www.wtvm.com Open in urlscan Pro
2a02:26f0:6c00::210:badb Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.wtvm.com/2018/12/13/auburn-woman-arrested-stealing-k-company-funds-automotive-supplier/
Submission: On May 28 via manual (May 28th 2021, 2:34:35 pm UTC) from CA

Summary HTTP 189 Redirects Links 29 Behaviour Indicators

Summary

This website contacted 46 IPs in 3 countries across 27 domains to perform 189 HTTP transactions. The main IP is 2a02:26f0:6c00::210:badb, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is www.wtvm.com.
TLS certificate: Issued by R3 on May 26th 2021. Valid for: 3 months.

This is the only time www.wtvm.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
19	2a02:26f0:6c0... 2a02:26f0:6c00::210:badb	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
4	23.111.9.35 23.111.9.35	33438 (HIGHWINDS2) (HIGHWINDS2)
1	13.226.152.108 13.226.152.108	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:6c0... 2a02:26f0:6c00::210:bab2	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a02:26f0:6c0... 2a02:26f0:6c00:19a::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
9	2.18.234.190 2.18.234.190	16625 (AKAMAI-AS) (AKAMAI-AS)
4	35.201.98.64 35.201.98.64	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1 3	151.101.114.137 151.101.114.137	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
4	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1 5	13.226.159.88 13.226.159.88	16509 (AMAZON-02) (AMAZON-02)
12	104.108.145.205 104.108.145.205	16625 (AKAMAI-AS) (AKAMAI-AS)
4	2600:9000:20c... 2600:9000:20c3:400:b:9517:e380:21	16509 (AMAZON-02) (AMAZON-02)
1 3	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
22	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
1	64.202.112.159 64.202.112.159	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	3.14.176.219 3.14.176.219	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c0a::9d	15169 (GOOGLE) (GOOGLE)
1	13.226.159.54 13.226.159.54	16509 (AMAZON-02) (AMAZON-02)
1	142.250.186.38 142.250.186.38	15169 (GOOGLE) (GOOGLE)
3	151.101.114.132 151.101.114.132	54113 (FASTLY) (FASTLY)
1	2600:9000:21a... 2600:9000:21a1:9800:1b:7b40:7bc0:21	16509 (AMAZON-02) (AMAZON-02)
1	13.226.156.224 13.226.156.224	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
5 8	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
2 4	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
2 3	37.252.172.45 37.252.172.45	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2a00:1450:400... 2a00:1450:4001:831::2006	15169 (GOOGLE) (GOOGLE)
32	2a00:1450:400... 2a00:1450:4001:803::2006	15169 (GOOGLE) (GOOGLE)
4	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1	195.201.152.90 195.201.152.90	24940 (HETZNER-AS) (HETZNER-AS)
5	64.74.236.191 64.74.236.191	19024 (INTERNAP-...) (INTERNAP-BLK5)
1	2a00:1450:400... 2a00:1450:4001:809::2004	15169 (GOOGLE) (GOOGLE)
3 4	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1 2	104.111.242.245 104.111.242.245	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a00:1450:400... 2a00:1450:4001:c::4	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
4	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
189	46

19 2a02:26f0:6c00::210:badb (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

www.wtvm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.111.9.35 (United States)

ASN33438 (HIGHWINDS2, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.152.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-152-108.dus51.r.cloudfront.net

cdn-images.mailchimp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00::210:bab2 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

webpubcontent.raycommedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00:19a::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

c.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2.18.234.190 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-190.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widget-pixels.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.201.98.64 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 64.98.201.35.bc.googleusercontent.com

reconditerespect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.114.137 (Frankfurt am Main, Germany) 1 redirects

ASN54113 (FASTLY, US)

cd.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cds.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.226.159.88 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-88.dus51.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 104.108.145.205 (Berlin, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-145-205.deploy.static.akamaitechnologies.com

tcheck.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:20c3:400:b:9517:e380:21 (United States)

ASN16509 (AMAZON-02, US)

d3mo2m0b34ee8e.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

c41f507148625ac8a577bcbdcf54fd5e.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.202.112.159 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

log.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.14.176.219 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-14-176-219.us-east-2.compute.amazonaws.com

capi.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0a::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.159.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-159-54.dus51.r.cloudfront.net

video-api-cdn.raycom.arcpublishing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.38 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.114.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

odb.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mv.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21a1:9800:1b:7b40:7bc0:21 (United States)

ASN16509 (AMAZON-02, US)

d1d3jupgwm7m5r.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.156.224 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-156-224.dus51.r.cloudfront.net

d1acid63ghtydj.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.185.66 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.18.234.21 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.172.45 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2a00:1450:4001:803::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.201.152.90 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.90.152.201.195.clients.your-server.de

opt.objectiveportal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 64.74.236.191 (United States)

ASN19024 (INTERNAP-BLK5, US)
PTR: chi.outbrain.com

mcdp-chidc2.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.244.159.8 (Kansas City, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.242.245 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:c::4 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r4---sn-4g5e6nzy.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
40	googlesyndication.com c41f507148625ac8a577bcbdcf54fd5e.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com ade.googlesyndication.com	159 KB
37	2mdn.net 1 redirects s0.2mdn.net gcdn.2mdn.net r4---sn-4g5e6nzy.c.2mdn.net	991 KB
22	doubleclick.net 5 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net ad.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net googleads4.g.doubleclick.net	175 KB
19	wtvm.com www.wtvm.com	824 KB
17	outbrain.com widgets.outbrain.com widget-pixels.outbrain.com odb.outbrain.com mcdp-chidc2.outbrain.com mv.outbrain.com	149 KB
13	outbrainimg.com tcheck.outbrainimg.com log.outbrainimg.com images.outbrainimg.com	400 KB
6	cloudfront.net d3mo2m0b34ee8e.cloudfront.net d1d3jupgwm7m5r.cloudfront.net d1acid63ghtydj.cloudfront.net	227 KB
5	scorecardresearch.com 1 redirects sb.scorecardresearch.com	5 KB
4	openx.net 3 redirects us-u.openx.net	1 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com	4 KB
4	connatix.com 1 redirects cd.connatix.com cds.connatix.com capi.connatix.com	247 KB
4	googletagservices.com www.googletagservices.com	122 KB
4	reconditerespect.com reconditerespect.com	36 KB
4	fontawesome.com use.fontawesome.com	151 KB
3	adnxs.com 2 redirects ib.adnxs.com	3 KB
3	google.com adservice.google.com www.google.com	696 B
2	teads.tv 1 redirects sync.teads.tv	414 B
2	google-analytics.com www.google-analytics.com	19 KB
2	googletagmanager.com www.googletagmanager.com	71 KB
2	go-mpulse.net c.go-mpulse.net	50 KB
2	gstatic.com fonts.gstatic.com	56 KB
1	objectiveportal.com opt.objectiveportal.com	527 B
1	arcpublishing.com video-api-cdn.raycom.arcpublishing.com	7 KB
1	google.de adservice.google.de	799 B
1	raycommedia.com webpubcontent.raycommedia.com	61 KB
1	googleapis.com fonts.googleapis.com	873 B
1	mailchimp.com cdn-images.mailchimp.com	1 KB
189	27

	Domain	Requested by
33	s0.2mdn.net	www.wtvm.com s0.2mdn.net c41f507148625ac8a577bcbdcf54fd5e.safeframe.googlesyndication.com
19	pagead2.googlesyndication.com	c41f507148625ac8a577bcbdcf54fd5e.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com s0.2mdn.net www.wtvm.com www.googletagservices.com securepubads.g.doubleclick.net
19	www.wtvm.com	www.wtvm.com
14	tpc.googlesyndication.com	securepubads.g.doubleclick.net reconditerespect.com c41f507148625ac8a577bcbdcf54fd5e.safeframe.googlesyndication.com tpc.googlesyndication.com s0.2mdn.net
11	images.outbrainimg.com	www.wtvm.com
8	cm.g.doubleclick.net	5 redirects googleads.g.doubleclick.net
8	widgets.outbrain.com	www.wtvm.com widgets.outbrain.com
5	mcdp-chidc2.outbrain.com	widgets.outbrain.com
5	sb.scorecardresearch.com	1 redirects www.wtvm.com widgets.outbrain.com
4	ade.googlesyndication.com
4	us-u.openx.net	3 redirects googleads.g.doubleclick.net
4	googleads4.g.doubleclick.net	www.wtvm.com
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	googleads.g.doubleclick.net	c41f507148625ac8a577bcbdcf54fd5e.safeframe.googlesyndication.com www.wtvm.com
4	d3mo2m0b34ee8e.cloudfront.net	www.wtvm.com d3mo2m0b34ee8e.cloudfront.net
4	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net
4	www.googletagservices.com	www.wtvm.com securepubads.g.doubleclick.net c41f507148625ac8a577bcbdcf54fd5e.safeframe.googlesyndication.com
4	reconditerespect.com	www.wtvm.com reconditerespect.com
4	use.fontawesome.com	www.wtvm.com
3	r4---sn-4g5e6nzy.c.2mdn.net
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	c41f507148625ac8a577bcbdcf54fd5e.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	sync.teads.tv	1 redirects googleads.g.doubleclick.net
2	www.google.com	c41f507148625ac8a577bcbdcf54fd5e.safeframe.googlesyndication.com tpc.googlesyndication.com
2	odb.outbrain.com	widgets.outbrain.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	cds.connatix.com	www.wtvm.com cd.connatix.com
2	www.googletagmanager.com	www.wtvm.com www.googletagmanager.com
2	c.go-mpulse.net	www.wtvm.com c.go-mpulse.net
2	fonts.gstatic.com	fonts.googleapis.com
1	gcdn.2mdn.net	1 redirects
1	mv.outbrain.com	widgets.outbrain.com
1	opt.objectiveportal.com	c41f507148625ac8a577bcbdcf54fd5e.safeframe.googlesyndication.com
1	d1acid63ghtydj.cloudfront.net	www.wtvm.com
1	d1d3jupgwm7m5r.cloudfront.net	www.wtvm.com
1	ad.doubleclick.net	reconditerespect.com
1	video-api-cdn.raycom.arcpublishing.com	d3mo2m0b34ee8e.cloudfront.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	capi.connatix.com	cd.connatix.com
1	log.outbrainimg.com	widgets.outbrain.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	widget-pixels.outbrain.com	www.wtvm.com
1	tcheck.outbrainimg.com	widgets.outbrain.com
1	cd.connatix.com	1 redirects
1	webpubcontent.raycommedia.com	www.wtvm.com
1	fonts.googleapis.com	www.wtvm.com
1	cdn-images.mailchimp.com	www.wtvm.com
189	48

This site contains links to these domains. Also see Links.

Domain
wtvm.halfoffdeal.com
www.fullcourtgreta.com
www.circleallaccess.com
www.graydc.com
www.investigatetv.com
gray.tv
www.vuit.com
edition.popsugar.com
www.farandwide.com
www.toocool2betrue.com
www.alomoves.com
www.outbrain.com
rfvtgb.journalistate.com
rfvtgb.habittribe.com
edition.thrillist.com
lovelifehealth.net
internetlive.org
www.soolide.com
rfvtgb.articlestone.com
www.dailybreak.co
editorsnation.com
publicfiles.fcc.gov
webpubcontent.gray.tv
fox54.revrocket.us
twitter.com
www.facebook.com

Subject Issuer	Validity	Valid
star5.arcpublishing.com R3	`2021-05-26` - `2021-08-24`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-05-03` - `2021-07-26`	3 months	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-13` - `2021-12-14`	a year	crt.sh
cdn-images.mailchimp.com Amazon	`2020-06-28` - `2021-07-28`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-05-03` - `2021-07-26`	3 months	crt.sh
star2.arcpublishing.com R3	`2021-03-22` - `2021-06-20`	3 months	crt.sh
akstat.io DigiCert Secure Site ECC CA-1	`2020-05-06` - `2021-08-05`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
*.outbrain.com DigiCert SHA2 Secure Server CA	`2021-05-25` - `2022-06-01`	a year	crt.sh
reconditerespect.com R3	`2021-05-19` - `2021-08-17`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
*.connatix.com Go Daddy Secure Certificate Authority - G2	`2020-09-29` - `2021-10-19`	a year	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
*.outbrainimg.com DigiCert SHA2 Secure Server CA	`2021-05-04` - `2022-05-09`	a year	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2021-02-22` - `2022-02-21`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
raycom.arcpublishing.com Amazon	`2021-02-14` - `2022-03-15`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
www.objectiveplatform.com Sectigo RSA Domain Validation Secure Server CA	`2020-10-12` - `2021-08-27`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-05-03` - `2021-07-26`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
teads.tv R3	`2021-05-04` - `2021-08-02`	3 months	crt.sh
*.c.docs.google.com GTS CA 1O1	`2021-05-18` - `2021-07-27`	2 months	crt.sh

This page contains 18 frames:

Primary Page: https://www.wtvm.com/2018/12/13/auburn-woman-arrested-stealing-k-company-funds-automotive-supplier/
Frame ID: 5948B1B1E31328B2A341137B9EB69175
Requests: 88 HTTP requests in this frame

Frame: https://c.go-mpulse.net/boomerang/XPXCW-DAMJV-5VCNY-NSGAA-ZZ4G2
Frame ID: C773E210A6EF0E87E242099174FB4536
Requests: 2 HTTP requests in this frame

Frame: https://cds.connatix.com/p/118849/connatix.playspace.dc.js
Frame ID: 6532DAFA1E4EA37388EA791389ADC58D
Requests: 2 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/cookie/test.html
Frame ID: 362C1D9CE5A1B763C658B513E7E967F5
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-23/html/container.html
Frame ID: 4D668EC28B6AFE9728DEBEF9BC972F00
Requests: 1 HTTP requests in this frame

Frame: https://c41f507148625ac8a577bcbdcf54fd5e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C3859D3FFD9E9C466F19506B100E6E3E
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK-hNBDg0zcYzImlnQEwAQ&v=APEucNUcInMuR-LzjgleJt87cwAZhH9MeeFw3wqrDIGWQWO4SA_qZiZyB7ZONSd4JR1XbaOsIdeY9qzYlcGCDXXKHB5iH1D5IY2eJ9vurQcf7Xg7yGCuUxmOpidjbKsXYakw-SED-VoJGpUtjZGDkBsQ_LchNIkoUW9l1W_fBaaHhsTHBhrjHhY
Frame ID: C212C406944FEA3459D394A5F32C6AFE
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/ads/richmedia/studio/pv2/61694093/20210319071805454/wehkamp_awareness_728x90/index.html?e=69&leftOffset=0&topOffset=0&c=5bt416dWWC&t=1&renderingType=2
Frame ID: 92B630460E10EBE8533AF2F4A6B87410
Requests: 19 HTTP requests in this frame

Frame: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Frame ID: 9CA1ACABCCDF6920C3E6B7CDAB3AA19C
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: FF4674B5B7EDECBB786E864F4398A92B
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/HZvw8QdJrJJXuJ48IXlV8VF-H8RHnxePCtakS6ABBeA.js
Frame ID: 075E54B908BB92D301A7644A34FBA8D1
Requests: 1 HTTP requests in this frame

Frame: https://c41f507148625ac8a577bcbdcf54fd5e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 8B66E2B7D5D6AD340EA7AB534880F180
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPOW9wIQ7ubZ-gEY0aOzqwEwAQ&v=APEucNWSuRIiBynJ01XCGxx4hh74akmqEb-aQblxV4oMnYZ6Ual4tAOuPMfWFNEwy8x8YiLFhWi36wSib9f1ndzxtIGQsfGIpKIgasEXUsK9WFWqg8ADszY9QMR0-Txt25TPiEIBSPly0rs6f5Qz08ozHtlpmZKJ3mIke3-wyBwTBG7FUGC_wBo
Frame ID: 6C541B892806FA6860D03A70D13D79DA
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: AA795C1E173D969449171EDF4F2475C9
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/8752398063120785957/index.html?e=69&leftOffset=0&topOffset=0&c=iYSXczDSu7&t=1&renderingType=2
Frame ID: 0AD018F6913BDC92E7EFFB6898C86839
Requests: 19 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/HZvw8QdJrJJXuJ48IXlV8VF-H8RHnxePCtakS6ABBeA.js
Frame ID: 5BB9C51C1466B43F75608A98B21F1F3E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 04B6AADBAF603165C269B46E9949D3AA
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 881950B437B49A310592903D81DFA486
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Lua (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

OpenResty (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

Page Statistics

189
Requests

100 %
HTTPS

49 %
IPv6

27
Domains

48
Subdomains

46
IPs

3
Countries

3755 kB
Transfer

7702 kB
Size

7
Cookies

29 Outgoing links

These are links going to different origins than the main page.

URL: https://wtvm.halfoffdeal.com/
Title: Deals

Search URL Search Domain Scan URL

URL: https://www.fullcourtgreta.com/
Title: Full Court Press with Greta Van Susteren

Search URL Search Domain Scan URL

URL: http://www.circleallaccess.com/
Title: Circle - Country Music & Lifestyle

Search URL Search Domain Scan URL

URL: https://www.graydc.com/
Title: Gray DC Bureau

Search URL Search Domain Scan URL

URL: https://www.investigatetv.com/
Title: Investigate TV

Search URL Search Domain Scan URL

URL: https://gray.tv/careers#currentopenings
Title: Jobs

Search URL Search Domain Scan URL

URL: https://www.vuit.com/live/17156/wtvm/vod
Title: Latest Newscasts

Search URL Search Domain Scan URL

URL: https://edition.popsugar.com/s/worst-movies-of-all-time-bf608ad2e37f4311?utm_campaign=worstmoviesalltime-6d81600ce64c4b18&utm_medium=cpc&utm_source=out&aid=005a03d7796300828ccd69472710e5adc2&utm_term=$publisher_name$&obOrigUrl=true
Title: 22 Worst Movies Ever, According to Rotten Tomatoes POPSUGAR

Search URL Search Domain Scan URL

URL: https://www.farandwide.com/s/cool-maps-europe-11a66f6c5ec04106?utm_campaign=cooleuropemaps-72a105105f574db7&utm_medium=cpc&utm_source=out&aid=008d034cf1b163e30d943e921a0636ed90&utm_term=$publisher_name$&obOrigUrl=true
Title: These Maps Show Europe In A New Light Far & Wide

Search URL Search Domain Scan URL

URL: https://www.toocool2betrue.com/celebrity-lookalikes-no-youre-not-seeing-double-xtc/?utm_source=outbrain&utm_medium=$publisher_name$-$section_name$&utm_term=$publisher_name$&utm_content=000eb2339614cdb3d33a70ddb036241279&utm_campaign=tc-ob-t1-d-celebdoppelgang-21.02.06-tsg_OB-9204&utm_cpc=$cpc$&obOrigUrl=true
Title: 15 Pairs Of Celebs With Crazy Resemblance TooCool2BeTrue

Search URL Search Domain Scan URL

URL: https://www.alomoves.com/membership?utm_source=outbrain&utm_medium=advertising&utm_campaign=mindfulness_may2021&utm_content=5-Minute+Meditations+for+Your+Mental+Health&utm_term=$publisher_name$_$section_name$&obOrigUrl=true
Title: 5-Minute Meditations for Your Mental Health Unlimited Mindfulness + Yoga Alo Moves

Search URL Search Domain Scan URL

URL: https://www.outbrain.com/what-is/default/en

Search URL Search Domain Scan URL

URL: https://rfvtgb.journalistate.com/worldwide/hybrid-ob-du?utm_medium=outbrain&utm_source=outbrainjk&utm_campaign=js-hybrid1-des-ne-gg-19051d&utm_term=$section_name$&obOrigUrl=true
Title: [Foto's] De meest bijzondere kruisingen die je ooit hebt gezien!

Search URL Search Domain Scan URL

URL: https://rfvtgb.habittribe.com/worldwide/captur-ob-du?utm_medium=outbrain&utm_source=outbrainjk&utm_campaign=hb-captur-des-ne-je-18051&utm_term=$section_name$&obOrigUrl=true
Title: [Foto's] Bijzondere historische foto's die nooit zijn vertoond tot nu

Search URL Search Domain Scan URL

URL: https://edition.thrillist.com/s/movies-marvel-ranked-77d8d42dd24f49fe?utm_campaign=moviesmarvelranked-66e40ce99c96496f&utm_medium=cpc&utm_source=out&aid=0024f54ea37f0fa903828c6c0a97826a79&utm_term=$publisher_name$&obOrigUrl=true
Title: All 23 Marvel Movies, Ranked From Worst to First

Search URL Search Domain Scan URL

URL: https://lovelifehealth.net/clear-vision/?ob_click_id=$ob_click_id$&cpc=$cpc$&publisher_name=$publisher_name$&section_name=$section_name$&campaign_id=00da6318f170a3a3d214a7baba05b0ffc6&ad_id=00470d64f687d142736174d21befd581ce&obOrigUrl=true
Title: Blurry Eyesight? Do This Immediately (Watch)

Search URL Search Domain Scan URL

URL: https://internetlive.org/view/186oIFpDMaO1YRplry7ixc9qgnQkcl4w48XXcZHnRso?c=36051&pid=4443&tid=$ob_click_id$&ob_marketer=Tin_All&ob_publisher_id=$publisher_id$&ob_section_id=$section_id$&ob_ad_id=00201b0714b72acbc7c51c3e8733aba0d5&ob_timestamp=$time_stamp$&ob_platform=WEB&ob_campaign_id=00c80402c831b7e3af823eadbad354ef26&ob_doc_title=Tinnitus&site=TinnitusMultiWeb2.30NC_$publisher_name$_$section_name$_00201b0714b72acbc7c51c3e8733aba0d5&mavcid=MANAGERCAMPAIGNID&ob_marketer_id=00cd6bc558eb83cfb975a144d1769739b0&obOrigUrl=true
Title: Doctor: If You Have Tinnitus (Ear Ringing) Do This Immediately!

Search URL Search Domain Scan URL

URL: https://www.soolide.com/nl/258482?utm_source=obr&utm_campaign=000f78a52b86679a6b05e0f06afde805c6&utm_medium=referral&utm_term=$publisher_name$_$section_name$&s_id=$section_id$&cl=$ob_click_id$&obOrigUrl=true
Title: [Galerij] De onschuldige foto die de carrière van een polsstokspringer verwoestte Soolide

Search URL Search Domain Scan URL

URL: http://rfvtgb.journalistate.com/worldwide/suitca-ob-du?utm_medium=outbrain&utm_source=outbrainjk&utm_campaign=js-suitca-des-ne-ff-16031&utm_term=$section_name$&obOrigUrl=true
Title: [Bilder] Man gaat uit zijn huis nadat hij een geheime kamer heeft gevonden met daarin Journalistate

Search URL Search Domain Scan URL

URL: https://rfvtgb.articlestone.com/worldwide/parkbn-ob-du?utm_medium=outbrain&utm_source=outbrainjk&utm_campaign=as-parkbn-des-ne-an-13051d&utm_term=$section_name$&obOrigUrl=true
Title: [Foto's] Moeder moest het waterpark uit door haar bikini Articlestone

Search URL Search Domain Scan URL

URL: https://www.dailybreak.co/nl/161157?utm_source=obr&utm_campaign=002321dfee22d6ed7022f603144a738a27&utm_medium=referral&utm_term=$publisher_name$_$section_name$&obOrigUrl=true
Title: [Galerij] Een familie neemt vakantiefoto’s en verschieten wanneer ze dit detail zien in de achtergrond. DailyBreak

Search URL Search Domain Scan URL

URL: https://editorsnation.com/trending/je-raadt-nooit-hoeveel-deze-bekende-nederlanders-waard-zijn-outbrain?utm_source=outbrain&utm_campaign=00bd33a70eca3449beedd43b703350b0d8&utm_medium=$section_name$__$section_id$&utm_term=%5BFotos%5D+Tygo+Gernandt+is+nu+officieel+een+van+de+rijkste+mensen+ter+we&ts=$time_stamp$&tbv=$cpc$&pcl=1&obOrigUrl=true
Title: [Fotos] Tygo Gernandt is nu officieel een van de rijkste mensen ter wereld Editor's Nation

Search URL Search Domain Scan URL

URL: http://publicfiles.fcc.gov/tv-profile/wtvm
Title: WTVM FCC Public File

Search URL Search Domain Scan URL

URL: https://webpubcontent.gray.tv/gdm/fcc/wtvm-fcc_applications.pdf
Title: FCC Applications

Search URL Search Domain Scan URL

URL: https://fox54.revrocket.us/index.php/n/#!/page-view/wxtx-eeo-report-124
Title: WXTX EEO Report

Search URL Search Domain Scan URL

URL: http://publicfiles.fcc.gov/tv-profile/wxtx
Title: WXTX FCC Public File

Search URL Search Domain Scan URL

URL: https://publicfiles.fcc.gov/tv-profile/wltz
Title: WLTZ Public file

Search URL Search Domain Scan URL

URL: https://twitter.com/wtvm
Title:

Search URL Search Domain Scan URL

URL: https://www.facebook.com/wtvmnewsleader9/
Title:

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28

https://cd.connatix.com/connatix.playspace.js HTTP 302
https://cds.connatix.com/p/118849/connatix.playspace.dc.js

Request Chain 43

https://sb.scorecardresearch.com/b?c1=2&c2=10477191&cs_ucfr=1&ns__t=1622212454775&ns_c=UTF-8&cv=3.5&c8=Auburn%20woman%20arrested%20for%20stealing%20%2450K%2B%20in%20company%20funds%20from%20automotive%20supplier&c7=https%3A%2F%2Fwww.wtvm.com%2F2018%2F12%2F13%2Fauburn-woman-arrested-stealing-k-company-funds-automotive-supplier%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=10477191&cs_ucfr=1&ns__t=1622212454775&ns_c=UTF-8&cv=3.5&c8=Auburn%20woman%20arrested%20for%20stealing%20%2450K%2B%20in%20company%20funds%20from%20automotive%20supplier&c7=https%3A%2F%2Fwww.wtvm.com%2F2018%2F12%2F13%2Fauburn-woman-arrested-stealing-k-company-funds-automotive-supplier%2F&c9=

Request Chain 74

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAIue4MH7_6mGsGQYc0y0Tc&google_cver=1

Request Chain 75

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YLD-Z7hdj-hqvIfp.kio4AAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAIue4MH7_6mGsGQYc0y0Tc&google_cver=1&google_hm=2

Request Chain 76

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEDGy6maJk1_5TuzFhCVjwuI&google_cver=1

Request Chain 77

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTYxNDQwMzIyNzY5ODY1ODYwMQ%3D%3D

Request Chain 142

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOL2HcStUwVswgqsj5OVHJU&google_cver=1 HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEOL2HcStUwVswgqsj5OVHJU&google_cver=1

Request Chain 143

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NjhmYmIyM2UtNGZkYy0yOWNkLWY2YTYtMGU5MjgwMmQxMzdh

Request Chain 144

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEMq_i4rBQW19kcTQm9l4AuY&google_cver=1

Request Chain 145

https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=MjdlMjE1ZDQ2OTZiYmM4NjJhNzM1MjQyNmYwNjE0MWFhNjhlZjgzNg==

Request Chain 177

https://gcdn.2mdn.net/videoplayback/id/029ca034a92d167f/itag/43/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3766471631/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/6C0D4873B88DFE9E02969CD19EA2EB62EDC1F0DC.A44D8175830ABDFE55245174598E046E230A217C/key/ck2/file/file.webm HTTP 302
https://r4---sn-4g5e6nzy.c.2mdn.net/videoplayback/id/029ca034a92d167f/itag/43/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3766471631/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/8082AC549A0D5002EA2702E1F6056A388BB29B12.42A1DDCDAF7F00343F024163467996AB6160BABC/key/cms1/cms_redirect/yes/mh/Pb/mip/2a01:4f8:121:131a::2/mm/42/mn/sn-4g5e6nzy/ms/onc/mt/1622211885/mv/m/mvi/4/pl/44/file/file.webm

189 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.wtvm.com/2018/12/13/auburn-woman-arrested-stealing-k-company-funds-automotive-supplier/ 78 KB
19 KB 136ms
117ms Document
text/html 2a02:26f0:6c00::210:badb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wtvm.com/2018/12/13/auburn-woman-arrested-stealing-k-company-funds-automotive-supplier/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:badb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

b6276b7997f4068062d2673254ff257433e4f0b2438990e88547c710c2888bc7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

:method: GET
:authority: www.wtvm.com
:scheme: https
:path: /2018/12/13/auburn-woman-arrested-stealing-k-company-funds-automotive-supplier/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: text/html;charset=UTF-8
server: openresty
last-modified: Fri, 28 May 2021 13:11:38 GMT
x-akamai-transformed: 9 73261 0 pmb=mRUM,2
vary: Accept-Encoding
content-encoding: gzip
cache-control: private, max-age=60
expires: Fri, 28 May 2021 14:35:14 GMT
date: Fri, 28 May 2021 14:34:14 GMT
content-length: 17454
set-cookie: AKA_A2=A; expires=Fri, 28-May-2021 15:34:14 GMT; path=/; domain=wtvm.com; secure; HttpOnly
server-timing: cdn-cache; desc=MISS edge; dur=-324 origin; dur=333
link: <https://fonts.gstatic.com/s/oswald/v36/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2>;rel="preload";as="font";type="font/woff2";crossorigin <https://use.fontawesome.com/releases/v5.2.0/webfonts/fa-solid-900.woff2>;rel="preload";as="font";type="font/woff2";crossorigin,<https://use.fontawesome.com/releases/v5.2.0/webfonts/fa-regular-400.woff2>;rel="preload";as="font";type="font/woff2";crossorigin,<https://use.fontawesome.com/releases/v5.2.0/webfonts/fa-brands-400.woff2>;rel="preload";as="font";type="font/woff2";crossorigin <https://webpubcontent.raycommedia.com>;rel="preconnect",<https://fonts.gstatic.com>;rel="preconnect",<https://cd.connatix.com>;rel="preconnect",<https://d3mo2m0b34ee8e.cloudfront.net>;rel="preconnect",<https://adservice.google.com>;rel="preconnect",<https://tpc.googlesyndication.com>;rel="preconnect",<https://d1acid63ghtydj.cloudfront.net>;rel="preconnect" <https://use.fontawesome.com>;rel="preconnect",<https://cdn-images.mailchimp.com>;rel="preconnect",<https://www.googletagmanager.com>;rel="preconnect",<https://widgets.outbrain.com>;rel="preconnect",<https://www.googletagservices.com>;rel="preconnect",<https://sb.scorecardresearch.com>;rel="preconnect",<https://www.google-analytics.com>;rel="preconnect"
content-security-policy: upgrade-insecure-requests
strict-transport-security: max-age=86400

GET
H2 200 TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
fonts.gstatic.com/s/oswald/v36/ 24 KB
24 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v36/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1010cf08825a41c768a117755a496da61a306c41b83c383ea66f1bb3334bb14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.wtvm.com
Referer: https://www.wtvm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 23 May 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Jan 2021 20:31:19 GMT
server: sffe
age: 448236
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24064
x-xss-protection: 0
expires: Mon, 23 May 2022 10:03:38 GMT

GET
H2 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.2.0/webfonts/ 61 KB
61 KB 86ms
46ms Font
font/woff2 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.2.0/webfonts/fa-solid-900.woff2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 5c7df99df232586111917083a85aa31b82ee29e48ca2990e13fae0c0663a923f

