL Search Domain Scan URL

URL: https://jessejones.com/victims-of-unemployment-fraud-have-assets-frozen-by-bank/
Title: Victims of unemployment fraud have assets frozen by bank

Search URL Search Domain Scan URL

URL: https://jessejones.com/impostor-fraud-continues-seattle-mans-information-used-to-apply-for-unemployment-benefits-in-three-states/
Title: Impostor fraud continues: Seattle man's information used to apply for unemployment benefits in three states

Search URL Search Domain Scan URL

URL: https://jessejones.com/at-least-55000-people-in-washington-wait-for-unemployment-decisions/
Title: At least 55,000 people in Washington wait for unemployment decisions

Search URL Search Domain Scan URL

URL: https://jessejones.com/delays-denials-as-coronavirus-fuels-demand-for-unemployment-benefits/
Title: Delays, denials as Coronavirus fuels demand for unemployment benefits

Search URL Search Domain Scan URL

URL: https://om.forgeofempires.com/foe/de/?ref=tab_de_de&&external_param=2892247689&pid=cox-kiro-tv&bid=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F8232f77ecd45cf6714cd2601a96acb84.jpeg&tblci=GiDXFF6ozZkRCRtmL4L0j-rYsPvr5BDrSLNBHnrB2WaLpSDJqD8#tblciGiDXFF6ozZkRCRtmL4L0j-rYsPvr5BDrSLNBHnrB2WaLpSDJqD8
Title: Forge Of Empires - Free Online Game

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=cox-kiro-tv&utm_medium=referral&utm_content=thumbs-feed-01-b:Below%20Article%20Thumbnails%20-March%202017%20|%20Card%201:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://affluenttimes.com/humor/wedding-photo-fails/?utm_source=Taboola&utm_medium=CPC&utm_content=cox-kiro-tv_1017953&utm_campaign=DV4_173805_Affluent-Times_V1-40-Wedding-Photo-Fails-Youd_DE_DESKTOP_KK&utm_term=5690565&l=a
Title: Affluent Times

Search URL Search Domain Scan URL

URL: https://mackeeper.com/link/31623c86-dd44-11ea-b61d-127369ec21d1?tid_ext=1+in+2+Mac+Users+Are+Unaware+of+This+Trick+to+Clean+Their+Mac.;2921843857;1017953;GiDXFF6ozZkRCRtmL4L0j-rYsPvr5BDrSLNBHnrB2WaLpSDA_0k&tblci=GiDXFF6ozZkRCRtmL4L0j-rYsPvr5BDrSLNBHnrB2WaLpSDA_0k#tblciGiDXFF6ozZkRCRtmL4L0j-rYsPvr5BDrSLNBHnrB2WaLpSDA_0k
Title: MacKeeper

Search URL Search Domain Scan URL

URL: https://diesel24.de/?utm_source=taboola&utm_medium=referral&tblci=GiDXFF6ozZkRCRtmL4L0j-rYsPvr5BDrSLNBHnrB2WaLpSCN61A#tblciGiDXFF6ozZkRCRtmL4L0j-rYsPvr5BDrSLNBHnrB2WaLpSCN61A
Title: diesel24

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=cox-kiro-tv&utm_medium=referral&utm_content=thumbs-feed-01-a-2x1:Below%20Article%20Thumbnails%20-March%202017%20|%20Card%202:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://bewertung.hausgold.de/lp/JaHp?lkey=DA&cid=zjHu60HXlH&utm_source=taboola&utm_medium=display&utm_campaign=Q1desk03&tblci=GiDXFF6ozZkRCRtmL4L0j-rYsPvr5BDrSLNBHnrB2WaLpSDlm0A#tblciGiDXFF6ozZkRCRtmL4L0j-rYsPvr5BDrSLNBHnrB2WaLpSDlm0A
Title: Hausgold

Search URL Search Domain Scan URL

URL: https://ad.doubleclick.net/ddm/clk/468337158;273958360;x?utm_source=taboola&utm_medium=referral&tblci=GiDXFF6ozZkRCRtmL4L0j-rYsPvr5BDrSLNBHnrB2WaLpSCY_Eg#tblciGiDXFF6ozZkRCRtmL4L0j-rYsPvr5BDrSLNBHnrB2WaLpSCY_Eg
Title: eToroAdvertisement

Search URL Search Domain Scan URL

URL: https://www.conflictnations.com/index.php?id=322&lp=108&lpv=1&c=10314&r=18772&placement=cox-kiro-tv_1017953&tblci=GiDXFF6ozZkRCRtmL4L0j-rYsPvr5BDrSLNBHnrB2WaLpSCg3ko#tblciGiDXFF6ozZkRCRtmL4L0j-rYsPvr5BDrSLNBHnrB2WaLpSCg3ko
Title: Conflict Of Nations : World War III

Search URL Search Domain Scan URL

URL: https://www.deutsche-treppenlift-beratung.de/angebote/?utm_medium=dis_pn&utm_source=taboola&utm_campaign=treppenlift-taboola-desktop-251119%7C441-dis_pn-de-71&utm_content=20200430_weiss3_keinscherz&plmt=cox-kiro-tv&utm_term=1017953&prid=441&click_id=GiDXFF6ozZkRCRtmL4L0j-rYsPvr5BDrSLNBHnrB2WaLpSDM_kg&tblci=GiDXFF6ozZkRCRtmL4L0j-rYsPvr5BDrSLNBHnrB2WaLpSDM_kg#tblciGiDXFF6ozZkRCRtmL4L0j-rYsPvr5BDrSLNBHnrB2WaLpSDM_kg
Title: Deutsche Treppenlift Beratung

Search URL Search Domain Scan URL

URL: https://marketing.net.brillen.de/ts/i4861472/tsc?typ=r&amc=dis.brillende.44231.353452.CRTAYVipmWv&smc1=cid=5402539_aid=2913059774&smc5=GiDXFF6ozZkRCRtmL4L0j-rYsPvr5BDrSLNBHnrB2WaLpSDhwD8&tst=!!TIMESTAMP!!&utm_source=taboola&utm_medium=referral&tblci=GiDXFF6ozZkRCRtmL4L0j-rYsPvr5BDrSLNBHnrB2WaLpSDhwD8#tblciGiDXFF6ozZkRCRtmL4L0j-rYsPvr5BDrSLNBHnrB2WaLpSDhwD8
Title: Brillen.de

Search URL Search Domain Scan URL

URL: https://www.gutes-hoeren.de/unsichtbares-horgerat/?utm_campaign=an-2_andy-btitanium-taboola-display_Desktop&utm_content=2906463271&utm_source=taboola&utm_medium=display&utm_term=cox-kiro-tv&utm_title=H%C3%B6rger%C3%A4te+2020%3A+Ex-McDonald%27s+Chef+wird+alles+ver%C3%A4ndern&_ad_placement=cox-kiro-tv&tblci=GiDXFF6ozZkRCRtmL4L0j-rYsPvr5BDrSLNBHnrB2WaLpSCq30w#tblciGiDXFF6ozZkRCRtmL4L0j-rYsPvr5BDrSLNBHnrB2WaLpSCq30w
Title: Gutes-Hoeren.de

Search URL Search Domain Scan URL

URL: https://www.aroundhome.de/immobilienverkauf/bewertung/?utm_content=20200522_verkehrswert_noheadline_rechner&prid=566&plmt=cox-kiro-tv&utm_term=1017953&click_id=GiDXFF6ozZkRCRtmL4L0j-rYsPvr5BDrSLNBHnrB2WaLpSDbmz8&meco=de&utm_medium=dis_pn&utm_source=taboola&utm_campaign=immobilienverkauf-taboola-desktop-ph-100919%7C566-dis_pn-de-5&tblci=GiDXFF6ozZkRCRtmL4L0j-rYsPvr5BDrSLNBHnrB2WaLpSDbmz8#tblciGiDXFF6ozZkRCRtmL4L0j-rYsPvr5BDrSLNBHnrB2WaLpSDbmz8
Title: Hausverkauf

Search URL Search Domain Scan URL

URL: https://planbarfinanz-kredite.de/?utm_source=cox-kiro-tv&utm_medium=Taboola&utm_campaign=Credit+1+Desktop&tblci=GiDXFF6ozZkRCRtmL4L0j-rYsPvr5BDrSLNBHnrB2WaLpSDRglA#tblciGiDXFF6ozZkRCRtmL4L0j-rYsPvr5BDrSLNBHnrB2WaLpSDRglA
Title: Planbar Finanz

Search URL Search Domain Scan URL

URL: https://aktion.faz.net/sommeraktion/?r=nat&campID=PDIS_NTVAds_FAZ-FAS-FAP_PRT-DGT_ABO_MO-SO_MIN_4-WO_NO_sommer_IP20259&utm_source=taboola&utm_medium=paiddisplay&utm_campaign=FAZ-FAS-FAP_PAY_PDIS_NTVAds_MIN_sommer_PRT-DGT_MO-SO_IP20259&utm_term=pnative&tblci=GiDXFF6ozZkRCRtmL4L0j-rYsPvr5BDrSLNBHnrB2WaLpSDrvUU#tblciGiDXFF6ozZkRCRtmL4L0j-rYsPvr5BDrSLNBHnrB2WaLpSDrvUU
Title: Frankfurter Allgemeine Zeitung

Search URL Search Domain Scan URL

URL: https://www.coxmediagroup.com/
Title: Cox Media Group

Search URL Search Domain Scan URL

URL: https://cmg.jobs.net/
Title: Cox Media Group

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://bit.ly/3bToZ0L HTTP 301
https://jessejones.com/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/ HTTP 301
http://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/ HTTP 301
https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7

https://sb.scorecardresearch.com/b?c1=2&c2=32816940&ns__t=1598288386702&ns_c=UTF-8&c8=How%20hackers%20are%20stealing%20hundreds%20of%20millions%20of%20dollars%20from%20Washington%E2%80%99s%20unemployment%20system&c7=https%3A%2F%2Fwww.kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=32816940&ns__t=1598288386702&ns_c=UTF-8&c8=How%20hackers%20are%20stealing%20hundreds%20of%20millions%20of%20dollars%20from%20Washington%E2%80%99s%20unemployment%20system&c7=https%3A%2F%2Fwww.kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F&c9=&cs_ak_ss=1

Request Chain 8

https://loadus.exelator.com/load/?p=1173&g=14&plcid=kiro7&adid=cmg&j=0&gtmcb=1362750324 HTTP 302
https://loadus.exelator.com/load/?p=1173&g=14&plcid=kiro7&adid=cmg&j=0&gtmcb=1362750324&xl8blockcheck=1

Request Chain 9

https://www.google-analytics.com/r/collect?v=1&_v=j83&a=1086240315&t=pageview&_s=1&dl=https%3A%2F%2Fwww.kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F&ul=en-us&de=UTF-8&dt=How%20hackers%20are%20stealing%20hundreds%20of%20millions%20of%20dollars%20from%20Washington%E2%80%99s%20unemployment%20system&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=1562894852&gjid=933102676&cid=1282769257.1598288387&tid=UA-69447481-1&_gid=290297511.1598288387&_r=1&gtm=2wg8c0WJW4B46&cd1=tv&cd2=kiro-tv&cd3=wa%3A%20seattle&cd4=core&cd5=news&cd6=responsive%20site&cd7=kiro7.com&cd8=https%3A%2F%2Fwww.kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F&cd9=how%20hackers%20are%20stealing%20hundreds%20of%20millions%20of%20dollars%20from%20washington%E2%80%99s%20unemployment%20system&cd10=news&cd11=jesse%20jones&cd12=&cd14=article&cd15=WXYQ2IBHV45AXZSL3LOLK4ZUQM&cd17=202005211745&cd18=20200730918&cd19=&cd20=&cd22=standalone%20page&cd26=arc&cd27=%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F&cd29=coronavirus%2Ccybercrime%2Cfraud%2Cgovernment-waste%2Cjesses-story-of-the-day%2CJesseJones&cd48=www.kiro7.com&cd149=coronavirus%2Ccybercrime%2Cfraud%2Cgovernment-waste%2Cjesses-story-of-the-day%2CJesseJones&z=1905962184 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-69447481-1&cid=1282769257.1598288387&jid=1562894852&_gid=290297511.1598288387&gjid=933102676&_v=j83&z=1905962184 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-69447481-1&cid=1282769257.1598288387&jid=1562894852&_v=j83&z=1905962184 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-69447481-1&cid=1282769257.1598288387&jid=1562894852&_v=j83&z=1905962184&slf_rd=1&random=2928601782

Request Chain 38

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/767680447/?random=1701449904&cv=9&fst=*&num=1&value=0&label=c_PNCPmS2poBEL-_h-4C&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8c0&sendb=1&ig=1&frm=0&url=https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/&tiba=How%20hackers%20are%20stealing%20hundreds%20of%20millions%20of%20dollars%20from%20Washington%E2%80%99s%20unemployment%20system&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=AvJDX_OSNOHP7_UPzIy3-A8&sscte=1&crd=&eitems=ChEI8MqN-gUQsJ6t6q-u28L4ARIdAAJlXKXZ_fFd6grkGSw7As3Xv3wR3P0jPxfcNvQ HTTP 302
https://www.google.com/pagead/1p-conversion/767680447/?random=1701449904&cv=9&fst=*&num=1&value=0&label=c_PNCPmS2poBEL-_h-4C&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8c0&sendb=1&ig=1&frm=0&url=https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/&tiba=How%20hackers%20are%20stealing%20hundreds%20of%20millions%20of%20dollars%20from%20Washington%E2%80%99s%20unemployment%20system&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=AvJDX_OSNOHP7_UPzIy3-A8&cid=CAQSKQCNIrLM8yEMmqeoRhgp4d2JqnBPqJAmjwdYDpvN0GRVaYkzAdkJdQ2f&eitems=ChEI8MqN-gUQsJ6t6q-u28L4ARIdAAJlXKU9FK2P1sxiWH2KhjakV6aBO9kznyh4n5c&random=1499325765&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/767680447/?random=1701449904&cv=9&fst=*&num=1&value=0&label=c_PNCPmS2poBEL-_h-4C&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8c0&sendb=1&ig=1&frm=0&url=https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/&tiba=How%20hackers%20are%20stealing%20hundreds%20of%20millions%20of%20dollars%20from%20Washington%E2%80%99s%20unemployment%20system&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=AvJDX_OSNOHP7_UPzIy3-A8&cid=CAQSKQCNIrLM8yEMmqeoRhgp4d2JqnBPqJAmjwdYDpvN0GRVaYkzAdkJdQ2f&eitems=ChEI8MqN-gUQsJ6t6q-u28L4ARIdAAJlXKU9FK2P1sxiWH2KhjakV6aBO9kznyh4n5c&random=1499325765&resp=GooglemKTybQhCsO&ipr=y

Request Chain 72

https://sb.scorecardresearch.com/b?c1=7&c2=13739933&c3=20121515121&ns__t=1598288388224&ns_c=UTF-8&cv=3.5&c8=How%20hackers%20are%20stealing%20hundreds%20of%20millions%20of%20dollars%20from%20Washington%E2%80%99s%20unemployment%20system&c7=https%3A%2F%2Fwww.kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1598288388224&ns_c=UTF-8&cv=3.5&c8=How%20hackers%20are%20stealing%20hundreds%20of%20millions%20of%20dollars%20from%20Washington%E2%80%99s%20unemployment%20system&c7=https%3A%2F%2Fwww.kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F&c9=&cs_ak_ss=1

Request Chain 124

https://d.adtriba.com/collect?atb_ptid=4c06a8fa&atb_dpuid=taboola&atb_dcaid=taboola HTTP 302
https://d.adtriba.com/px.gif

Request Chain 199

https://twcimaxweb.112.2o7.net/b/ss/twcimaxweb/1?pageName=www.kiro7.com&v3=138459890&events=event1 HTTP 302
https://twcimaxweb.112.2o7.net/b/ss/twcimaxweb/1?AQB=1&pccr=true&pageName=www.kiro7.com&v3=138459890&events=event1&AQE=1

Request Chain 212

https://eu-u.openx.net/w/1.0/pd?plm=6&ph=e31558e5-75b7-420e-989f-cbc513e3a26b&gdpr=1 HTTP 302
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=e31558e5-75b7-420e-989f-cbc513e3a26b&gdpr=1

Request Chain 213

https://eu-u.openx.net/w/1.0/pd?plm=6&ph=e31558e5-75b7-420e-989f-cbc513e3a26b&gdpr=1 HTTP 302
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=e31558e5-75b7-420e-989f-cbc513e3a26b&gdpr=1

Request Chain 214

https://eu-u.openx.net/w/1.0/pd?plm=6&ph=e31558e5-75b7-420e-989f-cbc513e3a26b&gdpr=1 HTTP 302
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=e31558e5-75b7-420e-989f-cbc513e3a26b&gdpr=1

217 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Redirect Chain

https://bit.ly/3bToZ0L
https://jessejones.com/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
http://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

106 KB
21 KB

636ms
619ms

Document
text/html

2.16.186.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.170 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a2-16-186-170.deploy.static.akamaitechnologies.com

Software

openresty /

Resource Hash

a945737268aa114127b3b316c9a909a6dcdc26a1a0173971078247357df0f81c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

:method: GET
:authority: www.kiro7.com
:scheme: https
:path: /jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
content-type: text/html;charset=UTF-8
server: openresty
pb-rid: rF4EmW1Kh2SsUr
pb-pid: kiro-article
arc-version: __default__
x-akamai-transformed: 9 101432 0 pmb=mRUM,2
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=60
expires: Mon, 24 Aug 2020 17:00:46 GMT
date: Mon, 24 Aug 2020 16:59:46 GMT
content-length: 20452
set-cookie: AKA_A2=A; expires=Mon, 24-Aug-2020 17:59:46 GMT; path=/; domain=kiro7.com; secure; HttpOnly
server-timing: cdn-cache; desc=REVALIDATE edge; dur=37 origin; dur=542
link: <https://use.fontawesome.com/releases/v5.2.0/webfonts/fa-solid-900.woff2>;rel="preload";as="font";type="font/woff2";crossorigin,<https://use.fontawesome.com/releases/v5.2.0/webfonts/fa-regular-400.woff2>;rel="preload";as="font";type="font/woff2";crossorigin,<https://use.fontawesome.com/releases/v5.2.0/webfonts/fa-brands-400.woff2>;rel="preload";as="font";type="font/woff2";crossorigin <https://www.googletagmanager.com>;rel="preconnect",<https://c.amazon-adsystem.com>;rel="preconnect",<https://widgets.media.weather.com>;rel="preconnect",<https://connect.facebook.net>;rel="preconnect",<https://widgets.outbrain.com>;rel="preconnect",<https://cdn.taboola.com>;rel="preconnect",<https://membercenter-sdk.cmg.com>;rel="preconnect",<https://www.lightboxcdn.com>;rel="preconnect"
content-security-policy: upgrade-insecure-requests

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Cache-Control: max-age=0
Expires: Mon, 24 Aug 2020 16:59:45 GMT
Date: Mon, 24 Aug 2020 16:59:45 GMT
Connection: keep-alive
Server-Timing: cdn-cache; desc=HIT edge; dur=1
Content-Security-Policy: upgrade-insecure-requests

GET
H2 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.2.0/webfonts/ 61 KB
61 KB 9ms
8ms Font
font/woff2 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.2.0/webfonts/fa-solid-900.woff2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 5c7df99df232586111917083a85aa31b82ee29e48ca2990e13fae0c0663a923f

Request headers

Origin: https://www.kiro7.com
Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 16:59:46 GMT
last-modified: Mon, 23 Jul 2018 17:07:14 GMT
server: NetDNA-cache/2.2
status: 200
etag: "b75b4bfe0d58faeced5006c785eaae23"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT
accept-ranges: bytes
content-length: 62472

GET
H2 200 fa-regular-400.woff2
use.fontawesome.com/releases/v5.2.0/webfonts/ 15 KB
15 KB 15ms
14ms Font
font/woff2 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.2.0/webfonts/fa-regular-400.woff2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 0ecd9f5bb492be71e3aacc8ca4f170c8f9890242a25e2c6ec9a42f13561b028f

Request headers

Origin: https://www.kiro7.com
Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 16:59:46 GMT
last-modified: Mon, 23 Jul 2018 17:07:12 GMT
server: NetDNA-cache/2.2
status: 200
etag: "8d9ab84bfe87a3f77112a6698cf639fb"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT
accept-ranges: bytes
content-length: 14888

GET
H2 200 fa-brands-400.woff2
use.fontawesome.com/releases/v5.2.0/webfonts/ 63 KB
63 KB 17ms
17ms Font
font/woff2 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.2.0/webfonts/fa-brands-400.woff2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 4d0130d314f1669c9ea5a911d401d6250f96386a52b0c38f7b3fb43cdcd10589

Request headers

Origin: https://www.kiro7.com
Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 16:59:46 GMT
last-modified: Mon, 23 Jul 2018 17:07:09 GMT
server: NetDNA-cache/2.2
status: 200
etag: "6814d0e8136d34e313623eb7129d538e"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT
accept-ranges: bytes
content-length: 64144

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 179 KB
52 KB 15ms
14ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WJW4B46

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7ba75fc06ae25752835a529a4934903d0ed6e8d8cc2eee706948cc41fdae3544

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 16:59:46 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53237
x-xss-protection: 0
last-modified: Mon, 24 Aug 2020 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 24 Aug 2020 16:59:46 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJW4B46

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 Jun 2020 23:38:14 GMT
server: Golfe2
age: 1565
date: Mon, 24 Aug 2020 16:33:41 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18469
expires: Mon, 24 Aug 2020 18:33:41 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 134 KB
34 KB 6ms
5ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJW4B46

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

893df2b9ceb653f94333139d561d363bf4c365e651a0a3ade839d96200942e37

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 34269
x-xss-protection: 0
pragma: public
x-fb-debug: BIOpEw4h5hRljwsxFHDOjVim3daG5Hk1eOA0IAdKkRkezmwq45gr+oYQcpbsS5GgVkc0dyzZ6PAL+Yt4Y9o6dQ==
x-fb-trip-id: 1460883810
x-frame-options: DENY
date: Mon, 24 Aug 2020 16:59:46 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 29 KB
11 KB 17ms
17ms Script
text/javascript 172.217.18.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJW4B46

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

cafe /

Resource Hash

d792ed2286a3f10ce01ed2c144ef1db80a8273d049b111589539c435ce908f9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 16:59:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 11318
x-xss-protection: 0
server: cafe
etag: 16467492975000070780
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 24 Aug 2020 16:59:46 GMT

GET
H/1.1

204
No Content

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=32816940&ns__t=1598288386702&ns_c=UTF-8&c8=How%20hackers%20are%20stealing%20hundreds%20of%20millions%20of%20dollars%20from%20Washington%E2%80%99s%20unempl...
https://sb.scorecardresearch.com/b2?c1=2&c2=32816940&ns__t=1598288386702&ns_c=UTF-8&c8=How%20hackers%20are%20stealing%20hundreds%20of%20millions%20of%20dollars%20from%20Washington%E2%80%99s%20unemp...

0
528 B

8ms
8ms

Image
text/plain

23.37.53.17
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=32816940&ns__t=1598288386702&ns_c=UTF-8&c8=How%20hackers%20are%20stealing%20hundreds%20of%20millions%20of%20dollars%20from%20Washington%E2%80%99s%20unemployment%20system&c7=https%3A%2F%2Fwww.kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F&c9=&cs_ak_ss=1
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.53.17 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-53-17.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 24 Aug 2020 16:59:46 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/b2?c1=2&c2=32816940&ns__t=1598288386702&ns_c=UTF-8&c8=How%20hackers%20are%20stealing%20hundreds%20of%20millions%20of%20dollars%20from%20Washington%E2%80%99s%20unemployment%20system&c7=https%3A%2F%2Fwww.kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F&c9=&cs_ak_ss=1
Pragma: no-cache
Date: Mon, 24 Aug 2020 16:59:46 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

204

/
loadus.exelator.com/load/
Redirect Chain

https://loadus.exelator.com/load/?p=1173&g=14&plcid=kiro7&adid=cmg&j=0&gtmcb=1362750324
https://loadus.exelator.com/load/?p=1173&g=14&plcid=kiro7&adid=cmg&j=0&gtmcb=1362750324&xl8blockcheck=1

0
751 B

40ms
40ms

Image
text/plain

136.144.49.28
PACKET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadus.exelator.com/load/?p=1173&g=14&plcid=kiro7&adid=cmg&j=0&gtmcb=1362750324&xl8blockcheck=1
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.144.49.28 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 204
date: Mon, 24 Aug 2020 16:59:46 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date: Mon, 24 Aug 2020 16:59:46 GMT
server: nginx
x-powered-by: Undertow/1
status: 302
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://loadus.exelator.com/load/?p=1173&g=14&plcid=kiro7&adid=cmg&j=0&gtmcb=1362750324&xl8blockcheck=1
cache-control: no-cache
access-control-allow-credentials: true
content-type: image/gif
content-length: 0

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j83&a=1086240315&t=pageview&_s=1&dl=https%3A%2F%2Fwww.kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washi...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-69447481-1&cid=1282769257.1598288387&jid=1562894852&_gid=290297511.1598288387&gjid=933102676&_v=j83&z=1905962184
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-69447481-1&cid=1282769257.1598288387&jid=1562894852&_v=j83&z=1905962184
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-69447481-1&cid=1282769257.1598288387&jid=1562894852&_v=j83&z=1905962184&slf_rd=1&random=2928601782

42 B
106 B

18ms
18ms

Image
image/gif

2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-69447481-1&cid=1282769257.1598288387&jid=1562894852&_v=j83&z=1905962184&slf_rd=1&random=2928601782

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Aug 2020 16:59:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 24 Aug 2020 16:59:46 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-69447481-1&cid=1282769257.1598288387&jid=1562894852&_v=j83&z=1905962184&slf_rd=1&random=2928601782
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 identity.js Show response
connect.facebook.net/signals/plugins/ 43 KB
11 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.23

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b72031ab9ee0b637634d8b4c5ea7d5c9c1286acaa1a5f3f8c43d3a8f5fa82664

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 10760
x-xss-protection: 0
pragma: public
x-fb-debug: zo8T3Mbpa0Wm3XOMplzIXC8zpQjDZTCIAudacruoim+H80VqSpve2jwUfL6Dcf+r3uUjQ1hKp+N2fXjDO22bvA==
x-fb-trip-id: 1460883810
x-frame-options: DENY
date: Mon, 24 Aug 2020 16:59:46 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 281660582191764 Show response
connect.facebook.net/signals/config/ 524 KB
133 KB 9ms
9ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/281660582191764?v=2.9.23&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

dd3955c5f5343ed3b51b2db244969a5037d330969e299ca89bf7b7172757a0dc

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 135197
x-xss-protection: 0
pragma: public
x-fb-debug: 6SsaYcF/UYe1p9aLpreKEwGb+65IsnyUN2y4olw6GlJ3EemIqjNnqZYZ6nUybHfjb1rBw18oUb+0V32U22MVbw==
x-fb-trip-id: 1460883810
x-frame-options: DENY
date: Mon, 24 Aug 2020 16:59:46 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/767680447/ 2 KB
1 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/767680447/?random=1598288386739&cv=9&fst=1598288386739&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8c0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F&tiba=How%20hackers%20are%20stealing%20hundreds%20of%20millions%20of%20dollars%20from%20Washington%E2%80%99s%20unemployment%20system&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9c7bcf3c837d4f84348047ce8844b6a7fab37d45614d267fc78f92196b40c8ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Aug 2020 16:59:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1104
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/2+Q/46 200 / Show response
www.googleadservices.com/pagead/conversion/767680447/ 2 KB
1 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/767680447/?random=1598288386742&cv=9&fst=1598288386742&num=1&value=0&label=c_PNCPmS2poBEL-_h-4C&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8c0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F&tiba=How%20hackers%20are%20stealing%20hundreds%20of%20millions%20of%20dollars%20from%20Washington%E2%80%99s%20unemployment%20system&hn=www.googleadservices.com&bttype=purchase&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

791a94444efa59632aefb03a83c3c89e281f072dcbeca289ec3375e666cc8642

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Aug 2020 16:59:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1269
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
257 B 6ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=281660582191764&ev=PageView&dl=https%3A%2F%2Fwww.kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F&rl=&if=false&ts=1598288386864&sw=1600&sh=1200&v=2.9.23&r=stable&ec=0&o=30&fbp=fb.1.1598288386863.1582223693&it=1598288386734&coo=false&tm=1&rqm=GET

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 16:59:46 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 24 Aug 2020 16:59:46 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.2.0/css/ 46 KB
12 KB 19ms
18ms Stylesheet
text/css 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.2.0/css/all.css
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 8891a160f8a2afb81de5259f9f68e5af3782348ea2927ad9e969bc88c7d39984

Request headers

Origin: https://www.kiro7.com
Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 16:59:46 GMT
content-encoding: gzip
last-modified: Mon, 23 Jul 2018 17:06:58 GMT
server: NetDNA-cache/2.2
status: 200
etag: W/"20a9ce516eaea76da29a23adc43e8998"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT

GET
H2 200 css
fonts.googleapis.com/ 14 KB
1 KB 18ms
13ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,400i,500,500i,700,700i

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fabbb74833cdd9063a2219ddd3240bb4f71a499e8838ec1d90e396548afc9d56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 24 Aug 2020 16:49:50 GMT
server: ESF
date: Mon, 24 Aug 2020 16:59:46 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 24 Aug 2020 16:59:46 GMT

GET
H2 200 cmg-framework0b08a005255398cce0d2.css
www.kiro7.com/pb/resources/dist/0b08a005255398cce0d2/cmg/ 32 KB
7 KB 3ms
0ms Stylesheet
text/css 2.16.186.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kiro7.com/pb/resources/dist/0b08a005255398cce0d2/cmg/cmg-framework0b08a005255398cce0d2.css?v=95

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.170 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a2-16-186-170.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

e212e3161632a4224e3e49b5af5d23622235d08db416499aa4c24aa2c83a9ca8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, upgrade-insecure-requests

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests, upgrade-insecure-requests
content-encoding: br
etag: "ba32167271cdd7a75ece23cd323645dd"
x-akamai-ro-tunnel-origin-edge-control: max-age=365d, downstream-ttl=365d
status: 200
server-timing: cdn-cache; desc=HIT, edge; dur=1
x-amz-request-id: 5C3501B0CD26E848
x-amz-id-2: 38HvG7j6AgXDNUo/CD2ZWzzDTc43I+oNaqScHCSNux4sPkmwUGISZ1y0xVGWIVTsbDX4yk9KYls=
accept-ranges: bytes
x-akamai-http2-push: 1
arc-version: 95
last-modified: Tue, 21 Jul 2020 20:40:57 GMT
server: Akamai Resource Optimizer
date: Mon, 24 Aug 2020 16:59:46 GMT
vary: Accept-Encoding
x-amz-version-id: yzHmsAdpfv1z1xUKz7cgSpcHGs12qbfs
access-control-allow-origin: *
cache-control: max-age=31536000
content-length: 6086
content-type: text/css; charset=utf-8
expires: Tue, 24 Aug 2021 16:59:46 GMT

GET
H2 200 cmg-features0b08a005255398cce0d2.css
www.kiro7.com/pb/resources/dist/0b08a005255398cce0d2/cmg/ 35 KB
5 KB 4ms
0ms Stylesheet
text/css 2.16.186.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kiro7.com/pb/resources/dist/0b08a005255398cce0d2/cmg/cmg-features0b08a005255398cce0d2.css?v=95

