sacramento.cbslocal.com Open in urlscan Pro
192.0.66.136 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://sacramento.cbslocal.com/2021/12/16/uc-davis-workers-kronos-cyberattack/
Submission: On January 04 via api (January 4th 2022, 4:36:00 pm UTC) from US — Scanned from DE

Summary HTTP 95 Redirects Links 22 Behaviour Indicators

Summary

This website contacted 25 IPs in 2 countries across 20 domains to perform 95 HTTP transactions. The main IP is 192.0.66.136, located in San Francisco, United States and belongs to AUTOMATTIC, US. The main domain is sacramento.cbslocal.com.
TLS certificate: Issued by Sectigo RSA Organization Validation S... on October 3rd 2021. Valid for: a year.

This is the only time sacramento.cbslocal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
30	192.0.66.136 192.0.66.136	2635 (AUTOMATTIC) (AUTOMATTIC)
7	2606:4700::68... 2606:4700::6810:9540	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a04:4e42:3::444 2a04:4e42:3::444	54113 (FASTLY) (FASTLY)
2	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
1	2600:9000:206... 2600:9000:206f:e400:14:b4ba:1100:93a1	16509 (AMAZON-02) (AMAZON-02)
1	69.16.175.10 69.16.175.10	20446 (HIGHWINDS3) (HIGHWINDS3)
9	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
4	2a02:26f0:fb:... 2a02:26f0:fb:5a6::3282	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2606:4700:10:... 2606:4700:10::6814:b944	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	34.95.105.209 34.95.105.209	15169 (GOOGLE) (GOOGLE)
2	52.218.168.219 52.218.168.219	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
5	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:5a23:9c4e:e774:96c1	16509 (AMAZON-02) (AMAZON-02)
1	34.95.81.205 34.95.81.205	15169 (GOOGLE) (GOOGLE)
1	104.244.42.136 104.244.42.136	13414 (TWITTER) (TWITTER)
1 4	34.216.241.12 34.216.241.12	16509 (AMAZON-02) (AMAZON-02)
4	52.33.158.97 52.33.158.97	16509 (AMAZON-02) (AMAZON-02)
1	151.101.2.137 151.101.2.137	54113 (FASTLY) (FASTLY)
8	35.241.3.24 35.241.3.24	15169 (GOOGLE) (GOOGLE)
1	162.247.243.147 162.247.243.147	13335 (CLOUDFLAR...) (CLOUDFLARENET)
95	25

30 192.0.66.136 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

sacramento.cbslocal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6810:9540 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:3::444 (United States)

ASN54113 (FASTLY, US)

production-cmp.isgprivacy.cbsi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:e400:14:b4ba:1100:93a1 (United States)

ASN16509 (AMAZON-02, US)

wayne.cbslocal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.16.175.10 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: tlb.hwcdn.net

w3.mp.lura.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i2.wp.com

i1.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i2.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:fb:5a6::3282 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

widgets.media.weather.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widgets-red.media.weather.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.weather.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:b944 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.95.105.209 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 209.105.95.34.bc.googleusercontent.com

launch.newsinc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
launch.inform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.218.168.219 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-us-west-2-w.amazonaws.com

bh-ems-static-content.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:5a23:9c4e:e774:96c1 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.95.81.205 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 205.81.95.34.bc.googleusercontent.com

analytics.inform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.136 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.216.241.12 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-216-241-12.us-west-2.compute.amazonaws.com

enewsadmin.cbslocal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.33.158.97 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-33-158-97.us-west-2.compute.amazonaws.com

api.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.2.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 35.241.3.24 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 24.3.241.35.bc.googleusercontent.com

m101675-ucdn.mp.lura.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.243.147 (United States)

ASN13335 (CLOUDFLARENET, US)

bam-cell.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	cbslocal.com 1 redirects sacramento.cbslocal.com wayne.cbslocal.com enewsadmin.cbslocal.com	2 MB
11	wp.com i1.wp.com i0.wp.com i2.wp.com stats.wp.com pixel.wp.com	28 KB
9	lura.live w3.mp.lura.live m101675-ucdn.mp.lura.live	2 MB
7	cookielaw.org cdn.cookielaw.org	127 KB
5	gstatic.com fonts.gstatic.com	114 KB
4	amplitude.com api.amplitude.com	334 B
4	weather.com widgets.media.weather.com widgets-red.media.weather.com api.weather.com	297 KB
3	twitter.com platform.twitter.com syndication.twitter.com	133 KB
2	inform.com launch.inform.com analytics.inform.com	271 KB
2	facebook.net connect.facebook.net	84 KB
2	amazonaws.com bh-ems-static-content.s3.amazonaws.com	15 KB
2	googleapis.com fonts.googleapis.com	1 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com	83 KB
2	cbsi.com production-cmp.isgprivacy.cbsi.com	107 KB
1	nr-data.net bam-cell.nr-data.net	711 B
1	newrelic.com js-agent.newrelic.com	13 KB
1	quantserve.com secure.quantserve.com	10 KB
1	newsinc.com launch.newsinc.com	721 B
1	onetrust.com geolocation.onetrust.com	374 B
0	adrizer.com Failed run.adrizer.com Failed
95	20