Request headers

Origin: https://www.wtvm.com
Referer: https://www.wtvm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 14:34:14 GMT
last-modified: Mon, 23 Jul 2018 17:07:14 GMT
server: NetDNA-cache/2.2
etag: "b75b4bfe0d58faeced5006c785eaae23"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT
accept-ranges: bytes
content-length: 62472

GET
H2 200 fa-regular-400.woff2
use.fontawesome.com/releases/v5.2.0/webfonts/ 15 KB
15 KB 79ms
39ms Font
font/woff2 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.2.0/webfonts/fa-regular-400.woff2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 0ecd9f5bb492be71e3aacc8ca4f170c8f9890242a25e2c6ec9a42f13561b028f

Request headers

Origin: https://www.wtvm.com
Referer: https://www.wtvm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 14:34:14 GMT
last-modified: Mon, 23 Jul 2018 17:07:12 GMT
server: NetDNA-cache/2.2
etag: "8d9ab84bfe87a3f77112a6698cf639fb"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT
accept-ranges: bytes
content-length: 14888

GET
H2 200 fa-brands-400.woff2
use.fontawesome.com/releases/v5.2.0/webfonts/ 63 KB
63 KB 105ms
65ms Font
font/woff2 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.2.0/webfonts/fa-brands-400.woff2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 4d0130d314f1669c9ea5a911d401d6250f96386a52b0c38f7b3fb43cdcd10589

Request headers

Origin: https://www.wtvm.com
Referer: https://www.wtvm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 14:34:14 GMT
last-modified: Mon, 23 Jul 2018 17:07:09 GMT
server: NetDNA-cache/2.2
etag: "6814d0e8136d34e313623eb7129d538e"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT
accept-ranges: bytes
content-length: 64144

GET
H2 200 all.css
use.fontawesome.com/releases/v5.2.0/css/ 46 KB
12 KB 60ms
23ms Stylesheet
text/css 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.2.0/css/all.css
Requested by: Host: www.wtvm.com
URL: https://www.wtvm.com/2018/12/13/auburn-woman-arrested-stealing-k-company-funds-automotive-supplier/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 , United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 8891a160f8a2afb81de5259f9f68e5af3782348ea2927ad9e969bc88c7d39984

Request headers

Origin: https://www.wtvm.com
Referer: https://www.wtvm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 14:34:14 GMT
content-encoding: gzip
last-modified: Mon, 23 Jul 2018 17:06:58 GMT
server: NetDNA-cache/2.2
etag: W/"20a9ce516eaea76da29a23adc43e8998"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT

GET
H/1.1 200
OK horizontal-slim-10_7.css
cdn-images.mailchimp.com/embedcode/ 2 KB
1 KB 72ms
22ms Stylesheet
text/css 13.226.152.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-images.mailchimp.com/embedcode/horizontal-slim-10_7.css
Requested by: Host: www.wtvm.com
URL: https://www.wtvm.com/2018/12/13/auburn-woman-arrested-stealing-k-company-funds-automotive-supplier/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.152.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-152-108.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: aa55e57957c57eaae4a51740e3e3ae7c3fcb1c951803b3ce0a6c6c7b66733ece

Request headers

Referer: https://www.wtvm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 28 May 2021 12:34:41 GMT
Content-Encoding: gzip
Last-Modified: Wed, 16 Dec 2015 16:21:55 GMT
Server: AmazonS3
Age: 7174
ETag: W/"bd21b0313fe7dc2b8ac08955a7ef1209"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/css
Via: 1.1 20f674d6a4a322fa027d3644cb825864.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: DUS51-C1
X-Amz-Cf-Id: 3KGzwKDKJXisAvwXtMLCFAct24XvS09EGRySfOsB-AFNaJXLxyKFbg==

GET
H2 200 css
fonts.googleapis.com/ 9 KB
873 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald:400,600,700|PT+Serif:400,400i,700i

Requested by

Host: www.wtvm.com
URL: https://www.wtvm.com/2018/12/13/auburn-woman-arrested-stealing-k-company-funds-automotive-supplier/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

618bed6f88ada61ec1e171dba4c1857f4626efa7e870ad44c49d697a7010eb27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.wtvm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 28 May 2021 14:34:14 GMT
server: ESF
date: Fri, 28 May 2021 14:34:14 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 28 May 2021 14:34:14 GMT

GET
H2 200 rm-framework3dcab09d681bdf5abc69.css
www.wtvm.com/pb/resources/dist/3dcab09d681bdf5abc69/rm/ 32 KB
7 KB 1ms
0ms Stylesheet
text/css 2a02:26f0:6c00::210:badb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wtvm.com/pb/resources/dist/3dcab09d681bdf5abc69/rm/rm-framework3dcab09d681bdf5abc69.css?v=103

Requested by

Host: www.wtvm.com
URL: https://www.wtvm.com/2018/12/13/auburn-woman-arrested-stealing-k-company-funds-automotive-supplier/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:badb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

f6dcd5e930346ac98ef6683cb91ef4a95f95e7f7d919a3da8800ab174e5461d2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://www.wtvm.com/2018/12/13/auburn-woman-arrested-stealing-k-company-funds-automotive-supplier/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 14:34:14 GMT
content-encoding: gzip
x-akamai-http2-push: 1
server: openresty
etag: "c8c60"
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT edge; dur=1
content-security-policy: upgrade-insecure-requests
strict-transport-security: max-age=86400
content-length: 7190
expires: Sat, 28 May 2022 14:34:14 GMT

GET
H2 200 rm-features3dcab09d681bdf5abc69.css
www.wtvm.com/pb/resources/dist/3dcab09d681bdf5abc69/rm/ 7 KB
2 KB 2ms
0ms Stylesheet
text/css 2a02:26f0:6c00::210:badb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wtvm.com/pb/resources/dist/3dcab09d681bdf5abc69/rm/rm-features3dcab09d681bdf5abc69.css?v=103

Requested by

Host: www.wtvm.com
URL: https://www.wtvm.com/2018/12/13/auburn-woman-arrested-stealing-k-company-funds-automotive-supplier/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:badb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

e1dfd759480723e4f5f922e778e56c24af6f20e4b719f6b699cf13ccc5eb13ea

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://www.wtvm.com/2018/12/13/auburn-woman-arrested-stealing-k-company-funds-automotive-supplier/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 14:34:14 GMT
content-encoding: gzip
x-akamai-http2-push: 1
server: openresty
etag: "785f0"
vary: Accept-Encoding
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT edge; dur=1
content-security-policy: upgrade-insecure-requests
strict-transport-security: max-age=86400
content-length: 1849
expires: Sat, 28 May 2022 14:34:14 GMT

GET
H2 200 rm-services3dcab09d681bdf5abc69.css
www.wtvm.com/pb/resources/dist/3dcab09d681bdf5abc69/rm/ 0
251 B 2ms
0ms Stylesheet
text/css 2a02:26f0:6c00::210:badb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wtvm.com/pb/resources/dist/3dcab09d681bdf5abc69/rm/rm-services3dcab09d681bdf5abc69.css?v=103

Requested by

Host: www.wtvm.com
URL: https://www.wtvm.com/2018/12/13/auburn-woman-arrested-stealing-k-company-funds-automotive-supplier/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:badb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://www.wtvm.com/2018/12/13/auburn-woman-arrested-stealing-k-company-funds-automotive-supplier/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 14:34:14 GMT
x-akamai-http2-push: 1
server: openresty
etag: "d41d8"
strict-transport-security: max-age=86400
content-type: text/css;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=HIT edge; dur=1
content-length: 0
expires: Sat, 28 May 2022 14:34:14 GMT

GET
H2 200 cdbd7d78da.js Show response
www.wtvm.com/pb/gr/c/default/r0XPM2G9TALMus/arcAdsJS/ 125 KB
40 KB 2ms
0ms Script
application/javascript 2a02:26f0:6c00::210:badb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wtvm.com/pb/gr/c/default/r0XPM2G9TALMus/arcAdsJS/cdbd7d78da.js?v=103

Requested by

Host: www.wtvm.com
URL: https://www.wtvm.com/2018/12/13/auburn-woman-arrested-stealing-k-company-funds-automotive-supplier/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:badb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

e929506757cbb70103e578e662d627594be178e732bf62ff3535b60d44c13a55

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://www.wtvm.com/2018/12/13/auburn-woman-arrested-stealing-k-company-funds-automotive-supplier/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 14:34:14 GMT
content-encoding: gzip
x-akamai-http2-push: 1
server: openresty
etag: "bb08e"
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT edge; dur=1
content-security-policy: upgrade-insecure-requests
strict-transport-security: max-age=86400
content-length: 40249
expires: Sat, 28 May 2022 14:34:14 GMT

GET
H2 200 Local%20Radar%20for%20Web.jpg
webpubcontent.raycommedia.com/wtvm/weather/ 60 KB
61 KB 232ms
194ms Image
image/jpeg 2a02:26f0:6c00::210:bab2
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://webpubcontent.raycommedia.com/wtvm/weather/Local%20Radar%20for%20Web.jpg
Requested by: Host: www.wtvm.com
URL: https://www.wtvm.com/2018/12/13/auburn-woman-arrested-stealing-k-company-funds-automotive-supplier/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:bab2 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 68c26bdb348b43c4c4b47885ecc3c79248c5b8961888893250631c393f3c4dd4

Request headers

Referer: https://www.wtvm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 14:34:14 GMT
last-modified: Fri, 28 May 2021 14:32:24 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
etag: "7da1985d624fbc62dc121028c7070b63"
content-type: image/jpeg
cache-control: max-age=240
server-timing: cdn-cache; desc=REVALIDATE, edge; dur=18, origin; dur=162
content-length: 61701
x-amz-cf-id: 2ltz4WJfnVfaV-1z-888xYaMx9sHQR4ty6h4wSbTt5dE9dUNuIYuYA==
expires: Fri, 28 May 2021 14:38:14 GMT

GET
H2 200 67_daily_forecast.png
www.wtvm.com/pb/resources/images/weather/weather-condition-icons/400x400/ 5 KB
5 KB 16ms
11ms Image
image/png 2a02:26f0:6c00::210:badb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wtvm.com/pb/resources/images/weather/weather-condition-icons/400x400/67_daily_forecast.png

Requested by

Host: www.wtvm.com
URL: https://www.wtvm.com/2018/12/13/auburn-woman-arrested-stealing-k-company-funds-automotive-supplier/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:badb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Server /

Resource Hash

1d8f65c2ff88dbc47174c25840a86ac128ad620dbbda2e67ebf8293fbccece96

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

:path: /pb/resources/images/weather/weather-condition-icons/400x400/67_daily_forecast.png
pragma: no-cache
cookie: AKA_A2=A
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.wtvm.com
referer: https://www.wtvm.com/2018/12/13/auburn-woman-arrested-stealing-k-company-funds-automotive-supplier/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.wtvm.com/2018/12/13/auburn-woman-arrested-stealing-k-company-funds-automotive-supplier/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests upgrade-insecure-requests
last-modified: Thu, 01 Jan 1970 00:00:01 GMT
server: Akamai Image Server
etag: "5d272"
strict-transport-security: max-age=86400
content-type: image/png
access-control-allow-origin: *
cache-control: private, max-age=12184281
date: Fri, 28 May 2021 14:34:14 GMT
server-timing: cdn-cache; desc=HIT edge; dur=1
x-akamai-note: original-image
content-length: 4959
expires: Sat, 16 Oct 2021 15:05:35 GMT

GET
H2 200 8a9cc880-b718-4f5e-8781-24bfb030a678.jpg
www.wtvm.com/resizer/LZwj8OxfYrRHLbMnKfaoJTHu3rQ=/0x10/s3.amazonaws.com/arc-authors/raycom/ 1 KB
1 KB 27ms
22ms Image
image/jpeg 2a02:26f0:6c00::210:badb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wtvm.com/resizer/LZwj8OxfYrRHLbMnKfaoJTHu3rQ=/0x10/s3.amazonaws.com/arc-authors/raycom/8a9cc880-b718-4f5e-8781-24bfb030a678.jpg

Requested by

Host: www.wtvm.com
URL: https://www.wtvm.com/2018/12/13/auburn-woman-arrested-stealing-k-company-funds-automotive-supplier/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:badb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Server /

Resource Hash

6f9fbb5f974121e29abd3771141f5eeb1e224c745cd6afac28521d798ca2c304

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

:path: /resizer/LZwj8OxfYrRHLbMnKfaoJTHu3rQ=/0x10/s3.amazonaws.com/arc-authors/raycom/8a9cc880-b718-4f5e-8781-24bfb030a678.jpg
pragma: no-cache
cookie: AKA_A2=A
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.wtvm.com
referer: https://www.wtvm.com/2018/12/13/auburn-woman-arrested-stealing-k-company-funds-automotive-supplier/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.wtvm.com/2018/12/13/auburn-woman-arrested-stealing-k-company-funds-automotive-supplier/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests upgrade-insecure-requests
last-modified: Thu, 01 Jan 1970 00:00:01 GMT
server: Akamai Image Server
etag: "da8990dcfdc9c31c5aab4a9314dc3f9f92a1b518"
strict-transport-security: max-age=86400
content-type: image/jpeg
cache-control: private, max-age=12127452
date: Fri, 28 May 2021 14:34:14 GMT
server-timing: cdn-cache; desc=HIT edge; dur=1
content-length: 1131
expires: Fri, 15 Oct 2021 23:18:26 GMT

GET
H2 200 PQP7IWP2DJHGZLXXGURTNSHNQ4.jpg
www.wtvm.com/resizer/Sm5zYpZCpL4kVclR4mKc7o3lC4Q=/1200x600/cloudfront-us-east-1.images.arcpublishing.com/raycom/ 35 KB
36 KB 35ms
31ms Image
image/webp 2a02:26f0:6c00::210:badb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wtvm.com/resizer/Sm5zYpZCpL4kVclR4mKc7o3lC4Q=/1200x600/cloudfront-us-east-1.images.arcpublishing.com/raycom/PQP7IWP2DJHGZLXXGURTNSHNQ4.jpg

Requested by

Host: www.wtvm.com
URL: https://www.wtvm.com/2018/12/13/auburn-woman-arrested-stealing-k-company-funds-automotive-supplier/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:badb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

068091506f9bc076aca275bebd665dae3675485b2d0991bc9eb4b717d2a08121

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

:path: /resizer/Sm5zYpZCpL4kVclR4mKc7o3lC4Q=/1200x600/cloudfront-us-east-1.images.arcpublishing.com/raycom/PQP7IWP2DJHGZLXXGURTNSHNQ4.jpg
pragma: no-cache
cookie: AKA_A2=A
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.wtvm.com
referer: https://www.wtvm.com/2018/12/13/auburn-woman-arrested-stealing-k-company-funds-automotive-supplier/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.wtvm.com/2018/12/13/auburn-woman-arrested-stealing-k-company-funds-automotive-supplier/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 14:34:14 GMT
x-check-cacheable: YES
x-serial: 1881
etag: "6a1b9cee103fd94cb932de2f876774743b45c684"
strict-transport-security: max-age=86400
content-type: image/webp
cache-control: private, no-transform, max-age=31499929
last-modified: Fri, 28 May 2021 04:32:01 GMT
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=HIT edge; dur=1
content-length: 36202
server: Akamai Image Manager
expires: Sat, 28 May 2022 04:33:03 GMT

GET
H2 200 TV6J7FOQRZC4NNUPJDY6KMLZMU.jpg
www.wtvm.com/resizer/YInD0dybB-jAwFnvvmOQRtqOD3k=/1200x600/cloudfront-us-east-1.images.arcpublishing.com/raycom/ 81 KB
82 KB 47ms
42ms Image
image/jpeg 2a02:26f0:6c00::210:badb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wtvm.com/resizer/YInD0dybB-jAwFnvvmOQRtqOD3k=/1200x600/cloudfront-us-east-1.images.arcpublishing.com/raycom/TV6J7FOQRZC4NNUPJDY6KMLZMU.jpg

Requested by

Host: www.wtvm.com
URL: https://www.wtvm.com/2018/12/13/auburn-woman-arrested-stealing-k-company-funds-automotive-supplier/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:badb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

20cd49ba1a75e092f1d13481bd8f4dbbd2766b7c556e72fa9b7717bfc9cd223c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

:path: /resizer/YInD0dybB-jAwFnvvmOQRtqOD3k=/1200x600/cloudfront-us-east-1.images.arcpublishing.com/raycom/TV6J7FOQRZC4NNUPJDY6KMLZMU.jpg
pragma: no-cache
cookie: AKA_A2=A
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.wtvm.com
referer: https://www.wtvm.com/2018/12/13/auburn-woman-arrested-stealing-k-company-funds-automotive-supplier/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.wtvm.com/2018/12/13/auburn-woman-arrested-stealing-k-company-funds-automotive-supplier/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 14:34:14 GMT
x-check-cacheable: YES
x-serial: 1165
etag: "88f823ca160e25eab3dff393a070bdf3bb1b6f24"
strict-transport-security: max-age=86400
content-type: image/jpeg
cache-control: private, no-transform, max-age=31497371
last-modified: Fri, 28 May 2021 03:50:13 GMT
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=HIT edge; dur=1
content-length: 83023
server: Akamai Image Manager
expires: Sat, 28 May 2022 03:50:25 GMT

GET
H2 200 NUOXDL7QSNG2HNLO4ER36RLBXE.jpg
www.wtvm.com/resizer/UaCPhta4ia70lHhC-pGAiNKUBp8=/1200x900/cloudfront-us-east-1.images.arcpublishing.com/raycom/ 138 KB
139 KB 75ms
71ms Image
image/jpeg 2a02:26f0:6c00::210:badb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wtvm.com/resizer/UaCPhta4ia70lHhC-pGAiNKUBp8=/1200x900/cloudfront-us-east-1.images.arcpublishing.com/raycom/NUOXDL7QSNG2HNLO4ER36RLBXE.jpg

Requested by

Host: www.wtvm.com
URL: https://www.wtvm.com/2018/12/13/auburn-woman-arrested-stealing-k-company-funds-automotive-supplier/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:badb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

f3bc15c0cd1eabf774d1aed51be4dbde8142ce170b7549625b4288f01cc1f1bd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

:path: /resizer/UaCPhta4ia70lHhC-pGAiNKUBp8=/1200x900/cloudfront-us-east-1.images.arcpublishing.com/raycom/NUOXDL7QSNG2HNLO4ER36RLBXE.jpg
pragma: no-cache
cookie: AKA_A2=A
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.wtvm.com
referer: https://www.wtvm.com/2018/12/13/auburn-woman-arrested-stealing-k-company-funds-automotive-supplier/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.wtvm.com/2018/12/13/auburn-woman-arrested-stealing-k-company-funds-automotive-supplier/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 14:34:14 GMT
x-check-cacheable: YES
x-serial: 777
etag: "0fe04fcfbf6af01a8c5eee0a86b33ca16fd93c3b"
strict-transport-security: max-age=86400
content-type: image/jpeg
cache-control: private, no-transform, max-age=31491048
last-modified: Fri, 28 May 2021 02:04:52 GMT
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=HIT edge; dur=1
content-length: 141738
server: Akamai Image Manager
expires: Sat, 28 May 2022 02:05:02 GMT

GET
H2 200 HUU3SGN2CZFMJBGLX7QYG2RHZ4.jpg
www.wtvm.com/resizer/H7MPLzsTRpMFpQXX4KgBhmgRpvY=/1200x900/cloudfront-us-east-1.images.arcpublishing.com/raycom/ 111 KB
112 KB 75ms
71ms Image
image/webp 2a02:26f0:6c00::210:badb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wtvm.com/resizer/H7MPLzsTRpMFpQXX4KgBhmgRpvY=/1200x900/cloudfront-us-east-1.images.arcpublishing.com/raycom/HUU3SGN2CZFMJBGLX7QYG2RHZ4.jpg

Requested by

Host: www.wtvm.com
URL: https://www.wtvm.com/2018/12/13/auburn-woman-arrested-stealing-k-company-funds-automotive-supplier/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:badb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

294ccb80937c3165d62977bd0ef7b39f82c90dd9b8d6329f7742177b4f069152

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

:path: /resizer/H7MPLzsTRpMFpQXX4KgBhmgRpvY=/1200x900/cloudfront-us-east-1.images.arcpublishing.com/raycom/HUU3SGN2CZFMJBGLX7QYG2RHZ4.jpg
pragma: no-cache
cookie: AKA_A2=A
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.wtvm.com
referer: https://www.wtvm.com/2018/12/13/auburn-woman-arrested-stealing-k-company-funds-automotive-supplier/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.wtvm.com/2018/12/13/auburn-woman-arrested-stealing-k-company-funds-automotive-supplier/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 14:34:14 GMT
last-modified: Fri, 28 May 2021 01:36:57 GMT
server: Akamai Image Manager
etag: "5d7a04f37686e71ce98d744d7ce403292945c343"
strict-transport-security: max-age=86400
content-type: image/webp
cache-control: private, no-transform, max-age=31489375
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=HIT edge; dur=1
content-length: 114146
expires: Sat, 28 May 2022 01:37:09 GMT

GET
H2 200 D7LKTOYSV5FVJGLVNM3WUTZPLA.jpg
www.wtvm.com/resizer/nZiM9Cc4b2F-Thoqx4DH3jy6BM8=/1200x900/cloudfront-us-east-1.images.arcpublishing.com/raycom/ 42 KB
42 KB 85ms
81ms Image
image/webp 2a02:26f0:6c00::210:badb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wtvm.com/resizer/nZiM9Cc4b2F-Thoqx4DH3jy6BM8=/1200x900/cloudfront-us-east-1.images.arcpublishing.com/raycom/D7LKTOYSV5FVJGLVNM3WUTZPLA.jpg

Requested by

Host: www.wtvm.com
URL: https://www.wtvm.com/2018/12/13/auburn-woman-arrested-stealing-k-company-funds-automotive-supplier/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:badb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

6771a0c052bcc8f1a7cc148eb2117cbdcc3c8d88ffad38f0bb9444c1a037fbbf

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

:path: /resizer/nZiM9Cc4b2F-Thoqx4DH3jy6BM8=/1200x900/cloudfront-us-east-1.images.arcpublishing.com/raycom/D7LKTOYSV5FVJGLVNM3WUTZPLA.jpg
pragma: no-cache
cookie: AKA_A2=A
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.wtvm.com
referer: https://www.wtvm.com/2018/12/13/auburn-woman-arrested-stealing-k-company-funds-automotive-supplier/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.wtvm.com/2018/12/13/auburn-woman-arrested-stealing-k-company-funds-automotive-supplier/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 14:34:14 GMT
last-modified: Fri, 28 May 2021 00:54:05 GMT
server: Akamai Image Manager
etag: "e846eb13faff9f42ab81451f6dcd9afdeff14d03"
strict-transport-security: max-age=86400
content-type: image/webp
cache-control: private, no-transform, max-age=31486899
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=HIT edge; dur=1
content-length: 43002
expires: Sat, 28 May 2022 00:55:53 GMT

GET
H2 200 DFL24HEKUZABHFXG55YDWXUFDM.jpg
www.wtvm.com/resizer/cKBajSEwVnep3tqLQLVWqY_w9IU=/1200x900/cloudfront-us-east-1.images.arcpublishing.com/raycom/ 42 KB
43 KB 98ms
95ms Image
image/webp 2a02:26f0:6c00::210:badb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wtvm.com/resizer/cKBajSEwVnep3tqLQLVWqY_w9IU=/1200x900/cloudfront-us-east-1.images.arcpublishing.com/raycom/DFL24HEKUZABHFXG55YDWXUFDM.jpg

Requested by

Host: www.wtvm.com
URL: https://www.wtvm.com/2018/12/13/auburn-woman-arrested-stealing-k-company-funds-automotive-supplier/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:badb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

47ea6caec4983bf0695d395f6bc725c8df195ebfc569019d8508766032ad6b83

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

:path: /resizer/cKBajSEwVnep3tqLQLVWqY_w9IU=/1200x900/cloudfront-us-east-1.images.arcpublishing.com/raycom/DFL24HEKUZABHFXG55YDWXUFDM.jpg
pragma: no-cache
cookie: AKA_A2=A
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.wtvm.com
referer: https://www.wtvm.com/2018/12/13/auburn-woman-arrested-stealing-k-company-funds-automotive-supplier/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.wtvm.com/2018/12/13/auburn-woman-arrested-stealing-k-company-funds-automotive-supplier/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 14:34:14 GMT
last-modified: Thu, 27 May 2021 21:52:37 GMT
server: Akamai Image Manager
etag: "8cc458ab456453945574019efda99bd90ba95d16"
strict-transport-security: max-age=86400
content-type: image/webp
cache-control: private, no-transform, max-age=31475998
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=HIT edge; dur=1
content-length: 43378
expires: Fri, 27 May 2022 21:54:12 GMT

GET
H/1.1 200
OK XPXCW-DAMJV-5VCNY-NSGAA-ZZ4G2 Show response
c.go-mpulse.net/boomerang/ Frame C773 205 KB
50 KB 24ms
9ms Script
application/javascript 2a02:26f0:6c00:19a::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/boomerang/XPXCW-DAMJV-5VCNY-NSGAA-ZZ4G2
Requested by: Host: www.wtvm.com
URL: https://www.wtvm.com/2018/12/13/auburn-woman-arrested-stealing-k-company-funds-automotive-supplier/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:19a::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Akamai Resource Optimizer /
Resource Hash: 09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4

Request headers

Referer: https://www.wtvm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 28 May 2021 14:34:14 GMT
Content-Encoding: br
Last-Modified: Tue, 18 May 2021 19:37:36 GMT
Server: Akamai Resource Optimizer
Vary: Accept-Encoding
Content-Type: application/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=604800, s-maxage=604800
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 50393

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 129 KB
36 KB 19ms
15ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M5QQ3JP&l=RCdataLayer

Requested by

Host: www.wtvm.com
URL: https://www.wtvm.com/2018/12/13/auburn-woman-arrested-stealing-k-company-funds-automotive-supplier/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5d6cce43f423798a69c143fd662011a45701e07d98d1ae89cc1aa7ec462a1bd5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.wtvm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 14:34:14 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36881
x-xss-protection: 0
last-modified: Fri, 28 May 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 28 May 2021 14:34:14 GMT

GET
H2 200 outbrain.js Show response
widgets.outbrain.com/ 174 KB
58 KB 91ms
29ms Script
application/x-javascript 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/outbrain.js
Requested by: Host: www.wtvm.com
URL: https://www.wtvm.com/2018/12/13/auburn-woman-arrested-stealing-k-company-funds-automotive-supplier/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ea4fdcc21a72f6a6fa9cd48fa73465ace247e65936e63d25713858398a62e148

Request headers

Referer: https://www.wtvm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 14:34:14 GMT
content-encoding: gzip
last-modified: Wed, 26 May 2021 12:54:02 GMT
etag: W/"2b776-RHJJn4U+Px/ltzWqgszzBvQbbJ4"
vary: Accept-Encoding
edge-cache-tag: widget-cheetah
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
x-traceid: e75663dd5d5fc64d35a61287bfe1ff36
timing-allow-origin: *, *
content-length: 58950
expires: Fri, 28 May 2021 18:34:14 GMT

GET
H2 200 render.js Show response
www.wtvm.com/pb/gr/p/default/r0XPM2G9TALMus/ 454 B
437 B 108ms
105ms Script
application/javascript 2a02:26f0:6c00::210:badb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wtvm.com/pb/gr/p/default/r0XPM2G9TALMus/render.js?v=103

Requested by

Host: www.wtvm.com
URL: https://www.wtvm.com/2018/12/13/auburn-woman-arrested-stealing-k-company-funds-automotive-supplier/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:badb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

75a15851873e2ac6f5134537ae1e72e96ce92a55868f9b8529d780d1a4e1de6c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

:path: /pb/gr/p/default/r0XPM2G9TALMus/render.js?v=103
pragma: no-cache
cookie: AKA_A2=A
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.wtvm.com
referer: https://www.wtvm.com/2018/12/13/auburn-woman-arrested-stealing-k-company-funds-automotive-supplier/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.wtvm.com/2018/12/13/auburn-woman-arrested-stealing-k-company-funds-automotive-supplier/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 14:34:14 GMT
content-encoding: gzip
server: openresty
etag: "cc815"
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT edge; dur=1
content-security-policy: upgrade-insecure-requests
strict-transport-security: max-age=86400
content-length: 164
expires: Sat, 28 May 2022 14:34:14 GMT

GET
H2 200 rm-index3dcab09d681bdf5abc69.js Show response
www.wtvm.com/pb/resources/dist/3dcab09d681bdf5abc69/rm/ 240 KB
50 KB 149ms
146ms Script
application/javascript 2a02:26f0:6c00::210:badb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wtvm.com/pb/resources/dist/3dcab09d681bdf5abc69/rm/rm-index3dcab09d681bdf5abc69.js

Requested by

Host: www.wtvm.com
URL: https://www.wtvm.com/2018/12/13/auburn-woman-arrested-stealing-k-company-funds-automotive-supplier/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:badb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

f87f30021aa6875cdcedce045701b86fbd1354e41af0c10728459b059e61d392

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

:path: /pb/resources/dist/3dcab09d681bdf5abc69/rm/rm-index3dcab09d681bdf5abc69.js
pragma: no-cache
cookie: AKA_A2=A
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.wtvm.com
referer: https://www.wtvm.com/2018/12/13/auburn-woman-arrested-stealing-k-company-funds-automotive-supplier/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.wtvm.com/2018/12/13/auburn-woman-arrested-stealing-k-company-funds-automotive-supplier/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 14:34:14 GMT
content-encoding: gzip
server: openresty
etag: "35b31"
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT edge; dur=1
content-security-policy: upgrade-insecure-requests
strict-transport-security: max-age=86400
expires: Sat, 28 May 2022 14:34:14 GMT

GET
H2 200 v2kiafF2yYUGLlv9oKSDvXv3DBozRDhMe6kms5a6FiO4xLT-c_j_jvWFR_A Show response
reconditerespect.com/ 103 KB
30 KB 274ms
220ms Script
text/javascript 35.201.98.64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://reconditerespect.com/v2kiafF2yYUGLlv9oKSDvXv3DBozRDhMe6kms5a6FiO4xLT-c_j_jvWFR_A

Requested by

Host: www.wtvm.com
URL: https://www.wtvm.com/2018/12/13/auburn-woman-arrested-stealing-k-company-funds-automotive-supplier/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.98.64 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

64.98.201.35.bc.googleusercontent.com

Software

Resource Hash

c18149134738f472e002856a8bab5ec6b313be9679c432d4e2a5640187759719

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.wtvm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: br
x-datacenter: gce-europe-west1
etag: "9a7cd9adf31b2554720572b93292b07d1281db3e0834526dedd43ca1bd910935"
vary: Accept-Encoding, Accept-Language
x-hostname: f8becdc5
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
date: Fri, 28 May 2021 14:34:14 GMT
timing-allow-origin: *

GET
H2 200 v2boog9RAFG06wbsABbf4PA26Lnxls31ijp1o0tDST4EUwTibwwqclDvr1lRlOjLjgfqSVYmlav4 Show response
reconditerespect.com/ 16 KB
6 KB 267ms
214ms Script
text/javascript 35.201.98.64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://reconditerespect.com/v2boog9RAFG06wbsABbf4PA26Lnxls31ijp1o0tDST4EUwTibwwqclDvr1lRlOjLjgfqSVYmlav4