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.170 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a2-16-186-170.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

680168566ee9750e5db2b29af40845da0bf6ae8a6647f71f2feaa85948b6499d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, upgrade-insecure-requests

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests, upgrade-insecure-requests
content-encoding: br
etag: "5503d7fbb19c29fb8994d8644b693d60"
x-akamai-ro-tunnel-origin-edge-control: max-age=365d, downstream-ttl=365d
status: 200
server-timing: cdn-cache; desc=HIT, edge; dur=1
x-amz-request-id: CD8CCDD19D4F31D8
x-amz-id-2: 8hNYt/ruaQrw+mfdPS4gbOQEf239gbj4EBbiQeddprfmKlFzU1eR61nCyffShlz+3/DOrO72ET0=
accept-ranges: bytes
x-akamai-http2-push: 1
arc-version: 95
last-modified: Tue, 21 Jul 2020 20:25:40 GMT
server: Akamai Resource Optimizer
date: Mon, 24 Aug 2020 16:59:46 GMT
vary: Accept-Encoding
x-amz-version-id: msjWCi19VtaJKIQbimxUXkEWXHx5XOOX
access-control-allow-origin: *
cache-control: max-age=31536000
content-length: 4698
content-type: text/css; charset=utf-8
expires: Tue, 24 Aug 2021 16:59:46 GMT

GET
H2 200 cmg-services0b08a005255398cce0d2.css
www.kiro7.com/pb/resources/dist/0b08a005255398cce0d2/cmg/ 0
500 B 4ms
0ms Stylesheet
text/css 2.16.186.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kiro7.com/pb/resources/dist/0b08a005255398cce0d2/cmg/cmg-services0b08a005255398cce0d2.css?v=95

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.170 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a2-16-186-170.deploy.static.akamaitechnologies.com

Software

openresty /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, upgrade-insecure-requests

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests, upgrade-insecure-requests
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-amz-request-id: 1B47F7E9822862F7
status: 200
date: Mon, 24 Aug 2020 16:59:46 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=139
content-length: 0
x-amz-id-2: cm4i14SME3OC+/oABgox5lZVVry0ercLAzF8ME/KsHqLoft2pmcd18zTpHIMdDE2hnNjI1D6kxY=
x-akamai-http2-push: 1
arc-version: 95
last-modified: Fri, 17 Jul 2020 21:11:52 GMT
server: openresty
x-edgeconnect-cache-status: 1
x-amz-version-id: iCE1gr9HaYWV49S6h2B.YhExj.D1.Wc1
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-type: text/css; charset=utf-8
expires: Tue, 24 Aug 2021 16:59:46 GMT

GET
H2 200 main.min.js Show response
membercenter-sdk.cmg.com/sdk/ 450 KB
125 KB 44ms
9ms Script
application/javascript 2600:9000:214f:dc00:a:588b:e680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://membercenter-sdk.cmg.com/sdk/main.min.js
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:dc00:a:588b:e680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 45e81b26da1dc26926ec6b6cc23969a62efbe2d878ac61d17ce37a0aa3b68199

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 16:59:42 GMT
content-encoding: gzip
last-modified: Thu, 20 Aug 2020 19:17:51 GMT
server: AmazonS3
age: 5
etag: W/"3e12b3c119897000a7b237479049f7a6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: K-a8w6RnMbuh16bIkNTpHBcbdwZGpE_-8oVMztaSlbifyaNxWSYE2w==
via: 1.1 7549433a09d06354ea864d169b689e51.cloudfront.net (CloudFront)

GET
H2 200 js-cookie-2.2.1.min.js Show response
www.kiro7.com/pb/resources/scripts/ 2 KB
1 KB 0ms
0ms Script
application/javascript 2.16.186.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kiro7.com/pb/resources/scripts/js-cookie-2.2.1.min.js

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.170 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a2-16-186-170.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

15222558c59d8869576c6579a2b115258dc1a73efbdd38eafddd044a92756768

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, upgrade-insecure-requests

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests, upgrade-insecure-requests
content-encoding: br
etag: "bdb32"
x-akamai-ro-tunnel-origin-edge-control: max-age=365d, downstream-ttl=365d
status: 200
server-timing: cdn-cache; desc=HIT, edge; dur=2
content-length: 965
x-akamai-http2-push: 1
arc-version: __default__
last-modified: Thu, 09 Jul 2020 17:25:11 GMT
server: Akamai Resource Optimizer
date: Mon, 24 Aug 2020 16:59:46 GMT
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
x-edgeconnect-cache-status: 1
expires: Tue, 24 Aug 2021 16:59:46 GMT

GET
H2 200 prebid2.41.0.js Show response
www.kiro7.com/pb/resources/scripts/ 170 KB
47 KB 13ms
13ms Script
application/javascript 2.16.186.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kiro7.com/pb/resources/scripts/prebid2.41.0.js

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.170 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a2-16-186-170.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

fa44b74a77714d909c063e148f48d8c6ee818985a299dd9b408d40a50c209bab

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, upgrade-insecure-requests

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests, upgrade-insecure-requests
content-encoding: br
etag: "ea0ae"
x-akamai-ro-tunnel-origin-edge-control: max-age=365d, downstream-ttl=365d
status: 200
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 47271
arc-version: __default__
last-modified: Wed, 08 Jul 2020 22:39:49 GMT
server: Akamai Resource Optimizer
date: Mon, 24 Aug 2020 16:59:46 GMT
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Tue, 24 Aug 2021 16:59:46 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 104 KB
27 KB 66ms
32ms Script
application/javascript 13.226.145.204
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.145.204 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-145-204.dus51.r.cloudfront.net
Software: Server /
Resource Hash: 66cfd93f20fe1bb1545202b2138ec00c34d51f2cf915409404f4615560dcf7cb

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 16:55:30 GMT
content-encoding: gzip
server: Server
age: 255
etag: 455f576a29240d2cfe83996aefcdb576
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: public, max-age=900
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 3zu7O1MauSr0YxCkowBZ8ZOZ8G46YlndI4abZXF20evikfYojj6Sdw==
via: 1.1 8ad073ef904d92431b3428f3430707af.cloudfront.net (CloudFront)

GET
H2 200 84612eb819.js Show response
www.kiro7.com/pb/gr/c/default/rF4EmW1Kh2SsUr/arcAdsJS/ 13 KB
4 KB 18ms
17ms Script
application/javascript 2.16.186.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kiro7.com/pb/gr/c/default/rF4EmW1Kh2SsUr/arcAdsJS/84612eb819.js?v=95

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.170 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a2-16-186-170.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

68632f1c4edadde25df7c227f597bc41ec7c9a019cc6e0196d7060907e10b298

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, upgrade-insecure-requests

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests, upgrade-insecure-requests
content-encoding: br
etag: "d8dc7"
x-akamai-ro-tunnel-origin-edge-control: max-age=365d, downstream-ttl=365d
status: 200
server-timing: cdn-cache; desc=HIT, edge; dur=3
content-length: 3907
arc-version: 95
last-modified: Tue, 21 Jul 2020 20:43:38 GMT
server: Akamai Resource Optimizer
date: Mon, 24 Aug 2020 16:59:46 GMT
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Tue, 24 Aug 2021 16:59:46 GMT

GET
H/1.1 200
OK load.js Show response
s.ntv.io/serve/ 330 KB
96 KB 868ms
24ms Script
application/x-javascript 104.111.215.236
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ntv.io/serve/load.js
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.215.236 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-215-236.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 2db3814455c16db3eb80d6005bb8556c47dfe6ba3e78c05285344b31ad483715

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 24 Aug 2020 16:59:47 GMT
Content-Encoding: gzip
x-amz-request-id: 703B594D5C253FC7
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
x-amz-id-2: u73JZWx7k6ZXaKcRdVWWXMlJJAS5btJVbyqNVz554VbYYSJt9glcxAm/kgRaozQ+4OKftRmgAOU=
Last-Modified: Thu, 20 Aug 2020 23:52:35 GMT
Server: AmazonS3
ETag: "1f28269de735d81d86f79c388376c494"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2 200 DF7LUBGFVANPTYKOOV6SRGBSCM.jpg
www.kiro7.com/resizer/NylGT7CnIOla-jl-r_LpdKgx2OI=/1200x675/cloudfront-us-east-1.images.arcpublishing.com/cmg/ 44 KB
45 KB 251ms
250ms Image
image/webp 2.16.186.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.kiro7.com/resizer/NylGT7CnIOla-jl-r_LpdKgx2OI=/1200x675/cloudfront-us-east-1.images.arcpublishing.com/cmg/DF7LUBGFVANPTYKOOV6SRGBSCM.jpg

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.170 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a2-16-186-170.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

a489da137c52471d00bcf24ce4d6ac81e6798419f0ac07f4828244498942f6cd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 16:59:47 GMT
x-check-cacheable: YES
server: Akamai Image Manager
etag: "c13db246989ffae6ef261bf8f6001a7bcb14283f"
x-serial: 1566
content-type: image/webp
status: 200
cache-control: private, no-transform, max-age=29726965
last-modified: Mon, 03 Aug 2020 18:29:35 GMT
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=MISS, edge; dur=-377, origin; dur=408
content-length: 45156
expires: Tue, 03 Aug 2021 18:29:12 GMT

GET
H/2+Q/46 200 /
www.google.com/pagead/1p-user-list/767680447/ 42 B
517 B 41ms
26ms Image
image/gif 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/767680447/?random=1598288386739&cv=9&fst=1598284800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8c0&sendb=1&frm=0&url=https%3A%2F%2Fwww.kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F&tiba=How%20hackers%20are%20stealing%20hundreds%20of%20millions%20of%20dollars%20from%20Washington%E2%80%99s%20unemployment%20system&async=1&fmt=3&is_vtc=1&random=1913473065&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Aug 2020 16:59:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/2+Q/46 200 /
www.google.de/pagead/1p-user-list/767680447/ 42 B
517 B 41ms
27ms Image
image/gif 2a00:1450:4001:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/767680447/?random=1598288386739&cv=9&fst=1598284800000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8c0&sendb=1&frm=0&url=https%3A%2F%2Fwww.kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F&tiba=How%20hackers%20are%20stealing%20hundreds%20of%20millions%20of%20dollars%20from%20Washington%E2%80%99s%20unemployment%20system&async=1&fmt=3&is_vtc=1&random=1913473065&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Aug 2020 16:59:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 R6KAM3ZKJNG63DURMMIFGTQ4GM.jpg
www.kiro7.com/resizer/GOr0IvMW80iJ46CVvhyvrLNNeQk=/0x10/cloudfront-us-east-1.images.arcpublishing.com/cmg/ 690 B
1 KB 18ms
18ms Image
image/jpeg 2.16.186.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.kiro7.com/resizer/GOr0IvMW80iJ46CVvhyvrLNNeQk=/0x10/cloudfront-us-east-1.images.arcpublishing.com/cmg/R6KAM3ZKJNG63DURMMIFGTQ4GM.jpg

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.170 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a2-16-186-170.deploy.static.akamaitechnologies.com

Software

Akamai Image Server /

Resource Hash

c4e760e50c2ab24182ea513a84dc3109b272258a59e77d57cf8c58a7357135f4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, upgrade-insecure-requests

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests, upgrade-insecure-requests
last-modified: Thu, 01 Jan 1970 00:00:01 GMT
server: Akamai Image Server
etag: "cd7731fa7a98554a7d9044e35e53ab8f0cac8a5b"
content-type: image/jpeg
status: 200
cache-control: private, max-age=274
date: Mon, 24 Aug 2020 16:59:47 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
x-akamai-note: original-image
content-length: 690
expires: Mon, 24 Aug 2020 17:04:21 GMT

GET
H2 200 t_415407f47ef94c6d851fb5b5b0c80e13_name_Trump_officially_nominated_as_2020_Repub_5f43e9bb71c30002b05d057c_1_Aug_24_2020_16_31_32_poster.jpg
www.kiro7.com/resizer/WK6KA3mTbLtZdEniMBcm468QtqI=/0x10/d1hfln2sfez66z.cloudfront.net/08-24-2020/ 256 B
549 B 24ms
23ms Image
image/webp 2.16.186.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.kiro7.com/resizer/WK6KA3mTbLtZdEniMBcm468QtqI=/0x10/d1hfln2sfez66z.cloudfront.net/08-24-2020/t_415407f47ef94c6d851fb5b5b0c80e13_name_Trump_officially_nominated_as_2020_Repub_5f43e9bb71c30002b05d057c_1_Aug_24_2020_16_31_32_poster.jpg

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.170 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a2-16-186-170.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

ed8ff8062e72066d31b25a7d98374b2190e8385b1985ff2980f6b16040e5415b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 16:59:47 GMT
last-modified: Mon, 24 Aug 2020 16:40:38 GMT
server: Akamai Image Manager
etag: "40b5a01fae66d8031d3d32deaf577191f222905b"
content-type: image/webp
status: 200
cache-control: private, no-transform, max-age=31534924
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 256
expires: Tue, 24 Aug 2021 16:41:51 GMT

GET
H2 200 t_77f6c5172a2e4a3fb2d1672ccafcd4ff_name_378C57E2B3344A7CB6D8A88431919438
www.kiro7.com/resizer/ZacL8UupjmGbAUlJrR7hTkuvtKc=/0x10/d1hfln2sfez66z.cloudfront.net/11-26-2019/ 240 B
532 B 53ms
53ms Image
image/webp 2.16.186.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.kiro7.com/resizer/ZacL8UupjmGbAUlJrR7hTkuvtKc=/0x10/d1hfln2sfez66z.cloudfront.net/11-26-2019/t_77f6c5172a2e4a3fb2d1672ccafcd4ff_name_378C57E2B3344A7CB6D8A88431919438

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.170 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a2-16-186-170.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

97701eecf042d6a5ad60ec7a5004d785e9216013d2ac8b04a668f330e6a1868f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 16:59:47 GMT
last-modified: Mon, 24 Aug 2020 16:20:10 GMT
server: Akamai Image Manager
etag: "31e91b34ab167ecb577893a9ac3c4e747d788d72"
content-type: image/webp
status: 200
cache-control: private, no-transform, max-age=31533547
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=HIT, edge; dur=36
content-length: 240
expires: Tue, 24 Aug 2021 16:18:54 GMT

GET
H2 200 t_2584492fb269423bb85de0194674e9ca_name_20yearold_woman_declared_dead_found_brea_5f43e193836f805692004be0_1_Aug_24_2020_15_57_14_poster.jpg
www.kiro7.com/resizer/7ZStyh_FepfsNfcrQYTEpAj5TL8=/0x10/d1hfln2sfez66z.cloudfront.net/08-24-2020/ 298 B
591 B 222ms
222ms Image
image/webp 2.16.186.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.kiro7.com/resizer/7ZStyh_FepfsNfcrQYTEpAj5TL8=/0x10/d1hfln2sfez66z.cloudfront.net/08-24-2020/t_2584492fb269423bb85de0194674e9ca_name_20yearold_woman_declared_dead_found_brea_5f43e193836f805692004be0_1_Aug_24_2020_15_57_14_poster.jpg

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.170 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a2-16-186-170.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

462af7e56316cbd54775a56daafc59a06cdfd6f8a04d08e70d33e979b629c240

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 16:59:47 GMT
last-modified: Mon, 24 Aug 2020 16:05:24 GMT
server: Akamai Image Manager
etag: "f2d4290258e7ba342a4e33a40c4367d2977652b4"
content-type: image/webp
status: 200
cache-control: private, no-transform, max-age=31532724
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 298
expires: Tue, 24 Aug 2021 16:05:11 GMT

GET
H2 200 JGZUPWHHG5GYLKYTXNJLYR4YWA.jpg
www.kiro7.com/resizer/TCoaiccItcvZULGP6P6MeTgyooU=/0x10/cloudfront-us-east-1.images.arcpublishing.com/cmg/ 192 B
514 B 67ms
67ms Image
image/webp 2.16.186.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.kiro7.com/resizer/TCoaiccItcvZULGP6P6MeTgyooU=/0x10/cloudfront-us-east-1.images.arcpublishing.com/cmg/JGZUPWHHG5GYLKYTXNJLYR4YWA.jpg

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.170 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a2-16-186-170.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

8dab40e5d7a7021a46003d249a36d44dfe99576391181d7f7148266e5e09924e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 16:59:47 GMT
x-check-cacheable: YES
server: Akamai Image Manager
etag: "e5e6eac8b086ae325722fe6e8b272b8ff245763f"
x-serial: 1794
content-type: image/webp
status: 200
cache-control: private, no-transform, max-age=31526986
last-modified: Mon, 24 Aug 2020 14:30:02 GMT
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 192
expires: Tue, 24 Aug 2021 14:29:33 GMT

GET
H2 200 outbrain.js Show response
widgets.outbrain.com/ 143 KB
48 KB 30ms
10ms Script
application/x-javascript 104.111.216.19
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/outbrain.js
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.216.19 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-216-19.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 8a9e9f5b2fc3abd86179fc8bbfd5704d1c26759c442fb2f24b1be1386ecbc565

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 16:59:47 GMT
content-encoding: gzip
last-modified: Sun, 23 Aug 2020 13:57:19 GMT
status: 200
etag: W/"23b5b-CJYRVZxXncZdXm6wiQ0po1Lg4e8"
vary: Accept-Encoding
edge-cache-tag: widget-cheetah
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
timing-allow-origin: *
content-length: 48682
expires: Mon, 24 Aug 2020 20:59:47 GMT

GET
H2 200 wxwidget.loader.js Show response
widgets.media.weather.com/ 480 KB
115 KB 81ms
29ms Script
text/javascript 2a02:26f0:6c00:2be::3282
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.weather.com/wxwidget.loader.js?cid=138459890

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

2a02:26f0:6c00:2be::3282 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

nginx/1.16.1 / Express

Resource Hash

678411243c99862b378011c1c8ce74be91ccf15481b2eb8d7596d88a7439a67f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
etag: W/"781b9-UhHZMltauYQzxZEqvWoggWokm/c"
server: nginx/1.16.1
status: 200
x-powered-by: Express
x-cache-status: EXPIRED
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=41063
date: Mon, 24 Aug 2020 16:59:47 GMT
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 116774
expires: Tue, 25 Aug 2020 04:24:10 GMT

GET
H2 200 render.js Show response
www.kiro7.com/pb/gr/p/default/rF4EmW1Kh2SsUr/ 5 KB
1 KB 29ms
25ms Script
application/javascript 2.16.186.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kiro7.com/pb/gr/p/default/rF4EmW1Kh2SsUr/render.js?v=95

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.170 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a2-16-186-170.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

0e6dfa442177b789845d0ccd6d0ee0123d1cd971aec7da66f9ee0baef2bfd953

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, upgrade-insecure-requests

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests, upgrade-insecure-requests
content-encoding: br
etag: "3523a"
x-akamai-ro-tunnel-origin-edge-control: max-age=365d, downstream-ttl=365d
status: 200
server-timing: cdn-cache; desc=HIT, edge; dur=13
content-length: 1048
arc-version: 95
last-modified: Wed, 22 Jul 2020 17:04:29 GMT
server: Akamai Resource Optimizer
date: Mon, 24 Aug 2020 16:59:47 GMT
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Tue, 24 Aug 2021 16:59:47 GMT

GET
H2 200 cmg-index0b08a005255398cce0d2.js Show response
www.kiro7.com/pb/resources/dist/0b08a005255398cce0d2/cmg/ 379 KB
77 KB 29ms
26ms Script
application/javascript 2.16.186.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kiro7.com/pb/resources/dist/0b08a005255398cce0d2/cmg/cmg-index0b08a005255398cce0d2.js

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.170 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a2-16-186-170.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

36ad80a8bbf3902b110f7c30e7f1573bf449fb2cf7bbf9bbada7e6c93662a833

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, upgrade-insecure-requests

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests, upgrade-insecure-requests
content-encoding: br
etag: "26525"
x-akamai-ro-tunnel-origin-edge-control: max-age=365d, downstream-ttl=365d
status: 200
server-timing: cdn-cache; desc=HIT, edge; dur=10
content-length: 78502
arc-version: __default__
last-modified: Tue, 21 Jul 2020 20:23:44 GMT
server: Akamai Resource Optimizer
date: Mon, 24 Aug 2020 16:59:47 GMT
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Tue, 24 Aug 2021 16:59:47 GMT

GET
H/2+Q/46

200

/
www.google.de/pagead/1p-conversion/767680447/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/767680447/?random=1701449904&cv=9&fst=*&num=1&value=0&label=c_PNCPmS2poBEL-_h-4C&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_a...
https://www.google.com/pagead/1p-conversion/767680447/?random=1701449904&cv=9&fst=*&num=1&value=0&label=c_PNCPmS2poBEL-_h-4C&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd...
https://www.google.de/pagead/1p-conversion/767680447/?random=1701449904&cv=9&fst=*&num=1&value=0&label=c_PNCPmS2poBEL-_h-4C&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=...

42 B
88 B

30ms
27ms

Image
image/gif

2a00:1450:4001:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/767680447/?random=1701449904&cv=9&fst=*&num=1&value=0&label=c_PNCPmS2poBEL-_h-4C&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8c0&sendb=1&ig=1&frm=0&url=https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/&tiba=How%20hackers%20are%20stealing%20hundreds%20of%20millions%20of%20dollars%20from%20Washington%E2%80%99s%20unemployment%20system&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=AvJDX_OSNOHP7_UPzIy3-A8&cid=CAQSKQCNIrLM8yEMmqeoRhgp4d2JqnBPqJAmjwdYDpvN0GRVaYkzAdkJdQ2f&eitems=ChEI8MqN-gUQsJ6t6q-u28L4ARIdAAJlXKU9FK2P1sxiWH2KhjakV6aBO9kznyh4n5c&random=1499325765&resp=GooglemKTybQhCsO&ipr=y

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Aug 2020 16:59:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 24 Aug 2020 16:59:47 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/767680447/?random=1701449904&cv=9&fst=*&num=1&value=0&label=c_PNCPmS2poBEL-_h-4C&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8c0&sendb=1&ig=1&frm=0&url=https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/&tiba=How%20hackers%20are%20stealing%20hundreds%20of%20millions%20of%20dollars%20from%20Washington%E2%80%99s%20unemployment%20system&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=AvJDX_OSNOHP7_UPzIy3-A8&cid=CAQSKQCNIrLM8yEMmqeoRhgp4d2JqnBPqJAmjwdYDpvN0GRVaYkzAdkJdQ2f&eitems=ChEI8MqN-gUQsJ6t6q-u28L4ARIdAAJlXKU9FK2P1sxiWH2KhjakV6aBO9kznyh4n5c&random=1499325765&resp=GooglemKTybQhCsO&ipr=y
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 52ms
21ms XHR
application/javascript 13.226.145.204
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.145.204 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-145-204.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 10:58:30 GMT
content-encoding: gzip
vary: Origin
age: 21678
x-cache: Hit from cloudfront
status: 200
access-control-allow-origin: *
last-modified: Thu, 20 Aug 2020 07:51:21 GMT
server: AmazonS3
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 9ed795ea7207c9add01c8c2ab17d8299.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: h3rnJQcUr6LRSbutJ5vubYYDpkc6vNTTVoqZuimiZLfiGt4BN80g3A==

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 54 KB
18 KB 16ms
13ms Script
text/javascript 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/pb/gr/c/default/rF4EmW1Kh2SsUr/arcAdsJS/84612eb819.js?v=95

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c90ee39dae67c3684cbfe221f5d7b05a03ceadc644c4aa573a7ba7bb2db7afb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 16:59:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "611 / 378 of 1000 / last-modified: 1598281714"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 18623
x-xss-protection: 0
expires: Mon, 24 Aug 2020 16:59:47 GMT

POST
H2 200 /
www.facebook.com/tr/ 0
97 B 6ms
6ms Other
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundary9UISAJKOyCxC3Eai

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Mon, 24 Aug 2020 16:59:47 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://www.kiro7.com
access-control-allow-credentials: true
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

GET
H2 200 t Show response
jadserve.postrelease.com/ 1 KB
1 KB 481ms
273ms Script
text/javascript 52.86.141.129
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fwww.kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F&ntv_mvi
Requested by: Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.86.141.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-86-141-129.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: ae0ee06176b5265bc848bdd9ded63db88d1de98b78ed392c4eae2ebfd7ba68ea

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Aug 2020 16:59:48 GMT
content-encoding: gzip
server: nginx/1.12.1
status: 200
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: text/javascript;charset=UTF-8
content-length: 647
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/cox-network/ 513 KB
57 KB 30ms
10ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/cox-network/loader.js
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0dbaff061afa7cca97c6790c3d6efe09a380c5c60a9e9da759c998b58225c93d

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: F6OdJ8EJTbARBCHor0oGZL66wCPHYlAM
content-encoding: gzip
etag: "43d65954628a709eda398e6a7af8798f"
age: 10426
x-cache: HIT
status: 200
content-length: 57533
x-amz-id-2: UP+LbS28SynGAp5AkNsODJIjcTEcUrekRhiHj0TG6ES6N0x0Ps8wXvHH4lS5sL/KnLD5TFlOK5s=
x-served-by: cache-fra19130-FRA
last-modified: Mon, 24 Aug 2020 14:04:41 GMT
server: AmazonS3
x-timer: S1598288388.925371,VS0,VE1
date: Mon, 24 Aug 2020 16:59:47 GMT
vary: Accept-Encoding
x-amz-request-id: 1EB52D0586170C75
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 89
x-cache-hits: 1

GET
H2 200 2ARQK-4FEY5-2C44D-9TAQS-ZHZL7 Show response
s.go-mpulse.net/boomerang/ Frame 913B 202 KB
51 KB 35ms
20ms Script
application/javascript 2a02:26f0:6c00:298::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.go-mpulse.net/boomerang/2ARQK-4FEY5-2C44D-9TAQS-ZHZL7
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:298::11a6 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: 95a439c4e11ace2484e8d42c30ff56cf7db5ea7c6463df9ce2fdafa7f6ccbf54

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 16:59:47 GMT
content-encoding: br
last-modified: Mon, 10 Aug 2020 13:57:23 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
status: 200
cache-control: max-age=604800
timing-allow-origin: *
content-length: 51580

GET
H2 200 kiro-logo.png
www.kiro7.com/pb/resources/images/cmg_icons/ 4 KB
4 KB 27ms
25ms Image
image/webp 2.16.186.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.kiro7.com/pb/resources/images/cmg_icons/kiro-logo.png?v=95

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.170 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a2-16-186-170.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

b67b0f1771650f302642d45e7f9aacc8f93ad163d316b43dd98721193102f300

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 16:59:47 GMT
last-modified: Tue, 21 Jul 2020 20:12:30 GMT
server: Akamai Image Manager
etag: "6dffb9465cdfff128f115becd11a3113"
status: 200
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=28609973
x-edgeconnect-cache-status: 1
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 4100
expires: Wed, 21 Jul 2021 20:12:40 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400i,500,500i,700,700i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.kiro7.com
Referer: https://fonts.googleapis.com/css?family=Roboto:400,400i,500,500i,700,700i
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 11:04:00 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 21347
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Tue, 24 Aug 2021 11:04:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400i,500,500i,700,700i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.kiro7.com
Referer: https://fonts.googleapis.com/css?family=Roboto:400,400i,500,500i,700,700i
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 11:04:00 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 21347
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11020
x-xss-protection: 0
expires: Tue, 24 Aug 2021 11:04:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:81b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400i,500,500i,700,700i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.kiro7.com
Referer: https://fonts.googleapis.com/css?family=Roboto:400,400i,500,500i,700,700i
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 11:04:05 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:48 GMT
server: sffe
age: 21342
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11056
x-xss-protection: 0
expires: Tue, 24 Aug 2021 11:04:05 GMT

GET
H2 200 chartbeat_video.js Show response
static.chartbeat.com/js/ 69 KB
23 KB 35ms
10ms Script
application/x-javascript 2600:9000:2182:7200:18:1fcd:34e:d2a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_video.js
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2182:7200:18:1fcd:34e:d2a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: ba607af2c8d414ab6d4bac90c526d90a939cb0adf507b6ba063265347479159d

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 15:21:52 GMT
content-encoding: gzip
last-modified: Fri, 24 Apr 2020 00:58:19 GMT
server: nginx
age: 5876
etag: W/"5ea239ab-11347"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=7200
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: AMjZQcZ2ssplF0Po_1F4gSgh9qZl1K8zv_0opc_b9wOQEab5xm0RJg==
via: 1.1 3c2fca5c3988bc152e874a83fac74f4a.cloudfront.net (CloudFront)
expires: Mon, 24 Aug 2020 17:21:52 GMT

GET
H2 200 chartbeat_mab.js Show response
static.chartbeat.com/js/ 19 KB
8 KB 34ms
10ms Script
application/x-javascript 2600:9000:2182:7200:18:1fcd:34e:d2a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_mab.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJW4B46
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2182:7200:18:1fcd:34e:d2a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: c1acfa727754dab58bedc79995a642e235c6fde6449824c4fba4318fc060c91c

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 15:02:39 GMT
content-encoding: gzip
last-modified: Wed, 14 Aug 2019 01:44:12 GMT
server: nginx
age: 7029
etag: W/"5d53676c-4a99"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=7200
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: sgIwWpurLzNvCggfxfKsAPITUuqacuir8B08pYkCaPeBX84nPEoenQ==
via: 1.1 3c2fca5c3988bc152e874a83fac74f4a.cloudfront.net (CloudFront)
expires: Mon, 24 Aug 2020 17:02:39 GMT

GET
H2 200 lightbox_cox.js Show response
www.lightboxcdn.com/static/ 2 KB
1 KB 39ms
18ms Script
application/x-javascript 2606:4700::6810:50a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/static/lightbox_cox.js
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:50a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 85fe24e2163fae2bd19d88423d1beede8684e23a9180c575290be20e5ae4a3ec

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 24 Aug 2020 16:59:48 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: zJsa6h2SAYrrudS+6bETag==
age: 508860
cf-polished: origSize=1881
x-ms-meta-cbmodifiedtime: Tue, 18 Aug 2020 19:35:25 GMT
status: 200
last-modified: Tue, 18 Aug 2020 19:38:29 GMT
cf-request-id: 04c30277a00000074289287200000001
x-ms-lease-status: unlocked
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
x-ms-request-id: 1028a91a-201e-0075-1697-75d27a000000
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
cf-ray: 5c7ea03908460742-FRA
expires: Tue, 24 Aug 2021 16:59:48 GMT

GET
H2 200 dm.js Show response
tag.durationmedia.net/sites/10560/ 1 KB
997 B 409ms
374ms Script
application/javascript 2600:9000:2182:5400:10:ce97:9fc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.durationmedia.net/sites/10560/dm.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJW4B46
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2182:5400:10:ce97:9fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2ba72d1da694b90b069bb47b174e1f58af73c7de3ed6ebe680910170b3ad5f5b

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-meta-cache-control: public,max-age=3600
content-encoding: gzip
last-modified: Mon, 03 Aug 2020 03:44:09 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-C1
etag: "2621b8f958fcbb742d73eeea81b6cfbb"
x-cache: RefreshHit from cloudfront
x-amz-version-id: i6QuWsXE.gYPnhasa7OU7tkIlTn_g1Kf
status: 200
date: Mon, 24 Aug 2020 16:59:49 GMT
accept-ranges: bytes
content-type: application/javascript
content-length: 577
via: 1.1 d0be2eec997f966c9c7eb03ae2f75c30.cloudfront.net (CloudFront)
x-amz-cf-id: OlVIDXaFk_ldx1ri1BkjgCLneIW35Og9l0Sb86lowaBiJOQ8F6n6ng==