	Domain	Requested by
30	sacramento.cbslocal.com	sacramento.cbslocal.com
8	m101675-ucdn.mp.lura.live
7	cdn.cookielaw.org	sacramento.cbslocal.com cdn.cookielaw.org
6	i1.wp.com	sacramento.cbslocal.com
5	fonts.gstatic.com	fonts.googleapis.com
4	api.amplitude.com	widgets.media.weather.com
4	enewsadmin.cbslocal.com	1 redirects bh-ems-static-content.s3.amazonaws.com
2	widgets-red.media.weather.com	widgets.media.weather.com
2	platform.twitter.com	sacramento.cbslocal.com platform.twitter.com
2	connect.facebook.net	sacramento.cbslocal.com connect.facebook.net
2	bh-ems-static-content.s3.amazonaws.com	sacramento.cbslocal.com bh-ems-static-content.s3.amazonaws.com
2	i0.wp.com	sacramento.cbslocal.com
2	fonts.googleapis.com	sacramento.cbslocal.com bh-ems-static-content.s3.amazonaws.com
2	maxcdn.bootstrapcdn.com	sacramento.cbslocal.com maxcdn.bootstrapcdn.com
2	production-cmp.isgprivacy.cbsi.com	sacramento.cbslocal.com production-cmp.isgprivacy.cbsi.com
1	api.weather.com	widgets.media.weather.com
1	bam-cell.nr-data.net	js-agent.newrelic.com
1	js-agent.newrelic.com	sacramento.cbslocal.com
1	syndication.twitter.com	platform.twitter.com
1	analytics.inform.com	launch.inform.com
1	pixel.wp.com	sacramento.cbslocal.com
1	secure.quantserve.com	launch.inform.com
1	launch.inform.com	launch.newsinc.com
1	launch.newsinc.com	sacramento.cbslocal.com
1	geolocation.onetrust.com	cdn.cookielaw.org
1	stats.wp.com	sacramento.cbslocal.com
1	widgets.media.weather.com	sacramento.cbslocal.com
1	i2.wp.com	sacramento.cbslocal.com
1	w3.mp.lura.live	sacramento.cbslocal.com
1	wayne.cbslocal.com	sacramento.cbslocal.com
0	run.adrizer.com Failed	sacramento.cbslocal.com
95	31

This site contains links to these domains. Also see Links.

Domain
www.paramountplus.com
apps.cbslocal.com
twitter.com
facebook.com
instagram.com
www.facebook.com
www.youtube.com
www.instagram.com
www.reddit.com
www.linkedin.com
viacomcbs.careers
wpvip.com
policies.cbslocal.com
www.viacomcbsprivacy.com
publicfiles.fcc.gov
viacomcbsprivacy.com
www.onetrust.com

Subject Issuer	Validity	Valid
*.cbslocal.com Sectigo RSA Organization Validation Secure Server CA	`2021-10-03` - `2022-10-03`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2021-06-01` - `2022-05-31`	a year	crt.sh
*.isgprivacy.cbsi.com Sectigo RSA Organization Validation Secure Server CA	`2021-08-16` - `2022-08-16`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-03-01` - `2022-02-28`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.mp.lura.live Sectigo RSA Domain Validation Secure Server CA	`2021-10-18` - `2022-11-18`	a year	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-02` - `2022-07-05`	2 years	crt.sh
www.weather.com DigiCert SHA2 Secure Server CA	`2021-03-08` - `2022-03-16`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2021-02-12` - `2022-02-11`	a year	crt.sh
*.inform.com Sectigo RSA Domain Validation Secure Server CA	`2021-04-20` - `2022-04-20`	a year	crt.sh
*.s3.amazonaws.com Amazon	`2021-03-22` - `2022-03-03`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-10-13` - `2022-01-11`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-10-19`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
enewsadmin.cbslocal.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-05` - `2022-05-16`	a year	crt.sh
*.amplitude.com COMODO RSA Domain Validation Secure Server CA	`2020-02-18` - `2022-02-13`	2 years	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-10-06` - `2022-11-07`	a year	crt.sh
*.nr-data.net DigiCert SHA2 Secure Server CA	`2020-02-05` - `2022-02-08`	2 years	crt.sh

This page contains 3 frames:

Primary Page: https://sacramento.cbslocal.com/2021/12/16/uc-davis-workers-kronos-cyberattack/
Frame ID: 49A187AFFA697CC58198552ADF30C5A0
Requests: 83 HTTP requests in this frame

Frame: https://bh-ems-static-content.s3.amazonaws.com/cbsi/2706/cbs_local_form_f.html?market=sacramento
Frame ID: A9DD59818A87C42D01B60EF0536FB7BE
Requests: 8 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.21f942bb866c2823339b839747a0c50c.html?origin=https%3A%2F%2Fsacramento.cbslocal.com
Frame ID: F3F24CD0D41324168231A2AE0957F96D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

UC Davis Workers Affected By Kronos Cyberattack – CBS Sacramentobarsbincheckedcloseclouddown-chevrondownexpandexternal-linkfast-forwardfog01101112131415161718192202122232425262728293303132333435363738394404142434445464756789closenafuture-twcicekeylayersleft-chevronlocationminus-thinminusfullMoonfirstQuarterlastQuarternewMoonwaningCrescentwaningGibbouswaxingCrescentwaxingGibbousnext-buttonpause-buttonpause-iconpause-twcplay-buttonplay-icon-engageplay-iconplay-twcplus-thinpluspoolprecipRainprecipMixprecipRainprecipSnowprev-buttonright-chevronsearchsettingsshowershrinkstar-emptystar-fullstop-buttonsunrisesunsettogglesup-chevronvolumewarningwindBack ButtonFilter Button

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link[^>]+s\d+\.wp\.com
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

95
Requests

97 %
HTTPS

46 %
IPv6

20
Domains

31
Subdomains

25
IPs

2
Countries

5173 kB
Transfer

8073 kB
Size

3
Cookies

22 Outgoing links

These are links going to different origins than the main page.