Requested by

Host: www.wtvm.com
URL: https://www.wtvm.com/2018/12/13/auburn-woman-arrested-stealing-k-company-funds-automotive-supplier/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.98.64 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

64.98.201.35.bc.googleusercontent.com

Software

Resource Hash

776db87cdca7bac1bed80f9349b5da2b0afad474b6a1570e5309a499511fe106

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.wtvm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: gzip
x-datacenter: gce-europe-west1
etag: "c69bf0a810f73d63024cc5be1744ae38aa5bf8e9e8010233a2a6374d633cbddd"
vary: Accept-Encoding, Accept-Language
x-hostname: f8becdc5
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
date: Fri, 28 May 2021 14:34:14 GMT
timing-allow-origin: *

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 62 KB
21 KB 16ms
14ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.wtvm.com
URL: https://www.wtvm.com/pb/gr/c/default/r0XPM2G9TALMus/arcAdsJS/cdbd7d78da.js?v=103

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc7930c46bc124f85f2f4e68bf9ccd0456d77c48759cd3e301b040e3dcdf57fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wtvm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 14:34:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "885 / 452 of 1000 / last-modified: 1622153417"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21427
x-xss-protection: 0
expires: Fri, 28 May 2021 14:34:14 GMT

GET
H2

200

connatix.playspace.dc.js Show response
cds.connatix.com/p/118849/ Frame 6532
Redirect Chain

https://cd.connatix.com/connatix.playspace.js
https://cds.connatix.com/p/118849/connatix.playspace.dc.js

1 MB
233 KB

27ms
25ms

Script
application/javascript

151.101.114.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/118849/connatix.playspace.dc.js
Requested by: Host: www.wtvm.com
URL: https://www.wtvm.com/2018/12/13/auburn-woman-arrested-stealing-k-company-funds-automotive-supplier/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.114.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 616a9b3ed9614a9dbd25b0a9c29e09272ea78e0daf234a8a4abe9627730a6e03

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 14:34:14 GMT
content-encoding: br
last-modified: Fri, 28 May 2021 14:25:20 GMT
age: 455
etag: "467e70fedf93b434b2319a7ea4496f1a"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate= 31557600, immutable,max-age=31557600
accept-ranges: bytes
content-length: 238464

Redirect headers

location: https://cds.connatix.com/p/118849/connatix.playspace.dc.js
date: Fri, 28 May 2021 14:34:14 GMT
cache-control: no-cache, no-store, must-revalidate, max-age=0
age: 0
accept-ranges: bytes
content-length: 0
retry-after: 0

GET
H2 200 wtvm-logo.svg
www.wtvm.com/pb/resources/images/ 4 KB
2 KB 130ms
128ms Image
image/svg+xml 2a02:26f0:6c00::210:badb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wtvm.com/pb/resources/images/wtvm-logo.svg?v=103

Requested by

Host: www.wtvm.com
URL: https://www.wtvm.com/2018/12/13/auburn-woman-arrested-stealing-k-company-funds-automotive-supplier/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:badb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

7e198b13e7bbab443c006933f6a84f91b8617ec93c58d7be1191b3f4c2420e52

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

:path: /pb/resources/images/wtvm-logo.svg?v=103
pragma: no-cache
cookie: AKA_A2=A
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.wtvm.com
referer: https://www.wtvm.com/2018/12/13/auburn-woman-arrested-stealing-k-company-funds-automotive-supplier/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.wtvm.com/2018/12/13/auburn-woman-arrested-stealing-k-company-funds-automotive-supplier/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 14:34:14 GMT
content-encoding: gzip
server: openresty
etag: "95c5f"
vary: Accept-Encoding
content-type: image/svg+xml;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT edge; dur=2
content-security-policy: upgrade-insecure-requests
strict-transport-security: max-age=86400
content-length: 1799
expires: Sat, 28 May 2022 14:34:14 GMT

GET
H3-29 200 EJRVQgYoZZY2vCFuvAFWzr8.woff2
fonts.gstatic.com/s/ptserif/v12/ 32 KB
32 KB 15ms
13ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptserif/v12/EJRVQgYoZZY2vCFuvAFWzr8.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald:400,600,700|PT+Serif:400,400i,700i

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef391572f9fbb7bab7fef6ce2c4fc92ad68a8c148889a79cb9f9b1452d851fab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.wtvm.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 10:30:03 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:06:03 GMT
server: sffe
age: 101051
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32960
x-xss-protection: 0
expires: Fri, 27 May 2022 10:30:03 GMT

GET
H2 200 pubads_impl_2021052401.js Show response
securepubads.g.doubleclick.net/gpt/ 309 KB
109 KB 93ms
33ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js?31061298

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

6aa7181afe0bea9dc4e90e1d040c0b27be388088f6a5ec3d195c60229fe3c9b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wtvm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 14:34:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 24 May 2021 08:37:29 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110966
x-xss-protection: 0
expires: Fri, 28 May 2021 14:34:14 GMT

GET
H3-29 200 gtm.js Show response
www.googletagmanager.com/ 103 KB
35 KB 35ms
33ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MJDX5W2&l=RCdataLayer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M5QQ3JP&l=RCdataLayer

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c90df309bbd441476866e3ed38082fb093d93a232addebf0a612bbc57678e78f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.wtvm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 14:34:14 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35449
x-xss-protection: 0
last-modified: Fri, 28 May 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 28 May 2021 14:34:14 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
2 KB 74ms
23ms Script
application/javascript 13.226.159.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.wtvm.com
URL: https://www.wtvm.com/2018/12/13/auburn-woman-arrested-stealing-k-company-funds-automotive-supplier/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-88.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://www.wtvm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 14:06:45 GMT
via: 1.1 0ee6aea018b9489b266252370f1e002e.cloudfront.net (CloudFront)
etag: "1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 1649
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 1469
x-amz-cf-id: qn6ciR_21OlwOvpnlrpPvcCQr4mFm5VQ1SirdgbUpUztIy5qkG8o4Q==

GET
H2 200 wtvm-logo.svg
www.wtvm.com/pb/resources/images/footer_icons/ 4 KB
2 KB 23ms
22ms Image
image/svg+xml 2a02:26f0:6c00::210:badb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wtvm.com/pb/resources/images/footer_icons/wtvm-logo.svg?v=103

Requested by

Host: www.wtvm.com
URL: https://www.wtvm.com/2018/12/13/auburn-woman-arrested-stealing-k-company-funds-automotive-supplier/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:badb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

7e198b13e7bbab443c006933f6a84f91b8617ec93c58d7be1191b3f4c2420e52

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

:path: /pb/resources/images/footer_icons/wtvm-logo.svg?v=103
pragma: no-cache
cookie: AKA_A2=A
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.wtvm.com
referer: https://www.wtvm.com/2018/12/13/auburn-woman-arrested-stealing-k-company-funds-automotive-supplier/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.wtvm.com/2018/12/13/auburn-woman-arrested-stealing-k-company-funds-automotive-supplier/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 14:34:14 GMT
content-encoding: gzip
server: openresty
etag: "95c5f"
vary: Accept-Encoding
content-type: image/svg+xml;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT edge; dur=2
content-security-policy: upgrade-insecure-requests
strict-transport-security: max-age=86400
content-length: 1799
expires: Sat, 28 May 2022 14:34:14 GMT

GET
H2 200 grayLogoHorizontal.svg
www.wtvm.com/pb/resources/images/footer_icons/ 14 KB
5 KB 25ms
24ms Image
image/svg+xml 2a02:26f0:6c00::210:badb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wtvm.com/pb/resources/images/footer_icons/grayLogoHorizontal.svg

Requested by

Host: www.wtvm.com
URL: https://www.wtvm.com/pb/resources/dist/3dcab09d681bdf5abc69/rm/rm-features3dcab09d681bdf5abc69.css?v=103

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:badb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

cc8b84ad84585cf2ee61f8f2f7ce48b578872bd753e6c0495f79a16ac27bb0b8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

:path: /pb/resources/images/footer_icons/grayLogoHorizontal.svg
pragma: no-cache
cookie: AKA_A2=A
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.wtvm.com
referer: https://www.wtvm.com/pb/resources/dist/3dcab09d681bdf5abc69/rm/rm-features3dcab09d681bdf5abc69.css?v=103
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.wtvm.com/pb/resources/dist/3dcab09d681bdf5abc69/rm/rm-features3dcab09d681bdf5abc69.css?v=103
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 14:34:14 GMT
content-encoding: gzip
server: openresty
etag: "4228f"
vary: Accept-Encoding
content-type: image/svg+xml;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
server-timing: cdn-cache; desc=HIT edge; dur=2
content-security-policy: upgrade-insecure-requests
strict-transport-security: max-age=86400
content-length: 5026
expires: Sat, 28 May 2022 14:34:14 GMT

GET
H/1.1 403
Forbidden config.json Show response
c.go-mpulse.net/api/ Frame C773 68 B
346 B 44ms
31ms XHR
application/json 2a02:26f0:6c00:19a::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=XPXCW-DAMJV-5VCNY-NSGAA-ZZ4G2&d=www.wtvm.com&t=5407375&v=1.720.0&if=&sl=0&si=d88f7a8a-c93d-4d88-8881-82f649ad302b-qttn52&plugins=ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN,AK&acao=&ak.ai=466046
Requested by: Host: c.go-mpulse.net
URL: https://c.go-mpulse.net/boomerang/XPXCW-DAMJV-5VCNY-NSGAA-ZZ4G2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:19a::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 3217a6955b600825965f424d1cf73bc156ade880bcb4e16760cfe1771e2da89e

Request headers

Referer: https://www.wtvm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Fri, 28 May 2021 14:34:14 GMT
Cache-Control: public, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 68
Content-Type: application/json

GET
H2 200 put.html Show response
widgets.outbrain.com/nanoWidget/externals/cookie/ Frame 362C 416 B
798 B 30ms
29ms Document
text/html 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 4f3b933077b738b503f7543ffc82fa0a061f0fe7d0ff1470865fde561a324bcc

Request headers

:method: GET
:authority: widgets.outbrain.com
:scheme: https
:path: /nanoWidget/externals/cookie/put.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.wtvm.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.wtvm.com/

Response headers

accept-ranges: bytes
content-type: text/html
etag: "c0311cf15c21ddda054005e92fad3f9e:1622034857.42166"
last-modified: Wed, 26 May 2021 12:53:20 GMT
server: AkamaiNetStorage
content-length: 416
cache-control: max-age=345600
date: Fri, 28 May 2021 14:34:14 GMT
timing-allow-origin: * *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
set-cookie: akacd_widgets_routing=1622212454~rv=69~id=dc4cd7c9f2b83bb7241c3e30dbbea44a; path=/; Expires=Fri, 28 May 2021 14:34:14 GMT; Secure; SameSite=None

GET
H/1.1 200
OK d3d3Lnd0dm0uY29t Show response
tcheck.outbrainimg.com/tcheck/check/ 16 B
464 B 130ms
56ms XHR
application/json 104.108.145.205
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tcheck.outbrainimg.com/tcheck/check/d3d3Lnd0dm0uY29t
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.205 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-205.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f

Request headers

Referer: https://www.wtvm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 28 May 2021 14:34:14 GMT
ETag: W/"10-us8lSJutAxKqLzf8c1+n5XstcwY"
Access-Control-Max-Age: 43200
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=28003
Access-Control-Allow-Credentials: false
Connection: keep-alive
X-TraceId: 13bc6fb3f124a0167582cbe6d3e2cafc
Content-Length: 16
Expires: Fri, 28 May 2021 22:20:57 GMT

GET
H2 200 px.gif
widget-pixels.outbrain.com/widget/detect/ 43 B
450 B 33ms
31ms Image
image/gif 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1&rn=6.271843532502025
Requested by: Host: www.wtvm.com
URL: https://www.wtvm.com/2018/12/13/auburn-woman-arrested-stealing-k-company-funds-automotive-supplier/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.wtvm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 14:34:14 GMT
last-modified: Wed, 30 Sep 2020 14:22:29 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 43
expires: Sun, 27 Jun 2021 14:34:14 GMT

GET
H2 200 powaBoot.js Show response
d3mo2m0b34ee8e.cloudfront.net/prod/ 37 KB
13 KB 58ms
27ms Script
application/javascript 2600:9000:20c3:400:b:9517:e380:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3mo2m0b34ee8e.cloudfront.net/prod/powaBoot.js
Requested by: Host: www.wtvm.com
URL: https://www.wtvm.com/pb/resources/dist/3dcab09d681bdf5abc69/rm/rm-index3dcab09d681bdf5abc69.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c3:400:b:9517:e380:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 668dcb2c4d2044ef74d88bb7c754888bbdf92e84b6a5f2607cbc146b70ce93c3

Request headers

Referer: https://www.wtvm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 14:34:14 GMT
content-encoding: gzip
last-modified: Wed, 26 May 2021 21:07:39 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-C1
etag: W/"0018e3d500dd7ebc3fc8f1e319016af6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 04033844f25f5e47de102de77d8b5f4d.cloudfront.net (CloudFront)
cache-control: max-age=300
x-amz-cf-id: RcT1CD59HJIqJEQxRAIpiPdv8Ni9xwQ7jDq9T26xB21neC-0XOy8og==

GET
H2 200 8a9cc880-b718-4f5e-8781-24bfb030a678.jpg
www.wtvm.com/resizer/PCT5fCNCr7wGR7PHpbvRqkA9ug8=/1400x0/s3.amazonaws.com/arc-authors/raycom/ 235 KB
236 KB 25ms
24ms Image
image/jpeg 2a02:26f0:6c00::210:badb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wtvm.com/resizer/PCT5fCNCr7wGR7PHpbvRqkA9ug8=/1400x0/s3.amazonaws.com/arc-authors/raycom/8a9cc880-b718-4f5e-8781-24bfb030a678.jpg

Requested by

Host: www.wtvm.com
URL: https://www.wtvm.com/2018/12/13/auburn-woman-arrested-stealing-k-company-funds-automotive-supplier/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:badb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

710a513b42662c67ce117f4fd633e6a2dd3fcbc86f2e29156cc780db2be77c2e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Request headers

:path: /resizer/PCT5fCNCr7wGR7PHpbvRqkA9ug8=/1400x0/s3.amazonaws.com/arc-authors/raycom/8a9cc880-b718-4f5e-8781-24bfb030a678.jpg
pragma: no-cache
cookie: AKA_A2=A
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.wtvm.com
referer: https://www.wtvm.com/2018/12/13/auburn-woman-arrested-stealing-k-company-funds-automotive-supplier/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.wtvm.com/2018/12/13/auburn-woman-arrested-stealing-k-company-funds-automotive-supplier/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 14:34:14 GMT
last-modified: Tue, 20 Apr 2021 20:53:43 GMT
server: Akamai Image Manager
etag: "26818006c332d397aaf8aa24f7eea334f764f053"
strict-transport-security: max-age=86400
content-type: image/jpeg
x-edgeconnect-cache-status: 1
cache-control: private, no-transform, max-age=28275606
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=HIT edge; dur=10
content-length: 240517
expires: Wed, 20 Apr 2022 20:54:20 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MJDX5W2&l=RCdataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.wtvm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 442
date: Fri, 28 May 2021 14:26:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Fri, 28 May 2021 16:26:52 GMT

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=10477191&cs_ucfr=1&ns__t=1622212454775&ns_c=UTF-8&cv=3.5&c8=Auburn%20woman%20arrested%20for%20stealing%20%2450K%2B%20in%20company%20funds%20from%20automot...
https://sb.scorecardresearch.com/b2?c1=2&c2=10477191&cs_ucfr=1&ns__t=1622212454775&ns_c=UTF-8&cv=3.5&c8=Auburn%20woman%20arrested%20for%20stealing%20%2450K%2B%20in%20company%20funds%20from%20automo...

64 B
329 B

34ms
33ms

Image
image/gif

13.226.159.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=10477191&cs_ucfr=1&ns__t=1622212454775&ns_c=UTF-8&cv=3.5&c8=Auburn%20woman%20arrested%20for%20stealing%20%2450K%2B%20in%20company%20funds%20from%20automotive%20supplier&c7=https%3A%2F%2Fwww.wtvm.com%2F2018%2F12%2F13%2Fauburn-woman-arrested-stealing-k-company-funds-automotive-supplier%2F&c9=
Requested by: Host: www.wtvm.com
URL: https://www.wtvm.com/2018/12/13/auburn-woman-arrested-stealing-k-company-funds-automotive-supplier/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-88.dus51.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer: https://www.wtvm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 14:34:14 GMT
via: 1.1 0ee6aea018b9489b266252370f1e002e.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: t2RmMFd4IvruntJhf7Y_F3sFhg2ShTlQcDq9Nx0AqHxnTBHVyhzkew==

Redirect headers

date: Fri, 28 May 2021 14:34:14 GMT
via: 1.1 0ee6aea018b9489b266252370f1e002e.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=10477191&cs_ucfr=1&ns__t=1622212454775&ns_c=UTF-8&cv=3.5&c8=Auburn%20woman%20arrested%20for%20stealing%20%2450K%2B%20in%20company%20funds%20from%20automotive%20supplier&c7=https%3A%2F%2Fwww.wtvm.com%2F2018%2F12%2F13%2Fauburn-woman-arrested-stealing-k-company-funds-automotive-supplier%2F&c9=
content-length: 357
x-amz-cf-id: V_qP4-5Uew9T0RSSouJ9JLlZ83QUxz3zVzJ5uRZDckLWMnzlRBNX4g==

GET
H2 200 test.html Show response
widgets.outbrain.com/nanoWidget/externals/cookie/ Frame 362C 610 B
992 B 30ms
29ms Document
text/html 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/cookie/test.html
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6139e1fc0d3709eebbe2b18510cf24361b9f8a538c3529a73c282bafe6c78474

Request headers

:method: GET
:authority: widgets.outbrain.com
:scheme: https
:path: /nanoWidget/externals/cookie/test.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: thirdparty=yes
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html

Response headers

accept-ranges: bytes
content-type: text/html
etag: "48053d50141031b1511dbd30f9a31288:1622034858.122559"
last-modified: Wed, 26 May 2021 12:53:20 GMT
server: AkamaiNetStorage
content-length: 610
cache-control: max-age=345600
date: Fri, 28 May 2021 14:34:14 GMT
timing-allow-origin: * *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
set-cookie: akacd_widgets_routing=1622212454~rv=22~id=218448974155ea2b7673f7e2ac87225a; path=/; Expires=Fri, 28 May 2021 14:34:14 GMT; Secure; SameSite=None

GET
H2 200 connatix.playspace.css
cds.connatix.com/p/118849/ 93 KB
13 KB 41ms
41ms Stylesheet
text/css 151.101.114.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/118849/connatix.playspace.css
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.114.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 9335eafdaee7dc4b18ecf6497d1cff75f36cf675c79ab059ddc1c195dda5cf33

Request headers

Referer: https://www.wtvm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 14:34:14 GMT
content-encoding: br
last-modified: Fri, 28 May 2021 14:25:19 GMT
age: 455
etag: "9d920d04b5a7886d2b02686681adc4e8"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate= 31557600, immutable,max-age=31557600
accept-ranges: bytes
content-length: 13097

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
799 B 60ms
15ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.wtvm.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js?31061298

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wtvm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 28 May 2021 14:34:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 15ms
14ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.wtvm.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js?31061298

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wtvm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 28 May 2021 14:34:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 12 KB
7 KB 665ms
664ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1105435277463720&correlator=631507629416091&output=ldjh&impl=fifs&eid=31061298%2C31061311&vrg=2021052401&ptt=17&sc=1&sfv=1-0-38&ecs=20210528&iu_parts=63316753%2Cwtvm%2Cweb%2Cnews%2Ccrime&enc_prev_ius=0%2F1%2F2%2F3%2F4&prev_iu_szs=970x250%7C970x90%7C728x90&prev_scp=pt%3Da%26cid%3DMTHRCXN6TVAI7LOFRYGZ23YYNQ%26posn%3D1&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1622207498&dt=1622212454876&dlt=1622212454478&idt=383&frm=20&biw=1600&bih=1200&oid=3&adxs=315&adys=99&adks=3241713328&ucis=1&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.wtvm.com%2F2018%2F12%2F13%2Fauburn-woman-arrested-stealing-k-company-funds-automotive-supplier%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x0&msz=970x0&ga_vid=191645108.1622212455&ga_sid=1622212455&ga_hid=1131530206&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js?31061298

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

296097c605159eed06e488ed1f5e96feb1c34796df23fb3017208a11b004cd16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wtvm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 14:34:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7279
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.wtvm.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
c41f507148625ac8a577bcbdcf54fd5e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 0
0 30ms
13ms Other
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://c41f507148625ac8a577bcbdcf54fd5e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js?31061298
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.wtvm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ 0
0 7ms
5ms Other
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js?31061298
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.wtvm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 12 KB
7 KB 1576ms
1576ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1105435277463720&correlator=631507629416091&output=ldjh&impl=fifs&eid=31061298%2C31061311&vrg=2021052401&ptt=17&sc=1&sfv=1-0-38&ecs=20210528&iu_parts=63316753%2Cwtvm%2Cweb%2Cnews%2Ccrime&enc_prev_ius=0%2F1%2F2%2F3%2F4&prev_iu_szs=300x600%7C300x250&prev_scp=pt%3Da%26cid%3DMTHRCXN6TVAI7LOFRYGZ23YYNQ%26posn%3D1&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1622207498&dt=1622212454917&dlt=1622212454478&idt=383&frm=20&biw=1600&bih=1200&oid=3&adxs=1085&adys=149&adks=989044126&ucis=2&ifi=2&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.wtvm.com%2F2018%2F12%2F13%2Fauburn-woman-arrested-stealing-k-company-funds-automotive-supplier%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=399x0&msz=300x0&ga_vid=191645108.1622212455&ga_sid=1622212455&ga_hid=1131530206&ga_fc=false&fws=4&ohw=1300&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js?31061298

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

de5d65bf02bbd4973d2a3a42587af8ca9ad5776a5d42f09d5d2f8cb7959ec613

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wtvm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 14:34:16 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7344
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.wtvm.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 449 B
263 B 67ms
67ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1105435277463720&correlator=631507629416091&output=ldjh&impl=fifs&eid=31061298%2C31061311&vrg=2021052401&ptt=17&sc=1&sfv=1-0-38&ecs=20210528&iu_parts=63316753%2Cwtvm%2Cweb%2Cweather-widget&enc_prev_ius=0%2F1%2F2%2F3&prev_iu_szs=120x30&prev_scp=pt%3Dweather%26posn%3D1&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1622207498&dt=1622212454919&dlt=1622212454478&idt=383&frm=20&biw=1600&bih=1200&oid=3&adxs=1224&adys=394&adks=2056184450&ucis=3&ifi=3&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.wtvm.com%2F2018%2F12%2F13%2Fauburn-woman-arrested-stealing-k-company-funds-automotive-supplier%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=120x0&msz=120x0&ga_vid=191645108.1622212455&ga_sid=1622212455&ga_hid=1131530206&ga_fc=false&fws=4&ohw=399&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js?31061298

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

73e7fe189c666f6823df876991d8ed22d9747b5bf2fac679d36fb8f7010aeae2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wtvm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 14:34:14 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 233
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.wtvm.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 29ms
13ms XHR
text/plain 2a00:1450:4001:831::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1131530206&t=pageview&_s=1&dl=https%3A%2F%2Fwww.wtvm.com%2F2018%2F12%2F13%2Fauburn-woman-arrested-stealing-k-company-funds-automotive-supplier%2F&ul=en-us&de=UTF-8&dt=Auburn%20woman%20arrested%20for%20stealing%20%2450K%2B%20in%20company%20funds%20from%20automotive%20supplier&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAEABAAAAAC~&jid=1430472004&gjid=2095313846&cid=191645108.1622212455&tid=UA-22223248-32&_gid=2116335452.1622212455&_r=1&gtm=2wg5q1MJDX5W2&cg1=wtvm%2Fweb%2Fnews%2Fcrime&cg2=story&cg3=wtvm&cg4=MTHRCXN6TVAI7LOFRYGZ23YYNQ&cd1=2018-12-13T16%3A58%3A33.327Z&cd2=13&cd3=12&cd4=2018&cd5=story&cd6=1&cd7=Crime&cd8=wtvm&cd9=wtvm&cd10=MTHRCXN6TVAI7LOFRYGZ23YYNQ&cd11=wtvm%2Fweb%2Fnews%2Fcrime&cd12=Arc%20Feature%20Pack&cd13=Alex%20Jones&cd14=An%20Auburn%20woman%20has%20been%20arrested%20after%20allegedly%20stealing%20%2450%2C000%20in%20funds%20from%20the%20company%20she%20worked%20for.&cd15=&cd16=Fri%20May%2028%202021%2016%3A34%3A14%20GMT%2B0200%20(Central%20European%20Summer%20Time)&cd17=%2B02%3A00&cd18=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&cd19=Auburn%20woman%20arrested%20for%20stealing%20%2450K%2B%20in%20company%20funds%20from%20automotive%20supplier&cd35=raycom&cd36=staff&cd37=&cd38=&cd39=&cd40=default&z=1991675337

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.wtvm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 28 May 2021 14:34:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.wtvm.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dwce_cheq_events Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 389ms
98ms XHR
application/json 64.202.112.159
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1622212454938&sessionId=5c06f925-d0b1-baff-7e39-51a0fa33a007&url=www.wtvm.com&cheqSource=1&cheqEvent=0&exitReason=2
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Referer: https://www.wtvm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 28 May 2021 14:34:15 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 33f339a45bdcc89adbced5e131ff9744
Content-Length: 4
Expires: 0

GET
H2 200 raycom.js Show response
d3mo2m0b34ee8e.cloudfront.net/prod/org/ 74 KB
21 KB 47ms
46ms Script
application/javascript 2600:9000:20c3:400:b:9517:e380:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3mo2m0b34ee8e.cloudfront.net/prod/org/raycom.js?org=raycom
Requested by: Host: d3mo2m0b34ee8e.cloudfront.net
URL: https://d3mo2m0b34ee8e.cloudfront.net/prod/powaBoot.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c3:400:b:9517:e380:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 87f0d9ad71aa1896ee5af35470e8893b2da0317018bdeaf0026da2bc7217f3be

Request headers

Referer: https://www.wtvm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 14:34:14 GMT
content-encoding: gzip
last-modified: Wed, 26 May 2021 21:07:40 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-C1
etag: W/"ca5cd8dc7a1f32986ceea5cbb1880f57"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 04033844f25f5e47de102de77d8b5f4d.cloudfront.net (CloudFront)
cache-control: max-age=300
x-amz-cf-id: wWA9YNwc0ilQ6FCpSzgxlis4QPUMOzWw3z2TYuBtDNISH_THNkO4_g==

POST
H/1.1 200
OK story Show response
capi.connatix.com/core/ Frame 6532 121 B
421 B 462ms
123ms XHR
multipart/form-data 3.14.176.219
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/core/story?v=118849
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.14.176.219 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-14-176-219.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: 859b3a8827bf7ba22afb6eaf838857e14468c8bdde33866620671c810b4172e4

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Fri, 28 May 2021 14:34:15 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://www.wtvm.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 147

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
83 B 15ms
14ms XHR
text/plain 2a00:1450:400c:c0a::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-22223248-32&cid=191645108.1622212455&jid=1430472004&gjid=2095313846&_gid=2116335452.1622212455&_u=YAhAAEAAAAAAAC~&z=2086485419

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0a::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.wtvm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 28 May 2021 14:34:15 GMT
content-type: text/plain
access-control-allow-origin: https://www.wtvm.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 powaDrive.js Show response
d3mo2m0b34ee8e.cloudfront.net/prod/ 271 KB
70 KB 20ms
20ms Script
application/javascript 2600:9000:20c3:400:b:9517:e380:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3mo2m0b34ee8e.cloudfront.net/prod/powaDrive.js?org=raycom
Requested by: Host: d3mo2m0b34ee8e.cloudfront.net
URL: https://d3mo2m0b34ee8e.cloudfront.net/prod/powaBoot.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c3:400:b:9517:e380:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4fd3de63ec2811cf834073e17f405092a258ce39f624e88aaeeae9bb0e92ae9c

Request headers

Referer: https://www.wtvm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 14:34:15 GMT
content-encoding: gzip
last-modified: Wed, 26 May 2021 21:07:38 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-C1
etag: W/"3301ffdc563fbfadc72e851b8c712262"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 04033844f25f5e47de102de77d8b5f4d.cloudfront.net (CloudFront)
cache-control: max-age=300
x-amz-cf-id: zLQEq_d7e8EEcpLJmGkkio9x1Bw-C0P6WO9rQcESuvbsG8-x0hxhTw==

GET
H2 200 findByUuid Show response
video-api-cdn.raycom.arcpublishing.com/api/v1/ansvideos/ 7 KB
7 KB 401ms
338ms Script
application/javascript 13.226.159.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://video-api-cdn.raycom.arcpublishing.com/api/v1/ansvideos/findByUuid?uuid=8e4b1333-7005-4951-b161-ec719981c366&cb=powaCallback8e4b133370054951b161ec719981c366
Requested by: Host: d3mo2m0b34ee8e.cloudfront.net
URL: https://d3mo2m0b34ee8e.cloudfront.net/prod/org/raycom.js?org=raycom
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-54.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 0f846ea093794d51d97e952b7825b2eda7d967629e45e0d611fb3735318172a5

Request headers

Referer: https://www.wtvm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 14:34:15 GMT
via: 1.1 e542677c3bd2d6c30a5ed3dab78f8476.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: DUS51-C1
x-cache: Miss from cloudfront
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
content-length: 7110
x-amz-cf-id: X8NTKgImW8pL7bOStdAh3VkWLT7Swf1WLmRFW_Jt0y9XUMwD__CemA==

GET
H2 200 Bnupv Show response
ad.doubleclick.net/ddm/adj/Agniz/ 11 B
769 B 93ms
35ms Script
text/javascript 142.250.186.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/Agniz/Bnupv

Requested by

Host: reconditerespect.com
URL: https://reconditerespect.com/v2kiafF2yYUGLlv9oKSDvXv3DBozRDhMe6kms5a6FiO4xLT-c_j_jvWFR_A

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f6.1e100.net

Software

cafe /

Resource Hash

f1e945400c04241ef089d71de3b0cf7e202431ac4685ada318714fe07ee9dcb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wtvm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 May 2021 14:34:15 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 container.html Show response
tpc.googlesyndication.com/safeframe/1-0-23/html/ Frame 4D66 3 KB
1 KB 16ms
14ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-23/html/container.html

Requested by

Host: reconditerespect.com
URL: https://reconditerespect.com/v2kiafF2yYUGLlv9oKSDvXv3DBozRDhMe6kms5a6FiO4xLT-c_j_jvWFR_A

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ced5c873136c4fab4584c0c6d26dcd530c748303d7ed9b7a7966b2fe1d6f5915