GET
H2 200 pubads_impl_2020081901.js Show response
securepubads.g.doubleclick.net/gpt/ 258 KB
91 KB 68ms
43ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081901.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

sffe /

Resource Hash

8210024f80e448628a3d3a0ad3e739512711dc9d61d10301b1b19da61ee83cbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 16:59:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 19 Aug 2020 08:40:28 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 92737
x-xss-protection: 0
expires: Mon, 24 Aug 2020 16:59:48 GMT

GET
H2 200 load.js Show response
widget.perfectmarket.com/cox-network/ 4 KB
2 KB 36ms
7ms Script
application/javascript 151.101.113.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.perfectmarket.com/cox-network/load.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/cox-network/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.181 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fbb0e86ccce48b6e3624ebec3313ede4b3a5fce48047f324267f65110b40acad

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: IZ8OTIoenzcg.cleqFwBPbWlbDW1hgyb
content-encoding: gzip
etag: "8e2dc1f5b2d46f4b95f576b6989d0a3a"
age: 136
x-cache: HIT, HIT
status: 200
content-length: 1384
x-amz-id-2: tBOqaz9ZM5gkNQ/XBZU6obZTARpop3dSwQLYwq3B+srZbm8RORa2Clrb4S1Vs4EGUBJoizTEf4Y=
x-served-by: cache-lax8650-LAX, cache-hhn4047-HHN
last-modified: Wed, 18 Mar 2020 08:48:23 GMT
server: AmazonS3
x-timer: S1598288388.074427,VS0,VE1
date: Mon, 24 Aug 2020 16:59:48 GMT
vary: Accept-Encoding,,
x-amz-request-id: A654CBBEBD2FFA49
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=300
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 1, 1

GET
H2 200 impl.20200824-16-RELEASE.js Show response
cdn.taboola.com/libtrc/ 438 KB
124 KB 9ms
8ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20200824-16-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/cox-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e73ea9aeccf4f8d78089a40b414c75ed6a680a14568218ac4c679503461e306b

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: P25kfF7Gl_AEA44wfjB0k0HSjn_aDZqb
content-encoding: gzip
etag: "c9a6e8196f673623c5bcfaeae4bafb54"
age: 11729
x-cache: HIT
status: 200
x-amz-replication-status: COMPLETED
content-length: 126219
x-amz-id-2: lJNvwjmv7rNlaXRm1CQyJwb43CWUe4YXi3xmAZ8osUAGN2QLW58iKq+I/v4z0NCUT4aqdjjLXYo=
x-served-by: cache-fra19130-FRA
last-modified: Mon, 24 Aug 2020 13:42:35 GMT
server: AmazonS3
x-timer: S1598288388.047343,VS0,VE0
date: Mon, 24 Aug 2020 16:59:48 GMT
vary: Accept-Encoding
x-amz-request-id: F5C1C16F237A0D23
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 25
x-cache-hits: 99021

GET
H/1.1 200
OK beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 9ms
8ms Script
application/x-javascript 23.37.53.17
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/cox-network/loader.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.53.17 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-53-17.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 24 Aug 2020 16:59:48 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 884
Expires: Tue, 25 Aug 2020 16:59:48 GMT

GET
H2 200 put.html
widgets.outbrain.com/nanoWidget/externals/cookie/ Frame 7C64 0
0 12ms
11ms Document
text/html 104.111.216.19
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.216.19 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-216-19.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash

Request headers

:method: GET
:authority: widgets.outbrain.com
:scheme: https
:path: /nanoWidget/externals/cookie/put.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Response headers

status: 200
accept-ranges: bytes
content-type: text/html
etag: "c0311cf15c21ddda054005e92fad3f9e:1598191628.814074"
last-modified: Sun, 23 Aug 2020 13:56:36 GMT
server: AkamaiNetStorage
content-length: 416
cache-control: max-age=345600
date: Mon, 24 Aug 2020 16:59:48 GMT
timing-allow-origin: *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
set-cookie: akacd_widgets_routing=1598288388~rv=25~id=68e1d1647122dbaac84fc00ffb6a2aa8; path=/; Expires=Mon, 24 Aug 2020 16:59:48 GMT; Secure; SameSite=None

GET
H/1.1 200
OK d3d3Lmtpcm83LmNvbQ== Show response
tcheck.outbrainimg.com/tcheck/check/ 16 B
418 B 47ms
14ms XHR
application/json 92.122.252.200
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tcheck.outbrainimg.com/tcheck/check/d3d3Lmtpcm83LmNvbQ==
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 92.122.252.200 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a92-122-252-200.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 24 Aug 2020 16:59:48 GMT
ETag: W/"10-us8lSJutAxKqLzf8c1+n5XstcwY"
Access-Control-Max-Age: 43200
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=8409
Access-Control-Allow-Credentials: false
Connection: keep-alive
Content-Length: 16
Expires: Mon, 24 Aug 2020 19:19:57 GMT

OPTIONS
H2 200 /
member-center-api.cmg.com/api/v1/configs/ Frame 0
0 178ms
110ms Other
application/json 2600:9000:2182:7800:16:b34:fdc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://member-center-api.cmg.com/api/v1/configs/?station=kiro-tv
Protocol: H2
Server: 2600:9000:2182:7800:16:b34:fdc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-api-key
Origin: https://www.kiro7.com
Sec-Fetch-Mode: cors

Response headers

status: 200
content-type: application/json
content-length: 1
date: Mon, 24 Aug 2020 16:59:48 GMT
x-amzn-requestid: b03bc962-7521-497f-bbde-79e4ae88d763
access-control-allow-origin: https://www.kiro7.com
access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Amz-User-Agent
x-amz-apigw-id: RyLArEWxIAMFeig=
access-control-allow-methods: OPTIONS,GET
via: 1.1 498cdb7d5db845f8fbb098d88d764204.cloudfront.net (CloudFront), 1.1 a67be963c7536322e9a591e428e62d28.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1 DUS51-C1
x-cache: Miss from cloudfront
x-amz-cf-id: giCFUKXam01mX3X617bTsRdwN7vYy_s9kLqQ0R-Yo6uw8pb1BOa9sQ==

GET
H2 200 / Show response
member-center-api.cmg.com/api/v1/configs/ 71 KB
11 KB 358ms
357ms Fetch
application/json 2600:9000:2182:7800:16:b34:fdc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://member-center-api.cmg.com/api/v1/configs/?station=kiro-tv
Requested by: Host: membercenter-sdk.cmg.com
URL: https://membercenter-sdk.cmg.com/sdk/main.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2182:7800:16:b34:fdc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 42b955255ccece0d430ebf7cf813186ece8c1d3b0acf759c0c4532faf1bffc74

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
x-api-key: Ac36ZEKNDB4pjb2SXGbsI8X2LuWyyJz347mAWfJk

Response headers

date: Mon, 24 Aug 2020 16:59:48 GMT
via: 1.1 414a05dee9c365a2a2079013f9d53671.cloudfront.net (CloudFront), 1.1 a67be963c7536322e9a591e428e62d28.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1, DUS51-C1
status: 200
x-amzn-requestid: ab79f5b9-8331-4b11-819d-876d1f80d3c2
vary: Accept-Encoding
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: *
cache-control: no-store
x-amzn-trace-id: Root=1-5f43f204-309b42202f63adbc064cd37e;Sampled=0
x-cache: Miss from cloudfront
content-encoding: gzip
x-amz-apigw-id: RyLAsEaDoAMFvEA=
x-amz-cf-id: GtogVuqkXVJqVnT2Uu_PA8RFQDDGzca6h_uxfl9ybnenceZCtkViyg==

GET
H2 200 / Show response
www.kiro7.com/api/classic-collection/4WSAXOA2OFHE3LLQRTO3VKK7MQ/ 5 KB
2 KB 100ms
97ms XHR
application/json 2.16.186.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kiro7.com/api/classic-collection/4WSAXOA2OFHE3LLQRTO3VKK7MQ/?outputType=json&query=9&filter=0&source=%257B%2522schema%2522%253A%2522ans%2522%257D

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/pb/resources/dist/0b08a005255398cce0d2/cmg/cmg-index0b08a005255398cce0d2.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.170 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a2-16-186-170.deploy.static.akamaitechnologies.com

Software

openresty /

Resource Hash

d745ff3dd96d9c204c9c783d0ea32c1b9952230731651ee128e9ea70d25fbda6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 16:59:48 GMT
content-encoding: gzip
server: openresty
etag: W/"1493-bZwwzlUS4Z53ZvVOe4+7ke1HlsY"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
status: 200
cache-control: max-age=60
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=HIT, edge; dur=60
content-length: 1543
expires: Mon, 24 Aug 2020 17:00:48 GMT

GET
H2 404 / Show response
www.kiro7.com/api/classic-collection/5KTBI4FNIZAZNAIF3DGUFOPYUI/ 9 B
254 B 99ms
97ms XHR
text/plain 2.16.186.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kiro7.com/api/classic-collection/5KTBI4FNIZAZNAIF3DGUFOPYUI/?outputType=json&query=9&filter=0&source=%257B%2522schema%2522%253A%2522ans%2522%257D

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/pb/resources/dist/0b08a005255398cce0d2/cmg/cmg-index0b08a005255398cce0d2.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.170 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a2-16-186-170.deploy.static.akamaitechnologies.com

Software

openresty /

Resource Hash

0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 16:59:48 GMT
server: openresty
etag: W/"9-0gXL1ngzMqISxa6S1zx3F4wtLyg"
content-type: text/plain; charset=utf-8
status: 404
cache-control: max-age=66
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=HIT, edge; dur=51
content-length: 9
expires: Mon, 24 Aug 2020 17:00:54 GMT

GET
H2 404 feature Show response
www.kiro7.com/pb/api/v2/render/ 71 B
338 B 403ms
401ms XHR
application/json 2.16.186.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kiro7.com/pb/api/v2/render/feature?name=weather-alerts-bar&uri=%2Fkiro-weather-alerts%2F&_website=kiro&contentConfig=%7B%7D&customFields=%7B%7D&wrapper=true

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/pb/resources/dist/0b08a005255398cce0d2/cmg/cmg-index0b08a005255398cce0d2.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.170 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a2-16-186-170.deploy.static.akamaitechnologies.com

Software

openresty /

Resource Hash

d701f1aeeca64b8b1deacc747a73af64c787d04fc83403663461e9c8cd045884

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 16:59:48 GMT
arc-version: __default__
server: openresty
status: 404
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=220
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=MISS, edge; dur=46, origin; dur=311
content-length: 71
expires: Mon, 24 Aug 2020 17:03:28 GMT

GET
H2 200 R6KAM3ZKJNG63DURMMIFGTQ4GM.jpg
www.kiro7.com/resizer/tbbYvsDT27QWYDn3gVT_5xuMjwI=/1200x675/cloudfront-us-east-1.images.arcpublishing.com/cmg/ 132 KB
133 KB 184ms
182ms Image
image/jpeg 2.16.186.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.kiro7.com/resizer/tbbYvsDT27QWYDn3gVT_5xuMjwI=/1200x675/cloudfront-us-east-1.images.arcpublishing.com/cmg/R6KAM3ZKJNG63DURMMIFGTQ4GM.jpg

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.170 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a2-16-186-170.deploy.static.akamaitechnologies.com

Software

Akamai Image Server /

Resource Hash

2b16ddc2b34d6afd82d3b7632b4d124024bb0865a09f52d9cb5308fc85137b58

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, upgrade-insecure-requests

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests, upgrade-insecure-requests
last-modified: Thu, 01 Jan 1970 00:00:01 GMT
server: Akamai Image Server
etag: "ca833c4f2d5c26de3037bc348c37e75122e63e34"
content-type: image/jpeg
status: 200
cache-control: private, max-age=900
date: Mon, 24 Aug 2020 16:59:48 GMT
server-timing: cdn-cache; desc=MISS, edge; dur=-1624, origin; dur=1731
x-akamai-note: original-image
content-length: 135344
expires: Mon, 24 Aug 2020 17:14:48 GMT

GET
H2 200 t_415407f47ef94c6d851fb5b5b0c80e13_name_Trump_officially_nominated_as_2020_Repub_5f43e9bb71c30002b05d057c_1_Aug_24_2020_16_31_32_poster.jpg
www.kiro7.com/resizer/f64RMrO5NWE_-GBEma93v3BzR0c=/1200x675/d1hfln2sfez66z.cloudfront.net/08-24-2020/ 78 KB
78 KB 235ms
234ms Image
image/webp 2.16.186.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.kiro7.com/resizer/f64RMrO5NWE_-GBEma93v3BzR0c=/1200x675/d1hfln2sfez66z.cloudfront.net/08-24-2020/t_415407f47ef94c6d851fb5b5b0c80e13_name_Trump_officially_nominated_as_2020_Repub_5f43e9bb71c30002b05d057c_1_Aug_24_2020_16_31_32_poster.jpg

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.170 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a2-16-186-170.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

ceb5ad2b6d901a1fbb2617be579cfeac6b5cc286fef8bba63d348fab9eb67b65

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 16:59:48 GMT
last-modified: Mon, 24 Aug 2020 16:41:14 GMT
server: Akamai Image Manager
etag: "4d1fcb8ef18188d3227dba68e7ce72b54c39b126"
content-type: image/webp
status: 200
cache-control: private, no-transform, max-age=31534836
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=HIT, edge; dur=149
content-length: 79760
expires: Tue, 24 Aug 2021 16:40:24 GMT

GET
H2 200 t_77f6c5172a2e4a3fb2d1672ccafcd4ff_name_378C57E2B3344A7CB6D8A88431919438
www.kiro7.com/resizer/DaFJ9eLLHHrhr_bXgIIc8O9Sdk8=/1200x675/d1hfln2sfez66z.cloudfront.net/11-26-2019/ 129 KB
130 KB 292ms
290ms Image
image/jpeg 2.16.186.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.kiro7.com/resizer/DaFJ9eLLHHrhr_bXgIIc8O9Sdk8=/1200x675/d1hfln2sfez66z.cloudfront.net/11-26-2019/t_77f6c5172a2e4a3fb2d1672ccafcd4ff_name_378C57E2B3344A7CB6D8A88431919438

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.170 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a2-16-186-170.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

76439b75e3f2e5b0245aece2b61f2b3f311ebcf32f4b100026b3277026aa0cb3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 16:59:48 GMT
last-modified: Mon, 24 Aug 2020 16:21:48 GMT
server: Akamai Image Manager
etag: "394e618fa0c58105060a37bde449a5f93c0b8cc4"
content-type: image/jpeg
status: 200
cache-control: private, no-transform, max-age=31533614
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=HIT, edge; dur=191
content-length: 132593
expires: Tue, 24 Aug 2021 16:20:02 GMT

GET
H2 200 t_2584492fb269423bb85de0194674e9ca_name_20yearold_woman_declared_dead_found_brea_5f43e193836f805692004be0_1_Aug_24_2020_15_57_14_poster.jpg
www.kiro7.com/resizer/EJ8mruRYoYypEvF28LrT5aqlm9g=/1200x675/d1hfln2sfez66z.cloudfront.net/08-24-2020/ 82 KB
82 KB 111ms
110ms Image
image/webp 2.16.186.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.kiro7.com/resizer/EJ8mruRYoYypEvF28LrT5aqlm9g=/1200x675/d1hfln2sfez66z.cloudfront.net/08-24-2020/t_2584492fb269423bb85de0194674e9ca_name_20yearold_woman_declared_dead_found_brea_5f43e193836f805692004be0_1_Aug_24_2020_15_57_14_poster.jpg

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.170 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a2-16-186-170.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

8e2aa60d03eeb4d2424689ba3202946e8745b05615dc0eaecef93d197ce4a7e2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 16:59:48 GMT
last-modified: Mon, 24 Aug 2020 16:23:20 GMT
server: Akamai Image Manager
etag: "30fabd04efb9c15cd5c54295f9e30e08b51a8431"
content-type: image/webp
status: 200
cache-control: private, no-transform, max-age=31533814
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=HIT, edge; dur=82
content-length: 83846
expires: Tue, 24 Aug 2021 16:23:22 GMT

GET
H2 200 JGZUPWHHG5GYLKYTXNJLYR4YWA.jpg
www.kiro7.com/resizer/4ampFAq8YJie0rc4vrHiuPa4Gvk=/1200x675/cloudfront-us-east-1.images.arcpublishing.com/cmg/ 79 KB
79 KB 53ms
53ms Image
image/jpeg 2.16.186.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.kiro7.com/resizer/4ampFAq8YJie0rc4vrHiuPa4Gvk=/1200x675/cloudfront-us-east-1.images.arcpublishing.com/cmg/JGZUPWHHG5GYLKYTXNJLYR4YWA.jpg

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.170 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a2-16-186-170.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

4858f428d5d50d739665bdf2662686d9051f885e5eebda7db0c98bc0be7c068f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 16:59:48 GMT
last-modified: Mon, 24 Aug 2020 14:30:14 GMT
server: Akamai Image Manager
etag: "2d19e2d3e35f2786292a7b5a159ff2019546fea1"
content-type: image/jpeg
status: 200
cache-control: private, no-transform, max-age=31527071
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=HIT, edge; dur=15
content-length: 80404
expires: Tue, 24 Aug 2021 14:30:59 GMT

GET
H/1.1 200
OK dwce_cheq_events Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 370ms
93ms XHR
application/json 70.42.32.31
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1598288388198&sessionId=5733ab9e-4d46-26c3-5cf4-4bb1300d679d&url=www.kiro7.com&cheqSource=1&cheqEvent=0&exitReason=2
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.31 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 24 Aug 2020 16:59:48 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 2c1cc16a3688103931c56e9676d14847
Content-Length: 4
Expires: 0

GET
H2 200 lightbox.js Show response
www.lightboxcdn.com/vendor/458eb58b-8ae1-48ae-b99e-cfbb948d1b54/ 326 B
322 B 16ms
16ms Script
application/javascript 2606:4700::6810:50a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/vendor/458eb58b-8ae1-48ae-b99e-cfbb948d1b54/lightbox.js?cb=1598288388200
Requested by: Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/static/lightbox_cox.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:50a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: d20beb8bd7c6778095f019514f2008592a9c74a5204bb4b5993bcd10ee38ba4d

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 16:59:48 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
server: cloudflare
age: 264135
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cf-ray: 5c7ea03a4c9d0742-FRA
cf-request-id: 04c302786d000007428929e200000001

GET
H2 200 ping
ping.chartbeat.net/ 43 B
168 B 306ms
103ms Image
image/gif 52.201.74.173
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=kiro7.com&p=%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F&u=NlwuhJd-ETCMfuBd&d=kiro7.com&g=31585&g0=news&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=3842&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=2921&t=DUg_k4C-KeuXC0Qw9nB3QDOkDximjL&V=120&i=how%20hackers%20are%20stealing%20hundreds%20of%20millions%20of%20dollars%20from%20washington%E2%80%99s%20unemployment%20system&tz=-120&sn=1&sv=DipNwmDUciiWDMQ0jnDyvJHsR9ZrL&sd=1&im=067b2ffa&_
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.201.74.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-201-74-173.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
pragma: no-cache
date: Mon, 24 Aug 2020 16:59:48 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

GET
H/1.1

204
No Content

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=13739933&c3=20121515121&ns__t=1598288388224&ns_c=UTF-8&cv=3.5&c8=How%20hackers%20are%20stealing%20hundreds%20of%20millions%20of%20dollars%20from%20Washing...
https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1598288388224&ns_c=UTF-8&cv=3.5&c8=How%20hackers%20are%20stealing%20hundreds%20of%20millions%20of%20dollars%20from%20Washin...

0
528 B

8ms
7ms

Image
text/plain

23.37.53.17
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1598288388224&ns_c=UTF-8&cv=3.5&c8=How%20hackers%20are%20stealing%20hundreds%20of%20millions%20of%20dollars%20from%20Washington%E2%80%99s%20unemployment%20system&c7=https%3A%2F%2Fwww.kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F&c9=&cs_ak_ss=1
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.53.17 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-53-17.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 24 Aug 2020 16:59:48 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1598288388224&ns_c=UTF-8&cv=3.5&c8=How%20hackers%20are%20stealing%20hundreds%20of%20millions%20of%20dollars%20from%20Washington%E2%80%99s%20unemployment%20system&c7=https%3A%2F%2Fwww.kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F&c9=&cs_ak_ss=1
Pragma: no-cache
Date: Mon, 24 Aug 2020 16:59:48 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 json Show response
trc.taboola.com/cox-kiro-tv/trc/3/ 29 KB
10 KB 512ms
491ms Script
application/javascript 151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/cox-kiro-tv/trc/3/json?tim=18%3A59%3A48.301&lti=deflated&data=%7B%22id%22%3A47%2C%22ii%22%3A%22%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1598277869845%2C%22vi%22%3A1598288388292%2C%22cv%22%3A%2220200824-16-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fkiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A3842%2C%22nsid%22%3A%22cox-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A8%2C%22uim%22%3A%22alternating-thumbnails-e%3Apub%3Dcox-network%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%20-March%202017%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%20-March%202017%22%2C%22cd%22%3A3431.515625%2C%22mw%22%3A1280%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20200824-16-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d3076f9befcff623f3295a56ce1d8994a2a8b34ce7af676e33d9712231c64fb6

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 477
date: Mon, 24 Aug 2020 16:59:48 GMT
content-encoding: gzip
access-control-allow-origin: *
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
x-served-by: cache-hhn4027-HHN
server: nginx
x-timer: S1598288388.332236,VS0,VE477
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 pmk-202002191.24.js Show response
widget.perfectmarket.com/cox-network/ 111 KB
30 KB 11ms
10ms Script
application/javascript 151.101.113.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.perfectmarket.com/cox-network/pmk-202002191.24.js
Requested by: Host: widget.perfectmarket.com
URL: https://widget.perfectmarket.com/cox-network/load.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.181 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9c088796f9990e19374762ed19b3101f2ce74f08dcff8959c260f6a596adcbc9

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: ei3mj3MCMsmfeLhxEHizVjAML_x7dBYM
content-encoding: gzip
etag: "7c53f5a4bb6d69f0e058c85d17cbe74e"
age: 13767084
x-cache: HIT, HIT
status: 200
content-length: 30933
x-amz-id-2: 0tXChLZoXOLqzyrlHSKx+d7VFfo9mbexieUmSBxMcRB/Z0meSzHQNYqZGW+g0N42Owyd9u/tNzY=
x-served-by: cache-lax8634-LAX, cache-hhn4047-HHN
last-modified: Wed, 18 Mar 2020 08:48:22 GMT
server: AmazonS3
x-timer: S1598288388.324043,VS0,VE0
date: Mon, 24 Aug 2020 16:59:48 GMT
vary: Accept-Encoding,,
x-amz-request-id: 6A7CB9547A1656ED
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=31536000
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 4139, 7

GET
H/1.1 200
OK cygnus Show response
as-sec.casalemedia.com/ 23 B
985 B 319ms
286ms XHR
application/json 104.111.215.135
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/cygnus?s=220808&v=7.2&r=%7B%22id%22%3A%22119730c33f34f%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22273db34c05acf%22%2C%22ext%22%3A%7B%22siteID%22%3A%22220808%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%7D&ac=j&sd=1&
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/pb/resources/scripts/prebid2.41.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.215.135 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-215-135.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: d73c5ca19c63842bcf188ca9a8efa9d66e3996852486af39e0d96088411587d1

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 24 Aug 2020 16:59:48 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin: https://www.kiro7.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 43
Expires: Mon, 24 Aug 2020 16:59:48 GMT

GET
H2 200 arj Show response
coxmediagroup-d.openx.net/w/1.0/ 173 B
561 B 136ms
80ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://coxmediagroup-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.0&dddid=ecd1543c-b757-4563-ad29-975021c3c428&nocache=1598288388321&aus=970x90%2C728x90%2C728x90%2C320x50&divIds=ad927&auid=539739792&
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/pb/resources/scripts/prebid2.41.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.192.1 /
Resource Hash: 96b7aa24f10644c999c6576a32f41cef54660693db107e08e030661f103ab8d6

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 24 Aug 2020 16:59:48 GMT
content-encoding: gzip
server: OXGW/16.192.1
status: 200
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.kiro7.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 165
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 53 B
744 B 49ms
14ms XHR
application/json 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/pb/resources/scripts/prebid2.41.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 24 Aug 2020 16:59:48 GMT
X-Proxy-Origin: 37.120.217.220; 37.120.217.220; 728.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.41:80
AN-X-Request-Uuid: e6d129a1-5e79-4dd7-ad19-3c44331737f4
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.kiro7.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 53
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 260 B
2 KB 84ms
56ms XHR
application/json 69.173.144.143
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21718&site_id=297328&zone_id=1501256&size_id=2&alt_size_ids=55&rf=https%3A%2F%2Fwww.kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F&tk_flint=pbjs_lite_v2.41.0&x_source.tid=ecd1543c-b757-4563-ad29-975021c3c428&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.5078266427962985
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/pb/resources/scripts/prebid2.41.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: b6f0fde4d630ebdda693018e93ac3e4890d40d60ad6133fbc8d82626ccbb4133

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 24 Aug 2020 16:59:48 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.kiro7.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 260
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
371 B 47ms
47ms XHR
text/javascript 13.226.145.204
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=3185&u=https%3A%2F%2Fwww.kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F&pid=ygq0JHyOVxjPe&cb=0&ws=1600x1200&v=7.53.00&t=2000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F12523293%2FSeattle_TV%2Fkiro_web_default%2Fnews%2Fjesse_jones%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.145.204 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-145-204.dus51.r.cloudfront.net
Software: Server /
Resource Hash: 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 16:59:48 GMT
via: 1.1 8ad073ef904d92431b3428f3430707af.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: DUS51-C1
status: 200
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.kiro7.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: 5YU8hamnPTj_5DX2lKUhJ9ZdTYJ5XES2dvAHJHL2OT5HjbQj14DZKg==

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 241 B
2 KB 122ms
95ms XHR
application/json 69.173.144.143
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21718&site_id=297328&zone_id=1501270&size_id=15&rf=https%3A%2F%2Fwww.kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F&tk_flint=pbjs_lite_v2.41.0&x_source.tid=e9ac75d3-1186-494d-9cf6-9b74216ca656&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.8533322801381569
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/pb/resources/scripts/prebid2.41.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 71cf336486d24b2288bfc4556a213cf915a86fcfb90e5a4299f58b7b1fd32413

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 24 Aug 2020 16:59:48 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.kiro7.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 241
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK cygnus Show response
as-sec.casalemedia.com/ 25 B
987 B 357ms
326ms XHR
application/json 104.111.215.135
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/cygnus?s=260241&v=7.2&r=%7B%22id%22%3A%2211d90ff36873c4b%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2212ac3b986df78c9%22%2C%22ext%22%3A%7B%22siteID%22%3A%22260241%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%7D&ac=j&sd=1&
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/pb/resources/scripts/prebid2.41.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.215.135 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-215-135.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: ff48a38bdcecdbc1888f249414928cd43725507374ed59250122b49cac1098c9

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 24 Aug 2020 16:59:48 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin: https://www.kiro7.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 45
Expires: Mon, 24 Aug 2020 16:59:48 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 53 B
745 B 87ms
55ms XHR
application/json 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/pb/resources/scripts/prebid2.41.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 24 Aug 2020 16:59:48 GMT
X-Proxy-Origin: 37.120.217.220; 37.120.217.220; 728.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.134:80
AN-X-Request-Uuid: 2aec8be6-da85-4c2b-80fc-7cb9600b889e
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.kiro7.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 53
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 arj Show response
coxmediagroup-d.openx.net/w/1.0/ 173 B
357 B 126ms
81ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://coxmediagroup-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.0&dddid=e9ac75d3-1186-494d-9cf6-9b74216ca656&nocache=1598288388332&aus=300x250%2C300x250%2C300x250&divIds=ad1617&auid=539872219&
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/pb/resources/scripts/prebid2.41.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.192.1 /
Resource Hash: ae974e199f247c87cece2e13b2ef3c8ae535adbd25f0ae2dbbc48af171c37f7c

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 24 Aug 2020 16:59:48 GMT
content-encoding: gzip
server: OXGW/16.192.1
status: 200
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.kiro7.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 165
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
370 B 46ms
46ms XHR
text/javascript 13.226.145.204
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=3185&u=https%3A%2F%2Fwww.kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F&pid=ygq0JHyOVxjPe&cb=1&ws=1600x1200&v=7.53.00&t=2000&slots=%5B%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F12523293%2FSeattle_TV%2Fkiro_web_default%2Fnews%2Fjesse_jones%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.145.204 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-145-204.dus51.r.cloudfront.net
Software: Server /
Resource Hash: 89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 16:59:48 GMT
via: 1.1 8ad073ef904d92431b3428f3430707af.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: DUS51-C1
status: 200
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.kiro7.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: VOLCe2LJ0NtM9pIeTD2h0yHCtntZSOniZoLh6poURUnTUvjP268KQA==

GET
H/1.1 200
OK cygnus Show response
as-sec.casalemedia.com/ 25 B
987 B 736ms
519ms XHR
application/json 104.111.215.135
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/cygnus?s=220809&v=7.2&r=%7B%22id%22%3A%22178b4984b51383e%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22185588363c30f9a%22%2C%22ext%22%3A%7B%22siteID%22%3A%22220809%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%7D&ac=j&sd=1&
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/pb/resources/scripts/prebid2.41.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.215.135 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-215-135.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 66f3a1596ff32a4d87cf714e79ae253be77f0839520b45d9bdc0ffbf1f3ec80f

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 24 Aug 2020 16:59:48 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin: https://www.kiro7.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 45
Expires: Mon, 24 Aug 2020 16:59:48 GMT

GET
H2 200 arj Show response
coxmediagroup-d.openx.net/w/1.0/ 173 B
362 B 132ms
91ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://coxmediagroup-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.0&dddid=68e80e15-17cb-40ff-866e-ca07c900c999&nocache=1598288388336&aus=300x250%2C300x250%2C300x250&divIds=ad1747&auid=539739793&
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/pb/resources/scripts/prebid2.41.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.192.1 /
Resource Hash: c11751ad521c9de03762350b442252b77978cfedcda23428106e6280a1718853

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 24 Aug 2020 16:59:48 GMT
content-encoding: gzip
server: OXGW/16.192.1
status: 200
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.kiro7.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 166
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 241 B
2 KB 105ms
79ms XHR
application/json 69.173.144.143
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21718&site_id=297328&zone_id=1501260&size_id=15&rf=https%3A%2F%2Fwww.kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F&tk_flint=pbjs_lite_v2.41.0&x_source.tid=68e80e15-17cb-40ff-866e-ca07c900c999&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.9380713320518441
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/pb/resources/scripts/prebid2.41.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 2676d1f82c68c0ff7f00cf46b8c444b5f764c6073037de162f7b680ad5c018b0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 24 Aug 2020 16:59:48 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.kiro7.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 241
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 53 B
744 B 43ms
14ms XHR
application/json 185.33.221.50
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/pb/resources/scripts/prebid2.41.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.50 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 24 Aug 2020 16:59:48 GMT
X-Proxy-Origin: 37.120.217.220; 37.120.217.220; 728.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.36:80
AN-X-Request-Uuid: 7a648ad6-e5a5-44ed-9f44-987b12a492f6
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.kiro7.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 53
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
370 B 47ms
47ms XHR
text/javascript 13.226.145.204
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=3185&u=https%3A%2F%2Fwww.kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F&pid=ygq0JHyOVxjPe&cb=2&ws=1600x1200&v=7.53.00&t=2000&slots=%5B%7B%22sd%22%3A%222%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F12523293%2FSeattle_TV%2Fkiro_web_default%2Fnews%2Fjesse_jones%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.226.145.204 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-145-204.dus51.r.cloudfront.net
Software: Server /
Resource Hash: 5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 16:59:48 GMT
via: 1.1 8ad073ef904d92431b3428f3430707af.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: DUS51-C1
status: 200
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.kiro7.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: Xsm9XJDcPn-Lic_5pSzSwJ6OdTNSGxYK558SgkJaEuRncMV6by56UA==