URL: https://www.paramountplus.com/?ftag=PPM-06-10aib4i
Title: Paramount+

Search URL Search Domain Scan URL

URL: https://apps.cbslocal.com/sacramento/

Search URL Search Domain Scan URL

URL: https://twitter.com/cbssacramento
Title: twitter_url

Search URL Search Domain Scan URL

URL: https://facebook.com/cbssacramento
Title: facebook_url

Search URL Search Domain Scan URL

URL: https://instagram.com/cbssacramento
Title: instagram_url

Search URL Search Domain Scan URL

URL: https://www.facebook.com/CBSSacramento/
Title: facebook_url

Search URL Search Domain Scan URL

URL: https://www.youtube.com/cbssacramento
Title: youtube_url

Search URL Search Domain Scan URL

URL: https://www.instagram.com/cbssacramento/
Title: instagram_url

Search URL Search Domain Scan URL

URL: https://www.reddit.com/user/cbssacramento
Title: reddit_url

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/cbs-sacramento/
Title: linkedin_url

Search URL Search Domain Scan URL

URL: https://viacomcbs.careers/
Title: ViacomCBS Careers

Search URL Search Domain Scan URL

URL: https://wpvip.com/?utm_source=vip_powered_wpcom&utm_medium=web&utm_campaign=VIP%20Footer%20Credit&utm_term=sacramento.cbslocal.com
Title: WordPress VIP

Search URL Search Domain Scan URL

URL: http://policies.cbslocal.com/terms-of-use/
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://www.viacomcbsprivacy.com/policy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.viacomcbsprivacy.com/donotsell
Title: Do Not Sell My Personal Information

Search URL Search Domain Scan URL

URL: https://www.viacomcbsprivacy.com/cookies
Title: Cookies Policy

Search URL Search Domain Scan URL

URL: http://publicfiles.fcc.gov/tv-profile/KOVR
Title: Public File for KOVR-TV / CBS13

Search URL Search Domain Scan URL

URL: http://publicfiles.fcc.gov/tv-profile/KMAX-TV
Title: Public File for KMAX-TV / Good Day Sacramento

Search URL Search Domain Scan URL

URL: https://policies.cbslocal.com/fcc/contactusfcc.html
Title: Public Inspection File Help

Search URL Search Domain Scan URL

URL: https://viacomcbsprivacy.com/cookies
Title: Cookies Policy

Search URL Search Domain Scan URL

URL: https://viacomcbsprivacy.com/policy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 56

https://enewsadmin.cbslocal.com/phase2/bhecho_files/smartlists/check_entry.js HTTP 301
https://enewsadmin.cbslocal.com/two/phase2/bhecho_files/smartlists/check_entry.js

95 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
sacramento.cbslocal.com/2021/12/16/uc-davis-workers-kronos-cyberattack/ 107 KB
26 KB 385ms
351ms Document
text/html 192.0.66.136
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://sacramento.cbslocal.com/2021/12/16/uc-davis-workers-kronos-cyberattack/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.136 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx / WordPress VIP <https://wpvip.com>
Resource Hash: df2b580f1e2167117e8f9ea13faabba92d4d1c677951eba50a5aacb0cafb1e24

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: nginx
date: Tue, 04 Jan 2022 16:35:55 GMT
content-type: text/html; charset=UTF-8
x-hacker: If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
x-powered-by: WordPress VIP <https://wpvip.com>
host-header: a9130478a60e5f9135f765b23f26593b
cache-control: max-age=300
link: <https://sacramento.cbslocal.com/wp-json/>; rel="https://api.w.org/" <https://sacramento.cbslocal.com/wp-json/wp/v2/posts/729019>; rel="alternate"; type="application/json" <https://sacramento.cbslocal.com/?p=729019>; rel=shortlink
x-rq: hhn2 0 4 9980
content-encoding: gzip
age: 0
x-cache: miss
vary: Accept-Encoding
accept-ranges: bytes

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 19 KB
7 KB 47ms
27ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: sacramento.cbslocal.com
URL: https://sacramento.cbslocal.com/2021/12/16/uc-davis-workers-kronos-cyberattack/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d2a74d8b25e1ccd4b1294b0b937804bc24aeea7f46edad3f3c1f91604d2708c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sacramento.cbslocal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 04 Jan 2022 16:35:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: dMq6iJthjOyg56NOUFVpHQ==
age: 14202
vary: Accept-Encoding
content-length: 6508
x-ms-lease-status: unlocked
last-modified: Tue, 04 Jan 2022 03:52:42 GMT
server: cloudflare
etag: 0x8D9CF35A9471075
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: e2ecf141-c01e-000f-4425-013510000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6c85e1fe4caa4351-FRA

GET
H2 200 optanon-v1.1.0.js Show response
production-cmp.isgprivacy.cbsi.com/dist/ 36 KB
11 KB 47ms
6ms Script
application/x-javascript 2a04:4e42:3::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://production-cmp.isgprivacy.cbsi.com/dist/optanon-v1.1.0.js