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-23/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.wtvm.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.wtvm.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1479
date: Fri, 28 May 2021 11:53:37 GMT
expires: Sat, 28 May 2022 11:53:37 GMT
last-modified: Tue, 10 Apr 2018 14:51:09 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
age: 9638
cache-control: public, immutable, max-age=31536000
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 get Show response
odb.outbrain.com/utils/ 32 KB
11 KB 378ms
323ms Script
text/javascript 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.wtvm.com%2F2018%2F12%2F13%2Fauburn-woman-arrested-stealing-k-company-funds-automotive-supplier%2F&idx=0&rand=73666&key=NANOWDGT01&widgetJSId=AR_8&va=true&et=true&format=html&pdobuid=-1&adblck=false&abwl=false&px=229&py=1179&vpd=0&cw=770&settings=true&recs=true&version=2000361&sig=LSBM2taP&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=1&wdr-natlaz=true
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 1da5edbf2654621748c13e6c92d53819859a677156ba148667371ac751558fc3

Request headers

Referer: https://www.wtvm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 14:34:15 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: CHIDC2, MDW, HHN, Europe2
x-cache: MISS, MISS
p3p: policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
backend-ip: 157.52.75.81
x-cache-hits: 0, 0
x-traceid: 23849002ad0f22d8fd970add5c6c081
content-encoding: gzip
content-length: 10484
x-served-by: cache-mdw17381-MDW, cache-hhn4057-HHN
x-timer: S1622212455.398999,VS0,VE298
vary: Accept-Encoding, User-Agent
content-type: text/javascript; charset=UTF-8
accept-ranges: bytes
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 cloudfrontVideoTracker.png
d1d3jupgwm7m5r.cloudfront.net/prod/ 95 B
410 B 44ms
10ms Image
image/png 2600:9000:21a1:9800:1b:7b40:7bc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1d3jupgwm7m5r.cloudfront.net/prod/cloudfrontVideoTracker.png?org=raycom&event=powaRender&uuid=8e4b1333-7005-4951-b161-ec719981c366&timestamp=1622212455479
Requested by: Host: www.wtvm.com
URL: https://www.wtvm.com/2018/12/13/auburn-woman-arrested-stealing-k-company-funds-automotive-supplier/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21a1:9800:1b:7b40:7bc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 18c327afa903633f86c3efcf12b77f098077eacaa8be101bb007846fd74f8b93

Request headers

Referer: https://www.wtvm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 09:39:27 GMT
via: 1.1 d13bba4e84358ea24a28ff509b72784e.cloudfront.net (CloudFront)
last-modified: Mon, 06 Aug 2018 14:48:43 GMT
server: AmazonS3
age: 17688
etag: "60cf42b4d05caf10cf8bb15c0817a7b4"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: MUC51-C1
accept-ranges: bytes
content-length: 95
x-amz-cf-id: sck5XrfoclT0v3NZwRMk-HwJHbHzUanrIVO4Vca4w-hvSbaz9_qDQg==

GET
H2 200 hls.min.js Show response
d3mo2m0b34ee8e.cloudfront.net/vendor/hls.js/0.14.5/ 233 KB
71 KB 27ms
27ms Script
application/javascript 2600:9000:20c3:400:b:9517:e380:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3mo2m0b34ee8e.cloudfront.net/vendor/hls.js/0.14.5/hls.min.js?org=raycom
Requested by: Host: d3mo2m0b34ee8e.cloudfront.net
URL: https://d3mo2m0b34ee8e.cloudfront.net/prod/powaDrive.js?org=raycom
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c3:400:b:9517:e380:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d73268c706a2ca22a13a545d39aba12557112cdc90fc14db69c4b28d487e552e

Request headers

Referer: https://www.wtvm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 14:34:15 GMT
content-encoding: gzip
last-modified: Fri, 24 Jul 2020 14:02:42 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-C1
etag: W/"8160976fb63964ec8b320b36b2f355fb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-storage-class: INTELLIGENT_TIERING
cache-control: max-age=31536000,immutable
x-amz-cf-id: DkPcyHeZmhyI6bXy-W-HrfW_tsbcyZi4HZ-_OVsx0AdzOMCx54X3RA==
via: 1.1 04033844f25f5e47de102de77d8b5f4d.cloudfront.net (CloudFront)

GET
H2 200 t_7ef5e4188f944b4ab46a28a1574282ce_name_file_1280x720_2000_v3_1_.jpg
d1acid63ghtydj.cloudfront.net/12-14-2018/ 52 KB
52 KB 99ms
32ms Image
image/jpeg 13.226.156.224
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1acid63ghtydj.cloudfront.net/12-14-2018/t_7ef5e4188f944b4ab46a28a1574282ce_name_file_1280x720_2000_v3_1_.jpg
Requested by: Host: www.wtvm.com
URL: https://www.wtvm.com/2018/12/13/auburn-woman-arrested-stealing-k-company-funds-automotive-supplier/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.156.224 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-156-224.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 00658b09a1644aa45a6f86fb45da1ab8dc225d116e07c36e87344098a8098c22

Request headers

Referer: https://www.wtvm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 14:09:15 GMT
via: 1.1 dfeaf865724e57eaac72220929416926.cloudfront.net (CloudFront)
last-modified: Fri, 14 Dec 2018 02:35:44 GMT
server: AmazonS3
age: 1501
etag: "d827f843f08cdc362d59f0055aca5995"
x-cache: Hit from cloudfront
content-type: image/jpeg
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 52908
x-amz-cf-id: TbVy1C9S7WonCGACYC1hK7LlJHBNOds6U8XbSR5pc9CkcAnrK3ppag==

GET
H3-29 200 container.html Show response
c41f507148625ac8a577bcbdcf54fd5e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C385 6 KB
3 KB 21ms
6ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c41f507148625ac8a577bcbdcf54fd5e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js?31061298

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: c41f507148625ac8a577bcbdcf54fd5e.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.wtvm.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.wtvm.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Fri, 28 May 2021 14:34:14 GMT
expires: Sat, 28 May 2022 14:34:14 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
27 KB 30ms
21ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js?31061298

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f359cea41f7e97a585f44c7c318c4f2314b2981060da1623e39d8d348ff9150

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wtvm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 14:34:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622028727180027"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27990
x-xss-protection: 0
expires: Fri, 28 May 2021 14:34:15 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame C212 624 B
455 B 17ms
16ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CK-hNBDg0zcYzImlnQEwAQ&v=APEucNUcInMuR-LzjgleJt87cwAZhH9MeeFw3wqrDIGWQWO4SA_qZiZyB7ZONSd4JR1XbaOsIdeY9qzYlcGCDXXKHB5iH1D5IY2eJ9vurQcf7Xg7yGCuUxmOpidjbKsXYakw-SED-VoJGpUtjZGDkBsQ_LchNIkoUW9l1W_fBaaHhsTHBhrjHhY

Requested by

Host: c41f507148625ac8a577bcbdcf54fd5e.safeframe.googlesyndication.com
URL: https://c41f507148625ac8a577bcbdcf54fd5e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CK-hNBDg0zcYzImlnQEwAQ&v=APEucNUcInMuR-LzjgleJt87cwAZhH9MeeFw3wqrDIGWQWO4SA_qZiZyB7ZONSd4JR1XbaOsIdeY9qzYlcGCDXXKHB5iH1D5IY2eJ9vurQcf7Xg7yGCuUxmOpidjbKsXYakw-SED-VoJGpUtjZGDkBsQ_LchNIkoUW9l1W_fBaaHhsTHBhrjHhY
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://c41f507148625ac8a577bcbdcf54fd5e.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkizIDX9A8n7pIGW8uuDU0oiVAkMaLv5QeCvLkY8w_aAv_Do5KM6M5isqbu; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://c41f507148625ac8a577bcbdcf54fd5e.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 28 May 2021 14:34:15 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 28 May 2021 14:34:15 GMT

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame C385 63 KB
24 KB 50ms
49ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CaGHXVf725AlesLFPfrNqj1YCSlcR-d0ZbxVJdnzZnWUh9RxPnPeq-HlPt37kCGXAMCl80b6J4Fnlykm2cKJnauOiigdJbHS9nbQFMV3ZlNrxk5NC8VuNw6sfinatXg6hr7R6VnzhKlUNvLEOJBmCJ3X8qZA&dbm_d=AKAmf-Bl_mbgGS-dGAf5jUGIm8Ab07b0oXzgd7AWzqMSWpa7kMDmDIwoYeajG8QwS2DfTtUKjloty-z1DAD2QXQx8qeUC6wuV-Quc20ZqxYlVN63uws8M2n6YjI3MEsPEnaCUX3h9FCyfk9cThLZtQInZ0t3qg_35usX90EWSJGflnM0NzeOlLq4dxYq6lJVb2Qk794GGdMEte9pdgLnvIFOlnvtSbrK2r4kuvvk4KPEBHBA8onqR25kEXAksSaT8tfZZkkkaW7omvk124JbzSJqMEXHPvDIcnB_01ai-C8YfYKTLh8a0WLQguX80QlcJx8AVXPBAxssoG0Q1OBrrrG-P7ZdpG1TugJmfjzAJuJbR8EvBvpy-f46MgpwYx5gb8k8Z3umg8kcKDUvYeJgZaqoSDRQIC6DHHzzJ3crB_CTDgq5KKuBH6kCjWR45dZ1xiROasLLSnqK0uz3b2yRT0WsmgaqwzOlnEZ6W-x0BV8pWFIKOtOPzMnMr4N6xLfBuOm24tSyVPNmDWOnlhiBIwLtM6-jO-Ebd4XbvzwaOy_uM8WWY0RR8h4Ug6CnsncHEQuTJeC0DU_cyiSIVCBakbZYJ0y0vt4ifaW9FVQhQI3vaQl2tr1iX5fWwt51KQ5ksME0ZVCuLZaL5qs8Qwn1SjAZwaC0NJwPKDHqdDBL_PjhF5ONlN5NZcNbpsW_QdbdngabW5rX-QU5WgU7WxxLLQUGrArnC3Yp4h5cNOCCRpulch_LyDY2IsuZxWJhObMyGcIUyOLFudpHNE8uZ2cCloNNo1hVvUxzLXJsQzAnW4gom3xLIQD_YxS68xl0LJJKLGCxLo_fypFk5G-_lzJgagpk_g_oSy_E0Ii8euev2YvRuboeHMWP1Z_styNWwTPKwKRUai1B9MA8A0D11i7TRV6_gZq2SUX5cTXeyqqWtp6h_3D4yVyuT7NEkod29yCDK1TwvEpbQeWyoXWKZ4rOFUJAihfwxMTlM_o7k2A-rDD-T1RgHCs4la8OnG_YTlE8hE6HyL2GoBARrkWD3YEV9T2pWDS2diXQU9H3rBiY75-knIVOIPMEMvqowUnmTGtoN_bRa_aHj2YgMBgKfkqC3-hjac6c4gVyKGFOhToHBZErf57qV-wkcQL9Na1ojoFmKiRZgPIB7ikVOnhIaqshBg8IBqRG_DC5dcJwbYNHkQMy9Qg0HH5bRBMqnAOdB8N5b8N5FVv2SNZjDufev8bmzU8H7DwQow2tIfyrxXw3DkBUrIULvHiFw4pQ5R8oxsbyl3yvpKxpaPD8_wpmDTbGCPT8BOa-vaaGRXIXonHy329_1ddb4kcsJUiSffV9ZWnZcOHbk0rKezHuoZARIArYNZlgghPHxLW3TFzLLHHKx2wCyLME2p3ay9gBqFaSqWhGlZNd62I9D-klxdDebEI6FcEiGjD-Gv5z5UyBLyZyDtm2P112FiDA5c0XMItaWShDTXOWYydQQYvUSTlqp7hAR0FSzKNtLo-89s78FKPG07NUPzA0QkKI94nKPF7XWxTV1AeEL1zixFelDsi7yKkpxS-w3tQ0MH5FOdA15sZSYfvCceDQaZ0TeDrJMrmPcEvxFyQrLrJrf08IkL-nd7rgKMNrbb0AC8sJ3axTxdGSgJWyy_jCdJDNUKqqyYJQI_GQ1fJNl48qS7Xvd2bAvfZbnWU386N8S6Bdh5yKZnwcQ81GkI9JztfbGLvT6x_tRJvLefzoXZQWJhfc3Kq5NAk9VsctoiqwWbrwhICUxcmqLw_6HoQlRO6jh-rSRdWsGhkdoJlRaDcEoK3DW_DPp8ZgJR80Y2jyeyu-o3wrVnTK_tUEMda6CZCsNylpf9nrjHVHprezMWZJwrKJQQqp8pQTnVbunJUstBlE-ndWp4qJ9WFZD6LNi8kN9refcPbQen3vLHb8il-l-MkWr3ha-muLTXepxE5Xt4eu91M8gCkR7joi6lO1pINqsgktz-kWVfsyDeX5gnJ65hxadUxG42fALLpYCx--oiu2oDe2LRpKgE1ihFxbXVmxWfs3txHj-e_j4BNrq66qRu9NqOwrY-Ij-NdSJOlgPOwtMfOTMNbokgu4U54n87DnWTSppbkwyZSM3vPWfnJa5zd2VGt1nZDK6CSKVHEqLb2NAHZXalJ9izShu4I5Ove6jNlDEh6hAK5CqVMzS_VdrDIvNjbMGDzey-Be-kbojMQ_4iag57N2rRPJ77xWNwhgzX3FouEeo1ML7rE5bMWNkvOZ60HlwDAo4dHl750YgUIWScmuyrSiHgAYnX20Pac76gHa4tDFLo3Xeb4WpJ7grjPkPx8Xo3ysUGd5zETuACGMN2CjDnPL3VwMJh1jOkj55dN3VV3PNszI8xnlH4KIsGxKG9K8ZRvz393gRZoeYCUDA_RiWIEKqscn8EwHiZ4mp011vKnDSr5JKhuzEvXJ1AtVNP9F4iJc4TAPAh1wmKfGIQEbNZrX4M-QGvGFU6BexzMIaZzhMj8od8g-jmXTfVczkGugRNtAeLgIWofvT8mIf0M3StMu3fDu1U92j5AhVXDowPzCWiJXrMRnEDFPPNQIkjZHfLa2gnlYMX590rKg3FqVFimBlfI3fwRKVqBbSPK6teTaTXA6sYGpc9YOjR9S6de4wI4NxAdJcZYL54cVN-T7k7n18fTGUEdQnNqj9CvFTKUVZxdmeifsebXCeYXNKS4eNltRi2n91Vl83P7PanZN8j3EUf6DigWMRk9BkNYJu1IlHpQTrT_f2ZX6BIKIHrQnR4SeKjdarEklPcm8ysMoL8fbp4glTCIapwUprdtoCYZkYfwYz85ozM9W7cwee3FO_j7skCPZNJ-KmPBn_fqGDXU7Op9OkidU5bUkFkPtV9FxC0TubGr9YGaRwz5nfQEchNpsQ8DX9mHT03372JHW4XXEmaGTm2kOkCzCFWgVbvYwmdN7rmGOAUMFzFMlVWXH3nE6IVa285ZO4HjrAcb-JcPXiNkXYzLCM3-nUZK1ftH7MKa56Noe5JvLdvfxCy5WE6OOdfYWRxb55BDlM2B31ooN6vtkwte0aHvjuBM9OXj7lkhqze5_lqfGKUfdoTAqwhgeMw38LtMiie4F7er37XtNb0MjWfUuEz41v9MjqM9-1s0XzY76CN3c8OXd31Gow0TCWa88Y_O_XxBR7sVfdNXh8e7INMnvU4TTWGqLiVFxmMI1ggIQ59eqMG7p&cid=CAASPeRo-KHFs8JgeIe9bz9-E8mHVUbW-DuVpcpMlL0AvZWxCyDmxV_kqcCTni6ozpJOEQcKNHnnId005CvSZsU&rfl=1%2Chttps%253A%252F%252Fwww.wtvm.com%252F%240

Requested by

Host: www.wtvm.com
URL: https://www.wtvm.com/2018/12/13/auburn-woman-arrested-stealing-k-company-funds-automotive-supplier/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6987f1fe127dac0f67f325dd79ed8be6b811bd663f44fd7430c1e212655ce061

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c41f507148625ac8a577bcbdcf54fd5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 May 2021 14:34:15 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24593
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame C385 42 B
110 B 40ms
39ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CfbyuD1MdRMs8H35-0Ndf_bySB3VXoYuonmokApumpFkCYct-Vzsm9Ai8Ysakm8bduLU0lFgWPJaoRrIxuqXtFZ6LiU-Amvdu_HBr-5wIurEZpuHI

Requested by

Host: c41f507148625ac8a577bcbdcf54fd5e.safeframe.googlesyndication.com
URL: https://c41f507148625ac8a577bcbdcf54fd5e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c41f507148625ac8a577bcbdcf54fd5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 May 2021 14:34:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/ Frame C385 2 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/window_focus_fy2019.js

Requested by

Host: c41f507148625ac8a577bcbdcf54fd5e.safeframe.googlesyndication.com
URL: https://c41f507148625ac8a577bcbdcf54fd5e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c41f507148625ac8a577bcbdcf54fd5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 14:28:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 373
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Jun 2021 14:28:02 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C385 121 KB
37 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: c41f507148625ac8a577bcbdcf54fd5e.safeframe.googlesyndication.com
URL: https://c41f507148625ac8a577bcbdcf54fd5e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e45ca14bc59eff23fa77a56b5a047910b4bb21832fb69ef9308c3e16caabbe4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c41f507148625ac8a577bcbdcf54fd5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 14:34:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622028738751036"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37763
x-xss-protection: 0
expires: Fri, 28 May 2021 14:34:15 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/ Frame C385 13 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: c41f507148625ac8a577bcbdcf54fd5e.safeframe.googlesyndication.com
URL: https://c41f507148625ac8a577bcbdcf54fd5e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

684722f2ec67f3a1b4aad3b445dd37b60d048d66701dfff1f5c40b3bad4fae8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c41f507148625ac8a577bcbdcf54fd5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 14:34:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5635
x-xss-protection: 0
server: cafe
etag: 1319581658596578636
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Jun 2021 14:34:11 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame C212
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAIue4MH7_6mGsGQYc0y0Tc&google_cver=1

43 B
1014 B

70ms
32ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAIue4MH7_6mGsGQYc0y0Tc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK-hNBDg0zcYzImlnQEwAQ&v=APEucNUcInMuR-LzjgleJt87cwAZhH9MeeFw3wqrDIGWQWO4SA_qZiZyB7ZONSd4JR1XbaOsIdeY9qzYlcGCDXXKHB5iH1D5IY2eJ9vurQcf7Xg7yGCuUxmOpidjbKsXYakw-SED-VoJGpUtjZGDkBsQ_LchNIkoUW9l1W_fBaaHhsTHBhrjHhY
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 28 May 2021 14:34:15 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 28 May 2021 14:34:15 GMT

Redirect headers

pragma: no-cache
date: Fri, 28 May 2021 14:34:15 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAIue4MH7_6mGsGQYc0y0Tc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame C212
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YLD-Z7hdj-hqvIfp.kio4AAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAIue4MH7_6mGsGQYc0y0Tc&google_cver=1&google_hm=2

43 B
894 B

35ms
33ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAIue4MH7_6mGsGQYc0y0Tc&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK-hNBDg0zcYzImlnQEwAQ&v=APEucNUcInMuR-LzjgleJt87cwAZhH9MeeFw3wqrDIGWQWO4SA_qZiZyB7ZONSd4JR1XbaOsIdeY9qzYlcGCDXXKHB5iH1D5IY2eJ9vurQcf7Xg7yGCuUxmOpidjbKsXYakw-SED-VoJGpUtjZGDkBsQ_LchNIkoUW9l1W_fBaaHhsTHBhrjHhY
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 28 May 2021 14:34:15 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 28 May 2021 14:34:15 GMT

Redirect headers

pragma: no-cache
date: Fri, 28 May 2021 14:34:15 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAIue4MH7_6mGsGQYc0y0Tc&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame C212
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEDGy6maJk1_5TuzFhCVjwuI&google_cver=1

43 B
1018 B

52ms
26ms

Image
image/gif

37.252.172.45
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEDGy6maJk1_5TuzFhCVjwuI&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CK-hNBDg0zcYzImlnQEwAQ&v=APEucNUcInMuR-LzjgleJt87cwAZhH9MeeFw3wqrDIGWQWO4SA_qZiZyB7ZONSd4JR1XbaOsIdeY9qzYlcGCDXXKHB5iH1D5IY2eJ9vurQcf7Xg7yGCuUxmOpidjbKsXYakw-SED-VoJGpUtjZGDkBsQ_LchNIkoUW9l1W_fBaaHhsTHBhrjHhY

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.45 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 28 May 2021 14:34:15 GMT
X-Proxy-Origin: 159.48.55.6; 159.48.55.6; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.71:80
AN-X-Request-Uuid: e7af1c9b-57b9-48a2-85e6-c43a4c755b47
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 28 May 2021 14:34:15 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEDGy6maJk1_5TuzFhCVjwuI&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame C212
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTYxNDQwMzIyNzY5ODY1ODYwMQ%3D%3D

170 B
188 B

69ms
36ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTYxNDQwMzIyNzY5ODY1ODYwMQ%3D%3D

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 May 2021 14:34:15 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 28 May 2021 14:34:15 GMT
X-Proxy-Origin: 159.48.55.6; 159.48.55.6; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.249:80
AN-X-Request-Uuid: 2ea9bcc1-ebff-4ee6-9abc-3787a6c16a72
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTYxNDQwMzIyNzY5ODY1ODYwMQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 html_inpage_rendering_lib_200_271.js Show response
s0.2mdn.net/879366/ Frame C385 176 KB
61 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_271.js

Requested by

Host: www.wtvm.com
URL: https://www.wtvm.com/2018/12/13/auburn-woman-arrested-stealing-k-company-funds-automotive-supplier/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2f126a8957c32db99e94d1bf7c9ed09fcd38ba99bd632ebd048f01f9c5f9c9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://c41f507148625ac8a577bcbdcf54fd5e.safeframe.googlesyndication.com
Referer: https://c41f507148625ac8a577bcbdcf54fd5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 15:46:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 82090
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62241
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 18:02:47 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 28 May 2021 15:46:05 GMT

GET
H3-29 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210524/r20110914/elements/html/ Frame C385 8 KB
3 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210524/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CaGHXVf725AlesLFPfrNqj1YCSlcR-d0ZbxVJdnzZnWUh9RxPnPeq-HlPt37kCGXAMCl80b6J4Fnlykm2cKJnauOiigdJbHS9nbQFMV3ZlNrxk5NC8VuNw6sfinatXg6hr7R6VnzhKlUNvLEOJBmCJ3X8qZA&dbm_d=AKAmf-Bl_mbgGS-dGAf5jUGIm8Ab07b0oXzgd7AWzqMSWpa7kMDmDIwoYeajG8QwS2DfTtUKjloty-z1DAD2QXQx8qeUC6wuV-Quc20ZqxYlVN63uws8M2n6YjI3MEsPEnaCUX3h9FCyfk9cThLZtQInZ0t3qg_35usX90EWSJGflnM0NzeOlLq4dxYq6lJVb2Qk794GGdMEte9pdgLnvIFOlnvtSbrK2r4kuvvk4KPEBHBA8onqR25kEXAksSaT8tfZZkkkaW7omvk124JbzSJqMEXHPvDIcnB_01ai-C8YfYKTLh8a0WLQguX80QlcJx8AVXPBAxssoG0Q1OBrrrG-P7ZdpG1TugJmfjzAJuJbR8EvBvpy-f46MgpwYx5gb8k8Z3umg8kcKDUvYeJgZaqoSDRQIC6DHHzzJ3crB_CTDgq5KKuBH6kCjWR45dZ1xiROasLLSnqK0uz3b2yRT0WsmgaqwzOlnEZ6W-x0BV8pWFIKOtOPzMnMr4N6xLfBuOm24tSyVPNmDWOnlhiBIwLtM6-jO-Ebd4XbvzwaOy_uM8WWY0RR8h4Ug6CnsncHEQuTJeC0DU_cyiSIVCBakbZYJ0y0vt4ifaW9FVQhQI3vaQl2tr1iX5fWwt51KQ5ksME0ZVCuLZaL5qs8Qwn1SjAZwaC0NJwPKDHqdDBL_PjhF5ONlN5NZcNbpsW_QdbdngabW5rX-QU5WgU7WxxLLQUGrArnC3Yp4h5cNOCCRpulch_LyDY2IsuZxWJhObMyGcIUyOLFudpHNE8uZ2cCloNNo1hVvUxzLXJsQzAnW4gom3xLIQD_YxS68xl0LJJKLGCxLo_fypFk5G-_lzJgagpk_g_oSy_E0Ii8euev2YvRuboeHMWP1Z_styNWwTPKwKRUai1B9MA8A0D11i7TRV6_gZq2SUX5cTXeyqqWtp6h_3D4yVyuT7NEkod29yCDK1TwvEpbQeWyoXWKZ4rOFUJAihfwxMTlM_o7k2A-rDD-T1RgHCs4la8OnG_YTlE8hE6HyL2GoBARrkWD3YEV9T2pWDS2diXQU9H3rBiY75-knIVOIPMEMvqowUnmTGtoN_bRa_aHj2YgMBgKfkqC3-hjac6c4gVyKGFOhToHBZErf57qV-wkcQL9Na1ojoFmKiRZgPIB7ikVOnhIaqshBg8IBqRG_DC5dcJwbYNHkQMy9Qg0HH5bRBMqnAOdB8N5b8N5FVv2SNZjDufev8bmzU8H7DwQow2tIfyrxXw3DkBUrIULvHiFw4pQ5R8oxsbyl3yvpKxpaPD8_wpmDTbGCPT8BOa-vaaGRXIXonHy329_1ddb4kcsJUiSffV9ZWnZcOHbk0rKezHuoZARIArYNZlgghPHxLW3TFzLLHHKx2wCyLME2p3ay9gBqFaSqWhGlZNd62I9D-klxdDebEI6FcEiGjD-Gv5z5UyBLyZyDtm2P112FiDA5c0XMItaWShDTXOWYydQQYvUSTlqp7hAR0FSzKNtLo-89s78FKPG07NUPzA0QkKI94nKPF7XWxTV1AeEL1zixFelDsi7yKkpxS-w3tQ0MH5FOdA15sZSYfvCceDQaZ0TeDrJMrmPcEvxFyQrLrJrf08IkL-nd7rgKMNrbb0AC8sJ3axTxdGSgJWyy_jCdJDNUKqqyYJQI_GQ1fJNl48qS7Xvd2bAvfZbnWU386N8S6Bdh5yKZnwcQ81GkI9JztfbGLvT6x_tRJvLefzoXZQWJhfc3Kq5NAk9VsctoiqwWbrwhICUxcmqLw_6HoQlRO6jh-rSRdWsGhkdoJlRaDcEoK3DW_DPp8ZgJR80Y2jyeyu-o3wrVnTK_tUEMda6CZCsNylpf9nrjHVHprezMWZJwrKJQQqp8pQTnVbunJUstBlE-ndWp4qJ9WFZD6LNi8kN9refcPbQen3vLHb8il-l-MkWr3ha-muLTXepxE5Xt4eu91M8gCkR7joi6lO1pINqsgktz-kWVfsyDeX5gnJ65hxadUxG42fALLpYCx--oiu2oDe2LRpKgE1ihFxbXVmxWfs3txHj-e_j4BNrq66qRu9NqOwrY-Ij-NdSJOlgPOwtMfOTMNbokgu4U54n87DnWTSppbkwyZSM3vPWfnJa5zd2VGt1nZDK6CSKVHEqLb2NAHZXalJ9izShu4I5Ove6jNlDEh6hAK5CqVMzS_VdrDIvNjbMGDzey-Be-kbojMQ_4iag57N2rRPJ77xWNwhgzX3FouEeo1ML7rE5bMWNkvOZ60HlwDAo4dHl750YgUIWScmuyrSiHgAYnX20Pac76gHa4tDFLo3Xeb4WpJ7grjPkPx8Xo3ysUGd5zETuACGMN2CjDnPL3VwMJh1jOkj55dN3VV3PNszI8xnlH4KIsGxKG9K8ZRvz393gRZoeYCUDA_RiWIEKqscn8EwHiZ4mp011vKnDSr5JKhuzEvXJ1AtVNP9F4iJc4TAPAh1wmKfGIQEbNZrX4M-QGvGFU6BexzMIaZzhMj8od8g-jmXTfVczkGugRNtAeLgIWofvT8mIf0M3StMu3fDu1U92j5AhVXDowPzCWiJXrMRnEDFPPNQIkjZHfLa2gnlYMX590rKg3FqVFimBlfI3fwRKVqBbSPK6teTaTXA6sYGpc9YOjR9S6de4wI4NxAdJcZYL54cVN-T7k7n18fTGUEdQnNqj9CvFTKUVZxdmeifsebXCeYXNKS4eNltRi2n91Vl83P7PanZN8j3EUf6DigWMRk9BkNYJu1IlHpQTrT_f2ZX6BIKIHrQnR4SeKjdarEklPcm8ysMoL8fbp4glTCIapwUprdtoCYZkYfwYz85ozM9W7cwee3FO_j7skCPZNJ-KmPBn_fqGDXU7Op9OkidU5bUkFkPtV9FxC0TubGr9YGaRwz5nfQEchNpsQ8DX9mHT03372JHW4XXEmaGTm2kOkCzCFWgVbvYwmdN7rmGOAUMFzFMlVWXH3nE6IVa285ZO4HjrAcb-JcPXiNkXYzLCM3-nUZK1ftH7MKa56Noe5JvLdvfxCy5WE6OOdfYWRxb55BDlM2B31ooN6vtkwte0aHvjuBM9OXj7lkhqze5_lqfGKUfdoTAqwhgeMw38LtMiie4F7er37XtNb0MjWfUuEz41v9MjqM9-1s0XzY76CN3c8OXd31Gow0TCWa88Y_O_XxBR7sVfdNXh8e7INMnvU4TTWGqLiVFxmMI1ggIQ59eqMG7p&cid=CAASPeRo-KHFs8JgeIe9bz9-E8mHVUbW-DuVpcpMlL0AvZWxCyDmxV_kqcCTni6ozpJOEQcKNHnnId005CvSZsU&rfl=1%2Chttps%253A%252F%252Fwww.wtvm.com%252F%240

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c41f507148625ac8a577bcbdcf54fd5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 14:33:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Jun 2021 14:33:36 GMT

GET
H3-29 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210524/r20110914/ Frame C385 22 KB
8 KB 12ms
12ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210524/r20110914/abg_lite.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2e515f6e09f5e26caff10460e9a027e236ec78caffaa756799730b20f4d33320

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c41f507148625ac8a577bcbdcf54fd5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 14:33:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8609
x-xss-protection: 0
server: cafe
etag: 7365582700020686358
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Jun 2021 14:33:59 GMT