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
168 B 15ms
15ms Script
application/javascript 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.kiro7.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 24 Aug 2020 16:59:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
168 B 15ms
15ms Script
application/javascript 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.kiro7.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 24 Aug 2020 16:59:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 449 B
748 B 44ms
41ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=627944672165184&correlator=590133164404139&output=ldjh&impl=fifs&eid=21066929&vrg=2020081901&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200824&iu_parts=12523293%2CSeattle_TV%2Ckiro_web_default%2Cnews%2Cjesse_jones&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=1x1&prev_scp=ad_slot%3DWP01%26position%3D%255Bobject%2520Object%255D%26pt%3Da%26cid%3DWXYQ2IBHV45AXZSL3LOLK4ZUQM%26category%3Dnews%26breakpoint%3D992px%26type_name%3Dstory%26topics%3Dcoronavirus%252C%2520cybercrime%252C%2520fraud%252C%2520government-waste%252C%2520jesses-story-of-the-day%252C%2520JesseJones&eri=1&cust_params=weather%3D34%26temp_range%3D60%2520to%252064%26sky%3DFair%26obj_id%3Dkiro%252FWXYQ2IBHV45AXZSL3LOLK4ZUQM%26type_name%3Dstory&cookie_enabled=1&bc=31&abxe=1&lmt=1598288388&dt=1598288388351&dlt=1598288386624&idt=1685&frm=20&biw=1600&bih=1200&oid=3&adxs=800&adys=147&adks=2196042410&ucis=1&ifi=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F&dssz=61&icsg=2264387854351&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x1&msz=1x1&ga_vid=1282769257.1598288387&ga_sid=1598288388&ga_hid=1086240315&fws=0&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

d2a5d3b03118cc883b06a7a896e3632c8c59de0b6913a9b30b991962e701d68c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 16:59:48 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 248
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.kiro7.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
a1b54cb1d5fc1f521fa76da0dc15e5c3.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 74ms
38ms Other
text/html 2a00:1450:4001:81d::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a1b54cb1d5fc1f521fa76da0dc15e5c3.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081901.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81d::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 7ms
6ms Other
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081901.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 21 KB
6 KB 264ms
264ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=627944672165184&correlator=590133164404139&output=ldjh&impl=fifs&eid=21066929&vrg=2020081901&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200824&iu_parts=12523293%2CSeattle_TV%2Ckiro_web_default%2Cnews%2Cjesse_jones&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=300x250&prev_scp=ad_slot%3DRP02%26position%3D%255Bobject%2520Object%255D%26pt%3Da%26cid%3DWXYQ2IBHV45AXZSL3LOLK4ZUQM%26category%3Dnews%26breakpoint%3D992px%26type_name%3Dstory%26topics%3Dcoronavirus%252C%2520cybercrime%252C%2520fraud%252C%2520government-waste%252C%2520jesses-story-of-the-day%252C%2520JesseJones&eri=1&cust_params=weather%3D34%26temp_range%3D60%2520to%252064%26sky%3DFair%26obj_id%3Dkiro%252FWXYQ2IBHV45AXZSL3LOLK4ZUQM%26type_name%3Dstory&cookie_enabled=1&bc=31&abxe=1&lmt=1598288388&dt=1598288388362&dlt=1598288386624&idt=1685&frm=20&biw=1600&bih=1200&oid=3&adxs=1085&adys=912&adks=4275133584&ucis=2&ifi=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F&dssz=61&icsg=2264387854351&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=409x250&msz=300x250&ga_vid=1282769257.1598288387&ga_sid=1598288388&ga_hid=1086240315&fws=0&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

217ab2343844a5006beaf28cb27b50605a35bcb874c4be87888165a01f67bbed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 16:59:48 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6364
x-xss-protection: 0
google-lineitem-id: 5345428960
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138319910185
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.kiro7.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 449 B
409 B 39ms
39ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=627944672165184&correlator=590133164404139&output=ldjh&impl=fifs&eid=21066929&vrg=2020081901&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200824&iu_parts=12523293%2CSeattle_TV%2Ckiro_web_default%2Cnews%2Cjesse_jones&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=1x1&prev_scp=ad_slot%3DPX01%26position%3D%255Bobject%2520Object%255D%26pt%3Da%26cid%3DWXYQ2IBHV45AXZSL3LOLK4ZUQM%26category%3Dnews%26breakpoint%3D992px%26type_name%3Dstory%26topics%3Dcoronavirus%252C%2520cybercrime%252C%2520fraud%252C%2520government-waste%252C%2520jesses-story-of-the-day%252C%2520JesseJones&eri=1&cust_params=weather%3D34%26temp_range%3D60%2520to%252064%26sky%3DFair%26obj_id%3Dkiro%252FWXYQ2IBHV45AXZSL3LOLK4ZUQM%26type_name%3Dstory&cookie_enabled=1&bc=31&abxe=1&lmt=1598288388&dt=1598288388367&dlt=1598288386624&idt=1685&frm=20&biw=1600&bih=1200&oid=3&adxs=1235&adys=1202&adks=3216218164&ucis=3&ifi=3&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F&dssz=61&icsg=2264387854351&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=409x1&msz=1x1&ga_vid=1282769257.1598288387&ga_sid=1598288388&ga_hid=1086240315&fws=0&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

d50a03188d9abc001b75fa268dc4702ba22ad26e34b02e6bc5eb454459c0be3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 16:59:48 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 241
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.kiro7.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 user.js Show response
www.lightboxcdn.com/vendor/458eb58b-8ae1-48ae-b99e-cfbb948d1b54/ 616 KB
122 KB 32ms
31ms Script
application/javascript 2606:4700::6810:50a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/vendor/458eb58b-8ae1-48ae-b99e-cfbb948d1b54/user.js?cb=637298881634715824
Requested by: Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/458eb58b-8ae1-48ae-b99e-cfbb948d1b54/lightbox.js?cb=1598288388200
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:50a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80f5317ac5620c70618497fb3930ca9d235971a466e99b5b0c2b590489228afd

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 24 Aug 2020 16:59:48 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: ClA/mRoTb4aqqHHOFqjo8A==
age: 263974
cf-polished: origSize=1047669
status: 200
last-modified: Fri, 03 Jul 2020 15:22:34 GMT
cf-request-id: 04c302793f00000742892ce200000001
x-ms-lease-status: unlocked
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
x-ms-request-id: 0421b526-401e-012e-58cf-569353000000
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
cf-ray: 5c7ea03b98b90742-FRA
expires: Tue, 24 Aug 2021 16:59:48 GMT

GET
H2 200 / Show response
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 256 B
513 B 122ms
107ms XHR
application/json 2a04:4e42:1b::714
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=kiro7.com&domain=kiro7.com&path=%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F
Requested by: Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:1b::714 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 930a3fd7f254f3bb339528ae7f05669aa8faa93ef0fe2eaaae7af7cc66b6a5ac

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 16:59:48 GMT
content-encoding: gzip
age: 0
x-cache: MISS
status: 200
x-cache-hits: 0
content-length: 192
x-served-by: cache-hhn4045-HHN
access-control-allow-origin: *
x-timer: S1598288388.433936,VS0,VE98
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: application/json
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
cache-control: no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges: bytes
expires: Sat, 22 Aug 2020 16:59:48 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
427 B 104ms
103ms Image
image/gif 52.86.141.129
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_at=394&ntv_usid=4134896&ntv_pl=1079778
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.86.141.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-86-141-129.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Aug 2020 16:59:48 GMT
server: nginx/1.12.1
status: 200
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
427 B 103ms
102ms Image
image/gif 52.86.141.129
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_ui=2043a2b9-dcff-4277-8026-bd3692e38b71&ntv_fl=zOcEDJFzfNKR6SyJk0keXkrKNyyGdCSl2ChbV7U_SZE=&ntv_ht=BPJDXwA&ntv_at=303,302&ntv_a=AAAAAAAAAA4nkQA&ord=1598288388433&ntv_dpl=1009,1011,1028,1001,1050,1003,1019,1007&ntv_it
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.86.141.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-86-141-129.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Aug 2020 16:59:48 GMT
server: nginx/1.12.1
status: 200
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 gdprConsent
jadserve.postrelease.com/ 43 B
427 B 103ms
103ms Image
image/gif 52.86.141.129
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/gdprConsent?ntv_pl=1079778&ntv_gdpr_consent=&ntv_it
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.86.141.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-86-141-129.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Aug 2020 16:59:48 GMT
server: nginx/1.12.1
status: 200
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H/1.1 200
OK c=E5NS_f=site_si=1407 Show response
pr.realvu.net/flip/2/ 24 KB
10 KB 408ms
100ms Script
application/javascript 35.168.135.69
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pr.realvu.net/flip/2/c=E5NS_f=site_si=1407
Requested by: Host: tag.durationmedia.net
URL: https://tag.durationmedia.net/sites/10560/dm.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.168.135.69 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-168-135-69.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b8bd830f3757aa64431697b39faa92cda6bfb040be54c4337356f1eb179ab814

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 24 Aug 2020 16:59:48 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=21600
Connection: keep-alive
Content-Length: 9960
X-Proxy-Cache: BYPASS

GET
H/1.1 200
OK config.json Show response
c.go-mpulse.net/api/ Frame 913B 588 B
861 B 253ms
253ms XHR
application/json 2a02:26f0:6c00:191::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=2ARQK-4FEY5-2C44D-9TAQS-ZHZL7&d=www.kiro7.com&t=5327628&v=1.632.0&if=&sl=0&si=gq0yxfp6dg4-qfkv7o&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,Angular,Backbone,Ember,History,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,LOGN&acao=&ak.ai=576087
Requested by: Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/2ARQK-4FEY5-2C44D-9TAQS-ZHZL7
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:191::11a6 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: a7f16ffee35146e13ace184e060629293e187a03312a600a182b98ddf6da48ad

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 24 Aug 2020 16:59:48 GMT
Cache-Control: private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 588
Content-Type: application/json

GET
H2 200 fb_lightbox.2.1.5.css
www.lightboxcdn.com/static/ 4 KB
1 KB 22ms
21ms Stylesheet
text/css 2606:4700::6810:50a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/static/fb_lightbox.2.1.5.css?cb=637293865540854657
Requested by: Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/458eb58b-8ae1-48ae-b99e-cfbb948d1b54/user.js?cb=637298881634715824
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:50a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b9028c7ecccf4f31fafcfca176cd6ed38197d7b3d6ea4c107b98af8eecc525b

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 24 Aug 2020 16:59:48 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: q4B4xYJoZwx9ikt94o1nCA==
age: 264134
cf-polished: origSize=6016
x-ms-meta-cbmodifiedtime: Wed, 10 Apr 2019 18:50:43 GMT
status: 200
last-modified: Wed, 10 Apr 2019 19:06:17 GMT
cf-request-id: 04c302799500000742892e0200000001
x-ms-lease-status: unlocked
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
x-ms-request-id: 7aad5c57-901e-0045-1a4e-518850000000
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
cf-ray: 5c7ea03c2ac80742-FRA
expires: Tue, 24 Aug 2021 16:59:48 GMT

GET
H/1.1 200
OK z Show response
lightboxapi.azurewebsites.net/z9gd/42629/www.kiro7.com/jsonp/ 528 B
758 B 549ms
132ms Script
application/javascript 13.89.172.6
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://lightboxapi.azurewebsites.net/z9gd/42629/www.kiro7.com/jsonp/z?cb=1598288388506&callback=jQuery17102489043014248462_1598288388489&_=1598288388507
Requested by: Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/458eb58b-8ae1-48ae-b99e-cfbb948d1b54/user.js?cb=637298881634715824
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.89.172.6 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 46d85fb8d2387e9618cb4fbc58fcb75be7c2b2b6a7946b26f8bcc4c2421d96aa

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 24 Aug 2020 16:59:48 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Content-Length: 545
Vary: Accept-Encoding
Content-Type: application/javascript

GET
H2 200 t.gif
www.lightboxcdn.com/z9g/ 35 B
280 B 20ms
19ms Image
image/gif 2606:4700::6810:50a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.lightboxcdn.com/z9g/t.gif?c=1598288388496&h=www.kiro7.com&e=p&u=42629
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:50a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 24 Aug 2020 16:59:48 GMT
cf-cache-status: HIT
content-md5: KNaBTzCeoon4R8ac+RGUxg==
age: 417735
cf-polished: status=not_needed
x-ms-meta-cbmodifiedtime: Tue, 26 Feb 2019 00:59:40 GMT
status: 200
content-length: 35
cf-request-id: 04c30279a100000742892e2200000001
x-ms-lease-status: unlocked
last-modified: Tue, 26 Feb 2019 01:15:02 GMT
server: cloudflare
etag: 0x8D69B87D5A1B25F
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
x-ms-request-id: ac5326e6-701e-00aa-4564-84832e000000
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 5c7ea03c3aff0742-FRA
cf-bgj: imgq:85

GET
H/1.1 200
OK pw.js Show response
includemodal.global.ssl.fastly.net/ Frame 4FCA 102 KB
34 KB 32ms
9ms Script
application/javascript 151.101.113.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://includemodal.global.ssl.fastly.net/pw.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081901.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0feb5866e19aaf52096cb0dc3a7908dd94a8c74bbb55f57676f8e77505b2d2a3

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 24 Aug 2020 16:59:48 GMT
Content-Encoding: gzip
Age: 2718
X-Cache: HIT
Connection: keep-alive
Content-Length: 34207
x-amz-id-2: WcxOTy/byjoLLtYAx2ImUaem2jLxKDeHwBmWcc5lRHlEjsU3iuw/9e4gRfi4FcUabd0mOXUopFw=
X-Served-By: cache-hhn4079-HHN
Last-Modified: Tue, 18 Aug 2020 18:06:48 GMT
Server: AmazonS3
X-Timer: S1598288389.679139,VS0,VE0
ETag: "ad13aad2b26e70dbc718bea014ef2782"
Vary: Accept-Encoding
x-amz-request-id: 98D12A755FB0263A
Via: 1.1 varnish
Accept-Ranges: bytes
Content-Type: application/javascript
X-Cache-Hits: 68

GET
H/2+Q/46 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4FCA 0
0 67ms
51ms Fetch
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstJ67EDh42-SEWvJt3qYKetCNuihxIzbDfEhupEo_uQmcCzgXzWsnak4B7lQhmrp9-VKBZuWlbzK2LzWDg2NPlCSU6iSxpKaiaWsOvkb9YArXNpbryICZ7WXEnkdXTyeiwL16BJALPKk3bnjNypH70AME--bG7Fka6HA2qRzaa5UQ9RwUgAGnejVJkjRK3LsIg-Iy08gTqbJMwzFL1NeA2_YuNLw5fLQkAQAm4GkA1dVw-SnrB9nfOKv0qln2os5GM1jC3PYgzXwPawolPE7WSn7Nv9GboEUeRlFK0rgFqKn5v3Rw&sai=AMfl-YSF3b5e5vvCJwvHNJfJP9LmuYblGKW8WCVhApL3ky04KuaAMImYYnewQt8fR03TpmxMZ3QNrgi9mCDJpg-6wY8qWlPVyYkWu7fGHWnlRZA29j9jj202hgmf1Jrz7js&sig=Cg0ArKJSzPECQLEjIPpcEAE&adurl=

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 24 Aug 2020 16:59:48 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 24 Aug 2020 16:59:48 GMT

GET
H/2+Q/46 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20200818/r20110914/client/ Frame 4FCA 3 KB
2 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20200818/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081901.js

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

87adcd951526f566dd8a1eb655a8c4736a3bad8167f6e09a255e54650aeeb655

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 18 Aug 2020 18:47:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 511935
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1330
x-xss-protection: 0
server: cafe
etag: 15429208973290199181
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Sep 2020 18:47:33 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4FCA 73 KB
28 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

52352645768c4c5daa8abebb4b8468932a84643e7d8edff47cd0666ec5b008bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 16:59:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1597858973492819"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28329
x-xss-protection: 0
expires: Mon, 24 Aug 2020 16:59:48 GMT

GET
H/2+Q/46 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20200818/r20110914/client/ Frame 4FCA 23 KB
10 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20200818/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081901.js

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b3e6641441f545654e769469711549d098ae40acc9ea9602589e6f1a01b15832

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 18 Aug 2020 18:56:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 511424
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9687
x-xss-protection: 0
server: cafe
etag: 10365345414892556508
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Sep 2020 18:56:04 GMT

GET
H/2+Q/46 200 1192841621943354397
tpc.googlesyndication.com/simgad/ Frame 4FCA 39 KB
39 KB 9ms
8ms Image
image/jpeg 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1192841621943354397

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081901.js

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e58c25b2986653e8ffcf4aaadfb12e3986ba4662060d723241db9913576ed43a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 13:51:32 GMT
x-content-type-options: nosniff
age: 11296
x-dns-prefetch-control: off
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39783
x-xss-protection: 0
last-modified: Mon, 10 Aug 2020 17:03:59 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 24 Aug 2021 13:51:32 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 71 KB
26 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:825::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:825::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a13ee75dc207f9a65442b766c6a68123d2f3b4db81d87c96604bd8dece2fcbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 16:59:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1597858973492819"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27037
x-xss-protection: 0
expires: Mon, 24 Aug 2020 16:59:48 GMT

GET
H/2+Q/46 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 19 KB
6 KB 326ms
325ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=627944672165184&correlator=590133164404139&output=ldjh&impl=fifs&adsid=NT&eid=21066929&vrg=2020081901&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200824&iu_parts=12523293%2CSeattle_TV%2Ckiro_web_default%2Cnews%2Cjesse_jones&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=970x90%7C728x90&prev_scp=ad_slot%3DHP01%26position%3D%255Bobject%2520Object%255D%26pt%3Da%26cid%3DWXYQ2IBHV45AXZSL3LOLK4ZUQM%26category%3Dnews%26breakpoint%3D992px%26type_name%3Dstory%26topics%3Dcoronavirus%252C%2520cybercrime%252C%2520fraud%252C%2520government-waste%252C%2520jesses-story-of-the-day%252C%2520JesseJones%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=weather%3D34%26temp_range%3D60%2520to%252064%26sky%3DFair%26obj_id%3Dkiro%252FWXYQ2IBHV45AXZSL3LOLK4ZUQM%26type_name%3Dstory&cookie=ID%3D7403aed66e65bc6e-22f31d17bbb60049%3AT%3D1598288388%3AS%3DALNI_Mbu_TVK1Q_-2PS5mh_injniGpcQjw&bc=31&abxe=1&lmt=1598288388&dt=1598288388658&dlt=1598288386624&idt=1685&frm=20&biw=1600&bih=1200&oid=3&adxs=315&adys=166&adks=900422085&ucis=4&ifi=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F&dssz=67&icsg=9057551417404&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x114&msz=970x90&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9gMrrqHPETyRNg0TbZGdv9_WrCaTK9cQfr2yAV7OGFgW5pqMdFp2COuLJ8GsI5uBU0AGD29yMrNnKYEvY72w4JW4iZj0nC%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1282769257.1598288387&ga_sid=1598288388&ga_hid=1086240315&fws=0&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081901.js

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

9b8648182c80ccb3dfbd95dbe622bb62cdffa4d8ff23138cc32bbbb469ceced7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 16:59:48 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5892
x-xss-protection: 0
google-lineitem-id: 5345428960
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138316827130
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.kiro7.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/2+Q/46 200 view
securepubads.g.doubleclick.net/pcs/ Frame 4FCA 0
160 B 43ms
43ms Image
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuCvKDlUMUWl6C9tgGG3MSv2AuA1EgaBa7Xc2UNmz3nwbWvQF-ie6ffP-6oAdhd57tVVRQ_p9KtZH1r-IX8FQ51b4W62AJEggzi3ze0XBoN3JHgTsa3aZxgt1YzDrsrFR0CEwdv7K5fuvUgjETc4i4CofIi6R8oBPGH4Uv4a5UTKcsSS0Eq_uCukgZjS5s3F-LafYtAH9mESMiNdyLCDr_YX3GysJqJmX4CPN1FLNuZOujy1VOM-oUwOtX2C1ndpig2FhkvEztoC-sD1jopK2yo-R1P3sejjFigtqvHRP57zNWSudJb&sai=AMfl-YSlvm1w0XA8Rh6P5BuoKl2uCjrMKWGwT1LZoJnQqkZwuZOqoJQHDjVYlAmDmvKrLUlvHRewEYVssFrwKE--CFQA73w4z1OK0IShYPWfsu-5k68VJhRovDeCOeFGnQE&sig=Cg0ArKJSzCx0yyeH8uTSEAE&adurl=

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 24 Aug 2020 16:59:48 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 24 Aug 2020 16:59:48 GMT

GET
DATA 200
OK truncated
/ Frame 4FCA 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 13f33872e3f36dcc60d3f0f9530bd7a2d0cd45695c716d8d506a90eaea8065c6

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H/2+Q/46 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 19 KB
6 KB 591ms
590ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=627944672165184&correlator=590133164404139&output=ldjh&impl=fifs&adsid=NT&eid=21066929&vrg=2020081901&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200824&iu_parts=12523293%2CSeattle_TV%2Ckiro_web_default%2Cnews%2Cjesse_jones&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=300x250&prev_scp=ad_slot%3DRP04%26position%3D%255Bobject%2520Object%255D%26breakpoint%3D992px%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=weather%3D34%26temp_range%3D60%2520to%252064%26sky%3DFair%26obj_id%3Dkiro%252FWXYQ2IBHV45AXZSL3LOLK4ZUQM%26type_name%3Dstory&cookie=ID%3D7403aed66e65bc6e-22f31d17bbb60049%3AT%3D1598288388%3AS%3DALNI_Mbu_TVK1Q_-2PS5mh_injniGpcQjw&bc=31&abxe=1&lmt=1598288388&dt=1598288388699&dlt=1598288386624&idt=1685&frm=20&biw=1600&bih=1200&oid=3&adxs=430&adys=1302&adks=4275137904&ucis=5&ifi=5&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F&dssz=67&icsg=9057551417404&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x250&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9gMrrqHPETyRNg0TbZGdv9_WrCaTK9cQfr2yAV7OGFgW5pqMdFp2COuLJ8GsI5uBU0AGD29yMrNnKYEvY72w4JW4iZj0nC%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1282769257.1598288387&ga_sid=1598288388&ga_hid=1086240315&fws=0&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081901.js

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

90383c73a43d62ae770b4040d73664aff220a52a6bc67fc5828fb7ed13babcca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 16:59:49 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5812
x-xss-protection: 0
google-lineitem-id: 5345428960
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138316827124
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.kiro7.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 5c69bc07-70d4-410b-9795-09e10e53fa8f.js Show response
d2s8wlbatk24s7.cloudfront.net/service/js/ Frame 4FCA 41 KB
14 KB 36ms
15ms XHR
application/javascript 2600:9000:21f3:a200:d:77c3:2dc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2s8wlbatk24s7.cloudfront.net/service/js/5c69bc07-70d4-410b-9795-09e10e53fa8f.js
Requested by: Host: includemodal.global.ssl.fastly.net
URL: https://includemodal.global.ssl.fastly.net/pw.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21f3:a200:d:77c3:2dc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 5f31c70d0062c5f56bc779c3bfecd62a70d7d3178d2ed9aea5a014e4af5c2fdb

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 13:41:38 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 11890
x-cache: Hit from cloudfront
status: 200
access-control-allow-origin: *
server: nginx/1.10.3 (Ubuntu)
access-control-max-age: 14400
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/javascript
via: 1.1 27f665df26bde4a7226480b4a2890ff9.cloudfront.net (CloudFront)
cache-control: public, max-age=14400
x-amz-cf-pop: FRA2-C2
access-control-allow-headers: *
x-amz-cf-id: eX8h0UOvsVoABGoA2hORtMzHppHzi1NxzWkIPMdr4VZpZzpXSLpISA==

GET
H2 200 /
includemodal.com/service/imp/5c69bc07-70d4-410b-9795-09e10e53fa8f/ Frame 4FCA 42 B
132 B 329ms
110ms Image
image/gif 3.134.241.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://includemodal.com/service/imp/5c69bc07-70d4-410b-9795-09e10e53fa8f/?rand=6873235&referer=https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.134.241.231 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-134-241-231.us-east-2.compute.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Mon, 24 Aug 2020 16:59:49 GMT
server: nginx/1.10.3 (Ubuntu)
content-length: 42
content-type: image/gif

GET
H2 200 hub.html
membercenter-sdk.cmg.com/sdk/ Frame 4E13 0
0 8ms
8ms Document
text/html 2600:9000:214f:dc00:a:588b:e680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://membercenter-sdk.cmg.com/sdk/hub.html
Requested by: Host: membercenter-sdk.cmg.com
URL: https://membercenter-sdk.cmg.com/sdk/main.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:dc00:a:588b:e680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

:method: GET
:authority: membercenter-sdk.cmg.com
:scheme: https
:path: /sdk/hub.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Response headers

status: 200
content-type: text/html
content-length: 211
date: Mon, 24 Aug 2020 16:59:25 GMT
last-modified: Thu, 20 Aug 2020 19:17:51 GMT
etag: "acd60f16e40239bb3c813ef87db325b5"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 7549433a09d06354ea864d169b689e51.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: kQTA4O-Wc6VAof5Cu0--0ZD93O9mRSPBiSsLyyy8GzQPDHTWRY3iRQ==
age: 24

GET
H2 200 tb Show response
15.taboola.com/ 33 KB
11 KB 28ms
26ms Script
text/html 151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://15.taboola.com/tb?oid=15&pubnm=cox-kiro-tv&unitType=244&tbloc=&pageType=text&pstn=Below%20Article%20Thumbnails%20-March%202017&uuip=Feed%20-%20Below%20Article%20Thumbnails%20-March%202017&cisrf=&cirf=https%3A%2F%2Fkiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F&encoded=1&uid=345ce97a-73a6-4ea5-8e03-8498366a9bba-tuct63d7784&variant=545000|4302&callback=TRC.videoTagCallbacks.videoCallback1&cb=1598288388850&tagid=&cntry=DE&platform=1&normp=1&sesid=8f748f7c886edef2f4a96b9c36d5f96b&itemid=/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system&viewid=1598288388292&geolat=&geoing=&deviceifa=&appid=&sd=v2_8f748f7c886edef2f4a96b9c36d5f96b_345ce97a-73a6-4ea5-8e03-8498366a9bba-tuct63d7784_1598288388_1598288388_CNawjgYQ4ZA-GMTBpYvCLiABKAEwODib4wlAofErSOOz2QNQp-wQWABgAGjipqqRsq2X4nA&ri=ec8f7d7ff8aec1e46cdf4ca5ddca07a3&appname=&cdb=&gdprApplies=&rid=&sii=-4312527434450252827&oee=true&tpubid=1017953&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=&region=BB&hasGDPRConsent=true&tcfVersion=&cmpStatus=
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20200824-16-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 9533a0a3fa76c5dfe6c50834ba4837d0ad67756c4eedb4874d219d90b6709023

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 16:59:48 GMT
content-encoding: gzip
machineid: 1418
x-cache: MISS
status: 200
x-cache-hits: 0
x-served-by: cache-hhn4027-HHN
pragma: no-cache
server: nginx
x-timer: S1598288389.859583,VS0,VE19
vary: Accept-Encoding
content-type: text/html;charset=ISO-8859-1
via: 1.1 varnish
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
accept-ranges: bytes
link: <https://am-wf.taboola.com>; rel=preconnect
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 feed-card-placeholder.20200824-16-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 5 KB
1 KB 7ms
7ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/feed-card-placeholder.20200824-16-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/cox-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 78f63db954e8d8e0063af3c75acc720f67e96bb2e32d89520579ad028a86ec0c

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: UNYYz2DtGoF2rd77vOLp.XwvmAhYhG1v
content-encoding: gzip
etag: "8ad7fb6972aeef80b15cb8b84331567a"
age: 11727
x-cache: HIT
status: 200
x-amz-replication-status: COMPLETED
content-length: 1270
x-amz-id-2: xOXKXsIU0e0GNU0wTyKJrZW+X+Bu7FNwzs3v+5FOW+vPKJvpL4V5WEFdwPnnuqO+Fk7eduNP+Hk=
x-served-by: cache-fra19130-FRA
last-modified: Mon, 24 Aug 2020 13:43:05 GMT
server: AmazonS3
x-timer: S1598288389.860196,VS0,VE0
date: Mon, 24 Aug 2020 16:59:48 GMT
vary: Accept-Encoding
x-amz-request-id: 3DACBB8EFAF532E6
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 90
x-cache-hits: 55062

GET
H2 200 userx.20200824-16-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 22 KB
8 KB 7ms
7ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20200824-16-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/cox-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9731915ed47985bfda3e0a874acdbc2b742b9392f9ece2d607eb54dc1ad5cb5c

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: x1l3t5FfDpqxtxnIbQJC0bdQJMaaQvLM
content-encoding: gzip
etag: "e9f3b43705723818eb192a5ebfc676f2"
age: 11723
x-cache: HIT
status: 200
x-amz-replication-status: COMPLETED
content-length: 7751
x-amz-id-2: Mq51OPDecYyjs4AmUoF8ScGsI1aGE55uWRvYfL2DuZ/UWeGKHm6FNNMSkF7ZD5qcxElna46wDJo=
x-served-by: cache-fra19130-FRA
last-modified: Mon, 24 Aug 2020 13:42:42 GMT
server: AmazonS3
x-timer: S1598288389.870659,VS0,VE0
date: Mon, 24 Aug 2020 16:59:48 GMT
vary: Accept-Encoding
x-amz-request-id: 0YFZ9V3QDVASBT8Y
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 90
x-cache-hits: 15941

GET
H/1.1

200
OK

px.gif
d.adtriba.com/
Redirect Chain

https://d.adtriba.com/collect?atb_ptid=4c06a8fa&atb_dpuid=taboola&atb_dcaid=taboola
https://d.adtriba.com/px.gif

42 B
227 B

8ms
7ms

Image
image/gif

52.57.212.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adtriba.com/px.gif
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.212.105 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 24 Aug 2020 16:59:49 GMT
Cache-Control: public, max-age=86400
Server: nginx/1.16.1
Connection: keep-alive
Content-Length: 42
Content-Type: image/gif

Redirect headers

Date: Mon, 24 Aug 2020 16:59:49 GMT
Last-Modified: Mon, 24 Aug 2020 16:59:49 GMT
Server: nginx/1.16.1
P3P: CP="This is not a P3P policy! See https://www.adtriba.com/privacy-policy.html for more info."
Location: /px.gif
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 01:00:00 GMT