Requested by

Host: sacramento.cbslocal.com
URL: https://sacramento.cbslocal.com/2021/12/16/uc-davis-workers-kronos-cyberattack/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::444 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0f4a840d4c7c143e4810261ca6f64c873448af9682dee66eedb615bd03415e7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sacramento.cbslocal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 16:35:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77
via: 1.1 varnish
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-2:485666168322:build/prod-optanon-pipeline:c3e69a92-6ffc-4f91-b3a6-968104a03a23
x-cache: HIT
x-cache-hits: 3
vary: Accept-Encoding
content-length: 10631
x-xss-protection: 1; mode=block
x-served-by: cache-fra19132-FRA
last-modified: Mon, 25 Oct 2021 22:21:49 GMT
x-timer: S1641314155.263680,VS0,VE0
x-frame-options: SAMEORIGIN
etag: "f5dee42377b14f2af4ee89bfca8a0320"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript
access-control-allow-origin: *
access-control-expose-headers: X-CDN
accept-ranges: bytes
x-amz-id-2: JVTQZQ6gtmVZikGtU35IF7+uIrjy6ANobUXyruTFvOWwNUj1Cv34wtCVOqgY1BPyS+AinaeJrCg=

GET
H2 200 /
sacramento.cbslocal.com/_static/ 54 KB
7 KB 6ms
6ms Stylesheet
text/css 192.0.66.136
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://sacramento.cbslocal.com/_static/??-eJytj0sOwjAMRC9EsFrUSiwQZ8nHlKiOHeUjrk9I2bCCSqxsj/1GY3hEZYULcoFyx4AZrMmKxGoCz5aqe0k5w02kYDq29gA/QRgMuo2NCUm0+w5HqovnDEFcpbbRb4NW98P9QAXNesHUbT4U1UKuReKOlzaPGgxrT4o8r/9PhdQmLv3fa7gM8+k8DeM8Tk91lp9Z
Requested by: Host: sacramento.cbslocal.com
URL: https://sacramento.cbslocal.com/2021/12/16/uc-davis-workers-kronos-cyberattack/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.136 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f2203b599cd331cec0e0e127e80a85bfe5b64439aab0cca9118227cfa5360b63

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sacramento.cbslocal.com/2021/12/16/uc-davis-workers-kronos-cyberattack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 16:35:55 GMT
x-rq: hhn2 0 4 9980
last-modified: Tue, 14 Dec 2021 20:10:25 GMT
server: nginx
age: 501689
vary: Accept-Encoding
x-cache: hit
content-type: text/css;charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
content-encoding: gzip
content-length: 7189

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ 30 KB
7 KB 58ms
38ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css?ver=4.7.0

Requested by

Host: sacramento.cbslocal.com
URL: https://sacramento.cbslocal.com/2021/12/16/uc-davis-workers-kronos-cyberattack/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://sacramento.cbslocal.com/
Origin: https://sacramento.cbslocal.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 16:35:55 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 723, 617
age: 22158788
cdn-cachedat: 2021-04-23 07:08:31
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: 360352005a712db600b0386b696149d1
cf-ray: 6c85e1fe4ceac277-FRA
cdn-requestcountrycode: DE
cdn-requestpullsuccess: True

GET
H2 200 css
fonts.googleapis.com/ 3 KB
933 B 37ms
15ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato%3A300%2C400%2C700%2C900&ver=1.0.0

Requested by

Host: sacramento.cbslocal.com
URL: https://sacramento.cbslocal.com/2021/12/16/uc-davis-workers-kronos-cyberattack/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

30c7c639fd48a0186026f900282a3b92893c32043019a5efb0ddf7e0805e296f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://sacramento.cbslocal.com/
Origin: https://sacramento.cbslocal.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 04 Jan 2022 16:13:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 04 Jan 2022 16:35:55 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 04 Jan 2022 16:35:55 GMT

GET
H2 200 /
sacramento.cbslocal.com/_static/ 26 KB
6 KB 7ms
6ms Stylesheet
text/css 192.0.66.136
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://sacramento.cbslocal.com/_static/??-eJyNy0sKgDAMANELWUMrLbgQz1JjUCH9QCLi7bUXELfDG7iqwZKVsoLulEgAFzFcMDKI3kw9inTwxY6MfK4tiUCNGxmlVDnqj7ctxG/MKk3PabJhGL11wfkHIdQ5HA==
Requested by: Host: sacramento.cbslocal.com
URL: https://sacramento.cbslocal.com/2021/12/16/uc-davis-workers-kronos-cyberattack/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.136 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: bcbe6d6462acffc0236d2d8d695413071fa52fb6c8b571b5fb2995ac37cab7b8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sacramento.cbslocal.com/2021/12/16/uc-davis-workers-kronos-cyberattack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 16:35:55 GMT
x-rq: hhn2 0 4 9980
last-modified: Tue, 14 Dec 2021 20:10:25 GMT
server: nginx
age: 501689
vary: Accept-Encoding
x-cache: hit
content-type: text/css;charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
content-encoding: gzip
content-length: 5936