GET
H3-29 200 index.html Show response
s0.2mdn.net/ads/richmedia/studio/pv2/61694093/20210319071805454/wehkamp_awareness_728x90/ Frame 92B6 8 KB
1 KB 25ms
23ms Document
text/html 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61694093/20210319071805454/wehkamp_awareness_728x90/index.html?e=69&leftOffset=0&topOffset=0&c=5bt416dWWC&t=1&renderingType=2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_271.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5415a20bbd8f925ad001d755edc081491ccc572d6b9fe62c6525f1df7cf76ae1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /ads/richmedia/studio/pv2/61694093/20210319071805454/wehkamp_awareness_728x90/index.html?e=69&leftOffset=0&topOffset=0&c=5bt416dWWC&t=1&renderingType=2
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://c41f507148625ac8a577bcbdcf54fd5e.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://c41f507148625ac8a577bcbdcf54fd5e.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1212
date: Fri, 28 May 2021 14:34:15 GMT
expires: Sat, 29 May 2021 14:34:15 GMT
cache-control: public, max-age=86400
last-modified: Fri, 19 Mar 2021 14:18:05 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame C385 0
575 B 125ms
66ms Ping
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstmnWfPHuN1kGePqCUoEDHBO2hdz1IvTOOQS9MkvMSYOhgmE8JPIsF6zZ95jFjC7gwOXcrlRA5gcsmJYO-XpZT4Hhm1CZBwa1pO5pQqGDS-msYtMYmcSX3idEu3jx00S3i-c8ATa9PqQA1miFTXQ8qE32bDecvyKaktfa5Di4VVkz4_2JkPx5pXRz1WYT-DBy8DRdft0XfXg2lEY11irwGe7bBNXSWQ35yUOJATaY0vaHLJaedxjCC0F6MSB335eYYmhANsJtiwqMsMfZhVSK5HnpvkIAWD0rqwuf3BvnWbb4V0Mh3onYH4JL_t14bNajygBocZPWjfb0Q268kHQW-FLGrW9h_FEaEbp0ckwyALr1RzlXXemLql4Hjkc0qQNp4edtcHdNL1EYl69F1l_aWTisKDN8JQ7t_qMadceJqbXEhwXIxbxWmr8WlSN7zkm1R73kqqnTndVmYHzlGn0QBJSdmTwG8vlu6RjD8pRgbaGG5ryGoJz1jim5WjDPZRI0wHEV1HIL3KDH5N8xE-Hulc5X3rUTknEQslpRRmkNRbd2TeYnwU-t3ZzdH12gXCCwfAO9B6YeJYWczyI_Da27RnsXe_eE6YaSyq4mWcdN862Pf4NRT4L4EgGYxHqp6piGHeCHD_q-fDkGaAQNdGJrZNgjR3ivjcG8A0gzxdegHSm8dZeeS6pGNOaAKP8IF3DTDcy68-X46TIulA0D464d97PdecLsCU89Mnh21g4pODcIkrtANqByBYHx0DIgFUAM8_DKEe-tLSmiS77eDJg01auqx8FzWxOgkqNyzRcjbsEV9qX3iaqmF2emVAis0SdhUWNdDGN4GZxqYehe11GRMDjhNVCYmHwpnAg3bYrO8bO5e36VDdzJ2DwTc-ZNs6dzAmRyCxPEmoXebFwQcGGsmsyMZbMw0353LG67GLHgHM5yuYRG9ubat4nH8jgmapyyD141275OpK3NIy9NIUWoFUC6nE6HtzFxagitQOeTBzsJORFjjGs-2arpm5Sx9y_Jfd-GbmBmuihizu5VDrJX92yJJTHSr3ry8AK5cOv7xR0Gqsxx8722IzqYrCj227gNCZXPyWSDFjtf2BW-nt7QxP5_NyAInmFdci9pCOX9KX_lJkWOF31kJ6pmSr4yD9q0shVnU2jdCnQz4UWg1nDdbnu2U&sai=AMfl-YQild8hNC2s9uIl_qWDkJ4zgXwA51AfK5-WntMj_ouhfrhbPl-hCnGz3WUbNo5n_zU5TUbu0r4kKig0vAP8ZJrYrjVfcj5uXgJrP6xAJehCAO1hfL97qATrP8J7SfBoAohe_B_OUuKG3mgK8Ndw7ptuUw6idavc4ek-l44zsz57xmRh8D7bQOmpFgmMbdF4yuQdtPvRX6_uhGHg-aVah7Em2lK1w3WDZAhoflviKjMLdAafic3458AolRG1WTZa&sig=Cg0ArKJSzBcm3DM-bq3jEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=31&cbvp=1&cstd=26&cisv=r20210524.67002&adurl=

Requested by

Host: www.wtvm.com
URL: https://www.wtvm.com/2018/12/13/auburn-woman-arrested-stealing-k-company-funds-automotive-supplier/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c41f507148625ac8a577bcbdcf54fd5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Fri, 28 May 2021 14:34:15 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 pixel.gif
opt.objectiveportal.com/ Frame C385 35 B
527 B 121ms
35ms Image
image/gif 195.201.152.90
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://opt.objectiveportal.com/pixel.gif?customer=WEH&brand=WEH&domain=NL&process=banner&campaignid=25026030&placementid=295706764&gdpr=&gdpr_consent=&gdpr_pd=

Requested by

Host: c41f507148625ac8a577bcbdcf54fd5e.safeframe.googlesyndication.com
URL: https://c41f507148625ac8a577bcbdcf54fd5e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

195.201.152.90 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.90.152.201.195.clients.your-server.de

Software

nginx /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors *.objectiveportal.com objectiveportal.com
Strict-Transport-Security	max-age=63072000; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://c41f507148625ac8a577bcbdcf54fd5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 May 2021 14:34:15 GMT
referrer-policy: strict-origin-when-cross-origin
server: nginx
etag: ac95de2a-c601-498d-934b-cd0c2d2e1056
x-frame-options: DENY
content-type: image/gif
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-security-policy: frame-ancestors *.objectiveportal.com objectiveportal.com
strict-transport-security: max-age=63072000; includeSubdomains
content-length: 35
x-content-type-options: nosniff

GET
H2 200 ob_smartFeedLogo.min.svg
widgets.outbrain.com/images/widgetIcons/ 7 KB
7 KB 40ms
39ms Image
image/svg+xml 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/ob_smartFeedLogo.min.svg
Requested by: Host: www.wtvm.com
URL: https://www.wtvm.com/2018/12/13/auburn-woman-arrested-stealing-k-company-funds-automotive-supplier/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 8050f05c230d74be333b63cef230e786094e9100f55fa19c6c0831e95870768d

Request headers

Referer: https://www.wtvm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 14:34:15 GMT
last-modified: Wed, 17 Feb 2021 13:51:00 GMT
server: AkamaiNetStorage
etag: "f370d19306add072a726e7f4ade8dc57:1613570903.586246"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 7090
expires: Sun, 27 Jun 2021 14:34:15 GMT

GET
H2 200 achoice.svg
widgets.outbrain.com/images/widgetIcons/ 3 KB
3 KB 45ms
44ms Image
image/svg+xml 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by: Host: www.wtvm.com
URL: https://www.wtvm.com/2018/12/13/auburn-woman-arrested-stealing-k-company-funds-automotive-supplier/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

Referer: https://www.wtvm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 14:34:15 GMT
last-modified: Wed, 17 Feb 2021 13:51:00 GMT
server: AkamaiNetStorage
etag: "9d26fa4e7238ed94f1d0d92afb453b3e:1613570879.822144"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 2735
expires: Sun, 27 Jun 2021 14:34:15 GMT

GET
H/1.1 200
OK l Show response
mcdp-chidc2.outbrain.com/ 2 B
292 B 498ms
126ms Fetch
text/plain 64.74.236.191
INTERNAP-BLK5

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-chidc2.outbrain.com/l?token=5e5bc1b2527040063fe71497d02a0742_2797_1622212455630&tm=1002&eT=0&widgetWidth=770&widgetHeight=762&widgetX=230&widgetY=1270&tpcs=0&wRV=2000361&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&cheq=0&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.74.236.191 , United States, ASN19024 (INTERNAP-BLK5, US),
Reverse DNS: chi.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.wtvm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Fri, 28 May 2021 14:34:16 GMT
content-encoding: gzip
X-TraceId: 31d97867de41c55f7f6f88edb0ea98c8
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H2 200 obUserSync.html Show response
widgets.outbrain.com/widgetOBUserSync/ Frame 9CA1 16 KB
6 KB 31ms
31ms Document
text/html 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5bdf881868ac7b463d2c26adb5b2191eec0ca3dcf013741fec60d7968b4c5e2b

Request headers

:method: GET
:authority: widgets.outbrain.com
:scheme: https
:path: /widgetOBUserSync/obUserSync.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.wtvm.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.wtvm.com/

Response headers

accept-ranges: bytes
content-type: text/html
etag: "978c043087ae13e54442ade6ea7cf2e1:1621941737.600191"
last-modified: Tue, 25 May 2021 11:22:06 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=86400
expires: Sat, 29 May 2021 14:34:15 GMT
date: Fri, 28 May 2021 14:34:15 GMT
content-length: 5461
timing-allow-origin: * *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
set-cookie: akacd_widgets_routing=1622212455~rv=43~id=b2702886e31482058dbce3d53ec6b4c1; path=/; Expires=Fri, 28 May 2021 14:34:15 GMT; Secure; SameSite=None

GET
H2 200 streamFeed.js Show response
widgets.outbrain.com/nanoWidget/2000361/module/ 53 KB
18 KB 38ms
38ms Script
application/x-javascript 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/2000361/module/streamFeed.js?e=1
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: c751558042cd242729945cadeca90d2513d71ae7811992be768a07751266fa0a

Request headers

Referer: https://www.wtvm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 14:34:15 GMT
content-encoding: gzip
last-modified: Wed, 26 May 2021 12:53:20 GMT
server: AkamaiNetStorage
etag: "fb72f6a69adbce506f05d59b699bcc5f:1622034778.651015"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=345600
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 17520

GET
H2 200 get Show response
odb.outbrain.com/utils/ 34 KB
15 KB 399ms
399ms Script
text/javascript 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.wtvm.com%2F2018%2F12%2F13%2Fauburn-woman-arrested-stealing-k-company-funds-automotive-supplier%2F&idx=1&rand=96204&key=NANOWDGT01&widgetJSId=AR_9&va=true&et=true&format=html&pdobuid=-1&t=NWU1YmMxYjI1MjcwNDAwNjNmZTcxNDk3ZDAyYTA3NDI=&adblck=false&abwl=false&px=229&py=2031&vpd=831&cw=770&settings=true&recs=true&version=2000361&sig=LSBM2taP&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=1&wdr-natlaz=true
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 81e9136cb22ac21f52211b7fb365e10e0b143bc951f4f72d74bd890caa23c2a3

Request headers

Referer: https://www.wtvm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 14:34:16 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: CHIDC2, MDW, HHN, Europe2
x-cache: MISS, MISS
p3p: policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
backend-ip: 157.52.75.69
x-cache-hits: 0, 0
x-traceid: b39d2f4b9d7cd40d263ae0e89fbdf2e4
content-encoding: gzip
content-length: 14569
x-served-by: cache-mdw17369-MDW, cache-hhn4057-HHN
x-timer: S1622212456.766365,VS0,VE373
vary: Accept-Encoding, User-Agent
content-type: text/javascript; charset=UTF-8
accept-ranges: bytes
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame C385 41 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: c41f507148625ac8a577bcbdcf54fd5e.safeframe.googlesyndication.com
URL: https://c41f507148625ac8a577bcbdcf54fd5e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c41f507148625ac8a577bcbdcf54fd5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 22:24:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 144580
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 26 May 2022 22:24:35 GMT

GET
DATA 200
OK truncated
/ Frame C385 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2c351a96df156d6c14055ec48530f47b1451dabf41b61e0d9f2c4fa9d1d17b84

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 eyJpdSI6IjhjYTJlNDY2NmU2YmI0MTkyNjEyOTNhODVhYmQ1YTkyMDMxMTM4NGI0YmMxMjM2MDI5OGZjNDdkZjZlZmUwNjciLCJ3IjozMDAsImgiOjIzMCwiZCI6Mi4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 34 KB
34 KB 148ms
71ms Image
image/webp 104.108.145.205
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjhjYTJlNDY2NmU2YmI0MTkyNjEyOTNhODVhYmQ1YTkyMDMxMTM4NGI0YmMxMjM2MDI5OGZjNDdkZjZlZmUwNjciLCJ3IjozMDAsImgiOjIzMCwiZCI6Mi4wLCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.wtvm.com
URL: https://www.wtvm.com/2018/12/13/auburn-woman-arrested-stealing-k-company-funds-automotive-supplier/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.205 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-205.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fcb1c847623b68652a1014e62fbc50613efbc916e410ead94a281d318881ca13

Request headers

Referer: https://www.wtvm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 14:34:15 GMT
cache-control: max-age=1870608
last-modified: Wed, 17 Mar 2021 12:07:24 GMT
x-traceid: 8bb2b976d1b018a6afddebad40fd38f5
timing-allow-origin: *
content-length: 34948
content-type: image/webp

GET
H2 200 eyJpdSI6ImZlNjc3YWE3ZDRmYmJjZGEzNWFjYjQ0ZDE1MzE4ZDBiMGYzODNjYjY5MTI0ZTFmZWEyNTMxZWYyYTQwYzQ1NTciLCJ3IjozMDAsImgiOjIzMCwiZCI6Mi4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 51 KB
51 KB 120ms
43ms Image
image/webp 104.108.145.205
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImZlNjc3YWE3ZDRmYmJjZGEzNWFjYjQ0ZDE1MzE4ZDBiMGYzODNjYjY5MTI0ZTFmZWEyNTMxZWYyYTQwYzQ1NTciLCJ3IjozMDAsImgiOjIzMCwiZCI6Mi4wLCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.wtvm.com
URL: https://www.wtvm.com/2018/12/13/auburn-woman-arrested-stealing-k-company-funds-automotive-supplier/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.205 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-205.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ed58c1d5b38e7abc01bc7a0f227b7e89ce671a7fea269ea64b7c20d08388aab9

Request headers

Referer: https://www.wtvm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 14:34:15 GMT
cache-control: max-age=456661
last-modified: Tue, 13 Apr 2021 18:20:17 GMT
x-traceid: 90b50cd78f0a6f9c35b47f103715c535
timing-allow-origin: *
content-length: 52104
content-type: image/webp

GET
H2 200 eyJpdSI6IjcwYTE1MmZhODkyOTdiMTJlNjY0ZWU0MjczMzE4ZDhjZjAzNmQ2NWY2YjdlYmNiMzc3ZmVkMmJlNmIyNTdlZTQiLCJ3IjozMDAsImgiOjIzMCwiZCI6Mi4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 47 KB
48 KB 159ms
83ms Image
image/webp 104.108.145.205
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjcwYTE1MmZhODkyOTdiMTJlNjY0ZWU0MjczMzE4ZDhjZjAzNmQ2NWY2YjdlYmNiMzc3ZmVkMmJlNmIyNTdlZTQiLCJ3IjozMDAsImgiOjIzMCwiZCI6Mi4wLCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.wtvm.com
URL: https://www.wtvm.com/2018/12/13/auburn-woman-arrested-stealing-k-company-funds-automotive-supplier/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.205 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-205.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7b6df38dea3b1bba6c7be54440682feafb87748a5693cacb57aac5728f4e20f5

Request headers

Referer: https://www.wtvm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 14:34:15 GMT
cache-control: max-age=2285428
last-modified: Tue, 04 May 2021 20:47:55 GMT
x-traceid: a175b07af615c1862f20fd195438e74e
timing-allow-origin: *
content-length: 48574
content-type: image/webp

GET
H2 200 eyJpdSI6ImFlNzk2MDc4M2FjNGZkMWVjY2FlZWU5ZDM2OWI2ZGUwM2U5YjlmNDY1NTMwOTI2OWEwZGJkNTRhNDYxZDA3MzEiLCJ3IjozMDAsImgiOjIzMCwiZCI6Mi4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 33 KB
33 KB 147ms
71ms Image
image/webp 104.108.145.205
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImFlNzk2MDc4M2FjNGZkMWVjY2FlZWU5ZDM2OWI2ZGUwM2U5YjlmNDY1NTMwOTI2OWEwZGJkNTRhNDYxZDA3MzEiLCJ3IjozMDAsImgiOjIzMCwiZCI6Mi4wLCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.wtvm.com
URL: https://www.wtvm.com/2018/12/13/auburn-woman-arrested-stealing-k-company-funds-automotive-supplier/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.205 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-205.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 304dae540941478098af7c1ebea2155450c2204c698808d9c52cb8f53618a865

Request headers

Referer: https://www.wtvm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 14:34:15 GMT
cache-control: max-age=1070350
last-modified: Wed, 05 May 2021 18:07:00 GMT
x-traceid: 24cad22da86b38a3c41e8792f48a4b74
timing-allow-origin: *
content-length: 33716
content-type: image/webp

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame FF46 22 KB
8 KB 7ms
6ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://c41f507148625ac8a577bcbdcf54fd5e.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://c41f507148625ac8a577bcbdcf54fd5e.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Wed, 26 May 2021 22:24:35 GMT
expires: Thu, 26 May 2022 22:24:35 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 144580
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 get Show response
mv.outbrain.com/Multivac/api/ 77 KB
21 KB 685ms
684ms Script
application/json 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mv.outbrain.com/Multivac/api/get?url=https%3A%2F%2Fwww.wtvm.com%2F2018%2F12%2F13%2Fauburn-woman-arrested-stealing-k-company-funds-automotive-supplier%2F&settings=true&recs=true&widgetJSId=AR_8&key=NANOWDGT01&version=2000361&apv=true&sig=LSBM2taP&format=html&rand=61315&pdobuid=-1&osLang=en-US&va=true&et=true&cmpStat=0&ccpaStat=1&scrW=1600&scrH=1200&t=NWU1YmMxYjI1MjcwNDAwNjNmZTcxNDk3ZDAyYTA3NDI=&winW=1600&winH=1200&adblck=false&abwl=false&secured=true&feedIdx=0&lastIdx=1&lastCardIdx=0&fAB=11366-71974&layeredTestInfo=11366-71974-&pcer=p%3D2URIcA9knfWYziJjd5iikPiSRBh9yRTZcpYsmxNfwxA%26c%3D411a646%26v%3D3&dpr=1&cw=770&wdr-natlaz=true
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/2000361/module/streamFeed.js?e=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d000a6576d54373e8d6a27605a29ad0c5a1bce1a996537981f3a01faebc1e17d

Request headers

Referer: https://www.wtvm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 14:34:16 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: CHIDC2, MDW, HHN, Europe2
x-cache: MISS, MISS
p3p: policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
backend-ip: 157.52.75.59
x-cache-hits: 0, 0
x-traceid: 5e30ef6969fb7c6bdd8aef24a3573d5b
content-encoding: gzip
content-length: 21074
x-served-by: cache-mdw17359-MDW, cache-hhn4057-HHN
x-timer: S1622212456.834209,VS0,VE657
vary: Accept-Encoding, User-Agent
content-type: application/json; charset=UTF-8
accept-ranges: bytes
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-29 200 jsf.css
s0.2mdn.net/ads/richmedia/studio/pv2/61694093/20210319071805454/wehkamp_awareness_728x90/ Frame 92B6 7 KB
2 KB 9ms
7ms Stylesheet
text/css 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61694093/20210319071805454/wehkamp_awareness_728x90/jsf.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61694093/20210319071805454/wehkamp_awareness_728x90/index.html?e=69&leftOffset=0&topOffset=0&c=5bt416dWWC&t=1&renderingType=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bf70128e63e7895ec1748705f3c4b29ed5b473ca5ba5f8ba38ca485e71a1095f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61694093/20210319071805454/wehkamp_awareness_728x90/index.html?e=69&leftOffset=0&topOffset=0&c=5bt416dWWC&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 12:08:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8719
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1539
x-xss-protection: 0
last-modified: Fri, 19 Mar 2021 14:18:05 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 29 May 2021 12:08:56 GMT

GET
H3-29 200 Enabler_01_245.js Show response
s0.2mdn.net/879366/ Frame 92B6 110 KB
38 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_245.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4642568b405b3750fb18df621889e27def95e8162c1cdd256a21b319c9a4e24b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61694093/20210319071805454/wehkamp_awareness_728x90/index.html?e=69&leftOffset=0&topOffset=0&c=5bt416dWWC&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 13:44:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2979
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38568
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 19:32:54 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 29 May 2021 13:44:36 GMT

GET
H3-29 200 feedImport.js Show response
s0.2mdn.net/ads/richmedia/studio/pv2/61694093/20210319071805454/wehkamp_awareness_728x90/ Frame 92B6 11 KB
1 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61694093/20210319071805454/wehkamp_awareness_728x90/feedImport.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc5d4cf6e18131d2611ce0231aac8ac54c6a196f6c9c44239e4b232811404d69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61694093/20210319071805454/wehkamp_awareness_728x90/index.html?e=69&leftOffset=0&topOffset=0&c=5bt416dWWC&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 14:32:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 106
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1345
x-xss-protection: 0
last-modified: Fri, 19 Mar 2021 14:18:05 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 29 May 2021 14:32:29 GMT

GET
H3-29 200 gsap_3.5.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 92B6 60 KB
24 KB 17ms
15ms Script
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61694093/20210319071805454/wehkamp_awareness_728x90/index.html?e=69&leftOffset=0&topOffset=0&c=5bt416dWWC&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 14:34:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24155
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:23:17 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 28 May 2021 14:34:15 GMT

GET
H3-29 200 slides.js Show response
s0.2mdn.net/ads/richmedia/studio/pv2/61694093/20210319071805454/wehkamp_awareness_728x90/ Frame 92B6 9 KB
3 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61694093/20210319071805454/wehkamp_awareness_728x90/slides.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a98be164cab735e3e1dda9dffb02bd7c7d7545cfd1ca1b628daab62ff1e357f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61694093/20210319071805454/wehkamp_awareness_728x90/index.html?e=69&leftOffset=0&topOffset=0&c=5bt416dWWC&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 07:01:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27167
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2606
x-xss-protection: 0
last-modified: Fri, 19 Mar 2021 14:18:05 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 29 May 2021 07:01:28 GMT

GET
H3-29 200 swipeHandler.js Show response
s0.2mdn.net/ads/richmedia/studio/pv2/61694093/20210319071805454/wehkamp_awareness_728x90/ Frame 92B6 7 KB
2 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61694093/20210319071805454/wehkamp_awareness_728x90/swipeHandler.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7617fe0518d6e15ea64699e2c8802b113db6c7e7cebf8c828f16fa48c10bc31f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61694093/20210319071805454/wehkamp_awareness_728x90/index.html?e=69&leftOffset=0&topOffset=0&c=5bt416dWWC&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 09:36:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17880
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1949
x-xss-protection: 0
last-modified: Fri, 19 Mar 2021 14:18:05 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 29 May 2021 09:36:15 GMT

GET
H3-29 200 swipe.svg
s0.2mdn.net/creatives/assets/4008410/ Frame 92B6 38 KB
28 KB 8ms
7ms Image
image/svg+xml 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4008410/swipe.svg

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da38b17bcd33d8afdfb2ba334966431117fd9717ef7bd752c0102e5340243d15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61694093/20210319071805454/wehkamp_awareness_728x90/index.html?e=69&leftOffset=0&topOffset=0&c=5bt416dWWC&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 14:33:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 52
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28531
x-xss-protection: 0
last-modified: Tue, 19 Jan 2021 11:46:14 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 28 May 2021 14:48:23 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ Frame 9CA1 1 KB
2 KB 22ms
21ms Script
application/javascript 13.226.159.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-88.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 14:06:45 GMT
via: 1.1 0ee6aea018b9489b266252370f1e002e.cloudfront.net (CloudFront)
etag: "1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 1650
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: DUS51-C1
accept-ranges: bytes
content-length: 1469
x-amz-cf-id: RpXPn6D1lkcBqlPCmk-zYJ3I5kegGrVn2ZoSBm2BA25n9yZwh-rYIQ==

GET
H3-29 200 HZvw8QdJrJJXuJ48IXlV8VF-H8RHnxePCtakS6ABBeA.js Show response
pagead2.googlesyndication.com/bg/ Frame FF46 14 KB
6 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/HZvw8QdJrJJXuJ48IXlV8VF-H8RHnxePCtakS6ABBeA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d9bf0f10749ac9257b89e3c217955f1517e1fc4479f178f0ad6a44ba00105e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 02:11:56 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 17 May 2021 11:28:00 GMT
server: sffe
age: 303739
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5755
x-xss-protection: 0
expires: Wed, 25 May 2022 02:11:56 GMT

GET
H2 204 b
sb.scorecardresearch.com/ Frame 9CA1 0
337 B 30ms
26ms Image
text/plain 13.226.159.88
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=7&c2=14320224&c3=2797&cs_ucfr=1&ns__t=1622212455871&ns_c=UTF-8&ns_if=1&cv=3.5&c8=OB%20user%20sync&c7=https%3A%2F%2Fwidgets.outbrain.com%2FwidgetOBUserSync%2FobUserSync.html%23pid%3D2797%26dmpenabled%3Dfalse%26filterDMP%3D%26csenabled%3Dtrue%26d%3D%26obcnsnt%3Dfalse%26gdpr%3D1%26cmpNeeded%3Dfalse%26gdprVer%3Dnull%26ccpa%3D1---%26country%3DNL&c9=https%3A%2F%2Fwww.wtvm.com%2F
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.159.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-159-88.dus51.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 14:34:15 GMT
via: 1.1 0ee6aea018b9489b266252370f1e002e.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id: 4Zq2SZo1BDTPCvg1I2gY1_VozJiWf6mW9rR4CRePgOGHuNKtSh6bhw==
x-cache: Miss from cloudfront

GET
H3-29 200 spinning-circles.svg
s0.2mdn.net/ads/richmedia/studio/pv2/61694093/20210319071805454/wehkamp_awareness_728x90/ Frame 92B6 3 KB
497 B 8ms
7ms Image
image/svg+xml 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61694093/20210319071805454/wehkamp_awareness_728x90/spinning-circles.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61694093/20210319071805454/wehkamp_awareness_728x90/jsf.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

320bdb63f5150f35fa6b9f3de2f204ed2caea8d6207cdb82ebfafb1ee136f818

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61694093/20210319071805454/wehkamp_awareness_728x90/jsf.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 07:34:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 25178
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 471
x-xss-protection: 0
last-modified: Fri, 19 Mar 2021 14:18:05 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 29 May 2021 07:34:37 GMT

GET
H3-29 200 frame-728x90.svg
s0.2mdn.net/creatives/assets/4031071/ Frame 92B6 659 B
473 B 8ms
7ms Image
image/svg+xml 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4031071/frame-728x90.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61694093/20210319071805454/wehkamp_awareness_728x90/jsf.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1de052842cd3bd6352973d28124987d9065de8ebe436e9b33a34ec54eca75f7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61694093/20210319071805454/wehkamp_awareness_728x90/jsf.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 14:32:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 104
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 447
x-xss-protection: 0
last-modified: Tue, 09 Feb 2021 16:04:42 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 28 May 2021 14:47:31 GMT

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame C385 0
23 B 94ms
62ms Ping
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.wtvm.com
URL: https://www.wtvm.com/2018/12/13/auburn-woman-arrested-stealing-k-company-funds-automotive-supplier/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c41f507148625ac8a577bcbdcf54fd5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Fri, 28 May 2021 14:34:15 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 92B6 5 KB
4 KB 30ms
15ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_245&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_245.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2c88f03093347581287f6744bb3a8cd2e198dd2b9e5750b59a050ca0ee376fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 28 May 2021 14:34:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4086
x-xss-protection: 0

GET
H3-29 200 logo_icon.svg
s0.2mdn.net/ads/richmedia/studio/pv2/61694093/20210319071805454/wehkamp_awareness_728x90/ Frame 92B6 781 B
502 B 7ms
6ms Image
image/svg+xml 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61694093/20210319071805454/wehkamp_awareness_728x90/logo_icon.svg

Requested by

Host: c41f507148625ac8a577bcbdcf54fd5e.safeframe.googlesyndication.com
URL: https://c41f507148625ac8a577bcbdcf54fd5e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e0c3388dc0cd74ee5f6a9d11d96a489a7c653649400fee9f830d2cdc0bdb8d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61694093/20210319071805454/wehkamp_awareness_728x90/index.html?e=69&leftOffset=0&topOffset=0&c=5bt416dWWC&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 15:57:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 81411
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 476
x-xss-protection: 0
last-modified: Fri, 19 Mar 2021 14:18:05 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 28 May 2021 15:57:24 GMT

GET
H3-29 200 logo_wehkamp_h.svg
s0.2mdn.net/ads/richmedia/studio/pv2/61694093/20210319071805454/wehkamp_awareness_728x90/ Frame 92B6 2 KB
1 KB 13ms
11ms Image
image/svg+xml 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61694093/20210319071805454/wehkamp_awareness_728x90/logo_wehkamp_h.svg

Requested by

Host: c41f507148625ac8a577bcbdcf54fd5e.safeframe.googlesyndication.com
URL: https://c41f507148625ac8a577bcbdcf54fd5e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14f42df2a56cd1f92639da12fc4b40b3ac6b87d80537c853af58d5a80a0955be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61694093/20210319071805454/wehkamp_awareness_728x90/index.html?e=69&leftOffset=0&topOffset=0&c=5bt416dWWC&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 08:48:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20758
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1028
x-xss-protection: 0
last-modified: Fri, 19 Mar 2021 14:18:05 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 29 May 2021 08:48:17 GMT

GET
H3-29 200 1600x1600-cop-shoe-party-sport-wk40_1620464462100_1600x1600-cop-shoe-party-sport-wk40.jpeg
s0.2mdn.net/dynamic/2/10779688/images.wehkamp.nl/i/wehkamp/ Frame 92B6 237 KB
237 KB 11ms
10ms Image
image/jpeg 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10779688/images.wehkamp.nl/i/wehkamp/1600x1600-cop-shoe-party-sport-wk40_1620464462100_1600x1600-cop-shoe-party-sport-wk40.jpeg

Requested by

Host: c41f507148625ac8a577bcbdcf54fd5e.safeframe.googlesyndication.com
URL: https://c41f507148625ac8a577bcbdcf54fd5e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fdd6706650d8f026d77892b593cef31f66715acebdabef395d3fdcd1dfe6239b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61694093/20210319071805454/wehkamp_awareness_728x90/index.html?e=69&leftOffset=0&topOffset=0&c=5bt416dWWC&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 05:01:47 GMT
x-content-type-options: nosniff
last-modified: Sat, 08 May 2021 09:01:18 GMT
server: sffe
age: 293548
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 243074
x-xss-protection: 0
expires: Wed, 25 May 2022 05:01:47 GMT

GET
H3-29 200 400-400-display-leeg-png_1620442864860_400-400-display-leeg-png.png
s0.2mdn.net/dynamic/2/10779688/images.wehkamp.nl/raw/wehkamp/ Frame 92B6 2 KB
2 KB 14ms
12ms Image
image/png 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10779688/images.wehkamp.nl/raw/wehkamp/400-400-display-leeg-png_1620442864860_400-400-display-leeg-png.png

Requested by

Host: c41f507148625ac8a577bcbdcf54fd5e.safeframe.googlesyndication.com
URL: https://c41f507148625ac8a577bcbdcf54fd5e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

372a48f55cbbf0d9a2d1722a19e66960beff605158a3d22e959628e40831ec44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61694093/20210319071805454/wehkamp_awareness_728x90/index.html?e=69&leftOffset=0&topOffset=0&c=5bt416dWWC&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 22 May 2021 05:02:01 GMT
x-content-type-options: nosniff
last-modified: Sat, 08 May 2021 03:01:08 GMT
server: sffe
age: 552734
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2063
x-xss-protection: 0
expires: Sun, 22 May 2022 05:02:01 GMT