GET
H2 200 f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 4 KB
2 KB 7ms
7ms Image
image/svg+xml 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding: gzip
etag: "b8b410e4b18d45aa2f3d9bc09cd335fb"
age: 2
via: 1.1 varnish
x-cache: HIT
status: 200
x-amz-replication-status: COMPLETED
content-length: 1758
x-amz-id-2: 2YEYCbq4sAj61Z+B05gO0AppCwXXJAaNbXsCI+kCUo7AvvChWdBg8FiGZxAZyEH9D84pHHl5ciE=
x-served-by: cache-fra19130-FRA
last-modified: Wed, 07 Feb 2018 11:15:52 GMT
server: AmazonS3
x-timer: S1598288389.884617,VS0,VE0
date: Mon, 24 Aug 2020 16:59:48 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: 0617C658162064A0
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: image/svg+xml
access-control-allow-headers: *
abp: 90
x-cache-hits: 9

GET
H2 204 social
trc.taboola.com/cox-kiro-tv/log/3/ 0
76 B 91ms
91ms Image
image/gif 151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/cox-kiro-tv/log/3/social?route=AM:AM:V&lti=deflated&ri=ec8f7d7ff8aec1e46cdf4ca5ddca07a3&sd=v2_8f748f7c886edef2f4a96b9c36d5f96b_345ce97a-73a6-4ea5-8e03-8498366a9bba-tuct63d7784_1598288388_1598288388_CNawjgYQ4ZA-GMTBpYvCLiABKAEwODib4wlAofErSOOz2QNQp-wQWABgAGjipqqRsq2X4nA&ui=345ce97a-73a6-4ea5-8e03-8498366a9bba-tuct63d7784&pi=/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system&wi=-4312527434450252827&pt=text&vi=1598288388292&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fwww.kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22_sessionPending_%22%2C%22hdl%22%3A%22How%20hackers%20are%20stealing%20hundreds%20of%20millions%20of%20dollars%20from%20Washington%E2%80%99s%20unemployment%20system%22%2C%22sec%22%3A%22%22%2C%22aut%22%3A%5B%5D%2C%22img%22%3A%22https%3A%2F%2Fcloudfront-us-east-1.images.arcpublishing.com%2Fcmg%2FDF7LUBGFVANPTYKOOV6SRGBSCM.jpg%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=18%3A59%3A48.888&id=1819&llvl=1&cv=20200824-16-RELEASE&
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Mon, 24 Aug 2020 16:59:48 GMT
via: 1.1 varnish
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 204
x-served-by: cache-hhn4027-HHN
pragma: no-cache
server: nginx
x-timer: S1598288389.907679,VS0,VE9
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 8232f77ecd45cf6714cd2601a96acb84.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 44 KB
45 KB 102ms
100ms Image
image/jpeg 151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8232f77ecd45cf6714cd2601a96acb84.jpeg
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: ceed13a9a8fb4b0ef311ef89ef013a970c5cd3552f867ebaabe247839caeb86d

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 24 Aug 2020 16:59:48 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 473360
edge-cache-tag: 607901380868676034589077737904231169631,321542333818713782252267784064847624608,29ecf9b93bbf306179626feeda1fab70
status: 200
expiration: expiry-date="Sun, 13 Sep 2020 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8232f77ecd45cf6714cd2601a96acb84.jpeg
content-length: 45474
x-served-by: cache-dca17740-DCA, cache-dca17779-DCA, cache-hhn4027-HHN
last-modified: Thu, 13 Aug 2020 06:49:20 GMT
server: cloudinary
x-timer: S1598288389.930109,VS0,VE1
etag: "f21ade277e6155755dd86719e3c9e63a"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 img_5ef3ad94e24048.05060714_xQN1is6OvADgB2LrJJ8k6ENlfrSoXNeyZ1HXLdvAHDeBoYktOR_b-11.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn.eam.pubocean.com/ 21 KB
21 KB 85ms
84ms Image
image/jpeg 151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn.eam.pubocean.com/img_5ef3ad94e24048.05060714_xQN1is6OvADgB2LrJJ8k6ENlfrSoXNeyZ1HXLdvAHDeBoYktOR_b-11.png
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: c975b08a20853eb485484ff65ca87d1e182897e380108bdf979dc2f1d681c5d0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Mon, 24 Aug 2020 16:59:48 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 2193420
edge-cache-tag: 525211323849623056200676283564344989684,321542333818713782252267784064847624608,29ecf9b93bbf306179626feeda1fab70
status: 200
expiration: expiry-date="Fri, 28 Aug 2020 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn.eam.pubocean.com/img_5ef3ad94e24048.05060714_xQN1is6OvADgB2LrJJ8k6ENlfrSoXNeyZ1HXLdvAHDeBoYktOR_b-11.png
content-length: 21248
x-served-by: cache-dca17736-DCA, cache-dca17753-DCA, cache-hhn4027-HHN
last-modified: Tue, 28 Jul 2020 11:16:52 GMT
server: cloudinary
x-timer: S1598288389.930174,VS0,VE0
etag: "f6654142d892942e66668869b82f7d46"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 13, 2

GET
H2 200 81f815f0b1aa342151a7063ce40cf4ad.jpg
images.taboola.com/taboola/image/fetch/h_278,w_500,c_fill,g_xy_center,x_600,y_394/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 32 KB
32 KB 113ms
113ms Image
image/jpeg 151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/h_278,w_500,c_fill,g_xy_center,x_600,y_394/http%3A//cdn.taboola.com/libtrc/static/thumbnails/81f815f0b1aa342151a7063ce40cf4ad.jpg
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: aa7e9751180d1f01904db5f8675eaabcc346f860d545b0c8bdf304436ed5b6f4

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 24 Aug 2020 16:59:48 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 466914
edge-cache-tag: 616741454636999737621641846012730949071,357360573657263738578548207561834484496,29ecf9b93bbf306179626feeda1fab70
status: 200, 200 OK
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/h_278,w_500,c_fill,g_xy_center,x_600,y_394/http%3A//cdn.taboola.com/libtrc/static/thumbnails/81f815f0b1aa342151a7063ce40cf4ad.jpg
content-length: 32648
x-request-id: 0940dafebded1ff39226b2d0b63d1aac
x-served-by: cache-dca17723-DCA, cache-dca17739-DCA, cache-hhn4027-HHN
last-modified: Tue, 18 Aug 2020 10:53:00 GMT
server: cloudinary
x-timer: S1598288389.931156,VS0,VE1
etag: "7249c4fc6589e8bc795c99a501ca1a55"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 1e9fb2cb5b1ad652b5e8eda3d35579a6.png
images.taboola.com/taboola/image/fetch/h_445,w_800,c_fill,g_xy_center,x_1136,y_433/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 232 KB
233 KB 120ms
119ms Image
image/png 151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/h_445,w_800,c_fill,g_xy_center,x_1136,y_433/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1e9fb2cb5b1ad652b5e8eda3d35579a6.png
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: ed8fa6a003e9c976b11e52f2c98e821bee4f6313c5049724bbe569b58ca0e06d

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 24 Aug 2020 16:59:48 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 366875
edge-cache-tag: 299789877772696990454149981683986710562,624733862375936221992723048273379435293,29ecf9b93bbf306179626feeda1fab70
status: 200, 200 OK
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/h_445,w_800,c_fill,g_xy_center,x_1136,y_433/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1e9fb2cb5b1ad652b5e8eda3d35579a6.png
content-length: 237479
x-request-id: 47671b929852d9cb8352a34a97380afb
x-served-by: cache-dca17744-DCA, cache-dca17760-DCA, cache-hhn4027-HHN
last-modified: Tue, 18 Aug 2020 23:13:20 GMT
server: cloudinary
x-timer: S1598288389.934581,VS0,VE1
etag: "fa34ae23bf0a592abb1d8c8ec49adf9e"
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 d42879b85cb7d1852e3c2e871eccdcab.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_445%2Cw_800%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 99 KB
100 KB 120ms
120ms Image
image/jpeg 151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_445%2Cw_800%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d42879b85cb7d1852e3c2e871eccdcab.jpg
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: e9f93494a5a5bfe8e13a0814bdd65ea3b2e56cd56f48043ae6b65cb4159eecc6

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 24 Aug 2020 16:59:48 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 2000692
edge-cache-tag: 427681101469734752026901398367421555933,593403765205910191011298921050050489110,29ecf9b93bbf306179626feeda1fab70
status: 200, 200 OK
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_445%2Cw_800%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d42879b85cb7d1852e3c2e871eccdcab.jpg
content-length: 101527
x-request-id: f0f2d8d2003f4a7286f6cd82e8d7aecb
x-served-by: cache-dca17736-DCA, cache-dca17771-DCA, cache-hhn4027-HHN
last-modified: Fri, 08 May 2020 18:44:04 GMT
server: cloudinary
x-timer: S1598288389.934611,VS0,VE1
etag: "f680216b0e27744bd7cc4966dedf7f59"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 tbp Show response
15.taboola.com/ 7 KB
3 KB 170ms
168ms Script
text/html 151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://15.taboola.com/tbp?oid=15&pubid=166277&tagid=948107&pstn=[pstn]&cb=[cb]&callback=TRC.pVideoCallbacks.videoCallback1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20200824-16-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 36f7d0d17013fbed1bb9768dc12a15a8834e74740a150d8c65a0f7fa1edede0f

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 16:59:48 GMT
content-encoding: gzip
machineid: 1450
x-cache: MISS
status: 200
x-cache-hits: 0
x-served-by: cache-hhn4027-HHN
pragma: no-cache
server: nginx
x-timer: S1598288389.937684,VS0,VE25
vary: Accept-Encoding
content-type: text/html;charset=ISO-8859-1
via: 1.1 varnish
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
accept-ranges: bytes
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 98a85bbf546817e32a7abdda4e03b426.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 27 KB
27 KB 142ms
140ms Image
image/jpeg 151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/98a85bbf546817e32a7abdda4e03b426.png
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: ed0b6f2d0987997f32e452900a4682426d6657a4e3213c6cedc4639fade05098

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Mon, 24 Aug 2020 16:59:48 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 2267791
edge-cache-tag: 567333039475434297368390456894891550234,321542333818713782252267784064847624608,29ecf9b93bbf306179626feeda1fab70
status: 200
expiration: expiry-date="Mon, 25 May 2020 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/98a85bbf546817e32a7abdda4e03b426.png
content-length: 27295
x-served-by: cache-dca17759-DCA, cache-dca17724-DCA, cache-hhn4027-HHN
last-modified: Fri, 24 Apr 2020 19:05:10 GMT
server: cloudinary
x-timer: S1598288389.937675,VS0,VE0
etag: "2975600b39ceb58ebf024598a93581b4"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 6940

GET
H2 200 7fccb557b911d75e84543e580bdd113b.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 107 KB
108 KB 85ms
84ms Image
image/jpeg 151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7fccb557b911d75e84543e580bdd113b.png
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 1d3e06f60eea3342042e97cb558d8670453c2fdea9c38d2e1e96eb92fcd5fbe1

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 24 Aug 2020 16:59:49 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 976792
edge-cache-tag: 560826432513975847800268686560063473384,321542333818713782252267784064847624608,29ecf9b93bbf306179626feeda1fab70
status: 200, 200 OK
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/7fccb557b911d75e84543e580bdd113b.png
content-length: 109755
x-request-id: 03da826165f9674572dfd41b8ec1615c
x-served-by: cache-dca17744-DCA, cache-dca17721-DCA, cache-hhn4027-HHN
last-modified: Fri, 07 Aug 2020 13:55:18 GMT
server: cloudinary
x-timer: S1598288389.008436,VS0,VE1
etag: "0b155ae828d09365cbfedddbf39732de"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 9ab60280f6aba63609490a79f31aa658.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 28 KB
28 KB 92ms
92ms Image
image/jpeg 151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9ab60280f6aba63609490a79f31aa658.png
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 4ad76b80167b5c2d0b658d84ceda8d5320f0c93a7e134e241a4c0b290514b901

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Mon, 24 Aug 2020 16:59:49 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 6626860
edge-cache-tag: 416486466543999798707754736720110443132,321542333818713782252267784064847624608,29ecf9b93bbf306179626feeda1fab70
status: 200
expiration: expiry-date="Fri, 26 Jun 2020 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9ab60280f6aba63609490a79f31aa658.png
content-length: 28625
x-served-by: cache-dca17749-DCA, cache-dca17732-DCA, cache-hhn4027-HHN
last-modified: Tue, 26 May 2020 02:18:15 GMT
server: cloudinary
x-timer: S1598288389.022665,VS0,VE0
etag: "b8fb0b8afe0ff51725e44658c64b08dd"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 5211

GET
H2 200 0988f3143ed33f8663ab167aea19d7ae.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_445%2Cw_800%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 29 KB
29 KB 83ms
83ms Image
image/jpeg 151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_445%2Cw_800%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0988f3143ed33f8663ab167aea19d7ae.jpg
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: a8b12a81f045f939c0074e9255d85e2e26803e01f53b7925c6fdaed2e916d975

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 24 Aug 2020 16:59:49 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 1910179
edge-cache-tag: 313895795151916314563348620215426717020,593403765205910191011298921050050489110,29ecf9b93bbf306179626feeda1fab70
status: 200, 200 OK
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_445%2Cw_800%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0988f3143ed33f8663ab167aea19d7ae.jpg
content-length: 29547
x-request-id: fd2f1ccb78827ec71f59c9b813c27b8c
x-served-by: cache-dca17776-DCA, cache-dca17755-DCA, cache-hhn4027-HHN
last-modified: Sun, 02 Aug 2020 14:19:57 GMT
server: cloudinary
x-timer: S1598288389.032015,VS0,VE1
etag: "4bac7746cbe8ad928790720315e95c43"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 b689de760f3f40bf14dce387e4df74b6.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_445%2Cw_800%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 33 KB
34 KB 37ms
36ms Image
image/jpeg 151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_445%2Cw_800%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b689de760f3f40bf14dce387e4df74b6.jpg
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 5c20d6ffa9bb17f38e3ec89628c13111741bcb11ff62989fc7a595f2b0f57a4b

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 24 Aug 2020 16:59:49 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 440737
edge-cache-tag: 370331845465255016724591375083263555929,593403765205910191011298921050050489110,29ecf9b93bbf306179626feeda1fab70
status: 200, 200 OK
x-cache: MISS, MISS, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_445%2Cw_800%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/b689de760f3f40bf14dce387e4df74b6.jpg
content-length: 33873
x-request-id: 43ee253adb252ccab4554e37ac346e9a
x-served-by: cache-dca17739-DCA, cache-dca17760-DCA, cache-hhn4027-HHN
last-modified: Wed, 19 Aug 2020 14:33:32 GMT
server: cloudinary
x-timer: S1598288389.079092,VS0,VE1
etag: "9ce4e7008b6a050378084327325540bb"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1

GET
H2 200 fca74d1dd90ab2f580eaa4e157366311.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 29 KB
30 KB 29ms
29ms Image
image/jpeg 151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fca74d1dd90ab2f580eaa4e157366311.jpg
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 7d05ef890122a9ea40886906ff928e735f4b1113bf885fd4a579eb9dcb43a528

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Mon, 24 Aug 2020 16:59:49 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 5046986
edge-cache-tag: 548224104539199096302073479355876488825,321542333818713782252267784064847624608,29ecf9b93bbf306179626feeda1fab70
status: 200
expiration: expiry-date="Fri, 03 Jul 2020 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fca74d1dd90ab2f580eaa4e157366311.jpg
content-length: 29845
x-served-by: cache-dca17778-DCA, cache-dca17746-DCA, cache-hhn4027-HHN
last-modified: Tue, 02 Jun 2020 12:23:40 GMT
server: cloudinary
x-timer: S1598288389.088782,VS0,VE0
etag: "a10d79c9740b1c28ca0838587c05f6e2"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 8

GET
H2 200 f05532e26c7b2dda0e62bcffe46ee694.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 45 KB
45 KB 29ms
28ms Image
image/jpeg 151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f05532e26c7b2dda0e62bcffe46ee694.jpg
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 08cbd811deac9156d7f1e90bcaa0b69265579482e5be7b961f4008059933c1d6

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Mon, 24 Aug 2020 16:59:49 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 1047876
edge-cache-tag: 316414941938881619524554506248254319767,321542333818713782252267784064847624608,29ecf9b93bbf306179626feeda1fab70
status: 200
expiration: expiry-date="Fri, 04 Sep 2020 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/f05532e26c7b2dda0e62bcffe46ee694.jpg
content-length: 45993
x-served-by: cache-dca17780-DCA, cache-dca17747-DCA, cache-hhn4027-HHN
last-modified: Tue, 04 Aug 2020 15:12:01 GMT
server: cloudinary
x-timer: S1598288389.090118,VS0,VE0
etag: "da22eb1e8836c45515af2b5321ea9ec6"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 37

GET
H2 200 67c01f1f19822f07ab6e1fd38d8dd061.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 121 KB
122 KB 13ms
8ms Image
image/jpeg 151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/67c01f1f19822f07ab6e1fd38d8dd061.jpg
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 16db9077eb1d50fe61d2e1f44f42dfa4d50179330f453677e4a97bb5309b7fd2

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Mon, 24 Aug 2020 16:59:49 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 1046740
edge-cache-tag: 421345624904933089947193678893725818410,321542333818713782252267784064847624608,29ecf9b93bbf306179626feeda1fab70
status: 200, 200 OK
x-cache: HIT, MISS, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/67c01f1f19822f07ab6e1fd38d8dd061.jpg
content-length: 123811
x-request-id: 3ae082dc29f8a66654206dec468a763d
x-served-by: cache-dca17753-DCA, cache-dca17748-DCA, cache-hhn4027-HHN
last-modified: Wed, 12 Aug 2020 14:12:49 GMT
server: cloudinary
x-timer: S1598288389.118912,VS0,VE0
etag: "6cfee92fd3de4ebc74803e338754396f"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 0, 67

GET
H2 200 t_8b9a231c800648518c8f3ee6527057d6_name_FTP20_McCarty_COVID19_Inslee_Newser_6p.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_445%2Cw_800%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.kiro7.com/resizer/5wyW32BpBok2p84vjZu6RBR8VGc%3D/1200x628/d1hfln2sfez66z.clou... 38 KB
39 KB 22ms
18ms Image
image/jpeg 151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_445%2Cw_800%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.kiro7.com/resizer/5wyW32BpBok2p84vjZu6RBR8VGc%3D/1200x628/d1hfln2sfez66z.cloudfront.net/08-21-2020/t_8b9a231c800648518c8f3ee6527057d6_name_FTP20_McCarty_COVID19_Inslee_Newser_6p.jpg
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 44873c516517601e306f25c69b458ff45d5a0e1d75f0bca7a87e2fa15cd57fe8

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 24 Aug 2020 16:59:49 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 18286
edge-cache-tag: 451587312499374091473953938182890459442,593403765205910191011298921050050489110,29ecf9b93bbf306179626feeda1fab70
status: 200, 200 OK
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_445%2Cw_800%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.kiro7.com/resizer/5wyW32BpBok2p84vjZu6RBR8VGc%3D/1200x628/d1hfln2sfez66z.cloudfront.net/08-21-2020/t_8b9a231c800648518c8f3ee6527057d6_name_FTP20_McCarty_COVID19_Inslee_Newser_6p.jpg
content-length: 39289
x-request-id: 00a4f9e7c5023492149dcded108dddf6
x-served-by: cache-dca17749-DCA, cache-dca17780-DCA, cache-hhn4027-HHN
last-modified: Mon, 24 Aug 2020 11:53:55 GMT
server: cloudinary
x-timer: S1598288389.118978,VS0,VE1
etag: "313cd3b598731eee66aa201eb72357c9"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H/1.1 200
OK c=E5NS_f=spot_si=1407_s=300x250_lid=5345428960 Show response
pr.realvu.net/flip/2/ 1 KB
893 B 101ms
100ms Script
application/javascript 35.168.135.69
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pr.realvu.net/flip/2/c=E5NS_f=spot_si=1407_s=300x250_lid=5345428960
Requested by: Host: pr.realvu.net
URL: https://pr.realvu.net/flip/2/c=E5NS_f=site_si=1407
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.168.135.69 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-168-135-69.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 38db8016c9a71b8590311347a397e56764effd444da1db744884e551a48fefe4

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 24 Aug 2020 16:59:49 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=3600
Connection: keep-alive
Content-Length: 601
X-Proxy-Cache: BYPASS

GET
H2 200 UnitFeedManagerDesktop.min.js Show response
vidstat.taboola.com/lite-unit/2.1.9/ 87 KB
25 KB 32ms
30ms Script
application/javascript 151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/lite-unit/2.1.9/UnitFeedManagerDesktop.min.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20200824-16-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 20d427100fd302f0f4dec437bb8da82a0c6263f06ef060c416bc57981bc6d957

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 16:59:49 GMT
via: 1.1 997f66fda0069dac50a85c7a4fa51b7e.cloudfront.net (CloudFront), 1.1 varnish
age: 374337
x-cache: Hit from cloudfront, HIT
status: 200
content-encoding: gzip
content-length: 25633
x-served-by: cache-hhn4027-HHN
last-modified: Thu, 20 Aug 2020 08:56:22 GMT
server: AmazonS3
x-timer: S1598288389.093014,VS0,VE0
etag: "30f0cfb1370b9efc23fcfb9c5daaba91"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: q_zO6zfvqo28dMVEpPmIg7F4-T_pFty3UjD2OoCIDErdi4UauovtAg==
x-cache-hits: 200184

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 254 B
637 B 8ms
7ms Image
image/png 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via: 1.1 varnish
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
age: 18260
x-cache: HIT
status: 200
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: Vjnfq2okxpLEG/cBVxSfv3DOOCGN7KTpixt29L7DwUhoZL6eRlgDSODZqhfatrYL58q01gaLKf4=
x-served-by: cache-fra19130-FRA
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1598288389.101092,VS0,VE0
date: Mon, 24 Aug 2020 16:59:49 GMT
x-amz-request-id: F6D91014AAA6CDC4
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: image/png
abp: 90
x-cache-hits: 24593

GET
H/1.1 200
OK pw.js Show response
includemodal.global.ssl.fastly.net/ Frame 76D6 102 KB
34 KB 9ms
8ms Script
application/javascript 151.101.113.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://includemodal.global.ssl.fastly.net/pw.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081901.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0feb5866e19aaf52096cb0dc3a7908dd94a8c74bbb55f57676f8e77505b2d2a3

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 24 Aug 2020 16:59:49 GMT
Content-Encoding: gzip
Age: 2718
X-Cache: HIT
Connection: keep-alive
Content-Length: 34207
x-amz-id-2: WcxOTy/byjoLLtYAx2ImUaem2jLxKDeHwBmWcc5lRHlEjsU3iuw/9e4gRfi4FcUabd0mOXUopFw=
X-Served-By: cache-hhn4079-HHN
Last-Modified: Tue, 18 Aug 2020 18:06:48 GMT
Server: AmazonS3
X-Timer: S1598288389.110965,VS0,VE0
ETag: "ad13aad2b26e70dbc718bea014ef2782"
Vary: Accept-Encoding
x-amz-request-id: 98D12A755FB0263A
Via: 1.1 varnish
Accept-Ranges: bytes
Content-Type: application/javascript
X-Cache-Hits: 69

GET
H/2+Q/46 200 view
securepubads.g.doubleclick.net/pcs/ Frame 76D6 0
0 46ms
44ms Fetch
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvldikpaO6A5tN21UyqbIVVc9IZJ1xehPHiqSrXT9HnMtVoFjDOBzt53U-8xbl-c1fJzUIhXl_QNL_MIcHACpYhFObwpZk9NY-cC-SN_LwGfk1ebxNnXp4Obnc2h4XhVY8LSxtWDCapwlS3nfkL2xaz_zK2Woe0gq2imtqgpVxPtrOfVRe8hUgu89JePuNX7tcC90nN3jCrNpHVN3KOJxwOVJpHHLITNxe262ISYM6GRZ7bagazpluPXriXtNB6B5JaaMZwwx2tP6xHIWIMd_3XbAXqBh4eI07gmd1GiQ1MrGdFSw&sig=Cg0ArKJSzLEudHll75bHEAE&adurl=

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 24 Aug 2020 16:59:49 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H/2+Q/46 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20200818/r20110914/client/ Frame 76D6 3 KB
1 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20200818/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081901.js

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

87adcd951526f566dd8a1eb655a8c4736a3bad8167f6e09a255e54650aeeb655

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 18 Aug 2020 18:47:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 511936
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1330
x-xss-protection: 0
server: cafe
etag: 15429208973290199181
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Sep 2020 18:47:33 GMT

GET
H/2+Q/46 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 76D6 73 KB
28 KB 43ms
41ms Script
text/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081901.js

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

52352645768c4c5daa8abebb4b8468932a84643e7d8edff47cd0666ec5b008bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 16:59:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1597858973492819"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28329
x-xss-protection: 0
expires: Mon, 24 Aug 2020 16:59:49 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 76D6 0
0 16ms
13ms Image
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTiRTwn2nR91Cdn-aQ71rSkldN7VWkcI1FDHvdHUJgWaaG7fEQSiAnTC6VU1H-f3869wtrK
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081901.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H/2+Q/46 200 1684444555908820919
tpc.googlesyndication.com/simgad/ Frame 76D6 44 KB
44 KB 9ms
7ms Image
image/jpeg 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1684444555908820919

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081901.js

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca7df3a16649aa4c0a68e44c8256882465a546a30fcc50f45229778d66b59b5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 11 Aug 2020 17:41:47 GMT
x-content-type-options: nosniff
age: 1120682
x-dns-prefetch-control: off
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45154
x-xss-protection: 0
last-modified: Tue, 07 Jul 2020 23:59:42 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 11 Aug 2021 17:41:47 GMT

GET
H/1.1 200
OK c=E5NS_f=spot_si=1407_s=728x90_lid=5345428960 Show response
pr.realvu.net/flip/2/ 1 KB
896 B 152ms
102ms Script
application/javascript 35.168.135.69
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pr.realvu.net/flip/2/c=E5NS_f=spot_si=1407_s=728x90_lid=5345428960
Requested by: Host: pr.realvu.net
URL: https://pr.realvu.net/flip/2/c=E5NS_f=site_si=1407
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.168.135.69 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-168-135-69.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 706c72a9f65ed8a097429dc32951d072859de50679bb294f84cb7be0de649616

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 24 Aug 2020 16:59:49 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=3600
Connection: keep-alive
Content-Length: 604
X-Proxy-Cache: BYPASS

GET
H/2+Q/46 200 view
securepubads.g.doubleclick.net/pcs/ Frame 76D6 0
21 B 45ms
45ms Image
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuneCG888LLRYZFdRgmtF2-VKQDyay9Nb3Q-FLU3vYWs3RyHtTzpD9TEqDOQyUYbSTJcuBc7e-8Z2s_l6ort0GW55c6a3m40sB1ldNMIowXbl3nzoonessXycObVnDzdYlXXGXoCsbzhqbHeI8Mxg4RRpmkcq5OZt85dMu6NHFhopJOHVfEeK7cVuv_Qf0gZDanCzVcKJPt111SNmtVPd91Mnqg2QvuNVd7lGS4ELE9tlMXwFHInt9Or1caJgME5SuWKEWF0enC0s98fSc9Uu5TYNTNctdwdTEO-26NKagrBD6bKnj1&sig=Cg0ArKJSzO1F2CYHhHPdEAE&adurl=

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 24 Aug 2020 16:59:49 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 76D6 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d215a13ae04d1969c971c6102c4675e6ddc136144c85feb0963611d0e213e871

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H/2+Q/46 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 338 B
190 B 388ms
387ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=627944672165184&correlator=590133164404139&output=ldjh&impl=fifs&adsid=NT&eid=21066929&vrg=2020081901&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200824&iu_parts=12523293%2CSeattle_TV%2Ckiro_web_default%2Cnews%2Cjesse_jones&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=300x250%7C300x600&prev_scp=ad_slot%3DRP01%26position%3D%255Bobject%2520Object%255D%26pt%3Da%26cid%3DWXYQ2IBHV45AXZSL3LOLK4ZUQM%26category%3Dnews%26breakpoint%3D992px%26type_name%3Dstory%26topics%3Dcoronavirus%252C%2520cybercrime%252C%2520fraud%252C%2520government-waste%252C%2520jesses-story-of-the-day%252C%2520JesseJones%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=weather%3D34%26temp_range%3D60%2520to%252064%26sky%3DFair%26obj_id%3Dkiro%252FWXYQ2IBHV45AXZSL3LOLK4ZUQM%26type_name%3Dstory&cookie=ID%3D7403aed66e65bc6e%3AT%3D1598288388%3AS%3DALNI_Mb8osbaXsYbDdIwd4LcOk1Q6wkf_g&bc=31&abxe=1&lmt=1598288389&dt=1598288389093&dlt=1598288386624&idt=1685&frm=20&biw=1600&bih=1200&oid=3&adxs=1085&adys=342&adks=614731126&ucis=6&ifi=6&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F&dssz=72&icsg=579683290710076&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=409x250&msz=300x250&psts=AGkb-H-tUclrQOoBZJjzqJtqHEN_zpFkWdzvgW6s2TF_Ewvp7g8sTUskqyJVCkEWnu-x8mjfUtzRvkUWlw5k1UZy3MDt8zjIRTys%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9gMrrqHPETyRNg0TbZGdv9_WrCaTK9cQfr2yAV7OGFgW5pqMdFp2COuLJ8GsI5uBU0AGD29yMrNnKYEvY72w4JW4iZj0nC%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1282769257.1598288387&ga_sid=1598288388&ga_hid=1086240315&fws=0&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081901.js

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

34b9108be3aefcc177f0f206e4d9f7a2375a579a273c6852cc451abffdc4ec16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 16:59:49 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 150
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.kiro7.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 creative_js.js Show response
vidstat.taboola.com/vpaid/units/27_2_17/creatives/ 4 KB
2 KB 19ms
17ms Script
application/javascript 151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/27_2_17/creatives/creative_js.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20200824-16-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6258018e9f890f2383a09a2be6df7792affd977d856e7247ace8341f5b5487f0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 16:59:49 GMT
via: 1.1 82e9051d8d41080bd3028731e0e8677f.cloudfront.net (CloudFront), 1.1 varnish
age: 2443601
x-amz-meta-mtime: 1580049455
x-cache: Miss from cloudfront, HIT
x-amz-meta-ctime: 1580049758
status: 200
x-amz-meta-mode: 33188
content-encoding: gzip
content-length: 1904
x-served-by: cache-hhn4027-HHN
last-modified: Sun, 26 Jan 2020 14:42:39 GMT
server: AmazonS3
x-timer: S1598288389.119678,VS0,VE0
etag: "d80eacb3ed43f93a2da80d76e65d19a8"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-type: application/javascript
access-control-allow-headers: *
x-amz-cf-id: kRaLshvaAJHgdr7q24TWX9A2gS_4tsRUeQdXkJaEaHfoMtC8OWryUw==
x-cache-hits: 621891

GET
H2 200 /
includemodal.com/service/imp/5c69bc07-70d4-410b-9795-09e10e53fa8f/ Frame 76D6 42 B
156 B 731ms
731ms Image
image/gif 3.134.241.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://includemodal.com/service/imp/5c69bc07-70d4-410b-9795-09e10e53fa8f/?rand=10522651&referer=https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.134.241.231 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-134-241-231.us-east-2.compute.amazonaws.com

Software

nginx/1.10.3 (Ubuntu) /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Mon, 24 Aug 2020 16:59:49 GMT
x-content-type-options: nosniff
server: nginx/1.10.3 (Ubuntu)
content-length: 42
content-type: image/gif