GET
H2 200 cbslocal_custom_global.css
wayne.cbslocal.com/cbs-local-custom-css/global/ 2 KB
3 KB 73ms
8ms Stylesheet
text/css 2600:9000:206f:e400:14:b4ba:1100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://wayne.cbslocal.com/cbs-local-custom-css/global/cbslocal_custom_global.css?ver=1.0.0
Requested by: Host: sacramento.cbslocal.com
URL: https://sacramento.cbslocal.com/2021/12/16/uc-davis-workers-kronos-cyberattack/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:e400:14:b4ba:1100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2680c4b7bf6353641b532e79f40f2e360de321480d0b08eb8dd7435a3c433e7c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sacramento.cbslocal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: xrkvL2KTeuFQMg7E6kXE9vXgtcuAwjUA
via: 1.1 6165dcc1fdf84ac65e8204c05709f1cb.cloudfront.net (CloudFront)
last-modified: Fri, 05 Nov 2021 18:54:12 GMT
server: AmazonS3
age: 937
etag: "40d2f1b1c9767b53ff16821f9bbc7b37"
x-cache: Hit from cloudfront
content-type: text/css
date: Tue, 04 Jan 2022 16:33:07 GMT
x-amz-meta-version-id: ZakQse3JshhOTcZtyfdFKFjrwTmeOaYE
x-amz-cf-pop: FRA56-C1
content-length: 2330
x-amz-cf-id: 6kF9Ty_J7l4OZkcsNfgHWE86fehKU2MaMFeaSfkdxtt5fPUXGuxNEA==

GET
H2 200 /
sacramento.cbslocal.com/_static/ 248 KB
40 KB 8ms
7ms Stylesheet
text/css 192.0.66.136
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://sacramento.cbslocal.com/_static/??-eJydU+1yAiEMfKFG7NXaX50+Sw7iicKFgZz23r45v61Oe/qDmU1gl00IZpvAcivUipElRSrG1gUCWwwmha7xbTGRXRd0Z3cAIrbYUDa2aKZPNJsoejF/CfnWhs4NKeVsvSMQiimgUHmQnDDLCM5v52XJWSwfVc7hA9dTrMnt+TsIwRcBi4KBmwfL0Cq8DQSb2+YdresSbDJGWBC5ve0aztkKqkn07Yl/pe/Umqn14rW6rDPm3hTpA91nrLRR5DxSUM9q4TLQV+opQ6AGbT+OrnuX8RVp9IvplDQkp4kZ8I1I7OBIW5Ek1Gpfp5PZjcYCLdXMQy/WCr4PvXhWTjhB4qLovs4T/yhiXg/S+/OWA+cnpvw/Xd5Q3mYv40sfNA6JgfMVP1/ns+lHNa/e334AH4OVTw==
Requested by: Host: sacramento.cbslocal.com
URL: https://sacramento.cbslocal.com/2021/12/16/uc-davis-workers-kronos-cyberattack/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.136 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 80e63ff2e640e365ec969b3f070c39bde56a74f85e4e9f9e6e49aca2488bd8d4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sacramento.cbslocal.com/2021/12/16/uc-davis-workers-kronos-cyberattack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 16:35:55 GMT
x-rq: hhn2 0 4 9980
last-modified: Tue, 28 Dec 2021 21:17:33 GMT
server: nginx
age: 586878
vary: Accept-Encoding
x-cache: hit
content-type: text/css;charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
content-encoding: gzip
content-length: 40486

GET
H2 200 / Show response
sacramento.cbslocal.com/_static/ 133 KB
44 KB 12ms
11ms Script
application/javascript 192.0.66.136
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://sacramento.cbslocal.com/_static/??-eJy1UEEOwjAM+xBdYMA4Id5Sumy0pGlZWtB+T5k4sNtA4mTFsR0r8IjKBE7ICdIFPQqYsygKRhNYNpTbQjmBGGjsLFHlLVdOVrDU6BY5IuXesoAPbaay0e1kLqDu9WfCLPqWcRjfsEikvO0HnfCnTpNAec26x+EVPSNUuXdNIX71nC6zSTaw/KMQUpk4Sck9+eOm2a0PdVPvt+4JsMe6Ng==
Requested by: Host: sacramento.cbslocal.com
URL: https://sacramento.cbslocal.com/2021/12/16/uc-davis-workers-kronos-cyberattack/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.136 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 8d4d7fb46b39d1c959a641a3f7608ae0291798600cf8713402e2a51e695808c9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sacramento.cbslocal.com/2021/12/16/uc-davis-workers-kronos-cyberattack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 16:35:55 GMT
x-rq: hhn2 0 4 9980
last-modified: Tue, 28 Dec 2021 21:17:33 GMT
server: nginx
age: 587194
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-encoding: gzip
content-length: 44917

GET
H/1.1 200
OK anvload.js Show response
w3.mp.lura.live/player/prod/v3/scripts/ 265 KB
79 KB 174ms
38ms Script
text/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://w3.mp.lura.live/player/prod/v3/scripts/anvload.js?ver=5.8.2
Requested by: Host: sacramento.cbslocal.com
URL: https://sacramento.cbslocal.com/2021/12/16/uc-davis-workers-kronos-cyberattack/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: tlb.hwcdn.net
Software: UploadServer /
Resource Hash: f8490531ab6b07cb2b6155c11447ea32318df38ab59c89a7a823604fb2b34500