GET
H3-29 200 Gibson-Regular.woff2
s0.2mdn.net/creatives/assets/4018236/ Frame 92B6 10 KB
10 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4018236/Gibson-Regular.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61694093/20210319071805454/wehkamp_awareness_728x90/jsf.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

314620316b791996fa0238a4ec9ec6fdfe87e76f66e7023b8057b713521be828

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://s0.2mdn.net
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61694093/20210319071805454/wehkamp_awareness_728x90/jsf.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 14:20:36 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Jan 2021 14:42:40 GMT
server: sffe
age: 819
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10016
x-xss-protection: 0
expires: Fri, 28 May 2021 14:35:36 GMT

GET
H3-29 200 Gibson-Light.woff2
s0.2mdn.net/creatives/assets/4018236/ Frame 92B6 9 KB
9 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4018236/Gibson-Light.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61694093/20210319071805454/wehkamp_awareness_728x90/jsf.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8505830998b8fd36576fabb9edcad89de5a2d1fd091676d8683764290995867

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://s0.2mdn.net
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61694093/20210319071805454/wehkamp_awareness_728x90/jsf.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 14:20:41 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Jan 2021 14:42:44 GMT
server: sffe
age: 814
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9640
x-xss-protection: 0
expires: Fri, 28 May 2021 14:35:41 GMT

GET
H3-29 200 Gibson-SemiBold.woff2
s0.2mdn.net/creatives/assets/4018236/ Frame 92B6 10 KB
10 KB 11ms
10ms Font
font/woff2 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4018236/Gibson-SemiBold.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61694093/20210319071805454/wehkamp_awareness_728x90/jsf.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2b1d246693b8d76f17449020ead36b1488af1d16a198e8f0044a0ee0a5b290a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://s0.2mdn.net
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61694093/20210319071805454/wehkamp_awareness_728x90/jsf.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 14:20:41 GMT
x-content-type-options: nosniff
last-modified: Tue, 12 Jan 2021 14:42:36 GMT
server: sffe
age: 814
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10044
x-xss-protection: 0
expires: Fri, 28 May 2021 14:35:41 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 92B6 17 KB
6 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_245.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 14:34:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Fri, 28 May 2021 14:34:15 GMT

GET
H3-29 200 HZvw8QdJrJJXuJ48IXlV8VF-H8RHnxePCtakS6ABBeA.js Show response
pagead2.googlesyndication.com/bg/ Frame 075E 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/HZvw8QdJrJJXuJ48IXlV8VF-H8RHnxePCtakS6ABBeA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d9bf0f10749ac9257b89e3c217955f1517e1fc4479f178f0ad6a44ba00105e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 02:11:56 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 17 May 2021 11:28:00 GMT
server: sffe
age: 303740
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5755
x-xss-protection: 0
expires: Wed, 25 May 2022 02:11:56 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FF46 0
20 B 41ms
41ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BjbgZZ_-wYJeyJ_CN7_UP4LawqAEAAAAAOAHgBAI&bg=!NjWlNXHNAAaMan2LjGo7ACkAdvg8WliKnd7tNJYRYX7DrNFb7Y5tPyJbMAhWAVZbPUGZfJd4vCQwXwIAAACJUgAAABNoAQcKAA0eGMD1SWPexlB2r5x5mQKRKlyNs8EoT1FxStFdDaSn47goO1ft-kOCjSsllnY6gacpqI4CvMvzDaM6CFNAuXg2-eMtNkx8QGl_E9jMwpXIJwwtlZ-pZ82JYg46X2HNpefeGlZAwws5p3xb-HAHJT7mqp745l8khZeCQWrhRilBWGUarpUXzKDL5kzElDM1kgFeibwgpRMoD93sxU-gfforCk6JzdsNI4UUzUzHxZ80JMVlVW_jPKI-TTy4WYvC9d2ffBB7Y1YpE-0duhJkn_QTO-lAGRiFTETdzbyn6PUeSHzlP1k53u-6nOrx2kjrwIBIYi-_5kAkiUD2CyaPKc3dSUPPoK18T0t5_dhXIBUY9dd7GfreK9TKrhtL-OL-tDouEN3RoREkYNP2-nUulUkH9CdgtJKSv934Zjhn1hDt_2JNZ6CTRMAbAd4WQ8bhSDhWqKoV4g_gpAhe3fz7xnOhcE54He0uYFkeda6cKkAyGwN9hYQC3VeewxuyM_VG6w06_kAKTVAHQCK703L4vMSuA6QQqbAgjjhqtdyHGci1cHLcTtSB_7Q3PngruiktCilihOcaur4PoO3zDGf3FArhgEDoiRKmrl_W7T88je96-Q1cYqC-gKvp8_j0xrEnkb4gPu3yUPtfYYqUKv5bZrM5jFr1jUhj85xRjJVUG533z6uENbkWy7WsrBnEisRhLeIfufv3QJpaverAdLsUpED3AkTEpt01_tO4atJirgkUCnHW5RdBMCqxGoKGg1eq4c-QqiDi7kWKcjQz1tg-ocupS6RsLvPQ-EmXRHoqTHf4xGhDnQTv69KmMDhUUkg4ZBW0C3WhMEqNSVy_tbS6m4TByTp1PTdxgVSEO8sMc38YqwgF31ZdGJkVBC8v8I89RHVT

Requested by

Host: www.wtvm.com
URL: https://www.wtvm.com/2018/12/13/auburn-woman-arrested-stealing-k-company-funds-automotive-supplier/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 May 2021 14:34:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK l Show response
mcdp-chidc2.outbrain.com/ 2 B
292 B 209ms
128ms Fetch
text/plain 64.74.236.191
INTERNAP-BLK5

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-chidc2.outbrain.com/l?token=c8745e99486218a03d354ae9c069d977_2797_1622212456017&tm=1432&eT=0&widgetWidth=770&widgetHeight=343&widgetX=230&widgetY=2100&wRV=2000361&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.74.236.191 , United States, ASN19024 (INTERNAP-BLK5, US),
Reverse DNS: chi.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.wtvm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Fri, 28 May 2021 14:34:16 GMT
content-encoding: gzip
X-TraceId: 792f4bc281779a0cd188cfab3966566b
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H3-29 200 container.html Show response
c41f507148625ac8a577bcbdcf54fd5e.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8B66 6 KB
3 KB 6ms
6ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c41f507148625ac8a577bcbdcf54fd5e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js?31061298

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: c41f507148625ac8a577bcbdcf54fd5e.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.wtvm.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.wtvm.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Fri, 28 May 2021 14:34:14 GMT
expires: Sat, 28 May 2022 14:34:14 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 2
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 reel.js Show response
widgets.outbrain.com/nanoWidget/2000361/module/ 23 KB
8 KB 35ms
35ms Script
application/x-javascript 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/2000361/module/reel.js?e=1
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6a231b77de4f6ee3cecdf94a01808ad89e50dbc02f8b332ba68a9352c217f057

Request headers

Referer: https://www.wtvm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 14:34:16 GMT
content-encoding: gzip
last-modified: Wed, 26 May 2021 12:53:20 GMT
server: AkamaiNetStorage
etag: "d69e9ccce9c9c15b8f79cf78733dc74c:1622034770.867807"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=345600
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 7405

GET
H/1.1 200
OK l Show response
mcdp-chidc2.outbrain.com/ 2 B
291 B 127ms
126ms Fetch
text/plain 64.74.236.191
INTERNAP-BLK5

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-chidc2.outbrain.com/l?token=d4756a962cec377ab31e5eff74575f62_2797_1622212456138&tm=1790&eT=0&widgetWidth=770&widgetHeight=217&widgetX=230&widgetY=2051&wRV=2000361&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.74.236.191 , United States, ASN19024 (INTERNAP-BLK5, US),
Reverse DNS: chi.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.wtvm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Fri, 28 May 2021 14:34:16 GMT
content-encoding: gzip
X-TraceId: 280b81c6558e1f460a3e8cf3f8e6203
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H/1.1 200
OK l Show response
mcdp-chidc2.outbrain.com/ 2 B
292 B 134ms
125ms Fetch
text/plain 64.74.236.191
INTERNAP-BLK5

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-chidc2.outbrain.com/l?token=02e191be9c927d005172a4e307a3d05f_2797_1622212456182&tm=1795&eT=0&widgetWidth=770&widgetHeight=329&widgetX=230&widgetY=2288&wRV=2000361&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.74.236.191 , United States, ASN19024 (INTERNAP-BLK5, US),
Reverse DNS: chi.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.wtvm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Fri, 28 May 2021 14:34:16 GMT
content-encoding: gzip
X-TraceId: 70a973f0e143511b1feded83ab43ead0
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H/1.1 200
OK l Show response
mcdp-chidc2.outbrain.com/ 2 B
292 B 251ms
125ms Fetch
text/plain 64.74.236.191
INTERNAP-BLK5

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-chidc2.outbrain.com/l?token=6ecc7840538bc60e7a4709b8e9083f93_2797_1622212456414&tm=1796&eT=0&widgetWidth=770&widgetHeight=373&widgetX=230&widgetY=2637&wRV=2000361&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.74.236.191 , United States, ASN19024 (INTERNAP-BLK5, US),
Reverse DNS: chi.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.wtvm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Fri, 28 May 2021 14:34:16 GMT
content-encoding: gzip
X-TraceId: fa54aab0963b59003bc27f870caff325
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H2 200 eyJpdSI6IjZmYzczMTBhNTI5NmEwYjgzNmUzYmY5YTQxNzVkOWFhMDg0YTM3YTc1ODkzMzQxMDJlMTFhYTVkMTFhZjZkNTIiLCJ3IjoxMDQsImgiOjQwLCJkIjoyLjAsImNzIjowLCJmIjoyfQ.png
images.outbrainimg.com/transform/v3/ 6 KB
6 KB 35ms
35ms Image
image/png 104.108.145.205
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjZmYzczMTBhNTI5NmEwYjgzNmUzYmY5YTQxNzVkOWFhMDg0YTM3YTc1ODkzMzQxMDJlMTFhYTVkMTFhZjZkNTIiLCJ3IjoxMDQsImgiOjQwLCJkIjoyLjAsImNzIjowLCJmIjoyfQ.png
Requested by: Host: www.wtvm.com
URL: https://www.wtvm.com/2018/12/13/auburn-woman-arrested-stealing-k-company-funds-automotive-supplier/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.205 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-205.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 60e7fd647364f2ca14c4a7aa17f31c5801c4b5479aefb31ddd85d321f3d2eff5

Request headers

Referer: https://www.wtvm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 14:34:16 GMT
cache-control: max-age=1623620
last-modified: Thu, 18 Feb 2021 15:01:21 GMT
x-traceid: d34fa2ac44264f5e36ed9351a951c5c8
timing-allow-origin: *
content-length: 6039
content-type: image/png

GET
H2 200 eyJpdSI6IjVlOGMzMmQ3YzA3NTczMDYyNzhjMzNiYzhlZjQzY2U3YWI5MDNiMTc0NzA0MmRiNjcwNTQxZjliNmQ4ZWIzNjgiLCJ3Ijo0MDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 30 KB
30 KB 54ms
53ms Image
image/webp 104.108.145.205
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjVlOGMzMmQ3YzA3NTczMDYyNzhjMzNiYzhlZjQzY2U3YWI5MDNiMTc0NzA0MmRiNjcwNTQxZjliNmQ4ZWIzNjgiLCJ3Ijo0MDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.wtvm.com
URL: https://www.wtvm.com/2018/12/13/auburn-woman-arrested-stealing-k-company-funds-automotive-supplier/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.205 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-205.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: b8a18bd2bfc6be8f0556c1f7ea24f82b3539b6143ef9750b6f25123d5ad49d6c

Request headers

Referer: https://www.wtvm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 14:34:16 GMT
cache-control: max-age=1791120
last-modified: Sun, 09 May 2021 22:01:13 GMT
x-traceid: bb9a199fc529cfeb240a1e0d895bde58
timing-allow-origin: *
content-length: 30512
content-type: image/webp

GET
H2 200 eyJpdSI6ImYzY2M3YWRhZjE5N2YwY2VjNWFhOTdmNmI2NzdkZjk3ZDkwMWY2MjZiZjIyODg1ZTllOTg5MjkxNmJjZjhiOWYiLCJ3Ijo0MDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 19 KB
19 KB 271ms
270ms Image
image/webp 104.108.145.205
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImYzY2M3YWRhZjE5N2YwY2VjNWFhOTdmNmI2NzdkZjk3ZDkwMWY2MjZiZjIyODg1ZTllOTg5MjkxNmJjZjhiOWYiLCJ3Ijo0MDAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.wtvm.com
URL: https://www.wtvm.com/2018/12/13/auburn-woman-arrested-stealing-k-company-funds-automotive-supplier/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.205 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-205.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ced75f1bc716bded686ead0df9e3c776ddf53e8eafc9d14c9dc114187533fa46

Request headers

Referer: https://www.wtvm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 14:34:16 GMT
cache-control: max-age=2462400
last-modified: Mon, 10 May 2021 12:05:40 GMT
x-traceid: ac819bfef0ff9c2ad80b42b0625ca1f0
timing-allow-origin: *
content-length: 19722
content-type: image/webp

GET
H2 200 eyJpdSI6ImI3M2EzMjY3ZGI2ZmM1NDhhOGY5OTQ3ODI2ODRjY2M4NDBjYTdjYjNiODRjZGM2YWVlMDNkMmNiOTcyOGY5NDgiLCJ3IjozMDQsImgiOjIyMCwiZCI6Mi4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 32 KB
32 KB 938ms
937ms Image
image/webp 104.108.145.205
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImI3M2EzMjY3ZGI2ZmM1NDhhOGY5OTQ3ODI2ODRjY2M4NDBjYTdjYjNiODRjZGM2YWVlMDNkMmNiOTcyOGY5NDgiLCJ3IjozMDQsImgiOjIyMCwiZCI6Mi4wLCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.wtvm.com
URL: https://www.wtvm.com/2018/12/13/auburn-woman-arrested-stealing-k-company-funds-automotive-supplier/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.205 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-205.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 3549909fb4e215a19588709dc44df4a30cd3793e3055de3079d8e9453f19cc30

Request headers

Referer: https://www.wtvm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 14:34:17 GMT
cache-control: max-age=2462374
last-modified: Fri, 28 May 2021 05:16:54 GMT
x-traceid: 5c80100ef03863ac80ccf55ed7a7ce70
timing-allow-origin: *
content-length: 32860
content-type: image/webp

GET
H2 200 eyJpdSI6ImNhYzJjNmFiY2VkZjMxYjcwODJmOWM2MzEzNzBjMDU2Yjk1OTk0YTIwM2NlMjlkZTRlMTIxMjVjY2YyMTVkYjkiLCJ3IjozMDQsImgiOjIyMCwiZCI6Mi4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 70 KB
70 KB 58ms
57ms Image
image/webp 104.108.145.205
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImNhYzJjNmFiY2VkZjMxYjcwODJmOWM2MzEzNzBjMDU2Yjk1OTk0YTIwM2NlMjlkZTRlMTIxMjVjY2YyMTVkYjkiLCJ3IjozMDQsImgiOjIyMCwiZCI6Mi4wLCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.wtvm.com
URL: https://www.wtvm.com/2018/12/13/auburn-woman-arrested-stealing-k-company-funds-automotive-supplier/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.205 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-205.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ebf8f0ef4d0e174238a2782c450d8b5f75b14882fc4f3becc481fa1d1b5683ac

Request headers

Referer: https://www.wtvm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 14:34:16 GMT
cache-control: max-age=569707
last-modified: Thu, 29 Apr 2021 19:20:12 GMT
x-traceid: 5398ca79e7a8fb3337445ba4004b942a
timing-allow-origin: *
content-length: 71458
content-type: image/webp

GET
H2 200 eyJpdSI6IjEyMmQ3OWM1ZDcyNmE5MjI3ZjcyOTg2MWUyMzE2MDUwNmI4NmE5YjBlMmFkNTI1MjZlNzE2ODEzMTNmNzY4NjMiLCJ3IjozMDQsImgiOjIyMCwiZCI6Mi4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 35 KB
36 KB 55ms
55ms Image
image/webp 104.108.145.205
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjEyMmQ3OWM1ZDcyNmE5MjI3ZjcyOTg2MWUyMzE2MDUwNmI4NmE5YjBlMmFkNTI1MjZlNzE2ODEzMTNmNzY4NjMiLCJ3IjozMDQsImgiOjIyMCwiZCI6Mi4wLCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.wtvm.com
URL: https://www.wtvm.com/2018/12/13/auburn-woman-arrested-stealing-k-company-funds-automotive-supplier/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.205 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-205.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: b7da331bb0ab262e42463d99c097422a6ddf8657d52b65be7388c75325ccf0b3

Request headers

Referer: https://www.wtvm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 14:34:16 GMT
cache-control: max-age=1894794
last-modified: Wed, 12 May 2021 18:35:44 GMT
x-traceid: 4f09c9e24d49e706fc8ef7a986879f88
timing-allow-origin: *
content-length: 36298
content-type: image/webp

GET
H2 200 eyJpdSI6ImM0NDU1NWUyNDM2OWY4YzRmYTNjOWU3NzU3MTdmMWJiNGI4NDVkZTZhZWZkYzMzZTYzMzgxN2YzZjM1YWE2OTgiLCJ3IjozMDQsImgiOjIyMCwiZCI6Mi4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 39 KB
39 KB 343ms
343ms Image
image/webp 104.108.145.205
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImM0NDU1NWUyNDM2OWY4YzRmYTNjOWU3NzU3MTdmMWJiNGI4NDVkZTZhZWZkYzMzZTYzMzgxN2YzZjM1YWE2OTgiLCJ3IjozMDQsImgiOjIyMCwiZCI6Mi4wLCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.wtvm.com
URL: https://www.wtvm.com/2018/12/13/auburn-woman-arrested-stealing-k-company-funds-automotive-supplier/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.205 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-205.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: ba13eb14297334dae6e28a46ae0fe17da097566413af810fdd449963125dc3df

Request headers

Referer: https://www.wtvm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 14:34:16 GMT
cache-control: max-age=2462369
last-modified: Fri, 14 May 2021 11:09:36 GMT
x-traceid: aef8eb7678c24a691213aeab2ac8e5bc
timing-allow-origin: *
content-length: 39876
content-type: image/webp

GET
H3-29 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 6C54 640 B
318 B 27ms
24ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPOW9wIQ7ubZ-gEY0aOzqwEwAQ&v=APEucNWSuRIiBynJ01XCGxx4hh74akmqEb-aQblxV4oMnYZ6Ual4tAOuPMfWFNEwy8x8YiLFhWi36wSib9f1ndzxtIGQsfGIpKIgasEXUsK9WFWqg8ADszY9QMR0-Txt25TPiEIBSPly0rs6f5Qz08ozHtlpmZKJ3mIke3-wyBwTBG7FUGC_wBo

Requested by

Host: c41f507148625ac8a577bcbdcf54fd5e.safeframe.googlesyndication.com
URL: https://c41f507148625ac8a577bcbdcf54fd5e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CPOW9wIQ7ubZ-gEY0aOzqwEwAQ&v=APEucNWSuRIiBynJ01XCGxx4hh74akmqEb-aQblxV4oMnYZ6Ual4tAOuPMfWFNEwy8x8YiLFhWi36wSib9f1ndzxtIGQsfGIpKIgasEXUsK9WFWqg8ADszY9QMR0-Txt25TPiEIBSPly0rs6f5Qz08ozHtlpmZKJ3mIke3-wyBwTBG7FUGC_wBo
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://c41f507148625ac8a577bcbdcf54fd5e.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkizIDX9A8n7pIGW8uuDU0oiVAkMaLv5QeCvLkY8w_aAv_Do5KM6M5isqbu; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://c41f507148625ac8a577bcbdcf54fd5e.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 28 May 2021 14:34:16 GMT
server: cafe
cache-control: private
content-length: 295
x-xss-protection: 0
set-cookie: test_cookie=; domain=.doubleclick.net; path=/; expires=Fri, 01-Aug-2008 22:45:55 GMT; SameSite=none; Secure
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 28 May 2021 14:34:16 GMT

GET
H3-29 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 8B66 59 KB
24 KB 49ms
46ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BuDatnIFb51K3BxJAYJtJeE19mXUHLGMe9KYa6KYWQLj9JKDv0mKvYBlAZ-eWSbn2b8T_2KOpW-93dZKlIp3Ve46d9x6rjEQSB3W55ZJprsCJjlHp7fl2zIqiOrPyvOHfV0nYMmyAFDREUqYkZ_7Ps7r2jOQ&dbm_d=AKAmf-DoP7na-tdfepu7EYuabfHksp7fcryLxUe2O3_HxPxmf_gRDlUZJIg8QfoH9E2PCjRKlK525CZrlTTqHXC6PLG4v0RLR1R250MK_uP1YBlvqeeLecrDVwSXtJTbfSuX2IOhyWeYYWdCmgxfY3rbcxYeADqpY7vFiTB71yZOHmSIYNpPchpp714Dz5K7TP_lbKdrrSfOZI6bO9Jx30yXkKEzS-hpooqaPKhoG70hpDLI86gNgnaRA6GgoTfnz-BAIL4Bhs622U4ZgnAgOqfpgigt00bT9MVedhAX360F6w0PCAqtJ1gcWaLVZTh9_I1V9NIK7fMWA01XNAIvCIxCjSOtdVXV3awNmW8cr1oGCe6_qBWSbmK0ET7wLsPcp6pWhAcOREXEQ6jB1xNCsMKXfnms3WLxd2T6LZpe_l_DjaPzFUzYV9zrXRDA_IyNw3mqXrU3igUqpIVDAYbqYFQi95YjPq1NBz5_FvuDRAOVDCypBUjztdwXkD3P5qGafneMj3wSDDhAbH4VSJupyRjN22DS0bcYMbc4BxczisBZ9uTftVcPhnpNmksr4c--FS3YDTMpvodQRuDUfTciz9s5yyHDWrYD4JIOuuauPfHwLMJQ8ZpWiLtfC0wa6sy9JRBrVWhziV1b_sl_MDeEiYn1aVQYeiBTpi1TJam2PSWUEIan_8UGUBkmKZqgRjG-9TpWWc1041aGaFXhXkqfz3OddQcLa4eTvJKPSM-rl03VPhFzefVGCq1Qcw-KMiYAUZTSaipBDPeK9h09CUwuaZQd9Yhj-CUVu8eciDkSdwaA8V4yz7Abnpb2mvM2mI8PaxMCTD08Cp7DiUt0veSc7IDnpRM4ALo8KcPxDH9xnYMfL-Br35VCFyk63o9g8tKQjWsQLp88lQk-Rfd4FQ_m9uYUXlYyJf07B4WvaJ_X81aqD--ktV6iB5_V3EKOneKpYbg-GaMBtfOQbf6lfwSspHk-CyWLRXB1iu7iqQo1XXTo7xApZt7jrfjvy-Kr9jsIz8_0i0h0OyRgiS5m3Z-2BRaCpUXNEtQQ0Ww2P7bg_7m3iP5WVFdPQuI2cvcnrYJcT6CyPR20w9jbq5pjWGsuvfc4ahzyfWKkvcuitjc2WbVnx7dk5EChqy5bc_nbczRwBywNuPxdciJ3myvLEW5D_wgokMXeiDzSDK94W_APHsPoF6rumbUlrbV1FlngeeCG1nY6xR0QBAl3jAMI6jgKzfomJBJibLVy7ti2G5YB71Dv5rcg3wk2gsAEsYXqn1hSRMBkkHLAVL1MxgaiK3n3a-IVjqpgR91jsP_uJcRSCSI2oCCCasuirw76PwRsm84W2KuNCv9J7chjdrB4k6qJ4frUOaDuTvnEdNh5S4alKykqHXITWV9b2_SvppDdbTCeH5P9mh7hG7aWcKrM-FYm1rI8dYyCZyJoOgN_M355njqNfggiqoJptMeuKB1EmTOlifyVtRKezA7pecaUcUJVsRK7U2LA8oHql5_CDhmuOUSFwvMJlYtYNMHodqNFpER7G5KKPTLthIQYktqCZhCJYo2elepL8ZZagUr82A2mvCmBaJoCiFC1K7M68mK08Qt1qbkD9Lo6BVLTWZ6S1d0urBu2AygqtenJNacyoFSfjs8VIbq2NtPSI7WkGplQxwmjZ5fi9-58y07yhOwMLCKqXy-Dy2qgm9-bi2-YQf-pr7AKK4rBhWhh__5IFiopNhDwmayYHPSb6vrmLcyVmZyjhpVI-xrUCO0I9rvJnIjr3Ac0P0U7pWHKDkWWo0w8QAijoL1QDyZLF-tujOKBMzdmGET741_GYSPyndtBwFEmpLSSTFOi_MoSPQST7bUc3QuZdEhFBbkYvx119Gs3F26SYEx-u4xfGKvkyRyL0UxOPaJ_4wppe6SX0fhuDVxXkrMrcFHs0-Dw4hYCmozvQ26Wgl9FQpLADzzLPO8KSfm8wO5dpA62tv7C7EKL8ooZfZo0GcS_UGQLjBMw7TtRJ6W6nLpygdTbaQCXdmgA-3tSSQVQhDBtngK4Ovy_lEkiNixfDl0YILbDEoLTyd2cfKvgZBOdrRqHr-Tvv9dWSNGkfH0SpGsfuHF9Tt9_RxB2dMDJqGNlsxL3wb-2hSLz5PVECoXxbdAQmskoodzXuJw5GhDpz4i1sQCs6E6zeogjcm4GZi1n6mWCTfbFFFuytwWiGdj4bbUyqOhU-iDX-dKbSQlqCrCbRpu4OsVPM7yTtJ4aZ5qKxRkTTLg3VDHSLKx-f_l2x5PF645q3VETFD2xSRjM_IEs1LUSaFCicirHRUviUqNWvvTTklBL9NP0OcfuDte7DMBPFnYmY40nxqsshItaqoM2dp0LcLUlWDaGsRTzr595hC-FKeca9SLkQE9iqnc_q5DJ4M77oauZHOVoICGtuNCwWvlnEqoKdRDxA3r5-asUdszbKOONs6fNTGgwhUpSOu5yCixZnEmgrFu9svdC6dMLHSWxU9q_3tDh38zd1yqcNnCv9YwiqGXIGrAcSz0KczONw794_-K0hxATJvXKXb-xPU-uliZhSB0xjWXi4OvjFpe5CjPwvp0XS5Qb7d_sFYMUkG6MtmyZACNlwNQRYMY_mgOK9pzhauWOLq5L8xlZz0WO90xBoocj2Q9WCCnh2JsBrYN3ji0F9HC_xtuZ2hB7LfQsM-haBuROAQAvtb5MXsyKJ9UEveyRkV-_CguX90WJSpIxsAT5z8mdIq2MeZNATGqG2FvUXYHkBWUgLkCHZz1Kn5aQ6dFRvz9CJ_LmObHGe9NhJMsgRwiaN7Wlb7y9HKM4AudCaNDcTy7De4UX2s2m2Xh_u82Jk9bfgQHfygwuwaXxL8smW_pET0a9xtz5ovjlOHtBuqiegzGH61P3ujDIeUSjlQnneUl66szKLc4oREj1WltSIJzgL1eYuTMCkpW1J7CWZvN7gGkjJxS0dFJ0F5cQ_kbalpgmoLG4yICXtg7l2RACmLD0yYV-wwcWbC06PR_yVa5ySDnpBpmSh6tb4IEvyHDJZHSnH0dgunUblL_Lk5RAnvBueI1hUt463skPOdSzFaHkKA9J3OR1hOHK7uPxz_sBVG6qw7O7Qb42WYO-X6LqeMotfeq-fOhFnSvKJKkyvl0wBnDNzPgeWXZS0CCfypgL2iAmRpTv6JKHrN5kKH216tJOn58y5QaBbx5XWvuvhfz-a4hQb8IbRsGvUf7j&cid=CAASFeRoQOIcKrcuq_9sP1dKpOUxS5cjnA&rfl=1%2Chttps%253A%252F%252Fwww.wtvm.com%252F%240

Requested by

Host: www.wtvm.com
URL: https://www.wtvm.com/2018/12/13/auburn-woman-arrested-stealing-k-company-funds-automotive-supplier/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3880e893ca312795ce92d215f94d19786485c81eb515adfd1abd7d03e49be91c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c41f507148625ac8a577bcbdcf54fd5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 May 2021 14:34:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24112
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8B66 42 B
63 B 39ms
38ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C1S4rODx4in0ErP_d2y1aFln9tK7fWX7Y4Dy0NHGJxHeGOjN04JGkPa1ok7gj-mb6N_0uGX2V_HAJrSpnCO0piXxBg4tfQBMr2woq_nguDTmOCNYQ

Requested by

Host: c41f507148625ac8a577bcbdcf54fd5e.safeframe.googlesyndication.com
URL: https://c41f507148625ac8a577bcbdcf54fd5e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c41f507148625ac8a577bcbdcf54fd5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 May 2021 14:34:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/ Frame 8B66 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/window_focus_fy2019.js

Requested by

Host: c41f507148625ac8a577bcbdcf54fd5e.safeframe.googlesyndication.com
URL: https://c41f507148625ac8a577bcbdcf54fd5e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c41f507148625ac8a577bcbdcf54fd5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 14:28:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 374
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Jun 2021 14:28:02 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8B66 121 KB
37 KB 17ms
15ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: c41f507148625ac8a577bcbdcf54fd5e.safeframe.googlesyndication.com
URL: https://c41f507148625ac8a577bcbdcf54fd5e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e45ca14bc59eff23fa77a56b5a047910b4bb21832fb69ef9308c3e16caabbe4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c41f507148625ac8a577bcbdcf54fd5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 14:34:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622028738751036"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37763
x-xss-protection: 0
expires: Fri, 28 May 2021 14:34:16 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/ Frame 8B66 13 KB
6 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210524/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: c41f507148625ac8a577bcbdcf54fd5e.safeframe.googlesyndication.com
URL: https://c41f507148625ac8a577bcbdcf54fd5e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

684722f2ec67f3a1b4aad3b445dd37b60d048d66701dfff1f5c40b3bad4fae8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c41f507148625ac8a577bcbdcf54fd5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 14:34:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5635
x-xss-protection: 0
server: cafe
etag: 1319581658596578636
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Jun 2021 14:34:11 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 8B66 0
0 16ms
14ms Image
text/html 2a00:1450:4001:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ_6SR2ypYaidb-0eNb-QbWzZLCfBK8gCU-BwwAx1LZ-wXSiUYPTrX-eudjM_dYtaZG7LA0kzn83ouBXzs1mZ22ypY-2w
Requested by: Host: c41f507148625ac8a577bcbdcf54fd5e.safeframe.googlesyndication.com
URL: https://c41f507148625ac8a577bcbdcf54fd5e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:809::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://c41f507148625ac8a577bcbdcf54fd5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 6C54
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOL2HcStUwVswgqsj5OVHJU&google_cver=1
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEOL2HcStUwVswgqsj5OVHJU&google_cver=1