GET
H2 200 st
imprammp.taboola.com/ Frame 3064 0
0 19ms
17ms Document
text/plain 151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://imprammp.taboola.com/st?cipid=7991117&ttype=0&cirid=78F2E5E5FF450969542826300625&cicmp=1337627&cijs=1&dast=V7Jr0CFgMyQhGrP164qwQyQhGrP164qwUAAAAGBugHHDecUVasFWtGI60Gy9lyNVpsRsvhZjNarqZgsIXP6e5uwx-aTofPda_X_X53rdPy9801frdf6vJ8Xm6p3-7y_IV-31vo8Hhdls9bYXm5NaeXw-y0-9xC191keZk8b73NrXaazU6_3fPW29wiv9nssHzeMsvf7dY9PEen3Wf6292qu8ttOPudb5fd9NY8P6eX2y8HAAAAgAcAopZoiB3fhvYIAAAAAAmekWsFioCKfwuBCwAAAAAMAAKxcA0AKI6Ce5lcZn8AADwUgAAADCiQAAgkFpYAONwtngAAABzUyTxts_z____HAOS9N8kAUKRt3Bj0ADz4ADwIAQAAXAzxuuPxD9X9QBEVqBYxAgAAACjBy-Y-mtQJlUXV____vxXAFQBAAF1I2thW1s1JMWsYAACAwNgCPSx-v9lh1_jdLvv_________N_s_A0ATsopiTwva4EpR4xm5Vlj7BQQAYHs3AIA3ATiYA7ADAAAAuPv____PAwAAUNmjZHutxrNHWe8z2MLndHfXb8IWo9VkslkOZ8vFZDAcDUej_QngZoATNBwOFrvBYrdYDCeLyWiwHCxQIAYTnJDhaDNZjXar3WQ5nIxGs81kgxStWs1Gm8FwNZvMdrvVcDBcjkZI0ZrFbDJZzEbL3WawnIwGw8lwiDAzWm1czt3CrdssbGvRyuFaC1eGzVo4Wg43s9nCObE43KLXx3TbjHy74WiPDrObKyaDuWSxm0smg1UCAAAAAAAAAFjClHkTAAAAgNMgZrPJbrfixps9E8RarZY1AAAAALdu5AA!&excid=22&tst=1&docw=0&cs=false
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

:method: GET
:authority: imprammp.taboola.com
:scheme: https
:path: /st?cipid=7991117&ttype=0&cirid=78F2E5E5FF450969542826300625&cicmp=1337627&cijs=1&dast=V7Jr0CFgMyQhGrP164qwQyQhGrP164qwUAAAAGBugHHDecUVasFWtGI60Gy9lyNVpsRsvhZjNarqZgsIXP6e5uwx-aTofPda_X_X53rdPy9801frdf6vJ8Xm6p3-7y_IV-31vo8Hhdls9bYXm5NaeXw-y0-9xC191keZk8b73NrXaazU6_3fPW29wiv9nssHzeMsvf7dY9PEen3Wf6292qu8ttOPudb5fd9NY8P6eX2y8HAAAAgAcAopZoiB3fhvYIAAAAAAmekWsFioCKfwuBCwAAAAAMAAKxcA0AKI6Ce5lcZn8AADwUgAAADCiQAAgkFpYAONwtngAAABzUyTxts_z____HAOS9N8kAUKRt3Bj0ADz4ADwIAQAAXAzxuuPxD9X9QBEVqBYxAgAAACjBy-Y-mtQJlUXV____vxXAFQBAAF1I2thW1s1JMWsYAACAwNgCPSx-v9lh1_jdLvv_________N_s_A0ATsopiTwva4EpR4xm5Vlj7BQQAYHs3AIA3ATiYA7ADAAAAuPv____PAwAAUNmjZHutxrNHWe8z2MLndHfXb8IWo9VkslkOZ8vFZDAcDUej_QngZoATNBwOFrvBYrdYDCeLyWiwHCxQIAYTnJDhaDNZjXar3WQ5nIxGs81kgxStWs1Gm8FwNZvMdrvVcDBcjkZI0ZrFbDJZzEbL3WawnIwGw8lwiDAzWm1czt3CrdssbGvRyuFaC1eGzVo4Wg43s9nCObE43KLXx3TbjHy74WiPDrObKyaDuWSxm0smg1UCAAAAAAAAAFjClHkTAAAAgNMgZrPJbrfixps9E8RarZY1AAAAALdu5AA!&excid=22&tst=1&docw=0&cs=false
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: t_gid=345ce97a-73a6-4ea5-8e03-8498366a9bba-tuct63d7784
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Response headers

status: 200
server: nginx
accept-ranges: bytes
date: Mon, 24 Aug 2020 16:59:49 GMT
via: 1.1 varnish
x-served-by: cache-hhn4027-HHN
x-cache: MISS
x-cache-hits: 0
x-timer: S1598288389.201579,VS0,VE9
content-length: 0

GET
H2 200 cmTagCUSTOM.js Show response
vidstat.taboola.com/vpaid/units/27_6_25/infra/ 663 KB
155 KB 9ms
8ms Script
application/javascript 151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/27_6_25/infra/cmTagCUSTOM.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/27_2_17/creatives/creative_js.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 496ae61b0a03b489e867ab7d0eeea5f22bab9ae851a2e61a790db90d6fed9821

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 16:59:49 GMT
via: 1.1 c0486ca54d4ad5a3da496bc2b5f49cd2.cloudfront.net (CloudFront), 1.1 varnish
age: 274535
x-amz-meta-mtime: 1595421630
x-cache: Miss from cloudfront, HIT
x-amz-meta-ctime: 1595421643
status: 200
x-amz-meta-mode: 33188
content-encoding: gzip
content-length: 158264
x-served-by: cache-hhn4027-HHN
last-modified: Wed, 22 Jul 2020 12:40:45 GMT
server: AmazonS3
x-timer: S1598288389.197998,VS0,VE0
etag: "72402f13ebddc16e10c53896b5158265"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA53
accept-ranges: bytes
content-type: application/javascript
access-control-allow-headers: *
x-amz-cf-id: j1Mb5qTC5n_RkkhN7De3WB8V2svvIE3Y0i_pdpuyiaDNtokt_mLeMA==
x-cache-hits: 178041

GET
H2 200 cmOsUnit.css
vidstat.taboola.com/vpaid/units/27_6_25/assets/css/ 36 KB
7 KB 8ms
7ms Stylesheet
text/css 151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/vpaid/units/27_6_25/assets/css/cmOsUnit.css
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/27_2_17/creatives/creative_js.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4fee9845a7f7aa7d0926481e4cf69447c1c06ab778f8426065a06bfc85ad5118

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 16:59:49 GMT
via: 1.1 44d7d28132a47c2b5760c4ec3dd7aa89.cloudfront.net (CloudFront), 1.1 varnish
age: 274258
x-amz-meta-mtime: 1595421627
x-cache: Miss from cloudfront, HIT
x-amz-meta-ctime: 1595421635
status: 200
x-amz-meta-mode: 33188
content-encoding: gzip
content-length: 6441
x-served-by: cache-hhn4027-HHN
last-modified: Wed, 22 Jul 2020 12:40:37 GMT
server: AmazonS3
x-timer: S1598288389.197776,VS0,VE0
etag: "3c9a6240f8ac791a72cc12e159de2585"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA53
accept-ranges: bytes
content-type: text/css
access-control-allow-headers: *
x-amz-cf-id: D-KVqEOuNkZBuL_MAeBwNz-2dR_JQmVM2RrjueVAcpte2GCqIXUOfQ==
x-cache-hits: 171877

GET
H2 200 PMS.js Show response
vidstat.taboola.com/PMS/2.2.1/ 51 KB
16 KB 10ms
8ms Script
application/javascript 151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/PMS/2.2.1/PMS.js
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/vpaid/units/27_6_25/infra/cmTagCUSTOM.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a9e402d2d19f1057cdea09b2152d8cfd35664182564595e19bb83916c1f00201

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 16:59:49 GMT
via: 1.1 79503619d600dbc1c9e04a650d3d7f3f.cloudfront.net (CloudFront), 1.1 varnish
age: 1025448
x-amz-meta-mtime: 1542789750
x-cache: Miss from cloudfront, HIT
status: 200
x-amz-meta-mode: 33188
content-encoding: gzip
content-length: 15795
x-served-by: cache-hhn4027-HHN
last-modified: Wed, 21 Nov 2018 08:42:31 GMT
server: AmazonS3
x-timer: S1598288389.280210,VS0,VE0
etag: "57a7ebef371550a9ab54a2f0f82547af"
x-amz-meta-uid: 0
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
x-amz-meta-gid: 0
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA54
accept-ranges: bytes
content-type: application/javascript
access-control-allow-headers: *
x-amz-cf-id: lMRV4ZYRLUDUMKGvesgs0u-Y5sc28vP_gLLzPdzi8CsYM5e0lWSbBA==
x-cache-hits: 496862

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 715 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK pw.js Show response
includemodal.global.ssl.fastly.net/ Frame 86D3 102 KB
34 KB 14ms
14ms Script
application/javascript 151.101.113.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://includemodal.global.ssl.fastly.net/pw.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081901.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0feb5866e19aaf52096cb0dc3a7908dd94a8c74bbb55f57676f8e77505b2d2a3

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 24 Aug 2020 16:59:49 GMT
Content-Encoding: gzip
Age: 2719
X-Cache: HIT
Connection: keep-alive
Content-Length: 34207
x-amz-id-2: WcxOTy/byjoLLtYAx2ImUaem2jLxKDeHwBmWcc5lRHlEjsU3iuw/9e4gRfi4FcUabd0mOXUopFw=
X-Served-By: cache-hhn4079-HHN
Last-Modified: Tue, 18 Aug 2020 18:06:48 GMT
Server: AmazonS3
X-Timer: S1598288389.383751,VS0,VE0
ETag: "ad13aad2b26e70dbc718bea014ef2782"
Vary: Accept-Encoding
x-amz-request-id: 98D12A755FB0263A
Via: 1.1 varnish
Accept-Ranges: bytes
Content-Type: application/javascript
X-Cache-Hits: 70

GET
H/2+Q/46 200 view
securepubads.g.doubleclick.net/pcs/ Frame 86D3 0
0 77ms
75ms Fetch
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstlCRpJRuQyILHsQAhWB4cmjbVlmnQk9aSbeEw6bN1_JWhC6V7LZZElFLs3lt7QrdmaaT4v6vh2az7uZbn85kM00RJX8RmP-cHwmUoQCRf9hxwTHfTXjN_ZOPgNeb9bmpNaOOm9PWYjCTSXhEnQjN7Fx-WAlJkDE1Yz0CMM35OlgznI09uUUGuOoC-cAvQgz145RhCyERZkCBggtQx6TcWxbZ3qJpnfkm5_0T6yrjUiI3f8hFig3TvQKUD_hd_9noYOk1oVM0ceoUmTHCxBx3z_W3ie2-g1Sv5dTN3ZOfkL877tkw&sig=Cg0ArKJSzGYjl3XOgqdNEAE&adurl=

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 24 Aug 2020 16:59:49 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H/2+Q/46 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20200818/r20110914/client/ Frame 86D3 3 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20200818/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081901.js

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

87adcd951526f566dd8a1eb655a8c4736a3bad8167f6e09a255e54650aeeb655

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 18 Aug 2020 18:47:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 511936
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1330
x-xss-protection: 0
server: cafe
etag: 15429208973290199181
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 01 Sep 2020 18:47:33 GMT

GET
H/2+Q/46 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 86D3 73 KB
28 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081901.js

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

52352645768c4c5daa8abebb4b8468932a84643e7d8edff47cd0666ec5b008bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 16:59:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1597858973492819"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28329
x-xss-protection: 0
expires: Mon, 24 Aug 2020 16:59:49 GMT

GET
H/2+Q/46 200 6689646930131180015
tpc.googlesyndication.com/simgad/ Frame 86D3 70 KB
70 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6689646930131180015

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081901.js

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c0883d747f2f0715eabe46219a1ccfc1a366c06d71cbf62ffae9abd2674235ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 13:51:32 GMT
x-content-type-options: nosniff
age: 11297
x-dns-prefetch-control: off
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72094
x-xss-protection: 0
last-modified: Tue, 07 Jul 2020 23:59:41 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 24 Aug 2021 13:51:32 GMT

GET
BLOB 206
Partial Content e49bb7f9-e4fe-46b1-8f09-6fad7df98228
https://www.kiro7.com/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.kiro7.com/e49bb7f9-e4fe-46b1-8f09-6fad7df98228
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
BLOB 206
Partial Content 0e0e9dee-cd25-4d56-9a0c-73cc6c31385b
https://www.kiro7.com/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.kiro7.com/0e0e9dee-cd25-4d56-9a0c-73cc6c31385b
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
H2 206 kilqlzqkgacobjwogeyt.mp4
c3.taboola.com/libtrc/static/video/t_PERFORMANCE_VIDEO_DEFAULT/v1598256853/ 110 KB
111 KB 10ms
8ms Media
video/mp4 151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://c3.taboola.com/libtrc/static/video/t_PERFORMANCE_VIDEO_DEFAULT/v1598256853/kilqlzqkgacobjwogeyt.mp4
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: edd4f3274cbb18049dbbb15b998d60f39c44cd00b581b924ecf3c13b6462e611

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Range: bytes=0-

Response headers

x-amz-version-id: bejN4xPCVb6ZwD8lUuhaMwUQUfB_Iqun
via: 1.1 varnish
etag: "924c054db197146aaf457095d470c98e"
age: 109
x-cache: HIT
status: 206
x-amz-replication-status: COMPLETED
Content-Length: 112746
x-amz-id-2: N0h3k1ouVE14ork7iHeXbJeAhRl+01MkM9WrT1nFqYQU+aerGYfPACeiBH1fiPcDw0R8NIInB/k=
x-served-by: cache-hhn4027-HHN
Content-Range: bytes 0-112745/112746
last-modified: Mon, 24 Aug 2020 08:14:20 GMT
server: AmazonS3
x-timer: S1598288389.392617,VS0,VE1
date: Mon, 24 Aug 2020 16:59:49 GMT
x-amz-request-id: E98B9D86BD9669F7
cache-control: private,max-age=31536000
accept-ranges: bytes, bytes
content-type: video/mp4;codecs=avc1
abp: 90
x-cache-hits: 0

GET
H2 200 /
includemodal.com/service/imp/5c69bc07-70d4-410b-9795-09e10e53fa8f/ Frame 86D3 42 B
132 B 112ms
111ms Image
image/gif 3.134.241.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://includemodal.com/service/imp/5c69bc07-70d4-410b-9795-09e10e53fa8f/?rand=7013036&referer=https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.134.241.231 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-134-241-231.us-east-2.compute.amazonaws.com
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Mon, 24 Aug 2020 16:59:49 GMT
server: nginx/1.10.3 (Ubuntu)
content-length: 42
content-type: image/gif

GET
H2 200 sync
am-match.taboola.com/ Frame 952D 0
0 67ms
19ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V7uYICFgMyQhGrP164qwQyQhGrP164qwUAAAAGBvQHG0UbbWYUDoMyWe4Ww-FkNljuZpvBcDJZDmGjaKPNjMJhUCbL3WI4nKyWw8lyt5pMBqsprBjLZTKoBRKW2e87KCinp8fsMoiKrrfF7nCaPQe1mmH5GA2SwWK3hj00nQ6f616vdVr-vrnG7_ZLXZ7Pyy31212ev9DvewsdHq_L8nkrLC-35vRymJ12n1voupssL5Pnrbe51U6z2em3e956m1vkN5sdls9bZvm73bqH5-i0-0x_u1t1d7kNZ7_z7bKb3prn5_Ry--UAAAAA8ACghLkN8QMIABABAAAAIAEAAABAEVDxbyFwAQAAAIABQMC1pQEAxVFwL5PL7A8AgIcCEACAAQUSAIG_mhIAD4qlEwAAAAAAAAAAlv____8YgLzrFBmADK2gHoAHH4AHogLFIkYAAAAAJXjZ3EeTOqGyqAIAIEi3ArgCAAigC0kbCwgDAAAQGFugh8XvNzvsGr_bZQAAAAAAAAAAZv9n_2hCVlHsaUEbXClqv4AAAGu_gAAAbOoGAPAmABd0BjVaDQaD1RHQZjCZHQAAAMDd____vx4Iznyj4cy3MQ5nK5PLZpmZFs7ZxLnxzEaumXM28V5P0350Pq1Bb1-LsMx-30FBOT09ZpdBVHS9LXaH0-w5qNUMy8dokAwWu4H4oGFYTgbB_CZsMVpNJpvlcLZcTAbD0XA02p8AbgY4QcPhYLEbLHaLxXCymIwGy8ECBWIwwQkZjjaT1Wi32k2Ww8loNNtMNkjRqtVstBkMV7PJbLdbDQfD5WiEFK1ZzCaTxWy03G0Gy8loMJwMhwgzo9XG5dwt3LrNwrYWrRyutXBl2KyFo-VwM5stnBOLwy16fUy3zci3G462KBggtxfBRTrR-I1vrdPyd4tuF7FEc7JIJ7LLvjjzjYYz38Y4nK1MLptlZlo4ZxPnxjMbuWbO2cTfGa02Ludu4dZtFra1aOVwrYUrw2YtHC2Hm9ls4ZxYHG7R62O6bUa-3XC0b6yWw8lwuBkO943VcjgZDjfD4b5DZ_iuPmejNG2wdWxShfCsfchMB4XLYPH-JKbFtDs7-DYX5dPnUy-LOqPw1j16DQrPwaM6DY_HpfO4DEtzB0UsEZwu0onoZTxdxBLJ0yKdqDzGmW_km9mMC5fHsTLNNiabaeNwjUweh2G38EzEEqXpIp3opS7P5-WW-u0uz1_o972FDo_XZfm8FZaXW3N6OcxOu88tdN1NlpfJ89bb3Gqn2ez02z1vvc0t8pvNDsvnLbP83W7dw3N02n2mv92turvchrPf-XbZTW_N83N6uS3qPzrMbq6YDOaSxW4umQxWCQAAAAAAAABgCXPmTQAAAABOg5htZpvdcgEeEMN0f7A14ICFbOF3iU2mS1LvlsqLGz9eGL_xrXVa_m7R7cybPRPEWq2WNQAAgAA2AABAALdu3gJCITk!&excid=22&docw=0&cijs=1&nlb=true
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/2.1.9/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

:method: GET
:authority: am-match.taboola.com
:scheme: https
:path: /sync?dast=V7uYICFgMyQhGrP164qwQyQhGrP164qwUAAAAGBvQHG0UbbWYUDoMyWe4Ww-FkNljuZpvBcDJZDmGjaKPNjMJhUCbL3WI4nKyWw8lyt5pMBqsprBjLZTKoBRKW2e87KCinp8fsMoiKrrfF7nCaPQe1mmH5GA2SwWK3hj00nQ6f616vdVr-vrnG7_ZLXZ7Pyy31212ev9DvewsdHq_L8nkrLC-35vRymJ12n1voupssL5Pnrbe51U6z2em3e956m1vkN5sdls9bZvm73bqH5-i0-0x_u1t1d7kNZ7_z7bKb3prn5_Ry--UAAAAA8ACghLkN8QMIABABAAAAIAEAAABAEVDxbyFwAQAAAIABQMC1pQEAxVFwL5PL7A8AgIcCEACAAQUSAIG_mhIAD4qlEwAAAAAAAAAAlv____8YgLzrFBmADK2gHoAHH4AHogLFIkYAAAAAJXjZ3EeTOqGyqAIAIEi3ArgCAAigC0kbCwgDAAAQGFugh8XvNzvsGr_bZQAAAAAAAAAAZv9n_2hCVlHsaUEbXClqv4AAAGu_gAAAbOoGAPAmABd0BjVaDQaD1RHQZjCZHQAAAMDd____vx4Iznyj4cy3MQ5nK5PLZpmZFs7ZxLnxzEaumXM28V5P0350Pq1Bb1-LsMx-30FBOT09ZpdBVHS9LXaH0-w5qNUMy8dokAwWu4H4oGFYTgbB_CZsMVpNJpvlcLZcTAbD0XA02p8AbgY4QcPhYLEbLHaLxXCymIwGy8ECBWIwwQkZjjaT1Wi32k2Ww8loNNtMNkjRqtVstBkMV7PJbLdbDQfD5WiEFK1ZzCaTxWy03G0Gy8loMJwMhwgzo9XG5dwt3LrNwrYWrRyutXBl2KyFo-VwM5stnBOLwy16fUy3zci3G462KBggtxfBRTrR-I1vrdPyd4tuF7FEc7JIJ7LLvjjzjYYz38Y4nK1MLptlZlo4ZxPnxjMbuWbO2cTfGa02Ludu4dZtFra1aOVwrYUrw2YtHC2Hm9ls4ZxYHG7R62O6bUa-3XC0b6yWw8lwuBkO943VcjgZDjfD4b5DZ_iuPmejNG2wdWxShfCsfchMB4XLYPH-JKbFtDs7-DYX5dPnUy-LOqPw1j16DQrPwaM6DY_HpfO4DEtzB0UsEZwu0onoZTxdxBLJ0yKdqDzGmW_km9mMC5fHsTLNNiabaeNwjUweh2G38EzEEqXpIp3opS7P5-WW-u0uz1_o972FDo_XZfm8FZaXW3N6OcxOu88tdN1NlpfJ89bb3Gqn2ez02z1vvc0t8pvNDsvnLbP83W7dw3N02n2mv92turvchrPf-XbZTW_N83N6uS3qPzrMbq6YDOaSxW4umQxWCQAAAAAAAABgCXPmTQAAAABOg5htZpvdcgEeEMN0f7A14ICFbOF3iU2mS1LvlsqLGz9eGL_xrXVa_m7R7cybPRPEWq2WNQAAgAA2AABAALdu3gJCITk!&excid=22&docw=0&cijs=1&nlb=true
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: t_gid=345ce97a-73a6-4ea5-8e03-8498366a9bba-tuct63d7784
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Response headers

status: 200
server: nginx
date: Mon, 24 Aug 2020 16:59:49 GMT
content-type: text/html;charset=ISO-8859-1
machineid: 3405

GET
H2 200 st
am-vid-events.taboola.com/ 0
44 B 71ms
20ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=7984937&crid=4888795&dast=V7uYICFgMyQhGrP164qwQyQhGrP164qwUAAAAGBvQHG0UbbWYUDoMyWe4Ww-FkNljuZpvBcDJZDmGjaKPNjMJhUCbL3WI4nKyWw8lyt5pMBqsprBjLZTKoBRKW2e87KCinp8fsMoiKrrfF7nCaPQe1mmH5GA2SwWK3hj00nQ6f616vdVr-vrnG7_ZLXZ7Pyy31212ev9DvewsdHq_L8nkrLC-35vRymJ12n1voupssL5Pnrbe51U6z2em3e956m1vkN5sdls9bZvm73bqH5-i0-0x_u1t1d7kNZ7_z7bKb3prn5_Ry--UAAAAA8ACghLkN8QMIABABAAAAIAEAAABAEVDxbyFwAQAAAIABQMC1pQEAxVFwL5PL7A8AgIcCEACAAQUSAIG_mhIAD4qlEwAAAAAAAAAAlv____8YgLzrFBmADK2gHoAHH4AHogLFIkYAAAAAJXjZ3EeTOqGyqAIAIEi3ArgCAAigC0kbCwgDAAAQGFugh8XvNzvsGr_bZQAAAAAAAAAAZv9n_2hCVlHsaUEbXClqv4AAAGu_gAAAbOoGAPAmABd0BjVaDQaD1RHQZjCZHQAAAMDd____vx4Iznyj4cy3MQ5nK5PLZpmZFs7ZxLnxzEaumXM28V5P0350Pq1Bb1-LsMx-30FBOT09ZpdBVHS9LXaH0-w5qNUMy8dokAwWu4H4oGFYTgbB_CZsMVpNJpvlcLZcTAbD0XA02p8AbgY4QcPhYLEbLHaLxXCymIwGy8ECBWIwwQkZjjaT1Wi32k2Ww8loNNtMNkjRqtVstBkMV7PJbLdbDQfD5WiEFK1ZzCaTxWy03G0Gy8loMJwMhwgzo9XG5dwt3LrNwrYWrRyutXBl2KyFo-VwM5stnBOLwy16fUy3zci3G462KBggtxfBRTrR-I1vrdPyd4tuF7FEc7JIJ7LLvjjzjYYz38Y4nK1MLptlZlo4ZxPnxjMbuWbO2cTfGa02Ludu4dZtFra1aOVwrYUrw2YtHC2Hm9ls4ZxYHG7R62O6bUa-3XC0b6yWw8lwuBkO943VcjgZDjfD4b5DZ_iuPmejNG2wdWxShfCsfchMB4XLYPH-JKbFtDs7-DYX5dPnUy-LOqPw1j16DQrPwaM6DY_HpfO4DEtzB0UsEZwu0onoZTxdxBLJ0yKdqDzGmW_km9mMC5fHsTLNNiabaeNwjUweh2G38EzEEqXpIp3opS7P5-WW-u0uz1_o972FDo_XZfm8FZaXW3N6OcxOu88tdN1NlpfJ89bb3Gqn2ez02z1vvc0t8pvNDsvnLbP83W7dw3N02n2mv92turvchrPf-XbZTW_N83N6uS3qPzrMbq6YDOaSxW4umQxWCQAAAAAAAABgCXPmTQAAAABOg5htZpvdcgEeEMN0f7A14ICFbOF3iU2mS1LvlsqLGz9eGL_xrXVa_m7R7cybPRPEWq2WNQAAgAA2AABAALdu3gJCITk!&cmcv=&pix=31589837&cb=1598288389496&uv=28131&tms=1598288389496&abt=expl_vZ!ntvc_vA!scpmr_vB!spa2_vB!t45!ufm_vC&ft=0&su=2&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1598288385300.303!ts:1598288389496&mntl=1
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Mon, 24 Aug 2020 16:59:49 GMT
server: nginx
content-length: 0

GET
H2 200 st
imprammp.taboola.com/ 0
64 B 17ms
16ms Image
text/plain 151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=7984937&crid=4888795&dast=V7uYICFgMyQhGrP164qwQyQhGrP164qwUAAAAGBvQHG0UbbWYUDoMyWe4Ww-FkNljuZpvBcDJZDmGjaKPNjMJhUCbL3WI4nKyWw8lyt5pMBqsprBjLZTKoBRKW2e87KCinp8fsMoiKrrfF7nCaPQe1mmH5GA2SwWK3hj00nQ6f616vdVr-vrnG7_ZLXZ7Pyy31212ev9DvewsdHq_L8nkrLC-35vRymJ12n1voupssL5Pnrbe51U6z2em3e956m1vkN5sdls9bZvm73bqH5-i0-0x_u1t1d7kNZ7_z7bKb3prn5_Ry--UAAAAA8ACghLkN8QMIABABAAAAIAEAAABAEVDxbyFwAQAAAIABQMC1pQEAxVFwL5PL7A8AgIcCEACAAQUSAIG_mhIAD4qlEwAAAAAAAAAAlv____8YgLzrFBmADK2gHoAHH4AHogLFIkYAAAAAJXjZ3EeTOqGyqAIAIEi3ArgCAAigC0kbCwgDAAAQGFugh8XvNzvsGr_bZQAAAAAAAAAAZv9n_2hCVlHsaUEbXClqv4AAAGu_gAAAbOoGAPAmABd0BjVaDQaD1RHQZjCZHQAAAMDd____vx4Iznyj4cy3MQ5nK5PLZpmZFs7ZxLnxzEaumXM28V5P0350Pq1Bb1-LsMx-30FBOT09ZpdBVHS9LXaH0-w5qNUMy8dokAwWu4H4oGFYTgbB_CZsMVpNJpvlcLZcTAbD0XA02p8AbgY4QcPhYLEbLHaLxXCymIwGy8ECBWIwwQkZjjaT1Wi32k2Ww8loNNtMNkjRqtVstBkMV7PJbLdbDQfD5WiEFK1ZzCaTxWy03G0Gy8loMJwMhwgzo9XG5dwt3LrNwrYWrRyutXBl2KyFo-VwM5stnBOLwy16fUy3zci3G462KBggtxfBRTrR-I1vrdPyd4tuF7FEc7JIJ7LLvjjzjYYz38Y4nK1MLptlZlo4ZxPnxjMbuWbO2cTfGa02Ludu4dZtFra1aOVwrYUrw2YtHC2Hm9ls4ZxYHG7R62O6bUa-3XC0b6yWw8lwuBkO943VcjgZDjfD4b5DZ_iuPmejNG2wdWxShfCsfchMB4XLYPH-JKbFtDs7-DYX5dPnUy-LOqPw1j16DQrPwaM6DY_HpfO4DEtzB0UsEZwu0onoZTxdxBLJ0yKdqDzGmW_km9mMC5fHsTLNNiabaeNwjUweh2G38EzEEqXpIp3opS7P5-WW-u0uz1_o972FDo_XZfm8FZaXW3N6OcxOu88tdN1NlpfJ89bb3Gqn2ez02z1vvc0t8pvNDsvnLbP83W7dw3N02n2mv92turvchrPf-XbZTW_N83N6uS3qPzrMbq6YDOaSxW4umQxWCQAAAAAAAABgCXPmTQAAAABOg5htZpvdcgEeEMN0f7A14ICFbOF3iU2mS1LvlsqLGz9eGL_xrXVa_m7R7cybPRPEWq2WNQAAgAA2AABAALdu3gJCITk!&cmcv=&pix=undefined&cb=1598288389496&uv=28131&tms=1598288389496&abt=expl_vZ!ntvc_vA!scpmr_vB!spa2_vB!t45!ufm_vC&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=E643FBCA2297188260976308229&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=false
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 16:59:49 GMT
via: 1.1 varnish
server: nginx
x-timer: S1598288390.509638,VS0,VE9
x-cache: MISS
status: 200
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-hhn4027-HHN

GET
H/2+Q/46 200 view
securepubads.g.doubleclick.net/pcs/ Frame 86D3 0
21 B 46ms
45ms Image
image/gif 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvjzIhcoiChrbKtfkfYwCnQ7olRS-mFL14m0lKv0PZlW4YGw_qw1s71OCmC4h8pYIfIRdIe7XaVxzPdVSa0SGWPnvGvp6NPpUVNdVKiQ7PYzWXVfVYTNT7lAaAC0yORCWhTBENrHPeF8S0pulB3sImxh5YXmOnvmplp6JFiVnct8lOGJFP0GdPFz4aDZhQ0tg0LnpjtodkyTGwlRsPxESBycFl4Mb-AujExKOzIoZmHfEwEI2yD4-ek-j_a-FST7icgH96lRpyJYQ-AkMUFbztGW7Iy-rHeGYadDPS69ISbnYtxLxY1&sig=Cg0ArKJSzMMmjgM56ApYEAE&adurl=

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 24 Aug 2020 16:59:49 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 86D3 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fe0a75c50a6d6220387a6c19ecb106a0b674eb8dafdfa6cf25862cf6ba11042f