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sacramento.cbslocal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash: crc32c=on/JkQ==, md5=TFo4ZIfOnl7DdQbh+oYb1g==
Date: Tue, 04 Jan 2022 16:35:55 GMT
Content-Encoding: gzip
X-GUploader-UploadID: ADPycds1ngkE9tveWYXhm5dkkOoK8DKlApXqLoMPmxMW1FP5SjM66uFJEV6aYzPLdCpAbxaYBGlpywxCroP50ZMwxAI
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
Connection: Keep-Alive
Content-Length: 80072
Last-Modified: Wed, 22 Dec 2021 13:45:07 GMT
Server: UploadServer
ETag: "4c5a386487ce9e5ec37506e1fa861bd6"
X-HW: 1641314155.dop021.ml1.t,1641314155.cds220.ml1.shn,1641314155.dop021.ml1.t,1641314155.cds029.ml1.c
x-goog-generation: 1640180707920153
Access-Control-Allow-Origin: *
Cache-Control: private
x-goog-stored-content-length: 80072
Accept-Ranges: bytes
Content-Type: text/javascript

GET
H2 200 / Show response
sacramento.cbslocal.com/_static/ 7 KB
2 KB 14ms
13ms Script
application/javascript 192.0.66.136
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://sacramento.cbslocal.com/_static/??-eJyFjcEOgzAMQ39oEMEE0g6IbyltVFKlKVrS8furpl12GTfLfrbhPDpfxFAMbMeMCn7Tjot3DCSea2hWUnBhR6UX9pmkT3qDf8XGRy6b40vy5+Jp5BkvOwfXSKKQS6jckpNCRPtMfGWbWPMyzPfHNIzzOKU3CstU0g==
Requested by: Host: sacramento.cbslocal.com
URL: https://sacramento.cbslocal.com/2021/12/16/uc-davis-workers-kronos-cyberattack/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.136 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: b5ac1cf729bced42e16359c288ee8767a7dee9d703efdacdcafb6f784e67e6e5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sacramento.cbslocal.com/2021/12/16/uc-davis-workers-kronos-cyberattack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 16:35:55 GMT
x-rq: hhn2 0 4 9980
last-modified: Tue, 14 Dec 2021 20:10:25 GMT
server: nginx
age: 502503
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-encoding: gzip
content-length: 2264

GET
H2 200 3_sacramento_cbs13.png
sacramento.cbslocal.com/wp-content/uploads/sites/15909776/2018/02/ 4 KB
4 KB 6ms
6ms Image
image/webp 192.0.66.136
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sacramento.cbslocal.com/wp-content/uploads/sites/15909776/2018/02/3_sacramento_cbs13.png?w=311
Requested by: Host: sacramento.cbslocal.com
URL: https://sacramento.cbslocal.com/2021/12/16/uc-davis-workers-kronos-cyberattack/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.136 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: d6bd6d2b993746a146115168cf4e08fe45d46d2e4aab5b85e51fff852778a507

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sacramento.cbslocal.com/2021/12/16/uc-davis-workers-kronos-cyberattack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 16:35:55 GMT
x-rq: hhn2 109 139 443
last-modified: Tue, 23 Nov 2021 13:53:31 GMT
server: nginx
etag: "510b25a760909e4a"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 3994
expires: Wed, 23 Nov 2022 13:53:31 GMT

GET
H2 200 blank_1x1.gif
sacramento.cbslocal.com/wp-content/themes/cbs-local/images/global/ 1 KB
888 B 9ms
6ms Image
image/gif 192.0.66.136
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sacramento.cbslocal.com/wp-content/themes/cbs-local/images/global/blank_1x1.gif
Requested by: Host: sacramento.cbslocal.com
URL: https://sacramento.cbslocal.com/2021/12/16/uc-davis-workers-kronos-cyberattack/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.136 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1bc3050ed2fe13c304aa685037fdaf4e1c65baa779ab8b4de62e2db956357279

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sacramento.cbslocal.com/2021/12/16/uc-davis-workers-kronos-cyberattack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 16:35:55 GMT
x-rq: hhn2 0 4 9980
last-modified: Mon, 15 Nov 2021 15:01:08 GMT
server: nginx
age: 4101697
etag: W/"61927634-449"
x-cache: hit
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
content-encoding: gzip
content-length: 802
expires: Wed, 04 Jan 2023 16:35:55 GMT

GET
H2 200 sacramento.jpg
sacramento.cbslocal.com/wp-content/themes/cbs-local/images/app-promos/ 85 KB
66 KB 9ms
6ms Image
image/jpeg 192.0.66.136
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sacramento.cbslocal.com/wp-content/themes/cbs-local/images/app-promos/sacramento.jpg
Requested by: Host: sacramento.cbslocal.com
URL: https://sacramento.cbslocal.com/2021/12/16/uc-davis-workers-kronos-cyberattack/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.136 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1c5af1f53f57687651dc322d823e512050cf1cda2187bdea93cab2299333f018

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sacramento.cbslocal.com/2021/12/16/uc-davis-workers-kronos-cyberattack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 16:35:55 GMT
x-rq: hhn2 0 4 9980
last-modified: Mon, 15 Nov 2021 15:01:08 GMT
server: nginx
age: 4100197
etag: W/"61927634-1557f"
x-cache: hit
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
content-encoding: gzip
content-length: 67754
expires: Wed, 04 Jan 2023 16:35:55 GMT