43 B
172 B

27ms
27ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEOL2HcStUwVswgqsj5OVHJU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPOW9wIQ7ubZ-gEY0aOzqwEwAQ&v=APEucNWSuRIiBynJ01XCGxx4hh74akmqEb-aQblxV4oMnYZ6Ual4tAOuPMfWFNEwy8x8YiLFhWi36wSib9f1ndzxtIGQsfGIpKIgasEXUsK9WFWqg8ADszY9QMR0-Txt25TPiEIBSPly0rs6f5Qz08ozHtlpmZKJ3mIke3-wyBwTBG7FUGC_wBo
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.207.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 May 2021 14:34:16 GMT
via: 1.1 google
server: OXGW/16.207.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEOL2HcStUwVswgqsj5OVHJU&google_cver=1
date: Fri, 28 May 2021 14:34:16 GMT
via: 1.1 google
server: OXGW/16.207.0
alt-svc: clear
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 6C54
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NjhmYmIyM2UtNGZkYy0yOWNkLWY2YTYtMGU5MjgwMmQxMzdh

170 B
188 B

35ms
34ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NjhmYmIyM2UtNGZkYy0yOWNkLWY2YTYtMGU5MjgwMmQxMzdh

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPOW9wIQ7ubZ-gEY0aOzqwEwAQ&v=APEucNWSuRIiBynJ01XCGxx4hh74akmqEb-aQblxV4oMnYZ6Ual4tAOuPMfWFNEwy8x8YiLFhWi36wSib9f1ndzxtIGQsfGIpKIgasEXUsK9WFWqg8ADszY9QMR0-Txt25TPiEIBSPly0rs6f5Qz08ozHtlpmZKJ3mIke3-wyBwTBG7FUGC_wBo

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 May 2021 14:34:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 28 May 2021 14:34:16 GMT
content-encoding: gzip
server: OXGW/16.207.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NjhmYmIyM2UtNGZkYy0yOWNkLWY2YTYtMGU5MjgwMmQxMzdh
content-type: image/gif
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H2

200

um
sync.teads.tv/ Frame 6C54
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEMq_i4rBQW19kcTQm9l4AuY&google_cver=1

23 B
172 B

65ms
58ms

Image
image/gif

104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEMq_i4rBQW19kcTQm9l4AuY&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPOW9wIQ7ubZ-gEY0aOzqwEwAQ&v=APEucNWSuRIiBynJ01XCGxx4hh74akmqEb-aQblxV4oMnYZ6Ual4tAOuPMfWFNEwy8x8YiLFhWi36wSib9f1ndzxtIGQsfGIpKIgasEXUsK9WFWqg8ADszY9QMR0-Txt25TPiEIBSPly0rs6f5Qz08ozHtlpmZKJ3mIke3-wyBwTBG7FUGC_wBo
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.3 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 May 2021 14:34:16 GMT
cache-control: max-age=0, no-cache, no-store
expires: Fri, 28 May 2021 14:34:16 GMT
server: akka-http/10.2.3
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 28 May 2021 14:34:16 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.teads.tv/um?eid=3&uid=CAESEMq_i4rBQW19kcTQm9l4AuY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 6C54
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=MjdlMjE1ZDQ2OTZiYmM4NjJhNzM1MjQyNmYwNjE0MWFhNjhlZjgzNg==

170 B
188 B

35ms
34ms

Image
image/png

142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=MjdlMjE1ZDQ2OTZiYmM4NjJhNzM1MjQyNmYwNjE0MWFhNjhlZjgzNg==

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 May 2021 14:34:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 28 May 2021 14:34:16 GMT
server: akka-http/10.2.3
content-type: text/html; charset=UTF-8
location: https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=MjdlMjE1ZDQ2OTZiYmM4NjJhNzM1MjQyNmYwNjE0MWFhNjhlZjgzNg==
cache-control: max-age=0, no-cache, no-store
content-length: 197
expires: Fri, 28 May 2021 14:34:16 GMT

GET
H3-29 200 html_inpage_rendering_lib_200_271.js Show response
s0.2mdn.net/879366/ Frame 8B66 176 KB
61 KB 21ms
7ms Script
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_271.js

Requested by

Host: www.wtvm.com
URL: https://www.wtvm.com/2018/12/13/auburn-woman-arrested-stealing-k-company-funds-automotive-supplier/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2f126a8957c32db99e94d1bf7c9ed09fcd38ba99bd632ebd048f01f9c5f9c9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://c41f507148625ac8a577bcbdcf54fd5e.safeframe.googlesyndication.com
Referer: https://c41f507148625ac8a577bcbdcf54fd5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 27 May 2021 15:46:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 82091
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 62241
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 18:02:47 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 28 May 2021 15:46:05 GMT

GET
H3-29 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210524/r20110914/elements/html/ Frame 8B66 8 KB
3 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210524/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BuDatnIFb51K3BxJAYJtJeE19mXUHLGMe9KYa6KYWQLj9JKDv0mKvYBlAZ-eWSbn2b8T_2KOpW-93dZKlIp3Ve46d9x6rjEQSB3W55ZJprsCJjlHp7fl2zIqiOrPyvOHfV0nYMmyAFDREUqYkZ_7Ps7r2jOQ&dbm_d=AKAmf-DoP7na-tdfepu7EYuabfHksp7fcryLxUe2O3_HxPxmf_gRDlUZJIg8QfoH9E2PCjRKlK525CZrlTTqHXC6PLG4v0RLR1R250MK_uP1YBlvqeeLecrDVwSXtJTbfSuX2IOhyWeYYWdCmgxfY3rbcxYeADqpY7vFiTB71yZOHmSIYNpPchpp714Dz5K7TP_lbKdrrSfOZI6bO9Jx30yXkKEzS-hpooqaPKhoG70hpDLI86gNgnaRA6GgoTfnz-BAIL4Bhs622U4ZgnAgOqfpgigt00bT9MVedhAX360F6w0PCAqtJ1gcWaLVZTh9_I1V9NIK7fMWA01XNAIvCIxCjSOtdVXV3awNmW8cr1oGCe6_qBWSbmK0ET7wLsPcp6pWhAcOREXEQ6jB1xNCsMKXfnms3WLxd2T6LZpe_l_DjaPzFUzYV9zrXRDA_IyNw3mqXrU3igUqpIVDAYbqYFQi95YjPq1NBz5_FvuDRAOVDCypBUjztdwXkD3P5qGafneMj3wSDDhAbH4VSJupyRjN22DS0bcYMbc4BxczisBZ9uTftVcPhnpNmksr4c--FS3YDTMpvodQRuDUfTciz9s5yyHDWrYD4JIOuuauPfHwLMJQ8ZpWiLtfC0wa6sy9JRBrVWhziV1b_sl_MDeEiYn1aVQYeiBTpi1TJam2PSWUEIan_8UGUBkmKZqgRjG-9TpWWc1041aGaFXhXkqfz3OddQcLa4eTvJKPSM-rl03VPhFzefVGCq1Qcw-KMiYAUZTSaipBDPeK9h09CUwuaZQd9Yhj-CUVu8eciDkSdwaA8V4yz7Abnpb2mvM2mI8PaxMCTD08Cp7DiUt0veSc7IDnpRM4ALo8KcPxDH9xnYMfL-Br35VCFyk63o9g8tKQjWsQLp88lQk-Rfd4FQ_m9uYUXlYyJf07B4WvaJ_X81aqD--ktV6iB5_V3EKOneKpYbg-GaMBtfOQbf6lfwSspHk-CyWLRXB1iu7iqQo1XXTo7xApZt7jrfjvy-Kr9jsIz8_0i0h0OyRgiS5m3Z-2BRaCpUXNEtQQ0Ww2P7bg_7m3iP5WVFdPQuI2cvcnrYJcT6CyPR20w9jbq5pjWGsuvfc4ahzyfWKkvcuitjc2WbVnx7dk5EChqy5bc_nbczRwBywNuPxdciJ3myvLEW5D_wgokMXeiDzSDK94W_APHsPoF6rumbUlrbV1FlngeeCG1nY6xR0QBAl3jAMI6jgKzfomJBJibLVy7ti2G5YB71Dv5rcg3wk2gsAEsYXqn1hSRMBkkHLAVL1MxgaiK3n3a-IVjqpgR91jsP_uJcRSCSI2oCCCasuirw76PwRsm84W2KuNCv9J7chjdrB4k6qJ4frUOaDuTvnEdNh5S4alKykqHXITWV9b2_SvppDdbTCeH5P9mh7hG7aWcKrM-FYm1rI8dYyCZyJoOgN_M355njqNfggiqoJptMeuKB1EmTOlifyVtRKezA7pecaUcUJVsRK7U2LA8oHql5_CDhmuOUSFwvMJlYtYNMHodqNFpER7G5KKPTLthIQYktqCZhCJYo2elepL8ZZagUr82A2mvCmBaJoCiFC1K7M68mK08Qt1qbkD9Lo6BVLTWZ6S1d0urBu2AygqtenJNacyoFSfjs8VIbq2NtPSI7WkGplQxwmjZ5fi9-58y07yhOwMLCKqXy-Dy2qgm9-bi2-YQf-pr7AKK4rBhWhh__5IFiopNhDwmayYHPSb6vrmLcyVmZyjhpVI-xrUCO0I9rvJnIjr3Ac0P0U7pWHKDkWWo0w8QAijoL1QDyZLF-tujOKBMzdmGET741_GYSPyndtBwFEmpLSSTFOi_MoSPQST7bUc3QuZdEhFBbkYvx119Gs3F26SYEx-u4xfGKvkyRyL0UxOPaJ_4wppe6SX0fhuDVxXkrMrcFHs0-Dw4hYCmozvQ26Wgl9FQpLADzzLPO8KSfm8wO5dpA62tv7C7EKL8ooZfZo0GcS_UGQLjBMw7TtRJ6W6nLpygdTbaQCXdmgA-3tSSQVQhDBtngK4Ovy_lEkiNixfDl0YILbDEoLTyd2cfKvgZBOdrRqHr-Tvv9dWSNGkfH0SpGsfuHF9Tt9_RxB2dMDJqGNlsxL3wb-2hSLz5PVECoXxbdAQmskoodzXuJw5GhDpz4i1sQCs6E6zeogjcm4GZi1n6mWCTfbFFFuytwWiGdj4bbUyqOhU-iDX-dKbSQlqCrCbRpu4OsVPM7yTtJ4aZ5qKxRkTTLg3VDHSLKx-f_l2x5PF645q3VETFD2xSRjM_IEs1LUSaFCicirHRUviUqNWvvTTklBL9NP0OcfuDte7DMBPFnYmY40nxqsshItaqoM2dp0LcLUlWDaGsRTzr595hC-FKeca9SLkQE9iqnc_q5DJ4M77oauZHOVoICGtuNCwWvlnEqoKdRDxA3r5-asUdszbKOONs6fNTGgwhUpSOu5yCixZnEmgrFu9svdC6dMLHSWxU9q_3tDh38zd1yqcNnCv9YwiqGXIGrAcSz0KczONw794_-K0hxATJvXKXb-xPU-uliZhSB0xjWXi4OvjFpe5CjPwvp0XS5Qb7d_sFYMUkG6MtmyZACNlwNQRYMY_mgOK9pzhauWOLq5L8xlZz0WO90xBoocj2Q9WCCnh2JsBrYN3ji0F9HC_xtuZ2hB7LfQsM-haBuROAQAvtb5MXsyKJ9UEveyRkV-_CguX90WJSpIxsAT5z8mdIq2MeZNATGqG2FvUXYHkBWUgLkCHZz1Kn5aQ6dFRvz9CJ_LmObHGe9NhJMsgRwiaN7Wlb7y9HKM4AudCaNDcTy7De4UX2s2m2Xh_u82Jk9bfgQHfygwuwaXxL8smW_pET0a9xtz5ovjlOHtBuqiegzGH61P3ujDIeUSjlQnneUl66szKLc4oREj1WltSIJzgL1eYuTMCkpW1J7CWZvN7gGkjJxS0dFJ0F5cQ_kbalpgmoLG4yICXtg7l2RACmLD0yYV-wwcWbC06PR_yVa5ySDnpBpmSh6tb4IEvyHDJZHSnH0dgunUblL_Lk5RAnvBueI1hUt463skPOdSzFaHkKA9J3OR1hOHK7uPxz_sBVG6qw7O7Qb42WYO-X6LqeMotfeq-fOhFnSvKJKkyvl0wBnDNzPgeWXZS0CCfypgL2iAmRpTv6JKHrN5kKH216tJOn58y5QaBbx5XWvuvhfz-a4hQb8IbRsGvUf7j&cid=CAASFeRoQOIcKrcuq_9sP1dKpOUxS5cjnA&rfl=1%2Chttps%253A%252F%252Fwww.wtvm.com%252F%240

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c41f507148625ac8a577bcbdcf54fd5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 14:33:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Jun 2021 14:33:36 GMT

GET
H3-29 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20210524/r20110914/ Frame 8B66 22 KB
8 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210524/r20110914/abg_lite.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2e515f6e09f5e26caff10460e9a027e236ec78caffaa756799730b20f4d33320

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c41f507148625ac8a577bcbdcf54fd5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 14:33:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8609
x-xss-protection: 0
server: cafe
etag: 7365582700020686358
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 11 Jun 2021 14:33:59 GMT

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 8B66 41 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: c41f507148625ac8a577bcbdcf54fd5e.safeframe.googlesyndication.com
URL: https://c41f507148625ac8a577bcbdcf54fd5e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c41f507148625ac8a577bcbdcf54fd5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 22:24:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 144581
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 26 May 2022 22:24:35 GMT

GET
DATA 200
OK truncated
/ Frame 8B66 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b6b156ba98e8dfa1ae9b91e4c26502bfb73f079ee0f8a6fa3afa83d4f8d0a8ae

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame AA79 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://c41f507148625ac8a577bcbdcf54fd5e.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://c41f507148625ac8a577bcbdcf54fd5e.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Wed, 26 May 2021 22:24:35 GMT
expires: Thu, 26 May 2022 22:24:35 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 144581
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 index.html Show response
s0.2mdn.net/sadbundle/8752398063120785957/ Frame 0AD0 7 KB
2 KB 15ms
14ms Document
text/html 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8752398063120785957/index.html?e=69&leftOffset=0&topOffset=0&c=iYSXczDSu7&t=1&renderingType=2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_271.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3068fbe2b33ba54f8321038abe574366dd8567092c5184aa23cc1c777ce5be69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /sadbundle/8752398063120785957/index.html?e=69&leftOffset=0&topOffset=0&c=iYSXczDSu7&t=1&renderingType=2
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://c41f507148625ac8a577bcbdcf54fd5e.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://c41f507148625ac8a577bcbdcf54fd5e.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2221
date: Fri, 28 May 2021 14:34:16 GMT
expires: Sat, 28 May 2022 14:34:16 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 26 May 2021 10:06:55 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8B66 0
24 B 69ms
69ms Ping
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuZzSdWsJYHjSK1qWcBNhVY77tCFt3D8nXlGgPisMiQ9rwWkNQIRKUJHZMH-2Zf_0yTTOsKYjSMpJhM51T9Z-uJnAlFOibQlKI4uAFbg3HCfuTHVqmq19vE0GEZjgIWUHpd1BOSqA0hjvM9MCKKzedHu86ETPcPTmM6OTfgs_l4yACQjItHPZX-ozaO7EOLl0gyK18sRrQZufWxbY9pEqaXN4rPvW1ie8tDMLbcv327k6NEebtq3hvJt9N083V7kK0bs7dA-SY18ZWK6TORHRyx6sVrQmPSx4_6yYq09-3IOb0i6W9RsD0gltDcoVZsfSPesbbcjHCth009nr9m_hdyQxjI_GpkLwd118xwUDJnSQAVRZGVNCGVjui_0UqXWSQSA5B_0mUgsmcnnXJ7mNJPeo856F2b4foeKw5bDYnNO97ImrF_miHqAAb39dcZUbZZKL6esRCwaMWGR3dZCaygxhAlRFUUZPQQX0kUZmDiDV_nMllmiVyRHCyxgErPIbtn52tmjyZ0UxfCsBkcR-g1V3XzC2R6BCemM9f-x8wdLb89j-CkjYHiXsSB07yd8gMweCueDV-Qjlqe9Qyd-t0B4Csdgy0BLyIe8O6jSIO4fbxVnetR3Cbpe3kgKK_uAUt35kdlEsA8PCDmW9h5bKeHOc5cYUwqBcrdCIGqKIj_wrgLfXceuowKymBlZQXzfbMj092XufP05NVVl2Qav2obY3mDdXkWKMhPsDBx_WY6OaGyNsYXaBRu-a-xf8oRi14yFJgpyMowDs1RbpesKZ1ieqHhC-lbIRzlGVIpq7HSoUTkMm67SCirmQu4pfgjCelMEYvT-JjypyzEuHsJtHrKdjLFag14ZF7dgRkfWdPPk6MYvQHuK6hgf-vB5nlFntlMvt65miIg8E_eKqEAQcXfpv0Zzo9oPMK3MwTX93riA_yRZFpGY7_HP5cfeKvRro1unYQ_DMaxTo6T0loFj249pDYNwu2OMkQ-dWpHftUXUsPG3yvEqY03JNvg2ahfULOssFJ7baOtdO2wP_930jH8hgnl-CZK6avddVs4BoLaGq9MGvlBMCeOn9WM6ynMbYB4ceteCRCt-K31lQDrWMMtMVQbD3Nb5SUJ2dbhj-_52ZDjogIpWBSF658Fq51z86633Jj0LUXDxJHCmux_obTY&sai=AMfl-YR2UjPqaX0OtfugEBT98gpQdprl1VWt9srrg4lk636EiSCZsayuKbp33-QLKAolfe3Jk4RGLSYcEyy59Ngs4g09bUO2TPw4C-djr0RcrVc6HdWi9UKdV3NBHZcmcTMlhLH5Y8b17QCg6B5yWJR7ajhMN6yb0bs92ovLKqY&sig=Cg0ArKJSzLMgoMQQkei0EAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=58&cbvp=1&cstd=54&cisv=r20210524.23745&adurl=

Requested by

Host: www.wtvm.com
URL: https://www.wtvm.com/2018/12/13/auburn-woman-arrested-stealing-k-company-funds-automotive-supplier/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c41f507148625ac8a577bcbdcf54fd5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Fri, 28 May 2021 14:34:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 HZvw8QdJrJJXuJ48IXlV8VF-H8RHnxePCtakS6ABBeA.js Show response
pagead2.googlesyndication.com/bg/ Frame AA79 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/HZvw8QdJrJJXuJ48IXlV8VF-H8RHnxePCtakS6ABBeA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d9bf0f10749ac9257b89e3c217955f1517e1fc4479f178f0ad6a44ba00105e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 02:11:56 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 17 May 2021 11:28:00 GMT
server: sffe
age: 303740
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5755
x-xss-protection: 0
expires: Wed, 25 May 2022 02:11:56 GMT

GET
H3-29 200 hp_styles.css
s0.2mdn.net/sadbundle/8752398063120785957/ Frame 0AD0 2 KB
701 B 8ms
8ms Stylesheet
text/css 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8752398063120785957/hp_styles.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8752398063120785957/index.html?e=69&leftOffset=0&topOffset=0&c=iYSXczDSu7&t=1&renderingType=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

01edb070cc5490fa639dbee73675a4cbcbb9abadd6a9c2683a301d05e0cf2b04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/8752398063120785957/index.html?e=69&leftOffset=0&topOffset=0&c=iYSXczDSu7&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 12:42:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 179482
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 669
x-xss-protection: 0
last-modified: Wed, 26 May 2021 10:06:55 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 26 May 2022 12:42:54 GMT

GET
H3-29 200 tweenmax_2.1.2_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 0AD0 113 KB
39 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_2.1.2_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8752398063120785957/index.html?e=69&leftOffset=0&topOffset=0&c=iYSXczDSu7&t=1&renderingType=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a863a77e9ee263a0ec9c1e792bb33ed0f663582b7369f472261df7b6040990c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/8752398063120785957/index.html?e=69&leftOffset=0&topOffset=0&c=iYSXczDSu7&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 14:34:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39910
x-xss-protection: 0
last-modified: Mon, 11 Mar 2019 14:29:26 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 28 May 2021 14:34:16 GMT

GET
H3-29 200 Enabler_01_245.js Show response
s0.2mdn.net/879366/ Frame 0AD0 110 KB
38 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_245.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8752398063120785957/index.html?e=69&leftOffset=0&topOffset=0&c=iYSXczDSu7&t=1&renderingType=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4642568b405b3750fb18df621889e27def95e8162c1cdd256a21b319c9a4e24b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/8752398063120785957/index.html?e=69&leftOffset=0&topOffset=0&c=iYSXczDSu7&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 13:44:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2980
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38568
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 19:32:54 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 29 May 2021 13:44:36 GMT

GET
H3-29 200 poster.jpg
s0.2mdn.net/sadbundle/8752398063120785957/ Frame 0AD0 15 KB
15 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8752398063120785957/poster.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8752398063120785957/index.html?e=69&leftOffset=0&topOffset=0&c=iYSXczDSu7&t=1&renderingType=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a63e904f545bc5e89edf9b917388d13006f9db8898d496b133ca8dc9513321a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/8752398063120785957/index.html?e=69&leftOffset=0&topOffset=0&c=iYSXczDSu7&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 12:42:54 GMT
x-content-type-options: nosniff
age: 179482
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15461
x-xss-protection: 0
last-modified: Wed, 26 May 2021 10:06:55 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 26 May 2022 12:42:54 GMT

GET
H3-29 200 hp_main.js Show response
s0.2mdn.net/sadbundle/8752398063120785957/ Frame 0AD0 4 KB
912 B 7ms
6ms Script
application/x-javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8752398063120785957/hp_main.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8752398063120785957/index.html?e=69&leftOffset=0&topOffset=0&c=iYSXczDSu7&t=1&renderingType=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c294dfe27e3d514f3b0e0d8a34a5fb590ce2b0b0821079a7a73196942a4c808

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/8752398063120785957/index.html?e=69&leftOffset=0&topOffset=0&c=iYSXczDSu7&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 12:42:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 179482
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 880
x-xss-protection: 0
last-modified: Wed, 26 May 2021 10:06:55 GMT
server: sffe
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 26 May 2022 12:42:54 GMT

GET
H3-29 404 300x600_MDIV.mp4
s0.2mdn.net/sadbundle/8752398063120785957/ Frame 0AD0 43 B
67 B 321ms
320ms Media
image/gif 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8752398063120785957/300x600_MDIV.mp4

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8752398063120785957/index.html?e=69&leftOffset=0&topOffset=0&c=iYSXczDSu7&t=1&renderingType=2

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/8752398063120785957/index.html?e=69&leftOffset=0&topOffset=0&c=iYSXczDSu7&t=1&renderingType=2
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

date: Fri, 28 May 2021 14:34:17 GMT
x-content-type-options: nosniff
server: sffe
x-dns-prefetch-control: off
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=0
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
expires: Fri, 28 May 2021 14:34:17 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 0AD0 5 KB
4 KB 16ms
16ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_245&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_245.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df74ff67a7be27ee0973784e9c51beaca74e5936c4f87560bac84adf168492e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 28 May 2021 14:34:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4129
x-xss-protection: 0

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AA79 0
20 B 41ms
40ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BKx4NaP-wYLKYItnE7_UPg46i-AwAAAAAOAHgBAI&bg=!l5SllNDNAAaMan2LjGo7ACkAdvg8Wrf-VeOd2EmBNEMHMcIQO1qu3IQn997ddtXyT1BclnxUC8m8EwIAAABVUgAAAAtoAQeZApC7yKPRZOX_i-AGDmmP3fnuOt1Ju8X6eGpQ2WZ6t_8oMfqbKSuXt_UZl331rJ-ObwgsW4__T0he-PaB-maWlmo7lw88CeHkhQhad8b16macFhsCvP78JdIPwyGAb4f4qazTtP6bH6V7Hep7zxZc1OXHjEF0BkJSMbsP4aP6wHjrivrTQpSfAF8PArnL1NNnnlORa5gXoI4afCPzCq_dNEIL8C0whcXJOsPmVghn9t8-IixuX7AOT5SsQBPs_RCXe4KaBFteztaYAAyMV0I7aqANsih_qe3o_Ukq0_xH_Ax7xwDsBw2l1mvE-8FREJVC-iIKdd4UJ94en5zswErKq17AtrDn2UNHR8pTZYdNLV3eITe2v1_5pWcUiZfVh6UVlilyeH5g8MHUHmHZg2h8SjykFeSmOlJAk0T5ML7MJpSYoRCZm63O5ihGqP99mLlKQyMwUbLWgJYpIrcRgbrulJZn0LN99IhuFyDVUGnqKMKiyFYNLgRGYYeZiC_YMaZA4fK500NfNYOedYiQxtOl95v3afVpTzUCtXL0iQfJCTEIV0BuQCec7HMs7myBFeVbBR6AyLESBHc9tWau0CB4UjpUqi0oSUaTUme1nr1azyWP1ZSZX5UVLYB5ZSUwQFyeO55-pJJqkPqSPgqYW6oUqlg1bhGOrlS93r3iNOnn5taJq9ta8-7Kjtamph-kizHRrHRZuI0FGtkoSdQF0xueBb6Lm0GRID1nY0zK3xfmZYoHutuNHMKZfRKyPNH-zo1QxkZEMwiO7w3qj86yh4BsEFi4A1x5uoITMB4EfYYAfYZSL1v281CkWWp2wuvjCq20THeZ82PIsA-QbBnAaFt-P6-XUkk8GuEk2qAVppvNFMF1ow

Requested by

Host: c41f507148625ac8a577bcbdcf54fd5e.safeframe.googlesyndication.com
URL: https://c41f507148625ac8a577bcbdcf54fd5e.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 May 2021 14:34:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C385 42 B
64 B 42ms
41ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuPqHmtG1C79gRrn9IpiImlNp0dzBUaDj7TOn7Y9LhbTAeBtCs5aSxVWngcLfj1kNfJO8vJLp9LhHcCWccQDOuaRkRDARmCQEc7yXuY51RmdTGWsdQcOPBzv-2gAg&sai=AMfl-YSywgy16iPGRfonmTxa8tQ9Wv5jAfndg7JTsc61jyAcLS6bEobH4H0aZzniEPeWLG3QjKsDb2kAPmEF6wt2IL073JKPnAJeYoa9bPI05lQGnfTkcvKGAmBesctsSGuz&sig=Cg0ArKJSzGki0-l0fz-JEAE&cid=CAASPeRo-KHFs8JgeIe9bz9-E8mHVUbW-DuVpcpMlL0AvZWxCyDmxV_kqcCTni6ozpJOEQcKNHnnId005CvSZsU&id=lidar2&mcvt=1001&p=99,436,189,1164&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20210526&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3241713328&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&eosm=0&rst=1622212455603&dlt=25&rpt=204&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c41f507148625ac8a577bcbdcf54fd5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 May 2021 14:34:16 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 prod_studio_01_245_videomodule.js Show response
s0.2mdn.net/879366/ Frame 0AD0 13 KB
5 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/prod_studio_01_245_videomodule.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_245.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

236888a9bde0a1cabbd288498b6ba4fb3f4ec7119d2d06666a5a48a82f51f042

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/8752398063120785957/index.html?e=69&leftOffset=0&topOffset=0&c=iYSXczDSu7&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 13:44:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2975
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4849
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 19:32:54 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 29 May 2021 13:44:42 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 0AD0 17 KB
6 KB 17ms
15ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_245.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 14:34:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Fri, 28 May 2021 14:34:17 GMT

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8B66 0
23 B 63ms
63ms Ping
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.wtvm.com
URL: https://www.wtvm.com/2018/12/13/auburn-woman-arrested-stealing-k-company-funds-automotive-supplier/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c41f507148625ac8a577bcbdcf54fd5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Fri, 28 May 2021 14:34:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 Img01_1.jpg
s0.2mdn.net/sadbundle/8752398063120785957/ Frame 0AD0 33 KB
33 KB 11ms
9ms Image
image/jpeg 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8752398063120785957/Img01_1.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8752398063120785957/hp_styles.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e4ff32c8a13b52f21e59e88371a8929b9a1d4de0ef003c0ed1b971aa498e5fcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/8752398063120785957/hp_styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 12:42:55 GMT
x-content-type-options: nosniff
age: 179482
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33647
x-xss-protection: 0
last-modified: Wed, 26 May 2021 10:06:55 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 26 May 2022 12:42:55 GMT

GET
H3-29 200 Img01_2.jpg
s0.2mdn.net/sadbundle/8752398063120785957/ Frame 0AD0 38 KB
38 KB 12ms
10ms Image
image/jpeg 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8752398063120785957/Img01_2.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8752398063120785957/hp_styles.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ffb9691533694a6ae00f6f315e12a59da40a61d54cb7456d64712319b563f570

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/8752398063120785957/hp_styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 12:42:55 GMT
x-content-type-options: nosniff
age: 179482
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39185
x-xss-protection: 0
last-modified: Wed, 26 May 2021 10:06:55 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 26 May 2022 12:42:55 GMT

GET
H3-29 200 txt02.png
s0.2mdn.net/sadbundle/8752398063120785957/ Frame 0AD0 5 KB
5 KB 9ms
7ms Image
image/png 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8752398063120785957/txt02.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8752398063120785957/hp_styles.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25754328d52490deddd886cca5c618a7d5a2c7a92041fe904b62bbbdf1affb4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/8752398063120785957/hp_styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 12:42:55 GMT
x-content-type-options: nosniff
age: 179482
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4893
x-xss-protection: 0
last-modified: Wed, 26 May 2021 10:06:55 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 26 May 2022 12:42:55 GMT

GET
H3-29 200 cta.png
s0.2mdn.net/sadbundle/8752398063120785957/ Frame 0AD0 2 KB
2 KB 12ms
10ms Image
image/png 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8752398063120785957/cta.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8752398063120785957/hp_styles.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d3a8abd60216a8452a422331bc927f57d3ad87e03ed7564a3185ef7c40689d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/8752398063120785957/hp_styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 12:42:55 GMT
x-content-type-options: nosniff
age: 179482
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1698
x-xss-protection: 0
last-modified: Wed, 26 May 2021 10:06:55 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 26 May 2022 12:42:55 GMT

GET
H3-29 200 badge.png
s0.2mdn.net/sadbundle/8752398063120785957/ Frame 0AD0 6 KB
6 KB 11ms
10ms Image
image/png 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8752398063120785957/badge.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8752398063120785957/hp_styles.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c550de5f44cb7f71f3ac55fbfe8d31836742c4d70c20d738fb0781c6fb32b1d0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/8752398063120785957/hp_styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 12:42:55 GMT
x-content-type-options: nosniff
age: 179482
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6312
x-xss-protection: 0
last-modified: Wed, 26 May 2021 10:06:55 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 26 May 2022 12:42:55 GMT

GET
H3-29 200 logo.svg
s0.2mdn.net/sadbundle/8752398063120785957/ Frame 0AD0 3 KB
1 KB 10ms
9ms Image
image/svg+xml 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8752398063120785957/logo.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8752398063120785957/hp_styles.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec8b1002e700074d62dd69751c896d1862576ebd06bc5c93529abf8f625a5e83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/8752398063120785957/hp_styles.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 26 May 2021 12:42:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 179481
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1395
x-xss-protection: 0
last-modified: Wed, 26 May 2021 10:06:55 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 26 May 2022 12:42:56 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 10 KB
8 KB 24ms
24ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021052401&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js?31061298

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

98c31433f8e5885cb8ca422d8602dcba92e60dc8401419f0cc897aa513ecc42a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wtvm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 28 May 2021 14:34:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7747
x-xss-protection: 0

POST
H2 200 v2qbdanP_KfuyUs9_yarm6f3iH9klg4hLy5mGwHv_j3WpNVc7uQXTlmU0IUaGHGqJK0xZIoWiYw Show response
reconditerespect.com/ 216 B
611 B 74ms
25ms Fetch
application/json 35.201.98.64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://reconditerespect.com/v2qbdanP_KfuyUs9_yarm6f3iH9klg4hLy5mGwHv_j3WpNVc7uQXTlmU0IUaGHGqJK0xZIoWiYw

Requested by

Host: reconditerespect.com
URL: https://reconditerespect.com/v2kiafF2yYUGLlv9oKSDvXv3DBozRDhMe6kms5a6FiO4xLT-c_j_jvWFR_A

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.98.64 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

64.98.201.35.bc.googleusercontent.com

Software

Resource Hash

73f7170634ab700acc59f931975d255970e00256b62e83f8ec10fd5deeb3b352

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.wtvm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
x-datacenter: gce-europe-west1
date: Fri, 28 May 2021 14:34:17 GMT
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.wtvm.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-hostname: f8becdc5
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length: 216
expires: Fri, 28 May 2021 14:34:16 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js?31061298

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wtvm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 28 May 2021 14:34:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Fri, 28 May 2021 14:34:17 GMT

GET
H3-29 200 HZvw8QdJrJJXuJ48IXlV8VF-H8RHnxePCtakS6ABBeA.js Show response
pagead2.googlesyndication.com/bg/ Frame 5BB9 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/HZvw8QdJrJJXuJ48IXlV8VF-H8RHnxePCtakS6ABBeA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d9bf0f10749ac9257b89e3c217955f1517e1fc4479f178f0ad6a44ba00105e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 02:11:56 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 17 May 2021 11:28:00 GMT
server: sffe
age: 303741
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5755
x-xss-protection: 0
expires: Wed, 25 May 2022 02:11:56 GMT

GET
H/1.1

206
Partial Content

file.webm
r4---sn-4g5e6nzy.c.2mdn.net/videoplayback/id/029ca034a92d167f/itag/43/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3766471631/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame 0AD0
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/029ca034a92d167f/itag/43/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3766471631/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signat...
https://r4---sn-4g5e6nzy.c.2mdn.net/videoplayback/id/029ca034a92d167f/itag/43/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3766471631/sparams/acao,ctier,expire,id,ip,ipbits,itag...