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK c=E5NS_f=spot_si=1407_s=300x250_lid=null Show response
pr.realvu.net/flip/2/ 1 KB
887 B 103ms
102ms Script
application/javascript 35.168.135.69
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pr.realvu.net/flip/2/c=E5NS_f=spot_si=1407_s=300x250_lid=null
Requested by: Host: pr.realvu.net
URL: https://pr.realvu.net/flip/2/c=E5NS_f=site_si=1407
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.168.135.69 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-168-135-69.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 3b9224aa15235fc040d8dd729a59e690dcd7c9c4c781c791b451ce6efb8e1d59

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 24 Aug 2020 16:59:49 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=3600
Connection: keep-alive
Content-Length: 595
X-Proxy-Cache: BYPASS

GET
H/1.1 200
OK prebid3.23.js Show response
pr.realvu.net/ 197 KB
61 KB 104ms
104ms Script
application/javascript 35.168.135.69
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pr.realvu.net/prebid3.23.js
Requested by: Host: pr.realvu.net
URL: https://pr.realvu.net/flip/2/c=E5NS_f=site_si=1407
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.168.135.69 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-168-135-69.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 7183c63341a2b365ecdb3ccc70ef4c95eae74e4bfaae7e8df6b809b9a5f007d2

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 24 Aug 2020 16:59:49 GMT
Content-Encoding: gzip
Last-Modified: Wed, 19 Aug 2020 11:26:49 GMT
Server: nginx
ETag: "5f3d0c79-f337"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=43200
Connection: keep-alive
Content-Length: 62263

POST
H2 200 adreq Show response
ads.servenobid.com/ 109 B
380 B 108ms
33ms XHR
application/json 18.203.164.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.servenobid.com/adreq?cb=2668
Requested by: Host: pr.realvu.net
URL: https://pr.realvu.net/prebid3.23.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.203.164.24 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-203-164-24.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 6eb5eb8b7462c62b8bc7104df21bf98d1e4c9c923d6f29e1e951de02d0bb7bcf

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 24 Aug 2020 16:59:49 GMT
content-encoding: gzip
amp-access-control-allow-source-origin: *
status: 200
vary: accept-encoding
content-type: application/json
access-control-allow-origin: https://www.kiro7.com
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
access-control-allow-credentials: true

GET
H/1.1 200
OK cygnus Show response
as-sec.casalemedia.com/ 24 B
1 KB 307ms
307ms XHR
application/json 104.111.215.135
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/cygnus?s=518771&v=7.2&r=%7B%22id%22%3A%223a69ad88b778ec%22%2C%22imp%22%3A%5B%7B%22id%22%3A%224c60ca1f9fd92f%22%2C%22ext%22%3A%7B%22siteID%22%3A518771%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22durationmedia.net%22%2C%22sid%22%3A%2221851507967%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D&ac=j&sd=1
Requested by: Host: pr.realvu.net
URL: https://pr.realvu.net/prebid3.23.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.215.135 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-215-135.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7f70647d4985ee8c70d321b5bf33eb32fc29a907e51f413ce47c84a0ca3c2a1c

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 24 Aug 2020 16:59:50 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin: https://www.kiro7.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 44
Expires: Mon, 24 Aug 2020 16:59:50 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 0
1 KB 190ms
119ms XHR
application/json 185.86.139.95
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: pr.realvu.net
URL: https://pr.realvu.net/prebid3.23.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.95 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 24 Aug 2020 16:59:49 GMT
x-smrt-d: 6%3b14%3b110
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.kiro7.com
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json
content-length: 0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
115 B 167ms
98ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: pr.realvu.net
URL: https://pr.realvu.net/prebid3.23.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Mon, 24 Aug 2020 16:59:50 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: https://www.kiro7.com

POST
H2 204 bulk Show response
trc.taboola.com/cox-kiro-tv/log/3/ 0
425 B 30ms
29ms XHR
image/gif 151.101.113.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/cox-kiro-tv/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=6
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20200824-16-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.113.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 17
date: Mon, 24 Aug 2020 16:59:49 GMT
via: 1.1 varnish
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 204
x-served-by: cache-hhn4027-HHN
pragma: no-cache
server: nginx
x-timer: S1598288390.903917,VS0,VE17
content-type: image/gif
access-control-allow-origin: https://www.kiro7.com
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H/1.1 200
OK config.js Show response
confiant-integrations.global.ssl.fastly.net/5rVB4DsPmtXrz0O1uUnRC1WH1to/gpt_and_prebid/ Frame 8894 90 KB
19 KB 26ms
7ms Script
text/javascript 151.101.13.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/5rVB4DsPmtXrz0O1uUnRC1WH1to/gpt_and_prebid/config.js
Requested by: Host: pr.realvu.net
URL: https://pr.realvu.net/flip/2/c=E5NS_f=site_si=1407
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9afdd16a314612c510fb54f1078d419b67b30629dbffd9248494e6dde0ba9f5d

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 24 Aug 2020 16:59:50 GMT
Content-Encoding: gzip
Age: 486
X-Cache: HIT
Connection: keep-alive
Content-Length: 18875
x-amz-id-2: 2cLfQytRxy67R4nuvpJ13te3gPjNIkmQ0syaRHAc1CUVPYjkZeVYDW/QNRGxUyForXOzJ5vC3Ew=
X-Served-By: cache-fra19139-FRA
Last-Modified: Mon, 24 Aug 2020 16:48:50 GMT
Server: AmazonS3
X-Timer: S1598288390.218387,VS0,VE0
ETag: "7b6bed8d0612861a09150bf806b918b6"
x-amz-request-id: 21E2789F079FD687
Via: 1.1 varnish
Cache-Control: public, max-age=900, stale-while-revalidate=3600
Accept-Ranges: bytes
Content-Type: text/javascript
X-Cache-Hits: 30

GET
H/2+Q/46 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 8894 54 KB
18 KB 41ms
39ms Script
text/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: pr.realvu.net
URL: https://pr.realvu.net/flip/2/c=E5NS_f=site_si=1407

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c90ee39dae67c3684cbfe221f5d7b05a03ceadc644c4aa573a7ba7bb2db7afb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 16:59:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "611 / 146 of 1000 / last-modified: 1598281714"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 18623
x-xss-protection: 0
expires: Mon, 24 Aug 2020 16:59:50 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 76D6 42 B
175 B 49ms
49ms Image
image/gif 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstA5MdBlFr-5Rm-gxA2j3-Q-lpF1mn83p3qvh9a0akXJMs0r0Td1XkbVPqZJp-6h7h0QvLyThRs78_trZGwJzs7AzqgvWQgFwXPl0NYBuw&sig=Cg0ArKJSzFpB059y-XHKEAE&adk=900422085&tt=-1&bs=1600%2C1200&mtos=1021,1021,1021,1021,1021&tos=1021,0,0,0,0&p=166,436,256,1164&mcvt=1021&rs=0&ht=0&tfs=126&tls=1147&mc=1&lte=-1&bas=0&bac=0&met=mue&avms=nio&niot_obs=2&niot_cbk=11&md=2&btr=0&cpmav=0&lm=2&rst=1598288389000&dlt&rpt=56&isd=0&msd=0&xdi=0&rxlist=1&ps=1600%2C6647&scs=1600%2C1200&pt=-1&bin=4&deb=1-0-0-11-2-10-10-0-0-0&tvt=1146&is=728%2C90&iframe_loc=https%3A%2F%2Fwww.kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F&r=v&id=osdim&vs=4&uc=11&upc=1&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=728x90&itpl=3&v=20200819

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Aug 2020 16:59:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK wrap.js Show response
confiant-integrations.global.ssl.fastly.net/gpt/202008071611/ Frame 8894 155 KB
49 KB 8ms
8ms Script
application/javascript 151.101.13.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202008071611/wrap.js
Requested by: Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/5rVB4DsPmtXrz0O1uUnRC1WH1to/gpt_and_prebid/config.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dbc7f6982e20a0cd136f325464b938a578a47a277a2efeb89481ea3e8db53c06

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 24 Aug 2020 16:59:50 GMT
Content-Encoding: gzip
Age: 170
X-Cache: HIT
Connection: keep-alive
Content-Length: 49918
x-amz-id-2: TtplaK6H7QByEqGxxCS6RlkBYnX6Xwm3fY8HWMUU7qMEX32YYmRDNqtqnEu+S8o9oK2Ben3o6d8=
X-Served-By: cache-fra19139-FRA
Last-Modified: Fri, 07 Aug 2020 20:41:04 GMT
Server: AmazonS3
X-Timer: S1598288390.266961,VS0,VE0
ETag: "cbb706134ddbfd981b03880b07202f93"
x-amz-request-id: 0ED66B361823E7C1
Via: 1.1 varnish
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
X-Cache-Hits: 225

GET
H/1.1 200
OK wrap.js Show response
confiant-integrations.global.ssl.fastly.net/prebid/202008071611/ Frame 8894 69 KB
22 KB 19ms
7ms Script
application/javascript 151.101.13.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://confiant-integrations.global.ssl.fastly.net/prebid/202008071611/wrap.js
Requested by: Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/5rVB4DsPmtXrz0O1uUnRC1WH1to/gpt_and_prebid/config.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.13.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 58f46c96db4b54e9935ad6ccea5a2f69098dc3c70dd8e83f6fee8799108c98cc

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 24 Aug 2020 16:59:50 GMT
Content-Encoding: gzip
Age: 114
X-Cache: HIT
Connection: keep-alive
Content-Length: 22427
x-amz-id-2: NB6efxbK43hWgIDckdKjmfXQ5NUv9vOdu/BOd/fJhiqFaxCX9GJkKNaUpVAt66A8nAuAmfNIMi4=
X-Served-By: cache-fra19153-FRA
Last-Modified: Fri, 07 Aug 2020 20:41:06 GMT
Server: AmazonS3
X-Timer: S1598288390.279641,VS0,VE0
ETag: "fb2254bbf3b7c3a1a6a284985c70088b"
x-amz-request-id: F553DBF935194F40
Via: 1.1 varnish
Cache-Control: public, max-age=31536000
Accept-Ranges: bytes
Content-Type: application/javascript; charset=utf-8
X-Cache-Hits: 65

GET
H/2+Q/46 200 pubads_impl_2020081901.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 8894 258 KB
91 KB 41ms
41ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081901.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

sffe /

Resource Hash

8210024f80e448628a3d3a0ad3e739512711dc9d61d10301b1b19da61ee83cbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 16:59:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 19 Aug 2020 08:40:28 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 92737
x-xss-protection: 0
expires: Mon, 24 Aug 2020 16:59:50 GMT

GET
H/2+Q/46 200 integrator.js Show response
adservice.google.de/adsid/ Frame 8894 109 B
126 B 77ms
61ms Script
application/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.kiro7.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081901.js

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 24 Aug 2020 16:59:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H/2+Q/46 200 integrator.js Show response
adservice.google.com/adsid/ Frame 8894 109 B
807 B 76ms
61ms Script
application/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.kiro7.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081901.js

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 24 Aug 2020 16:59:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H/2+Q/46 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 8894 6 KB
3 KB 273ms
272ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3552487236147453&correlator=2507843688659246&output=ldjh&impl=fif&eid=21066928%2C21067045%2C21067119%2C21063669%2C21066993%2C21067108&vrg=2020081901&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200824&iu_parts=21688424927%2Ccoxmediagroup%2Ckiro7&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&eri=6&cookie=ID%3D7403aed66e65bc6e%3AT%3D1598288388%3AS%3DALNI_Mb8osbaXsYbDdIwd4LcOk1Q6wkf_g&cdm=www.kiro7.com&bc=31&abxe=1&lmt=1598288390&dt=1598288390376&dlt=1598288390189&idt=179&ea=0&frm=23&biw=1600&bih=1200&oid=3&adxs=1235&adys=592&adks=1324954882&ucis=mccy8hk1792n&ifi=1&ifk=2066112500&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=kiro7.com&loc=https%3A%2F%2Fwww.kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F&top=www.kiro7.com&dssz=8&icsg=10250&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x250&msz=0x250&ga_vid=694419820.1598288390&ga_sid=1598288390&ga_hid=141429122&fws=256&ohw=0&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081901.js

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

4db3ebd2115713baabb36eda0bf928f6abde6e71b3bb73f61d1fee98c39c3041

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 16:59:50 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3026
x-xss-protection: 0
google-lineitem-id: 5212383521
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138293183731
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.kiro7.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
9f7f13ec165e9a529de1dbdd42c98c42.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 8894 0
0 99ms
14ms Other
text/html 2a00:1450:4001:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://9f7f13ec165e9a529de1dbdd42c98c42.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081901.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H/2+Q/46 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 8894 0
0 6ms
6ms Other
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081901.js
Protocol: HTTP/2+QUIC/46
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 wxwidget.measurement.js Show response
widgets-green.media.weather.com/chunks/ 2 KB
1 KB 91ms
50ms Script
text/javascript 2a02:26f0:6c00:28d::3282
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets-green.media.weather.com/chunks/wxwidget.measurement.js?v=32fc4b97e2c206e3a91b

Requested by

Host: widgets.media.weather.com
URL: https://widgets.media.weather.com/wxwidget.loader.js?cid=138459890

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

2a02:26f0:6c00:28d::3282 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

ea1321d511a75cd158b307b8c4480f91f84f802a70a1d0c556ee9663c1fd2028

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx/1.16.1
status: 200
etag: W/"8d8-w3oHgFZXhvm52E/hPRrBHj8QoTg"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=557
date: Mon, 24 Aug 2020 16:59:50 GMT
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 969
expires: Mon, 24 Aug 2020 17:09:07 GMT

GET
H/1.1 200
OK cs.js Show response
sb.scorecardresearch.com/c2/32816940/ 0
400 B 8ms
8ms Script
application/x-javascript 23.37.53.17
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/c2/32816940/cs.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJW4B46
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.53.17 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-53-17.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 24 Aug 2020 16:59:50 GMT
Content-Encoding: gzip
Last-Modified: Fri, 08 Apr 2011 23:11:26 GMT
ETag: "d41d8cd98f00b204e9800998ecf8427e:1349196464"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=259200
Connection: keep-alive
Content-Length: 20
Expires: Thu, 27 Aug 2020 16:59:50 GMT

GET
H/2+Q/46 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
6 KB 18ms
18ms XHR
application/json 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020081901&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081901.js

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6a15de10bee346831d302ef600b2197b0b5c711268d751370ea5761a88806149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 24 Aug 2020 16:59:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6262
x-xss-protection: 0

GET
H/2+Q/46 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 14 KB
6 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081901.js

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 16:59:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1591403518460474"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5540
x-xss-protection: 0
expires: Mon, 24 Aug 2020 16:59:50 GMT

GET
H2

200

1
twcimaxweb.112.2o7.net/b/ss/twcimaxweb/
Redirect Chain

https://twcimaxweb.112.2o7.net/b/ss/twcimaxweb/1?pageName=www.kiro7.com&v3=138459890&events=event1
https://twcimaxweb.112.2o7.net/b/ss/twcimaxweb/1?AQB=1&pccr=true&pageName=www.kiro7.com&v3=138459890&events=event1&AQE=1

43 B
0

23ms
21ms

Fetch
image/gif

15.236.175.233
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://twcimaxweb.112.2o7.net/b/ss/twcimaxweb/1?AQB=1&pccr=true&pageName=www.kiro7.com&v3=138459890&events=event1&AQE=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.236.175.233 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

jag /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 16:59:50 GMT
x-content-type-options: nosniff
x-c: master-1337.If22631.M0-435
p3p: CP="This is not a P3P policy"
status: 200
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Tue, 25 Aug 2020 16:59:50 GMT
server: jag
xserver: anedge-7b958987b-6qtlt
etag: 3432298182398541824-4614405497940560470
vary: *
content-type: image/gif;charset=utf-8
access-control-allow-origin: https://www.kiro7.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
expires: Sun, 23 Aug 2020 16:59:50 GMT

Redirect headers

date: Mon, 24 Aug 2020 16:59:50 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.kiro7.com
x-c: master-1337.If22631.M0-435
p3p: CP="This is not a P3P policy"
status: 302
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Tue, 25 Aug 2020 16:59:50 GMT
server: jag
xserver: anedge-7b958987b-z4v2m
content-type: text/plain;charset=utf-8
location: https://twcimaxweb.112.2o7.net/b/ss/twcimaxweb/1?AQB=1&pccr=true&pageName=www.kiro7.com&v3=138459890&events=event1&AQE=1
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
expires: Sun, 23 Aug 2020 16:59:50 GMT

POST
H2 204 /
6852bd07.akstat.io/ 0
201 B 382ms
379ms Other
image/gif 2a02:26f0:6c00:298::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://6852bd07.akstat.io/

Requested by

Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/2ARQK-4FEY5-2C44D-9TAQS-ZHZL7

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

2a02:26f0:6c00:298::11a6 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 24 Aug 2020 16:59:50 GMT
status: 204
content-type: image/gif
access-control-allow-origin: https://www.kiro7.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 0
expires: Mon, 24 Aug 2020 16:59:50 GMT

GET
H/2+Q/46 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/210/ Frame 2360 0
0 6ms
6ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/210/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4590
date: Mon, 24 Aug 2020 16:20:25 GMT
expires: Tue, 24 Aug 2021 16:20:25 GMT
last-modified: Wed, 26 Feb 2020 19:47:50 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2365
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET view
securepubads.g.doubleclick.net/pcs/ Frame 4DF7 0
0

GET osd_listener.js
www.googletagservices.com/activeview/js/current/ Frame 4DF7 0
0

GET
H/2+Q/46 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8894 71 KB
26 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081901.js

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a13ee75dc207f9a65442b766c6a68123d2f3b4db81d87c96604bd8dece2fcbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 16:59:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1597858973492819"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27037
x-xss-protection: 0
expires: Mon, 24 Aug 2020 16:59:50 GMT

GET
H/2+Q/46 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 8894 8 KB
6 KB 18ms
18ms XHR
application/json 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020081901&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081901.js

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b2bd16fae7d062b7991b9d7e2c1bdd4d65d00876878aba420715d0e4f058bb34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 24 Aug 2020 16:59:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6234
x-xss-protection: 0

GET
H/2+Q/46 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 8894 14 KB
8 KB 273ms
273ms XHR
text/plain 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3552487236147453&correlator=2507843688659246&output=ldjh&impl=fif&adsid=NT&eid=21066928%2C21067045%2C21067119%2C21063669%2C21066993%2C21067108&vrg=2020081901&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200824&iu_parts=64387298%2Cdurationmedia%2Ckiro7&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&eri=6&cookie=ID%3D7403aed66e65bc6e%3AT%3D1598288388%3AS%3DALNI_Mb8osbaXsYbDdIwd4LcOk1Q6wkf_g&cdm=www.kiro7.com&bc=31&abxe=1&lmt=1598288390&dt=1598288390683&dlt=1598288390189&idt=179&ea=0&frm=23&biw=1600&bih=1200&oid=3&adxs=1235&adys=592&adks=3314034807&ucis=wvm469d06jns&ifi=2&ifk=2066112500&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=kiro7.com&loc=https%3A%2F%2Fwww.kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F&top=www.kiro7.com&dssz=3&icsg=2&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x250&msz=0x250&ga_vid=694419820.1598288390&ga_sid=1598288390&ga_hid=141429122&fws=256&ohw=0&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081901.js

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s22-in-f2.1e100.net

Software

cafe /

Resource Hash

9ec9e3cb9c4d4277f7650d26d92a118f378007b112a66897e5cfc405c232f767

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 16:59:50 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8291
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.kiro7.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/2+Q/46 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 8894 14 KB
5 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081901.js

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 24 Aug 2020 16:59:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1591403518460474"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5540
x-xss-protection: 0
expires: Mon, 24 Aug 2020 16:59:50 GMT

GET
H/2+Q/46 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/210/ Frame B287 0
0 6ms
6ms Document
text/html 2a00:1450:4001:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/210/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 4590
date: Mon, 24 Aug 2020 16:20:25 GMT
expires: Tue, 24 Aug 2021 16:20:25 GMT
last-modified: Wed, 26 Feb 2020 19:47:50 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2365
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/2+Q/46 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
118 B 39ms
39ms Image
image/gif 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gpt_2020081901&jk=627944672165184&bg=!z8ylzNRYyKWLvLayDZ8CAAAATlIAAAAemQGkY7aRpg3v9wswn-S41qk2MFDWEHV4PHEALXo7tjFMRDvRq6wHjHrLX4qf-De618ZL8Qcn1TAYUQSPaXL_8-VXmApgN2fSWJheKd7C1-HU6-LIQlIxBR1fXyU1a5z0D4u0gqD1HkAGs_yTSHhulZd0Rm-nGEyOh7s6hiep9zOx4rPrh--pebu-SszTJp5zdA_I1jY5dv_sbewnk1_Ti1BB-ycjCD7sDC6F8ohx1aShP7mT4xikzWleD7dQ8aGwPAA0MrjtVikSoL_2REKUsQhAoRx3BJnkVDEWjO8q3Bgu9uux2n95SQb7IXTTgTUVhxwdIFqm8Xh9Er6gGR_zkeRhfZNqWz-ncUMj-J_rlh51yzKkKg8dDDnLVLDQKOzbCufhNC3QuGUu9eCw2T0T6yCSaxZaXdfwbaZ0n2M8vDPgTcbAdGVgrIGVdQIM8tYK2pSnxhAwkR5tIB-iMPgmBIDGdqjF6GNwJz-9xet9hQZfT3Zp2zPunh5wRNBeo22zJEV8R2b0gK_tu_-6s81-H4Ms36lvlw32olum_Fspk5UAS3N68hab

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Aug 2020 16:59:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/2+Q/46 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8894 0
22 B 40ms
39ms Image
image/gif 2a00:1450:4001:81d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gpt_2020081901&jk=3552487236147453&bg=!4eKl4vpY1N3uDQWxnAQCAAAAPFIAAAAKmQG78DPAB99na7sAbs5PyOC1AhXJbugw5j93oCkLl15TIukIObtm6fUcgO_ZXx7tfmtHi_kU35S3-3FUwcmS1Q0cbaLx0qwY6HmzNkZ3s2AqL7BkYaKNgcRQ3uQ_cpNXb8MN_7fWtQL_qsCqCnzfzkP17yxZWw2Km5AsvQpqSEOviVNbTRflGHxSMenfCt6RBEXGWtrCFGjAVxXfmc_NeRCvaHPpyLTndxvx31RAGsYWfgv-NMx_BT7mHdCDBGfBP5sUXU7ZqEjzEkWVp9iEoZcxLlnz3_bTC8UcssIvVfkBFaeHHMG901cPJG0hS4rTwrVMNc0Vpyn4KW36hZJX16bJovSwt9xQexK9KGraW7C8uRoyVFlpzldGR_IfAzlScn_eFfbiGz9U7gXbB_ooUKK5JyJIP-5BPsHgZnP3foVDFeVwjscbhF3OOwGbyFE-wFMXcDBjdP2C7yorCKz-iTctrNugGEUIAX7z-tZ4M3okF2tR5KTvJR_G4EDP90dZ6UJqMGKURRHeVBcw_VNPtcSkosN1AgV2o5U1r5lqj2noUf8Rl5P8SsiEOdNXaznpfYDFEBl82hoD03ojG3A

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 24 Aug 2020 16:59:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/2+Q/46 200 container.html
9f7f13ec165e9a529de1dbdd42c98c42.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame D779 0
0 27ms
13ms Document
text/html 2a00:1450:4001:817::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9f7f13ec165e9a529de1dbdd42c98c42.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1

Requested by

Host: confiant-integrations.global.ssl.fastly.net
URL: https://confiant-integrations.global.ssl.fastly.net/gpt/202008071611/wrap.js

Protocol

HTTP/2+QUIC/46

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:817::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 9f7f13ec165e9a529de1dbdd42c98c42.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 2973
date: Mon, 24 Aug 2020 16:59:50 GMT
expires: Tue, 24 Aug 2021 16:59:50 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2

200

pd
eu-u.openx.net/w/1.0/ Frame EA83
Redirect Chain

https://eu-u.openx.net/w/1.0/pd?plm=6&ph=e31558e5-75b7-420e-989f-cbc513e3a26b&gdpr=1
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=e31558e5-75b7-420e-989f-cbc513e3a26b&gdpr=1

0
0

19ms
19ms

Document
text/html

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=e31558e5-75b7-420e-989f-cbc513e3a26b&gdpr=1
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/pb/resources/scripts/prebid2.41.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.192.1 /
Resource Hash

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?cc=1&plm=6&ph=e31558e5-75b7-420e-989f-cbc513e3a26b&gdpr=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=09de2321-d68a-0dc0-16b8-5880b6de795c|1598288391
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Response headers

status: 200
vary: Accept, Accept-Encoding
set-cookie: i=09de2321-d68a-0dc0-16b8-5880b6de795c|1598288391; Version=1; Expires=Tue, 24-Aug-2021 16:59:51 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1598288391|gekin0vNiygu; Version=1; Expires=Tue, 08-Sep-2020 16:59:51 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.192.1
p3p: CP="CUR ADM OUR NOR STA NID"
date: Mon, 24 Aug 2020 16:59:51 GMT
content-type: text/html
content-length: 420
content-encoding: gzip
via: 1.1 google
alt-svc: clear

Redirect headers

status: 302
set-cookie: i=09de2321-d68a-0dc0-16b8-5880b6de795c|1598288391; Version=1; Expires=Tue, 24-Aug-2021 16:59:51 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.192.1
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=e31558e5-75b7-420e-989f-cbc513e3a26b&gdpr=1
date: Mon, 24 Aug 2020 16:59:51 GMT
content-length: 0
via: 1.1 google
alt-svc: clear

GET
H2

200

pd
eu-u.openx.net/w/1.0/ Frame FC08
Redirect Chain

https://eu-u.openx.net/w/1.0/pd?plm=6&ph=e31558e5-75b7-420e-989f-cbc513e3a26b&gdpr=1
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=e31558e5-75b7-420e-989f-cbc513e3a26b&gdpr=1

0
0

19ms
19ms

Document
text/html

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=e31558e5-75b7-420e-989f-cbc513e3a26b&gdpr=1
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/pb/resources/scripts/prebid2.41.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.192.1 /
Resource Hash

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?cc=1&plm=6&ph=e31558e5-75b7-420e-989f-cbc513e3a26b&gdpr=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=a3ad103d-8013-0af1-14b1-f493c9d6953e|1598288391
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Response headers

status: 200
vary: Accept, Accept-Encoding
set-cookie: i=a3ad103d-8013-0af1-14b1-f493c9d6953e|1598288391; Version=1; Expires=Tue, 24-Aug-2021 16:59:51 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1598288391|gekin0vNiygu; Version=1; Expires=Tue, 08-Sep-2020 16:59:51 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.192.1
p3p: CP="CUR ADM OUR NOR STA NID"
date: Mon, 24 Aug 2020 16:59:51 GMT
content-type: text/html
content-length: 420
content-encoding: gzip
via: 1.1 google
alt-svc: clear

Redirect headers

status: 302
set-cookie: i=a3ad103d-8013-0af1-14b1-f493c9d6953e|1598288391; Version=1; Expires=Tue, 24-Aug-2021 16:59:51 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.192.1
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=e31558e5-75b7-420e-989f-cbc513e3a26b&gdpr=1
date: Mon, 24 Aug 2020 16:59:51 GMT
content-length: 0
via: 1.1 google
alt-svc: clear

GET
H2

200

pd
eu-u.openx.net/w/1.0/ Frame 2AAE
Redirect Chain

https://eu-u.openx.net/w/1.0/pd?plm=6&ph=e31558e5-75b7-420e-989f-cbc513e3a26b&gdpr=1
https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=e31558e5-75b7-420e-989f-cbc513e3a26b&gdpr=1

0
0

31ms
30ms

Document
text/html

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=e31558e5-75b7-420e-989f-cbc513e3a26b&gdpr=1
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/pb/resources/scripts/prebid2.41.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.192.1 /
Resource Hash

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?cc=1&plm=6&ph=e31558e5-75b7-420e-989f-cbc513e3a26b&gdpr=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=ff040f91-fd2f-0e6f-3dda-137e781bc87f|1598288391
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Response headers

status: 200
vary: Accept, Accept-Encoding
set-cookie: i=ff040f91-fd2f-0e6f-3dda-137e781bc87f|1598288391; Version=1; Expires=Tue, 24-Aug-2021 16:59:51 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1598288391|gekin0vNiygu; Version=1; Expires=Tue, 08-Sep-2020 16:59:51 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.192.1
p3p: CP="CUR ADM OUR NOR STA NID"
date: Mon, 24 Aug 2020 16:59:51 GMT
content-type: text/html
content-length: 419
content-encoding: gzip
via: 1.1 google
alt-svc: clear

Redirect headers

status: 302
set-cookie: i=ff040f91-fd2f-0e6f-3dda-137e781bc87f|1598288391; Version=1; Expires=Tue, 24-Aug-2021 16:59:51 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.192.1
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://eu-u.openx.net/w/1.0/pd?cc=1&plm=6&ph=e31558e5-75b7-420e-989f-cbc513e3a26b&gdpr=1
date: Mon, 24 Aug 2020 16:59:51 GMT
content-length: 0
via: 1.1 google
alt-svc: clear

GET
H/1.1 200
OK showad.js
ads.pubmatic.com/AdServer/js/ Frame 6943 0
0 35ms
14ms Document
text/html 104.111.215.68
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: pr.realvu.net
URL: https://pr.realvu.net/prebid3.23.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.215.68 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-215-68.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Response headers

Last-Modified: Sat, 01 Aug 2020 14:58:34 GMT
ETag: "13006b6-94fd-5abd223c2ac92"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13837
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=44086
Expires: Tue, 25 Aug 2020 05:14:39 GMT
Date: Mon, 24 Aug 2020 16:59:53 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK ixmatch.html
js-sec.indexww.com/um/ Frame E1BA 0
0 32ms
11ms Document
text/html 104.111.215.135
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: pr.realvu.net
URL: https://pr.realvu.net/prebid3.23.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.215.135 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-215-135.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash

Request headers

Host: js-sec.indexww.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Response headers

Server: Apache
Last-Modified: Mon, 19 Jun 2017 19:18:19 GMT
ETag: "74087b-112-55254ff6699bb"
Accept-Ranges: bytes
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 211
Date: Mon, 24 Aug 2020 16:59:53 GMT
Connection: keep-alive

GET
H2 200 sync.html
public.servenobid.com/ Frame EAEB 0
0 46ms
14ms Document
text/html 13.226.155.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://public.servenobid.com/sync.html
Requested by: Host: pr.realvu.net
URL: https://pr.realvu.net/prebid3.23.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.226.155.128 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-128.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

:method: GET
:authority: public.servenobid.com
:scheme: https
:path: /sync.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Response headers

status: 200
content-type: text/html
last-modified: Sat, 01 Aug 2020 20:33:29 GMT
server: AmazonS3
content-encoding: gzip
date: Mon, 24 Aug 2020 01:14:12 GMT
cache-control: max-age=86400
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 0406d08716a9781a5c19ff86db2debd3.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
x-amz-cf-id: yO69zRpAjqtUuGHGSDIAsnQd8Eahb4JDmpMrjII0X9tIjU0spqi-Lw==
age: 56742