GET
H2 200 sacramento-police-chief-kathy-lester-1.png
i1.wp.com/sacramento.cbslocal.com/wp-content/uploads/sites/15909776/2022/01/ 5 KB
5 KB 30ms
7ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/sacramento.cbslocal.com/wp-content/uploads/sites/15909776/2022/01/sacramento-police-chief-kathy-lester-1.png?resize=55%2C55&ssl=1

Requested by

Host: sacramento.cbslocal.com
URL: https://sacramento.cbslocal.com/2021/12/16/uc-davis-workers-kronos-cyberattack/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

1493b5ff5ed26550e9f9db08ac794773e32e51979d6cd5960d3ee1255ae5e03b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sacramento.cbslocal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc: HIT hhn 4
date: Tue, 04 Jan 2022 16:35:55 GMT
x-content-type-options: nosniff
last-modified: Mon, 03 Jan 2022 08:02:32 GMT
server: nginx
etag: "f64de66863f99a99"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://sacramento.cbslocal.com/wp-content/uploads/sites/15909776/2022/01/sacramento-police-chief-kathy-lester-1.png>; rel="canonical"
content-length: 5134
expires: Wed, 03 Jan 2024 20:02:32 GMT

GET
H2 200 rocklin-burlgary-arrest.jpg
i1.wp.com/sacramento.cbslocal.com/wp-content/uploads/sites/15909776/2022/01/ 970 B
1 KB 30ms
7ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/sacramento.cbslocal.com/wp-content/uploads/sites/15909776/2022/01/rocklin-burlgary-arrest.jpg?resize=55%2C55&ssl=1

Requested by

Host: sacramento.cbslocal.com
URL: https://sacramento.cbslocal.com/2021/12/16/uc-davis-workers-kronos-cyberattack/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

01979524c2cdf508b56e465d8cf02b9fc130073a7cb30967e3ba1621fd299cb5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sacramento.cbslocal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc: HIT hhn 2
date: Tue, 04 Jan 2022 16:35:55 GMT
x-content-type-options: nosniff
last-modified: Tue, 04 Jan 2022 06:03:15 GMT
server: nginx
etag: "fe170d6d4dc46d8f"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://sacramento.cbslocal.com/wp-content/uploads/sites/15909776/2022/01/rocklin-burlgary-arrest.jpg>; rel="canonical"
content-length: 970
expires: Thu, 04 Jan 2024 18:03:15 GMT

GET
H2 200 wec-closed.png
i0.wp.com/sacramento.cbslocal.com/wp-content/uploads/sites/15909776/2022/01/ 4 KB
5 KB 23ms
6ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/sacramento.cbslocal.com/wp-content/uploads/sites/15909776/2022/01/wec-closed.png?resize=55%2C55&ssl=1

Requested by

Host: sacramento.cbslocal.com
URL: https://sacramento.cbslocal.com/2021/12/16/uc-davis-workers-kronos-cyberattack/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

93aaf053e829c9d266fed877033e5e2e0043540566847b5445aa81817612fd33

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sacramento.cbslocal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc: HIT hhn 3
date: Tue, 04 Jan 2022 16:35:55 GMT
x-content-type-options: nosniff
last-modified: Mon, 03 Jan 2022 20:40:28 GMT
server: nginx
etag: "26104b11b32b7b38"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://sacramento.cbslocal.com/wp-content/uploads/sites/15909776/2022/01/wec-closed.png>; rel="canonical"
content-length: 4540
expires: Thu, 04 Jan 2024 08:40:28 GMT

GET
H2 200 apt-fire-roseville.png
i1.wp.com/sacramento.cbslocal.com/wp-content/uploads/sites/15909776/2022/01/ 4 KB
4 KB 30ms
7ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/sacramento.cbslocal.com/wp-content/uploads/sites/15909776/2022/01/apt-fire-roseville.png?resize=55%2C55&ssl=1

Requested by

Host: sacramento.cbslocal.com
URL: https://sacramento.cbslocal.com/2021/12/16/uc-davis-workers-kronos-cyberattack/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

9d7e8053393966dc580d9a8fe9a066ef76de205f9b5d065834bbb58063fe3e47

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sacramento.cbslocal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc: HIT hhn 4
date: Tue, 04 Jan 2022 16:35:55 GMT
x-content-type-options: nosniff
last-modified: Tue, 04 Jan 2022 08:44:05 GMT
server: nginx
etag: "5532d8c70f07d54b"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://sacramento.cbslocal.com/wp-content/uploads/sites/15909776/2022/01/apt-fire-roseville.png>; rel="canonical"
content-length: 3716
expires: Thu, 04 Jan 2024 20:44:05 GMT

GET
H2 200 634D7CD0A33FF75B2269103558080774-1.jpg
i2.wp.com/sacramento.cbslocal.com/wp-content/uploads/sites/15909776/2022/01/ 1 KB
2 KB 31ms
6ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/sacramento.cbslocal.com/wp-content/uploads/sites/15909776/2022/01/634D7CD0A33FF75B2269103558080774-1.jpg?resize=55%2C55&ssl=1

Requested by

Host: sacramento.cbslocal.com
URL: https://sacramento.cbslocal.com/2021/12/16/uc-davis-workers-kronos-cyberattack/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

cb9c04cf0be07c04879097a4c865739ea18d25daa2d4a80e145b688e0c8b4f22

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sacramento.cbslocal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc: HIT hhn 3
date: Tue, 04 Jan 2022 16:35:55 GMT
x-content-type-options: nosniff
last-modified: Tue, 04 Jan 2022 08:44:05 GMT
server: nginx
etag: "7663d417210162cf"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://sacramento.cbslocal.com/wp-content/uploads/sites/15909776/2022/01/634D7CD0A33FF75B2269103558080774-1.jpg>; rel="canonical"
content-length: 1444
expires: Thu, 04 Jan 2024 20:44:05 GMT