96 KB
0

48ms
7ms

Media
video/webm

2a00:1450:4001:c::4
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r4---sn-4g5e6nzy.c.2mdn.net/videoplayback/id/029ca034a92d167f/itag/43/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3766471631/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/8082AC549A0D5002EA2702E1F6056A388BB29B12.42A1DDCDAF7F00343F024163467996AB6160BABC/key/cms1/cms_redirect/yes/mh/Pb/mip/2a01:4f8:121:131a::2/mm/42/mn/sn-4g5e6nzy/ms/onc/mt/1622211885/mv/m/mvi/4/pl/44/file/file.webm

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:c::4 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 28 May 2021 14:34:17 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 26 May 2021 10:07:08 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/webm
Content-Range: bytes 0-390265/390266
Cache-Control: private, max-age=86400
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 390266
Expires: Fri, 28 May 2021 14:34:17 GMT

Redirect headers

pragma: no-cache
date: Fri, 28 May 2021 14:34:17 GMT
x-content-type-options: nosniff
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://r4---sn-4g5e6nzy.c.2mdn.net/videoplayback/id/029ca034a92d167f/itag/43/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3766471631/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/8082AC549A0D5002EA2702E1F6056A388BB29B12.42A1DDCDAF7F00343F024163467996AB6160BABC/key/cms1/cms_redirect/yes/mh/Pb/mip/2a01:4f8:121:131a::2/mm/42/mn/sn-4g5e6nzy/ms/onc/mt/1622211885/mv/m/mvi/4/pl/44/file/file.webm
cache-control: no-cache, must-revalidate
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 650
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 04B6 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.wtvm.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.wtvm.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Fri, 28 May 2021 14:21:57 GMT
expires: Sat, 28 May 2022 14:21:57 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 740
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 8819 783 B
531 B 24ms
23ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2ae3f63412ff9d0d7eff3492714d8ac1c8cd6f3244f51d47336912c1f29dc427

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-DEJ42htCzV/NKbFh2XAcTA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.wtvm.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.wtvm.com/

Response headers

expires: Fri, 28 May 2021 14:34:17 GMT
date: Fri, 28 May 2021 14:34:17 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-DEJ42htCzV/NKbFh2XAcTA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 HZvw8QdJrJJXuJ48IXlV8VF-H8RHnxePCtakS6ABBeA.js Show response
pagead2.googlesyndication.com/bg/ Frame 04B6 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/HZvw8QdJrJJXuJ48IXlV8VF-H8RHnxePCtakS6ABBeA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1d9bf0f10749ac9257b89e3c217955f1517e1fc4479f178f0ad6a44ba00105e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 25 May 2021 02:11:56 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 17 May 2021 11:28:00 GMT
server: sffe
age: 303741
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5755
x-xss-protection: 0
expires: Wed, 25 May 2022 02:11:56 GMT

POST
H2 200 v2ymgmc1-p_QAy5kJRo6SXNczVQqFvIFsERGEonfaFgMj6nRCQazP1QF8bf6JlPy6g7Ptv3_2Xg Show response
reconditerespect.com/ 3 B
36 B 41ms
40ms Fetch
application/json 35.201.98.64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://reconditerespect.com/v2ymgmc1-p_QAy5kJRo6SXNczVQqFvIFsERGEonfaFgMj6nRCQazP1QF8bf6JlPy6g7Ptv3_2Xg

Requested by

Host: reconditerespect.com
URL: https://reconditerespect.com/v2kiafF2yYUGLlv9oKSDvXv3DBozRDhMe6kms5a6FiO4xLT-c_j_jvWFR_A

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.98.64 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

64.98.201.35.bc.googleusercontent.com

Software

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.wtvm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
x-datacenter: gce-europe-west1
date: Fri, 28 May 2021 14:34:17 GMT
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.wtvm.com
access-control-allow-credentials: true
x-hostname: f8becdc5
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length: 3

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 41ms
40ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021052401&jk=1105435277463720&bg=!np2lndnNAAaMan2LjGo7ACkAdvg8WqRrRsxh9kYRHjsAbVxO4CCBQj_lTk5k5hs_l6fa4_bfXEaVtAIAAABdUgAAAAxoAQcKAI2qwC0SoLy93Rtcsc34RWVWJfLJa4DPQXwkkQdhe9zh0IuGdml6aAJlkuRjw_pfWrJMcgL-X7VkR87R97gL3tmraLx804yRni_xBhpZbwWGSmkXLlM-4WifB5nLvGHlCGEonjOxcrAwVNzUgThYFEGB0PoQrz_BYRfiKo06VIAhFG3G3-B6xs12n-gTIVyZAk-bobKjCDDEW28SulHoPRdC5dKtVeWtU4nIZ-IbfaOKEIGSjIkz5TM7JM6FAaR1uZO-6lLLPcTXzZRz_-Ai-Uh3IeO4Afos04ie8lpoZ7fYEiajGRz6J8OiJ0Ty0RXgS4jZwy7dPX_VXWr6JYErX2uGqJgNO85u7GSmnA_s68E6KZ0z7WkbpmLDSlRP_taPH8YYzVp-I0cpWYrruAX6EfE-Gq9BAhRfJ_Mc6F83h5hJtuPXS8c2DhemUglfS6Dtj91st88dWJhx93NyOf-w7tVOvsVZ0qoDUZiSuYH925CMSIaGggrfUp5PtUuryuiivpiyxVzftvVJIj0wX4yyiAPn1fqmRZv1-0fhT1zS6RiNvKw4nzJAj3wEW0iqtRzeG9LLnYdBp8C_nEKHeVJYkRbOQRBgj4riBnvbdOonz9VqIv_DsbqEKm_52qxU0ZrSh25HrARQPMFrKv0CoTHEqvkVbUsizkcBoZZ7B3ctCaSGQ-DiWH0lvzKDXGj7W3QgTmPZXcOBEAj9NWco7qkWqeRNFbVOH9XZwh-uL4H_BhoO3xDN3tSAFVLei4m0VRHDPaYqcENl7SovkQpWSZ4MM8RS6w-Cmg0gmhHinZHWGgMfewGxI6EP4qrqjOpkPT_nt98yiCQlCVinnaMypybo56nRww-z78d7v_yRYsEYvYaXG9jorx20Cbq4mjakXRvUC4iCAnb3jUASnHjBflMbBYbCiv4kFgFfsJdzx77gng16OqEb_rysf97Bt2RwLWeuzSLn_NiZuCp2bZBFsh1dBOQ

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.wtvm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 May 2021 14:34:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8B66 42 B
64 B 42ms
42ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvcM5vz4b5k6kU0A2hVDsGWumJ2ttMfKTopBkabWRRB8uUJZofnvrJ2h_f9C2vMjCE-BPcCTnJi-3HaJEemrnLlXbaElOXvWjz36tEuzLmzUy9LQk0kp4URRSUoRw&sai=AMfl-YTzWZK8ljns4nezWBzHV7_SKV27XpEAXL1SfDeYXCy3KQ93PSOEVITikJfcAY9g5UjDFenGIL8BZ0f5LWFsQTJFGt6UFuzvbnMWm1cgkDLebIqW5GCi_Q1mFedfTvrn&sig=Cg0ArKJSzKlBe9RX9_FkEAE&cid=CAASFeRoQOIcKrcuq_9sP1dKpOUxS5cjnA&id=lidar2&mcvt=1000&p=239,1344,279,1385&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210526&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=989044126&rs=4&met=ie&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&eosm=0&rst=1622212456511&dlt=21&rpt=2&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c41f507148625ac8a577bcbdcf54fd5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 May 2021 14:34:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 206 file.webm
r4---sn-4g5e6nzy.c.2mdn.net/videoplayback/id/029ca034a92d167f/itag/43/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3766471631/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame 0AD0 29 KB
29 KB 14ms
6ms Media
video/webm 2a00:1450:4001:c::4
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:c::4 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

b996b804ec13c4fdfd88ffd6d8833ed8c68f30f0a9c7fb4d075cf765426db824

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://s0.2mdn.net/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=360448-

Response headers

date: Fri, 28 May 2021 14:34:18 GMT
x-content-type-options: nosniff
last-modified: Wed, 26 May 2021 10:07:08 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
Content-Range: bytes 360448-390265/390266
client-protocol: quic
cache-control: private, max-age=86400
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 29818
expires: Fri, 28 May 2021 14:34:18 GMT

GET
H2 200 dc_oe=ChMIsuzkqczs8AIVWeK7CB0DhwjPEAAYACDV1KVIQhMIvJ6oqczs8AIVTYWDBx2e_QXq;met=1;&timestamp=1622212458291;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=1;eid3=11;ecn3=1;etm3=0;eid5=12;ecn5=1;etm5=0;
ade.googlesyndication.com/ddm/activity/ Frame 8B66 42 B
498 B 118ms
59ms Image
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIsuzkqczs8AIVWeK7CB0DhwjPEAAYACDV1KVIQhMIvJ6oqczs8AIVTYWDBx2e_QXq;met=1;&timestamp=1622212458291;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=1;eid3=11;ecn3=1;etm3=0;eid5=12;ecn5=1;etm5=0;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c41f507148625ac8a577bcbdcf54fd5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 May 2021 14:34:18 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 206 file.webm
r4---sn-4g5e6nzy.c.2mdn.net/videoplayback/id/029ca034a92d167f/itag/43/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3766471631/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,... Frame 0AD0 285 KB
285 KB 6ms
6ms Media
video/webm 2a00:1450:4001:c::4
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:c::4 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

b484365392f14539ce5dd572cf11f7534f0c61a25111c16acf091c345ac5153f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://s0.2mdn.net/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=98304-

Response headers

date: Fri, 28 May 2021 14:34:18 GMT
x-content-type-options: nosniff
last-modified: Wed, 26 May 2021 10:07:08 GMT
server: gvs 1.0
vary: Origin
content-type: video/webm
Content-Range: bytes 98304-390265/390266
client-protocol: quic
cache-control: private, max-age=86400
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 291962
expires: Fri, 28 May 2021 14:34:18 GMT

GET
H3-29 200 dc_oe=ChMIsuzkqczs8AIVWeK7CB0DhwjPEAAYACDV1KVIQhMIvJ6oqczs8AIVTYWDBx2e_QXq;met=1;&timestamp=1622212463488;eid1=2;ecn1=0;etm1=5;eid2=12;ecn2=0;etm2=5;eid4=14;ecn4=1;etm4=0;eid6=16;ecn6=1;etm6=0;eid8...
ade.googlesyndication.com/ddm/activity/ Frame 8B66 42 B
63 B 91ms
58ms Image
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIsuzkqczs8AIVWeK7CB0DhwjPEAAYACDV1KVIQhMIvJ6oqczs8AIVTYWDBx2e_QXq;met=1;&timestamp=1622212463488;eid1=2;ecn1=0;etm1=5;eid2=12;ecn2=0;etm2=5;eid4=14;ecn4=1;etm4=0;eid6=16;ecn6=1;etm6=0;eid8=960584;ecn8=1;etm8=0;eid10=18;ecn10=1;etm10=0;eid12=960585;ecn12=1;etm12=0;eid14=13;ecn14=1;etm14=0;

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c41f507148625ac8a577bcbdcf54fd5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 May 2021 14:34:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMI14Gtqczs8AIV8Ma7CB1gGwwVEAAYACDA-8dFQhMI2YiEqczs8AIVjIKDBx1a2wJo;met=1;&timestamp=1622212465960;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame C385 42 B
107 B 58ms
57ms Image
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI14Gtqczs8AIV8Ma7CB1gGwwVEAAYACDA-8dFQhMI2YiEqczs8AIVjIKDBx1a2wJo;met=1;&timestamp=1622212465960;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c41f507148625ac8a577bcbdcf54fd5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 May 2021 14:34:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 dc_oe=ChMIsuzkqczs8AIVWeK7CB0DhwjPEAAYACDV1KVIQhMIvJ6oqczs8AIVTYWDBx2e_QXq;met=1;&timestamp=1622212466768;eid1=2;ecn1=0;etm1=4;
ade.googlesyndication.com/ddm/activity/ Frame 8B66 42 B
63 B 58ms
57ms Image
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIsuzkqczs8AIVWeK7CB0DhwjPEAAYACDV1KVIQhMIvJ6oqczs8AIVTYWDBx2e_QXq;met=1;&timestamp=1622212466768;eid1=2;ecn1=0;etm1=4;

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://c41f507148625ac8a577bcbdcf54fd5e.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 28 May 2021 14:34:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

92 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-20 03:58:28	Name: IDE Value: AHWqTUkizIDX9A8n7pIGW8uuDU0oiVAkMaLv5QeCvLkY8w_aAv_Do5KM6M5isqbu
.wtvm.com/	1970-01-20 03:58:28	Name: __gads Value: ID=dba901b7d896e114-22e6e99329c800fb:T=1622212454:S=ALNI_MYpYvERMtx8wMrOpjJI7OqDZByVWQ
www.wtvm.com/	1970-01-20 03:22:28	Name: usprivacy Value: 1---
.wtvm.com/	1970-01-20 12:08:04	Name: _ga Value: GA1.2.191645108.1622212455
.wtvm.com/	1970-01-19 18:36:52	Name: _gat_RMD Value: 1
.wtvm.com/	1970-01-19 18:38:18	Name: _gid Value: GA1.2.2116335452.1622212455
.wtvm.com/	1970-01-19 18:36:56	Name: AKA_A2 Value: A

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js?31061298(Line 6) Message: Invalid GPT fixed size specification: [[[970,250],[970,90],[728,90]],[[728,90]],[[320,50]]]
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js?31061298(Line 6) Message: Invalid GPT fixed size specification: [[[300,600],[300,250]],[[300,250]],[[300,250]]]
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021052401.js?31061298(Line 6) Message: Invalid GPT fixed size specification: [[[120,30]],[[120,30]],[[120,30]]]

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=86400

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
ade.googlesyndication.com
adservice.google.com
adservice.google.de
c.go-mpulse.net
c41f507148625ac8a577bcbdcf54fd5e.safeframe.googlesyndication.com
capi.connatix.com
cd.connatix.com
cdn-images.mailchimp.com
cds.connatix.com
cm.g.doubleclick.net
d1acid63ghtydj.cloudfront.net
d1d3jupgwm7m5r.cloudfront.net
d3mo2m0b34ee8e.cloudfront.net
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
images.outbrainimg.com
log.outbrainimg.com
mcdp-chidc2.outbrain.com
mv.outbrain.com
odb.outbrain.com
opt.objectiveportal.com
pagead2.googlesyndication.com
r4---sn-4g5e6nzy.c.2mdn.net
reconditerespect.com
s0.2mdn.net
sb.scorecardresearch.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
sync.teads.tv
tcheck.outbrainimg.com
tpc.googlesyndication.com
us-u.openx.net
use.fontawesome.com
video-api-cdn.raycom.arcpublishing.com
webpubcontent.raycommedia.com
widget-pixels.outbrain.com
widgets.outbrain.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.wtvm.com
104.108.145.205
104.111.242.245
13.226.152.108
13.226.156.224
13.226.159.54
13.226.159.88
142.250.185.130
142.250.185.66
142.250.186.38
142.250.186.66
151.101.114.132
151.101.114.137
172.217.16.130
195.201.152.90
2.18.234.190
2.18.234.21
23.111.9.35
2600:9000:20c3:400:b:9517:e380:21
2600:9000:21a1:9800:1b:7b40:7bc0:21
2a00:1450:4001:803::2006
2a00:1450:4001:809::2002
2a00:1450:4001:809::2003
2a00:1450:4001:809::2004
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2008
2a00:1450:4001:811::2001
2a00:1450:4001:812::2002
2a00:1450:4001:813::2001
2a00:1450:4001:827::2004
2a00:1450:4001:829::2002
2a00:1450:4001:829::2003
2a00:1450:4001:831::2006
2a00:1450:4001:831::200a
2a00:1450:4001:831::200e
2a00:1450:4001:c::4
2a00:1450:400c:c0a::9d
2a02:26f0:6c00:19a::11a6
2a02:26f0:6c00::210:bab2
2a02:26f0:6c00::210:badb
3.14.176.219
35.201.98.64
35.244.159.8
37.252.172.45
64.202.112.159
64.74.236.191
00658b09a1644aa45a6f86fb45da1ab8dc225d116e07c36e87344098a8098c22
01edb070cc5490fa639dbee73675a4cbcbb9abadd6a9c2683a301d05e0cf2b04
068091506f9bc076aca275bebd665dae3675485b2d0991bc9eb4b717d2a08121
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ecd9f5bb492be71e3aacc8ca4f170c8f9890242a25e2c6ec9a42f13561b028f
0f846ea093794d51d97e952b7825b2eda7d967629e45e0d611fb3735318172a5
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
14f42df2a56cd1f92639da12fc4b40b3ac6b87d80537c853af58d5a80a0955be
18c327afa903633f86c3efcf12b77f098077eacaa8be101bb007846fd74f8b93
1d8f65c2ff88dbc47174c25840a86ac128ad620dbbda2e67ebf8293fbccece96
1d9bf0f10749ac9257b89e3c217955f1517e1fc4479f178f0ad6a44ba00105e0
1da5edbf2654621748c13e6c92d53819859a677156ba148667371ac751558fc3
1de052842cd3bd6352973d28124987d9065de8ebe436e9b33a34ec54eca75f7d
1e45ca14bc59eff23fa77a56b5a047910b4bb21832fb69ef9308c3e16caabbe4
20cd49ba1a75e092f1d13481bd8f4dbbd2766b7c556e72fa9b7717bfc9cd223c
236888a9bde0a1cabbd288498b6ba4fb3f4ec7119d2d06666a5a48a82f51f042
25754328d52490deddd886cca5c618a7d5a2c7a92041fe904b62bbbdf1affb4b
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
294ccb80937c3165d62977bd0ef7b39f82c90dd9b8d6329f7742177b4f069152
296097c605159eed06e488ed1f5e96feb1c34796df23fb3017208a11b004cd16
2ae3f63412ff9d0d7eff3492714d8ac1c8cd6f3244f51d47336912c1f29dc427
2b1d246693b8d76f17449020ead36b1488af1d16a198e8f0044a0ee0a5b290a9
2c351a96df156d6c14055ec48530f47b1451dabf41b61e0d9f2c4fa9d1d17b84
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2e515f6e09f5e26caff10460e9a027e236ec78caffaa756799730b20f4d33320
304dae540941478098af7c1ebea2155450c2204c698808d9c52cb8f53618a865
3068fbe2b33ba54f8321038abe574366dd8567092c5184aa23cc1c777ce5be69
314620316b791996fa0238a4ec9ec6fdfe87e76f66e7023b8057b713521be828
320bdb63f5150f35fa6b9f3de2f204ed2caea8d6207cdb82ebfafb1ee136f818
3217a6955b600825965f424d1cf73bc156ade880bcb4e16760cfe1771e2da89e
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
3549909fb4e215a19588709dc44df4a30cd3793e3055de3079d8e9453f19cc30
372a48f55cbbf0d9a2d1722a19e66960beff605158a3d22e959628e40831ec44
3880e893ca312795ce92d215f94d19786485c81eb515adfd1abd7d03e49be91c
3d3a8abd60216a8452a422331bc927f57d3ad87e03ed7564a3185ef7c40689d2
4642568b405b3750fb18df621889e27def95e8162c1cdd256a21b319c9a4e24b
47ea6caec4983bf0695d395f6bc725c8df195ebfc569019d8508766032ad6b83
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d0130d314f1669c9ea5a911d401d6250f96386a52b0c38f7b3fb43cdcd10589
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f3b933077b738b503f7543ffc82fa0a061f0fe7d0ff1470865fde561a324bcc
4fd3de63ec2811cf834073e17f405092a258ce39f624e88aaeeae9bb0e92ae9c
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5415a20bbd8f925ad001d755edc081491ccc572d6b9fe62c6525f1df7cf76ae1
5bdf881868ac7b463d2c26adb5b2191eec0ca3dcf013741fec60d7968b4c5e2b
5c294dfe27e3d514f3b0e0d8a34a5fb590ce2b0b0821079a7a73196942a4c808
5c7df99df232586111917083a85aa31b82ee29e48ca2990e13fae0c0663a923f
5d6cce43f423798a69c143fd662011a45701e07d98d1ae89cc1aa7ec462a1bd5
60e7fd647364f2ca14c4a7aa17f31c5801c4b5479aefb31ddd85d321f3d2eff5
6139e1fc0d3709eebbe2b18510cf24361b9f8a538c3529a73c282bafe6c78474
616a9b3ed9614a9dbd25b0a9c29e09272ea78e0daf234a8a4abe9627730a6e03
618bed6f88ada61ec1e171dba4c1857f4626efa7e870ad44c49d697a7010eb27
668dcb2c4d2044ef74d88bb7c754888bbdf92e84b6a5f2607cbc146b70ce93c3
6771a0c052bcc8f1a7cc148eb2117cbdcc3c8d88ffad38f0bb9444c1a037fbbf
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
684722f2ec67f3a1b4aad3b445dd37b60d048d66701dfff1f5c40b3bad4fae8a
68c26bdb348b43c4c4b47885ecc3c79248c5b8961888893250631c393f3c4dd4
6987f1fe127dac0f67f325dd79ed8be6b811bd663f44fd7430c1e212655ce061
6a231b77de4f6ee3cecdf94a01808ad89e50dbc02f8b332ba68a9352c217f057
6a98be164cab735e3e1dda9dffb02bd7c7d7545cfd1ca1b628daab62ff1e357f
6aa7181afe0bea9dc4e90e1d040c0b27be388088f6a5ec3d195c60229fe3c9b5
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e0c3388dc0cd74ee5f6a9d11d96a489a7c653649400fee9f830d2cdc0bdb8d6
6f9fbb5f974121e29abd3771141f5eeb1e224c745cd6afac28521d798ca2c304
710a513b42662c67ce117f4fd633e6a2dd3fcbc86f2e29156cc780db2be77c2e
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
73e7fe189c666f6823df876991d8ed22d9747b5bf2fac679d36fb8f7010aeae2
73f7170634ab700acc59f931975d255970e00256b62e83f8ec10fd5deeb3b352
75a15851873e2ac6f5134537ae1e72e96ce92a55868f9b8529d780d1a4e1de6c
7617fe0518d6e15ea64699e2c8802b113db6c7e7cebf8c828f16fa48c10bc31f
776db87cdca7bac1bed80f9349b5da2b0afad474b6a1570e5309a499511fe106
7a63e904f545bc5e89edf9b917388d13006f9db8898d496b133ca8dc9513321a
7b6df38dea3b1bba6c7be54440682feafb87748a5693cacb57aac5728f4e20f5
7e198b13e7bbab443c006933f6a84f91b8617ec93c58d7be1191b3f4c2420e52
8050f05c230d74be333b63cef230e786094e9100f55fa19c6c0831e95870768d
81e9136cb22ac21f52211b7fb365e10e0b143bc951f4f72d74bd890caa23c2a3
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
859b3a8827bf7ba22afb6eaf838857e14468c8bdde33866620671c810b4172e4
87f0d9ad71aa1896ee5af35470e8893b2da0317018bdeaf0026da2bc7217f3be
8891a160f8a2afb81de5259f9f68e5af3782348ea2927ad9e969bc88c7d39984
8f359cea41f7e97a585f44c7c318c4f2314b2981060da1623e39d8d348ff9150
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f
9335eafdaee7dc4b18ecf6497d1cff75f36cf675c79ab059ddc1c195dda5cf33
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
98c31433f8e5885cb8ca422d8602dcba92e60dc8401419f0cc897aa513ecc42a
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a863a77e9ee263a0ec9c1e792bb33ed0f663582b7369f472261df7b6040990c4
aa55e57957c57eaae4a51740e3e3ae7c3fcb1c951803b3ce0a6c6c7b66733ece
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b484365392f14539ce5dd572cf11f7534f0c61a25111c16acf091c345ac5153f
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b6276b7997f4068062d2673254ff257433e4f0b2438990e88547c710c2888bc7
b6b156ba98e8dfa1ae9b91e4c26502bfb73f079ee0f8a6fa3afa83d4f8d0a8ae
b7da331bb0ab262e42463d99c097422a6ddf8657d52b65be7388c75325ccf0b3
b8a18bd2bfc6be8f0556c1f7ea24f82b3539b6143ef9750b6f25123d5ad49d6c
b996b804ec13c4fdfd88ffd6d8833ed8c68f30f0a9c7fb4d075cf765426db824
ba13eb14297334dae6e28a46ae0fe17da097566413af810fdd449963125dc3df
bc5d4cf6e18131d2611ce0231aac8ac54c6a196f6c9c44239e4b232811404d69
bf70128e63e7895ec1748705f3c4b29ed5b473ca5ba5f8ba38ca485e71a1095f
c18149134738f472e002856a8bab5ec6b313be9679c432d4e2a5640187759719
c550de5f44cb7f71f3ac55fbfe8d31836742c4d70c20d738fb0781c6fb32b1d0
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c751558042cd242729945cadeca90d2513d71ae7811992be768a07751266fa0a
c90df309bbd441476866e3ed38082fb093d93a232addebf0a612bbc57678e78f
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cc7930c46bc124f85f2f4e68bf9ccd0456d77c48759cd3e301b040e3dcdf57fb
cc8b84ad84585cf2ee61f8f2f7ce48b578872bd753e6c0495f79a16ac27bb0b8
ced5c873136c4fab4584c0c6d26dcd530c748303d7ed9b7a7966b2fe1d6f5915
ced75f1bc716bded686ead0df9e3c776ddf53e8eafc9d14c9dc114187533fa46
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d000a6576d54373e8d6a27605a29ad0c5a1bce1a996537981f3a01faebc1e17d
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d73268c706a2ca22a13a545d39aba12557112cdc90fc14db69c4b28d487e552e
d8505830998b8fd36576fabb9edcad89de5a2d1fd091676d8683764290995867
da38b17bcd33d8afdfb2ba334966431117fd9717ef7bd752c0102e5340243d15
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de5d65bf02bbd4973d2a3a42587af8ca9ad5776a5d42f09d5d2f8cb7959ec613
df74ff67a7be27ee0973784e9c51beaca74e5936c4f87560bac84adf168492e2
e1dfd759480723e4f5f922e778e56c24af6f20e4b719f6b699cf13ccc5eb13ea
e2f126a8957c32db99e94d1bf7c9ed09fcd38ba99bd632ebd048f01f9c5f9c9b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4ff32c8a13b52f21e59e88371a8929b9a1d4de0ef003c0ed1b971aa498e5fcc
e929506757cbb70103e578e662d627594be178e732bf62ff3535b60d44c13a55
ea4fdcc21a72f6a6fa9cd48fa73465ace247e65936e63d25713858398a62e148
ebf8f0ef4d0e174238a2782c450d8b5f75b14882fc4f3becc481fa1d1b5683ac
ec8b1002e700074d62dd69751c896d1862576ebd06bc5c93529abf8f625a5e83
ed58c1d5b38e7abc01bc7a0f227b7e89ce671a7fea269ea64b7c20d08388aab9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef391572f9fbb7bab7fef6ce2c4fc92ad68a8c148889a79cb9f9b1452d851fab
f1010cf08825a41c768a117755a496da61a306c41b83c383ea66f1bb3334bb14
f1e945400c04241ef089d71de3b0cf7e202431ac4685ada318714fe07ee9dcb0
f2c88f03093347581287f6744bb3a8cd2e198dd2b9e5750b59a050ca0ee376fb
f3bc15c0cd1eabf774d1aed51be4dbde8142ce170b7549625b4288f01cc1f1bd
f6dcd5e930346ac98ef6683cb91ef4a95f95e7f7d919a3da8800ab174e5461d2
f87f30021aa6875cdcedce045701b86fbd1354e41af0c10728459b059e61d392
fcb1c847623b68652a1014e62fbc50613efbc916e410ead94a281d318881ca13
fdd6706650d8f026d77892b593cef31f66715acebdabef395d3fdcd1dfe6239b
ffb9691533694a6ae00f6f315e12a59da40a61d54cb7456d64712319b563f570

www.wtvm.com Open in urlscan Pro 2a02:26f0:6c00::210:badb Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

189 Requests

100 %HTTPS

49 %IPv6

27 Domains

48 Subdomains

46 IPs

3 Countries

3755 kBTransfer

7702 kBSize

7 Cookies

29 Outgoing links

Redirected requests

189 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.wtvm.com Open in urlscan Pro
2a02:26f0:6c00::210:badb Public Scan

Screenshot
Live screenshot

Full Image

189
Requests

100 %
HTTPS

49 %
IPv6

27
Domains

48
Subdomains

46
IPs

3
Countries

3755 kB
Transfer

7702 kB
Size

7
Cookies

189 HTTP transactions
2 data transactions