GET
H2 200 ping
ping.chartbeat.net/ 43 B
168 B 118ms
118ms Image
image/gif 52.201.74.173
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=video%40kiro7.com&g=31585&p=https%3A%2F%2Fc3.taboola.com%2Flibtrc%2Fstatic%2Fvideo%2Ft_PERFORMANCE_VIDEO_DEFAULT%2Fv1598256853%2Fkilqlzqkgacobjwogeyt.mp4&i=&g0=news&u=D9DAG9DcuftDmnxFp&t=BeB0jXBZHXgQaevCHCrGb5SChZRAG&x=0&y=0&V=120&VS=H5&n=1&b=5174&r=&_vd=8100&_vi=how%20hackers%20are%20stealing%20hundreds%20of%20millions%20of%20dollars%20from%20washington%E2%80%99s%20unemployment%20system&_vp=kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F&_vh=kiro7.com&_pu=NlwuhJd-ETCMfuBd&_pt=DUg_k4C-KeuXC0Qw9nB3QDOkDximjL&_pr=&_vdd=kiro7.com&_vt=ct&_vs=s1&_vcs=0&_vbr=-1&_vvs=0.002&_vpt=67&_vaup=auto&_vce=0&c=0&W=0&R=0&I=1&E=0&j=75&tz=-120&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.201.74.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-201-74-173.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
pragma: no-cache
date: Mon, 24 Aug 2020 16:59:53 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

GET
H2 200 ping
ping.chartbeat.net/ 43 B
168 B 103ms
102ms Image
image/gif 52.201.74.173
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=kiro7.com&p=%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F&u=NlwuhJd-ETCMfuBd&d=kiro7.com&g=31585&g0=news&g1=No%20Author&n=1&f=00001&c=0.1&x=0&m=0&y=6647&o=1600&w=1200&j=30&R=1&W=0&I=0&E=6&e=6&r=&b=2921&t=DUg_k4C-KeuXC0Qw9nB3QDOkDximjL&V=120&tz=-120&_vi=&_vp=https://c3.taboola.com/libtrc/static/video/t_PERFORMANCE_VIDEO_DEFAULT/v1598256853/kilqlzqkgacobjwogeyt.mp4&_vdd=video%40kiro7.com&_vs=s1&_vt=ct&_vap=&_vtn=&_vd=8100&sn=2&sv=DipNwmDUciiWDMQ0jnDyvJHsR9ZrL&sd=1&im=067b2ffa&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.201.74.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-201-74-173.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
pragma: no-cache
date: Mon, 24 Aug 2020 16:59:54 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

GET
H2 200 ping
ping.chartbeat.net/ 43 B
168 B 101ms
101ms Image
image/gif 52.201.74.173
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=kiro7.com&p=%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F&u=NlwuhJd-ETCMfuBd&d=kiro7.com&g=31585&g0=news&g1=No%20Author&n=1&f=00001&c=0.25&x=0&m=0&y=6647&o=1600&w=1200&j=30&R=1&W=0&I=0&E=10&e=4&r=&b=2921&t=DUg_k4C-KeuXC0Qw9nB3QDOkDximjL&V=120&tz=-120&_vi=&_vp=https://c3.taboola.com/libtrc/static/video/t_PERFORMANCE_VIDEO_DEFAULT/v1598256853/kilqlzqkgacobjwogeyt.mp4&_vdd=video%40kiro7.com&_vs=s1&_vt=ct&_vap=&_vtn=&_vd=8100&sn=3&sv=DipNwmDUciiWDMQ0jnDyvJHsR9ZrL&sd=1&im=067b2ffa&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.201.74.173 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-201-74-173.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
pragma: no-cache
date: Mon, 24 Aug 2020 17:00:03 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu3fYlbBOdJjBxUFAth7RPp9ZP-BDl53PdJX-sYgJgI3z_2CwcK4uhCehZsyf8Mup7CwgoQMjodqifedkEe4zMOx1adjTxouz07qlDFvMHnjaScT4HkjytdwCzDUeaqa0cX0IJaBSWuhG2BtKf6D31-pQK9LiyoDR04wbJ2nhyttTaD_QIxbtpSUa68w5BhgSnn6vm6qKzcD65KzIZwAumof_rOg-asKo-MdHE0LzRMXYi1cddE1vNs45jBcWZNScbqnC0rEnqB7g0&sig=Cg0ArKJSzBpsZTxyOJnTEAE&urlfix=1&adurl=

Domain: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Verdicts & Comments Add Verdict or Comment

293 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.smartadserver.com/	1970-01-19 21:28:22	Name: pdomid Value: 14
.smartadserver.com/	1969-12-31 23:59:59	Name: vs Value: 333026=4021499
.taboola.com/	1970-01-19 20:43:44	Name: t_gid Value: 345ce97a-73a6-4ea5-8e03-8498366a9bba-tuct63d7784
.kiro7.com/	1970-01-20 05:29:20	Name: __gads Value: ID=7403aed66e65bc6e:T=1598288388:S=ALNI_Mb8osbaXsYbDdIwd4LcOk1Q6wkf_g
.smartadserver.com/	1970-01-19 21:28:22	Name: pid Value: 5953415748721540123
www.kiro7.com/	1970-01-19 20:43:44	Name: trc_cookie_storage Value: taboola%2520global%253Auser-id%3D345ce97a-73a6-4ea5-8e03-8498366a9bba-tuct63d7784
www.kiro7.com/	1970-01-19 11:58:10	Name: _tb_t_ppg Value: https%3A//www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
www.kiro7.com/	1970-01-19 11:58:10	Name: _cb_svref Value: null
www.kiro7.com/	1970-01-19 21:26:56	Name: _chartbeat2 Value: .1598288388211.1598288388211.1.DipNwmDUciiWDMQ0jnDyvJHsR9ZrL.1
www.kiro7.com/	1970-01-19 21:26:56	Name: _cb Value: NlwuhJd-ETCMfuBd
.kiro7.com/	1970-01-23 03:34:08	Name: xdibx Value: N4Ig-mBGAeDGCuAnRIBcoAOGAuBnNAjAKwCcAHAExlkDMZJADAGxEA0IGAbrAHbaHtc-VMXJVa9Zmw6dcvfiPaIkAGzQgQ7FavUB6AFYBTIYYC0-gPY9jugBYWA7qdsBDWAGtDiXKZeIzuNiGLioAljwA5s7wPAAm.rE-FgBmpgC2oSphVkmpsRZZfj7JiBZppg4uuLbhEdhWpjGGaRgqFgCeaYZ8pvhaeISklNR0jCwAvuwQMBj-nGigsS7twgDaosMSjADsZAC6k-BQ0Iac3QPoh9NwobHq28mwkMkE2xSmRLBPpgAsDMk0XxMWJMUxkZIMBiwKE0JjbBiAjbiOhkH7kEDjIA_
.smartadserver.com/	1970-01-19 11:59:34	Name: sasd2 Value: q=%24qc%3D1311284246%3B%24ql%3DUnknown%3B%24qpc%3D10178%3B%24qt%3D25_632_7994t%3B%24dma%3D0&c=1&l=562040528&lo=-2087804682&lt=637338923899627017&o=1
www.kiro7.com/	1970-01-19 11:58:10	Name: _tb_sess_r Value:
.smartadserver.com/	1970-01-19 11:59:34	Name: sasd Value: %24qc%3D1311284246%3B%24ql%3DUnknown%3B%24qpc%3D10178%3B%24qt%3D25_632_7994t%3B%24dma%3D0
www.kiro7.com/	1970-01-19 21:26:56	Name: _cb_ls Value: 1

15 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://connect.facebook.net/en_US/fbevents.js(Line 23) Message: [Facebook Pixel] - Unable to parse JSON-LD tag. Malformed JSON found: ' { "@context": "http://schema.org", "@type": "NewsArticle", "mainEntityOfPage": { "@type": "WebPage", "@id": "" }, "headline": "How hackers are stealing hundreds of millions of dollars from Washington’s unemployment system", "datePublished": "2020-05-22T00:45:56Z", "dateModified": "2020-05-22T00:45:56Z", "articleBody": "Dawn Gately’s hair salon in Port Townsend has been shut down for months. When she applied for unemployment benefits, she received an all too familiar response.“Someone else had used my social security number and it also showed a strange email address,” says Dawn.Dawn is one of a growing number of victims of "impostor fraud" through the Employment Security Department, which administers unemployment benefits.ESD would not give precise figures, but now admits tens of thousands of fraudulent accounts have been created, and hundreds of millions of dollars have been paid out to impostors through May 21. Those numbers are for Washington alone, and may rise as more individuals and businesses come forward to report fraud.Federal investigators appear to be focusing on a cybercrime conglomerate in Nigeria. Armen Najarian, Chief Identity Officer with Silicon Valley-based internet security company Agari, has been tracking them, too.“They’re very good at what they do and they’ve been doing it for a long time,” says Armen.Agari has connected more than 140 of the first 700 fraudulent unemployment claims in our state to a Nigerian cybercrime group named Scattered Canary.“They’re diversified. They have a number of lines of businesses. One is business email compromise, where they might impersonate a CEO reaching a CFO asking for an urgent wire transfer,” says Armen. “They’re involved in real estate fraud scams where they are diverting a payment or mortgage transfer.”Armen says the group has found a way to have a single scammer obtain, and then use, hundreds of Gmail accounts to fraudulently apply for unemployment benefits using stolen social security numbers and other personal information. He adds that the Washington Employment Security Department’s rush to pay applicants may have made things easier for the thieves.“The law of unintended consequences, right? What was intended to be a pro-citizen policy has perhaps been exploited because maybe there wasn’t [sic] the in-depth verification checks that have existed if it wasn’t more locked down,” says Armen.The Commissioner of the Employment Security Department says additional measures recently put in place have blocked "hundreds of millions" in additional fraudulent claims, but would not explain how she got that number.Mike Hamilton, with the Seattle-based internet security company CI Security, has also been following the Scattered Canary developments. He believes American authorities may have to consider new incentives for countries known to harbor cyber-criminals, to prevent those groups from attacking american targets.“If we treat our logical borders like we treat our physical borders. and say you can’t control all the crime in your country that’s sucking money out of my country – great! We’re going to cut off legitimate business at the border router and we’re going to let your business community howl at you until you clean up your problem,” says Mike.And that could help cyber crime victims like Dawn get the benefits they desperately need.“It’s hard because I’ve gone through a lot of money on my own when I could have been receiving unemployment,” says Dawn. “A lot of savings for my retirement, so I’m going to be working when I’m 80.”You can check out our previous reporting for a checklist to see if you’ve been victimized, report the fraud, and protect your identity.UPDATE: Washington’s Employment Security Department says the Department of Justice is leading the fraud investigation. Here is a statement their Seattle office sent us after our story ran:“In any fraud investigation and prosecution, our focus is on finding and securing the proceeds of crime, so that we can return them to their rightful owner. This investigation is no different. A team of federal law enforcement agents is working hard to identify, and recover funds from, accounts that have been used in this fraud. Last week, a diligent financial institution, with which agents were working, was able to prevent $120 million from being distributed to criminals. Agents are assisting in recovering millions of additional dollars, with assistance from scores of other banks and credit unions. I commend the Social Security Administration Office of the Inspector General, the Secret Service, the FBI, and the Department of Labor Office of the Inspector General for their quick and urgent work to reclaim these funds and other criminal proceeds that we are working to identify.”See the rest of our reporting on Washington’s unemployment crisis:Victims of unemployment fraud have assets frozen by bankImpostor fraud continues: Seattle man's information used to apply for unemployment benefits in three statesScammers swoop in, swipe Washington unemployment benefits – and how to protect yourself if you're a victimAt least 55,000 people in Washington wait for unemployment decisionsDelays, denials as Coronavirus fuels demand for unemployment benefits", "author": [ { "@type": "Organization", "name": "Cox Media Group", "logo": { "@type": "ImageObject", "url": "https://www.kiro7.com/pb/resources/images/cmg_icons/kiro-logo.png?token=123", "width": 152, "height": 60 } } ], "publisher": { "@type": "Organization", "name": "Cox Media Group", "logo": { "@type": "ImageObject", "url": "https://www.kiro7.com/pb/resources/images/cmg_icons/kiro-logo.png?token=123", "width": 152, "height": 60 } } }, // will be empty for branded publishing "description": "May 21, 2020 Dawn Gately’s hair salon in Port Townsend has been shut down for months. When she applied for unemployment benefits, she received an all too familiar response. “Someone else had used my social security number and it also showed a strange email address,” says Dawn. Dawn is one of a growing number of […]" } '.
console-api	log	(Line 1) Message: digioh fired
console-api	log	URL: https://membercenter-sdk.cmg.com/sdk/main.min.js(Line 287) Message: [MemberCenter] SDK fetching tenantConfig
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081901.js(Line 6) Message: Invalid GPT fixed size specification: [[[970,90],[728,90]],[[728,90]],[[320,50]]]
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081901.js(Line 6) Message: Invalid GPT fixed size specification: [[[1,1]],[[1,1]],[[1,1]]]
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081901.js(Line 6) Message: Invalid GPT fixed size specification: [[[300,250]],[[300,250]],[[300,250]]]
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081901.js(Line 6) Message: Invalid GPT fixed size specification: [[[300,250],[300,600]],[[300,250]],[[300,250]]]
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081901.js(Line 6) Message: Invalid GPT fixed size specification: [[[300,250]],[[300,250]],[[300,250]]]
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020081901.js(Line 6) Message: Invalid GPT fixed size specification: [[[1,1]],[[1,1]],[[1,1]]]
console-api	log	URL: https://www.kiro7.com/pb/gr/c/default/rF4EmW1Kh2SsUr/arcAdsJS/84612eb819.js?v=95(Line 1) Message: Bid Back Handler [object Object]
console-api	log	URL: https://www.kiro7.com/pb/gr/c/default/rF4EmW1Kh2SsUr/arcAdsJS/84612eb819.js?v=95(Line 1) Message: Bid Back Handler [object Object]
console-api	log	URL: https://includemodal.global.ssl.fastly.net/pw.js(Line 2) Message: Scanner Online
console-api	log	URL: https://www.kiro7.com/pb/gr/c/default/rF4EmW1Kh2SsUr/arcAdsJS/84612eb819.js?v=95(Line 1) Message: Bid Back Handler [object Object]
console-api	log	URL: https://includemodal.global.ssl.fastly.net/pw.js(Line 2) Message: Scanner Online
console-api	log	URL: https://includemodal.global.ssl.fastly.net/pw.js(Line 2) Message: Scanner Online

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

15.taboola.com
6852bd07.akstat.io
9f7f13ec165e9a529de1dbdd42c98c42.safeframe.googlesyndication.com
a1b54cb1d5fc1f521fa76da0dc15e5c3.safeframe.googlesyndication.com
ads.pubmatic.com
ads.servenobid.com
adservice.google.com
adservice.google.de
am-match.taboola.com
am-vid-events.taboola.com
as-sec.casalemedia.com
bit.ly
c.amazon-adsystem.com
c.go-mpulse.net
c3.taboola.com
cdn.taboola.com
confiant-integrations.global.ssl.fastly.net
connect.facebook.net
coxmediagroup-d.openx.net
d.adtriba.com
d2s8wlbatk24s7.cloudfront.net
eu-u.openx.net
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hbopenbid.pubmatic.com
ib.adnxs.com
images.taboola.com
imprammp.taboola.com
includemodal.com
includemodal.global.ssl.fastly.net
jadserve.postrelease.com
jessejones.com
js-sec.indexww.com
lightboxapi.azurewebsites.net
loadus.exelator.com
log.outbrainimg.com
mab.chartbeat.com
member-center-api.cmg.com
membercenter-sdk.cmg.com
pagead2.googlesyndication.com
ping.chartbeat.net
pr.realvu.net
prg.smartadserver.com
public.servenobid.com
s.go-mpulse.net
s.ntv.io
sb.scorecardresearch.com
securepubads.g.doubleclick.net
static.chartbeat.com
stats.g.doubleclick.net
tag.durationmedia.net
tcheck.outbrainimg.com
tpc.googlesyndication.com
trc.taboola.com
twcimaxweb.112.2o7.net
use.fontawesome.com
vidstat.taboola.com
widget.perfectmarket.com
widgets-green.media.weather.com
widgets.media.weather.com
widgets.outbrain.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.kiro7.com
www.lightboxcdn.com
securepubads.g.doubleclick.net
www.googletagservices.com
104.111.215.135
104.111.215.236
104.111.215.68
104.111.216.19
13.226.145.204
13.226.155.128
13.89.172.6
136.144.49.28
141.226.228.48
15.236.175.233
151.101.113.181
151.101.113.194
151.101.113.44
151.101.13.194
151.101.13.44
172.217.18.162
18.203.164.24
185.33.221.50
185.64.189.112
185.86.139.95
2.16.186.170
216.58.212.162
23.111.9.35
23.37.53.17
2600:9000:214f:dc00:a:588b:e680:93a1
2600:9000:2182:5400:10:ce97:9fc0:93a1
2600:9000:2182:7200:18:1fcd:34e:d2a1
2600:9000:2182:7800:16:b34:fdc0:93a1
2600:9000:21f3:a200:d:77c3:2dc0:21
2606:4700::6810:50a5
2a00:1450:4001:801::200e
2a00:1450:4001:802::2008
2a00:1450:4001:802::200e
2a00:1450:4001:806::2003
2a00:1450:4001:806::200a
2a00:1450:4001:809::2004
2a00:1450:4001:817::2001
2a00:1450:4001:81b::2003
2a00:1450:4001:81c::2001
2a00:1450:4001:81c::2002
2a00:1450:4001:81d::2001
2a00:1450:4001:81d::2002
2a00:1450:4001:81e::2003
2a00:1450:4001:821::2002
2a00:1450:4001:825::2002
2a00:1450:400c:c04::9d
2a02:26f0:6c00:191::11a6
2a02:26f0:6c00:28d::3282
2a02:26f0:6c00:298::11a6
2a02:26f0:6c00:2be::3282
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:1b::714
3.134.241.231
34.239.195.15
35.168.135.69
35.244.159.8
52.201.74.173
52.57.212.105
52.86.141.129
67.199.248.10
69.173.144.143
70.42.32.31
92.122.252.200
0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08cbd811deac9156d7f1e90bcaa0b69265579482e5be7b961f4008059933c1d6
08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c
0b9028c7ecccf4f31fafcfca176cd6ed38197d7b3d6ea4c107b98af8eecc525b
0dbaff061afa7cca97c6790c3d6efe09a380c5c60a9e9da759c998b58225c93d
0e6dfa442177b789845d0ccd6d0ee0123d1cd971aec7da66f9ee0baef2bfd953
0ecd9f5bb492be71e3aacc8ca4f170c8f9890242a25e2c6ec9a42f13561b028f
0feb5866e19aaf52096cb0dc3a7908dd94a8c74bbb55f57676f8e77505b2d2a3
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
13f33872e3f36dcc60d3f0f9530bd7a2d0cd45695c716d8d506a90eaea8065c6
15222558c59d8869576c6579a2b115258dc1a73efbdd38eafddd044a92756768
16db9077eb1d50fe61d2e1f44f42dfa4d50179330f453677e4a97bb5309b7fd2
1d3e06f60eea3342042e97cb558d8670453c2fdea9c38d2e1e96eb92fcd5fbe1
20d427100fd302f0f4dec437bb8da82a0c6263f06ef060c416bc57981bc6d957
217ab2343844a5006beaf28cb27b50605a35bcb874c4be87888165a01f67bbed
2676d1f82c68c0ff7f00cf46b8c444b5f764c6073037de162f7b680ad5c018b0
2b16ddc2b34d6afd82d3b7632b4d124024bb0865a09f52d9cb5308fc85137b58
2ba72d1da694b90b069bb47b174e1f58af73c7de3ed6ebe680910170b3ad5f5b
2db3814455c16db3eb80d6005bb8556c47dfe6ba3e78c05285344b31ad483715
34b9108be3aefcc177f0f206e4d9f7a2375a579a273c6852cc451abffdc4ec16
36ad80a8bbf3902b110f7c30e7f1573bf449fb2cf7bbf9bbada7e6c93662a833
36f7d0d17013fbed1bb9768dc12a15a8834e74740a150d8c65a0f7fa1edede0f
38db8016c9a71b8590311347a397e56764effd444da1db744884e551a48fefe4
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3b9224aa15235fc040d8dd729a59e690dcd7c9c4c781c791b451ce6efb8e1d59
42b955255ccece0d430ebf7cf813186ece8c1d3b0acf759c0c4532faf1bffc74
44873c516517601e306f25c69b458ff45d5a0e1d75f0bca7a87e2fa15cd57fe8
45e81b26da1dc26926ec6b6cc23969a62efbe2d878ac61d17ce37a0aa3b68199
462af7e56316cbd54775a56daafc59a06cdfd6f8a04d08e70d33e979b629c240
46d85fb8d2387e9618cb4fbc58fcb75be7c2b2b6a7946b26f8bcc4c2421d96aa
4858f428d5d50d739665bdf2662686d9051f885e5eebda7db0c98bc0be7c068f
496ae61b0a03b489e867ab7d0eeea5f22bab9ae851a2e61a790db90d6fed9821
4ad76b80167b5c2d0b658d84ceda8d5320f0c93a7e134e241a4c0b290514b901
4d0130d314f1669c9ea5a911d401d6250f96386a52b0c38f7b3fb43cdcd10589
4db3ebd2115713baabb36eda0bf928f6abde6e71b3bb73f61d1fee98c39c3041
4fee9845a7f7aa7d0926481e4cf69447c1c06ab778f8426065a06bfc85ad5118
52352645768c4c5daa8abebb4b8468932a84643e7d8edff47cd0666ec5b008bc
58f46c96db4b54e9935ad6ccea5a2f69098dc3c70dd8e83f6fee8799108c98cc
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5c20d6ffa9bb17f38e3ec89628c13111741bcb11ff62989fc7a595f2b0f57a4b
5c7df99df232586111917083a85aa31b82ee29e48ca2990e13fae0c0663a923f
5c90ee39dae67c3684cbfe221f5d7b05a03ceadc644c4aa573a7ba7bb2db7afb
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
5f31c70d0062c5f56bc779c3bfecd62a70d7d3178d2ed9aea5a014e4af5c2fdb
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
6258018e9f890f2383a09a2be6df7792affd977d856e7247ace8341f5b5487f0
66cfd93f20fe1bb1545202b2138ec00c34d51f2cf915409404f4615560dcf7cb
66f3a1596ff32a4d87cf714e79ae253be77f0839520b45d9bdc0ffbf1f3ec80f
678411243c99862b378011c1c8ce74be91ccf15481b2eb8d7596d88a7439a67f
680168566ee9750e5db2b29af40845da0bf6ae8a6647f71f2feaa85948b6499d
68632f1c4edadde25df7c227f597bc41ec7c9a019cc6e0196d7060907e10b298
6a15de10bee346831d302ef600b2197b0b5c711268d751370ea5761a88806149
6eb5eb8b7462c62b8bc7104df21bf98d1e4c9c923d6f29e1e951de02d0bb7bcf
706c72a9f65ed8a097429dc32951d072859de50679bb294f84cb7be0de649616
7183c63341a2b365ecdb3ccc70ef4c95eae74e4bfaae7e8df6b809b9a5f007d2
71cf336486d24b2288bfc4556a213cf915a86fcfb90e5a4299f58b7b1fd32413
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
76439b75e3f2e5b0245aece2b61f2b3f311ebcf32f4b100026b3277026aa0cb3
78f63db954e8d8e0063af3c75acc720f67e96bb2e32d89520579ad028a86ec0c
791a94444efa59632aefb03a83c3c89e281f072dcbeca289ec3375e666cc8642
7a13ee75dc207f9a65442b766c6a68123d2f3b4db81d87c96604bd8dece2fcbd
7ba75fc06ae25752835a529a4934903d0ed6e8d8cc2eee706948cc41fdae3544
7d05ef890122a9ea40886906ff928e735f4b1113bf885fd4a579eb9dcb43a528
7f70647d4985ee8c70d321b5bf33eb32fc29a907e51f413ce47c84a0ca3c2a1c
80f5317ac5620c70618497fb3930ca9d235971a466e99b5b0c2b590489228afd
8210024f80e448628a3d3a0ad3e739512711dc9d61d10301b1b19da61ee83cbb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85fe24e2163fae2bd19d88423d1beede8684e23a9180c575290be20e5ae4a3ec
87adcd951526f566dd8a1eb655a8c4736a3bad8167f6e09a255e54650aeeb655
8891a160f8a2afb81de5259f9f68e5af3782348ea2927ad9e969bc88c7d39984
893df2b9ceb653f94333139d561d363bf4c365e651a0a3ade839d96200942e37
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8a9e9f5b2fc3abd86179fc8bbfd5704d1c26759c442fb2f24b1be1386ecbc565
8dab40e5d7a7021a46003d249a36d44dfe99576391181d7f7148266e5e09924e
8e2aa60d03eeb4d2424689ba3202946e8745b05615dc0eaecef93d197ce4a7e2
90383c73a43d62ae770b4040d73664aff220a52a6bc67fc5828fb7ed13babcca
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f
930a3fd7f254f3bb339528ae7f05669aa8faa93ef0fe2eaaae7af7cc66b6a5ac
9533a0a3fa76c5dfe6c50834ba4837d0ad67756c4eedb4874d219d90b6709023
95a439c4e11ace2484e8d42c30ff56cf7db5ea7c6463df9ce2fdafa7f6ccbf54
96b7aa24f10644c999c6576a32f41cef54660693db107e08e030661f103ab8d6
9731915ed47985bfda3e0a874acdbc2b742b9392f9ece2d607eb54dc1ad5cb5c
97701eecf042d6a5ad60ec7a5004d785e9216013d2ac8b04a668f330e6a1868f
9afdd16a314612c510fb54f1078d419b67b30629dbffd9248494e6dde0ba9f5d
9b8648182c80ccb3dfbd95dbe622bb62cdffa4d8ff23138cc32bbbb469ceced7
9c088796f9990e19374762ed19b3101f2ce74f08dcff8959c260f6a596adcbc9
9c7bcf3c837d4f84348047ce8844b6a7fab37d45614d267fc78f92196b40c8ca
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627
9ec9e3cb9c4d4277f7650d26d92a118f378007b112a66897e5cfc405c232f767
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a489da137c52471d00bcf24ce4d6ac81e6798419f0ac07f4828244498942f6cd
a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73
a7f16ffee35146e13ace184e060629293e187a03312a600a182b98ddf6da48ad
a8b12a81f045f939c0074e9255d85e2e26803e01f53b7925c6fdaed2e916d975
a945737268aa114127b3b316c9a909a6dcdc26a1a0173971078247357df0f81c
a9e402d2d19f1057cdea09b2152d8cfd35664182564595e19bb83916c1f00201
aa7e9751180d1f01904db5f8675eaabcc346f860d545b0c8bdf304436ed5b6f4
ae0ee06176b5265bc848bdd9ded63db88d1de98b78ed392c4eae2ebfd7ba68ea
ae974e199f247c87cece2e13b2ef3c8ae535adbd25f0ae2dbbc48af171c37f7c
b2bd16fae7d062b7991b9d7e2c1bdd4d65d00876878aba420715d0e4f058bb34
b3e6641441f545654e769469711549d098ae40acc9ea9602589e6f1a01b15832
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b67b0f1771650f302642d45e7f9aacc8f93ad163d316b43dd98721193102f300
b6f0fde4d630ebdda693018e93ac3e4890d40d60ad6133fbc8d82626ccbb4133
b72031ab9ee0b637634d8b4c5ea7d5c9c1286acaa1a5f3f8c43d3a8f5fa82664
b8bd830f3757aa64431697b39faa92cda6bfb040be54c4337356f1eb179ab814
ba607af2c8d414ab6d4bac90c526d90a939cb0adf507b6ba063265347479159d
c0883d747f2f0715eabe46219a1ccfc1a366c06d71cbf62ffae9abd2674235ad
c11751ad521c9de03762350b442252b77978cfedcda23428106e6280a1718853
c1acfa727754dab58bedc79995a642e235c6fde6449824c4fba4318fc060c91c
c4e760e50c2ab24182ea513a84dc3109b272258a59e77d57cf8c58a7357135f4
c975b08a20853eb485484ff65ca87d1e182897e380108bdf979dc2f1d681c5d0
ca7df3a16649aa4c0a68e44c8256882465a546a30fcc50f45229778d66b59b5f
ceb5ad2b6d901a1fbb2617be579cfeac6b5cc286fef8bba63d348fab9eb67b65
ceed13a9a8fb4b0ef311ef89ef013a970c5cd3552f867ebaabe247839caeb86d
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d20beb8bd7c6778095f019514f2008592a9c74a5204bb4b5993bcd10ee38ba4d
d215a13ae04d1969c971c6102c4675e6ddc136144c85feb0963611d0e213e871
d2a5d3b03118cc883b06a7a896e3632c8c59de0b6913a9b30b991962e701d68c
d3076f9befcff623f3295a56ce1d8994a2a8b34ce7af676e33d9712231c64fb6
d50a03188d9abc001b75fa268dc4702ba22ad26e34b02e6bc5eb454459c0be3f
d701f1aeeca64b8b1deacc747a73af64c787d04fc83403663461e9c8cd045884
d73c5ca19c63842bcf188ca9a8efa9d66e3996852486af39e0d96088411587d1
d745ff3dd96d9c204c9c783d0ea32c1b9952230731651ee128e9ea70d25fbda6
d792ed2286a3f10ce01ed2c144ef1db80a8273d049b111589539c435ce908f9c
dbc7f6982e20a0cd136f325464b938a578a47a277a2efeb89481ea3e8db53c06
dd3955c5f5343ed3b51b2db244969a5037d330969e299ca89bf7b7172757a0dc
e212e3161632a4224e3e49b5af5d23622235d08db416499aa4c24aa2c83a9ca8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e58c25b2986653e8ffcf4aaadfb12e3986ba4662060d723241db9913576ed43a
e73ea9aeccf4f8d78089a40b414c75ed6a680a14568218ac4c679503461e306b
e9f93494a5a5bfe8e13a0814bdd65ea3b2e56cd56f48043ae6b65cb4159eecc6
ea1321d511a75cd158b307b8c4480f91f84f802a70a1d0c556ee9663c1fd2028
ed0b6f2d0987997f32e452900a4682426d6657a4e3213c6cedc4639fade05098
ed8fa6a003e9c976b11e52f2c98e821bee4f6313c5049724bbe569b58ca0e06d
ed8ff8062e72066d31b25a7d98374b2190e8385b1985ff2980f6b16040e5415b
edd4f3274cbb18049dbbb15b998d60f39c44cd00b581b924ecf3c13b6462e611
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
fa44b74a77714d909c063e148f48d8c6ee818985a299dd9b408d40a50c209bab
fabbb74833cdd9063a2219ddd3240bb4f71a499e8838ec1d90e396548afc9d56
fbb0e86ccce48b6e3624ebec3313ede4b3a5fce48047f324267f65110b40acad
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955
fe0a75c50a6d6220387a6c19ecb106a0b674eb8dafdfa6cf25862cf6ba11042f
ff48a38bdcecdbc1888f249414928cd43725507374ed59250122b49cac1098c9

www.kiro7.com Open in urlscan Pro 2.16.186.170 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

217 Requests

98 %HTTPS

45 %IPv6

48 Domains

72 Subdomains

61 IPs

8 Countries

4144 kBTransfer

10182 kBSize

15 Cookies

34 Outgoing links

Page URL History

Redirected requests

217 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.kiro7.com Open in urlscan Pro
2.16.186.170 Public Scan

Screenshot
Live screenshot

Full Image

217
Requests

98 %
HTTPS

45 %
IPv6

48
Domains

72
Subdomains

61
IPs

8
Countries

4144 kB
Transfer

10182 kB
Size

15
Cookies

217 HTTP transactions
5 data transactions