GET
H2 200 GettyImages-926719206.jpg
i1.wp.com/sacramento.cbslocal.com/wp-content/uploads/sites/15909776/2021/02/ 1 KB
1 KB 32ms
10ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/sacramento.cbslocal.com/wp-content/uploads/sites/15909776/2021/02/GettyImages-926719206.jpg?resize=55%2C55&ssl=1

Requested by

Host: sacramento.cbslocal.com
URL: https://sacramento.cbslocal.com/2021/12/16/uc-davis-workers-kronos-cyberattack/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

e371b8dcc031a250c49d0212681ff04157566db169112b49295d9f681b2227d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sacramento.cbslocal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc: HIT hhn 4
date: Tue, 04 Jan 2022 16:35:55 GMT
x-content-type-options: nosniff
last-modified: Mon, 03 Jan 2022 08:02:34 GMT
server: nginx
etag: "90611d21fa214cbe"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://sacramento.cbslocal.com/wp-content/uploads/sites/15909776/2021/02/GettyImages-926719206.jpg>; rel="canonical"
content-length: 1182
expires: Wed, 03 Jan 2024 20:02:34 GMT

GET
H2 200 covid-test.jpg
i1.wp.com/sacramento.cbslocal.com/wp-content/uploads/sites/15909776/2022/01/ 1 KB
1 KB 32ms
10ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/sacramento.cbslocal.com/wp-content/uploads/sites/15909776/2022/01/covid-test.jpg?resize=55%2C55&ssl=1

Requested by

Host: sacramento.cbslocal.com
URL: https://sacramento.cbslocal.com/2021/12/16/uc-davis-workers-kronos-cyberattack/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

c535f51728d66a07fd6379cf1dc511ea36ff182bafd4f667203c35d81090c592

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sacramento.cbslocal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Tue, 04 Jan 2022 16:35:55 GMT
x-content-type-options: nosniff
last-modified: Tue, 04 Jan 2022 09:01:44 GMT
server: nginx
etag: "63a2d0efa67a0b1c"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://sacramento.cbslocal.com/wp-content/uploads/sites/15909776/2022/01/covid-test.jpg>; rel="canonical"
content-length: 1046
expires: Thu, 04 Jan 2024 21:01:44 GMT

GET
H2 200 sacramento-police-chief-kathy-lester.png
i0.wp.com/sacramento.cbslocal.com/wp-content/uploads/sites/15909776/2022/01/ 5 KB
5 KB 23ms
6ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/sacramento.cbslocal.com/wp-content/uploads/sites/15909776/2022/01/sacramento-police-chief-kathy-lester.png?resize=55%2C55&ssl=1

Requested by

Host: sacramento.cbslocal.com
URL: https://sacramento.cbslocal.com/2021/12/16/uc-davis-workers-kronos-cyberattack/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

45b83f139410925692d60949399c22da337a14c92e096e89e1079aefb45d3403

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sacramento.cbslocal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc: HIT hhn 4
date: Tue, 04 Jan 2022 16:35:55 GMT
x-content-type-options: nosniff
last-modified: Mon, 03 Jan 2022 06:14:56 GMT
server: nginx
etag: "105b3436d4af5088"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://sacramento.cbslocal.com/wp-content/uploads/sites/15909776/2022/01/sacramento-police-chief-kathy-lester.png>; rel="canonical"
content-length: 4958
expires: Wed, 03 Jan 2024 18:14:56 GMT

GET
H2 200 antelope-csi.jpg
i1.wp.com/sacramento.cbslocal.com/wp-content/uploads/sites/15909776/2021/12/ 504 B
683 B 32ms
10ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/sacramento.cbslocal.com/wp-content/uploads/sites/15909776/2021/12/antelope-csi.jpg?resize=55%2C55&ssl=1

Requested by

Host: sacramento.cbslocal.com
URL: https://sacramento.cbslocal.com/2021/12/16/uc-davis-workers-kronos-cyberattack/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i2.wp.com

Software

nginx /

Resource Hash

a4221ee405c5f5d7c2b1a5b891ba0eca3aae58d5b4e6e56c22815018ae5a7233

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sacramento.cbslocal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Tue, 04 Jan 2022 16:35:55 GMT
x-content-type-options: nosniff
last-modified: Wed, 29 Dec 2021 19:58:38 GMT
server: nginx
etag: "7190537ede66a9de"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://sacramento.cbslocal.com/wp-content/uploads/sites/15909776/2021/12/antelope-csi.jpg>; rel="canonical"
content-length: 504
expires: Sat, 30 Dec 2023 07:58:38 GMT

GET
H2 200 sacramento.png
sacramento.cbslocal.com/wp-content/uploads/sites/15909776/2017/10/ 2 KB
2 KB 14ms
12ms Image
image/webp 192.0.66.136
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sacramento.cbslocal.com/wp-content/uploads/sites/15909776/2017/10/sacramento.png
Requested by: Host: sacramento.cbslocal.com
URL: https://sacramento.cbslocal.com/2021/12/16/uc-davis-workers-kronos-cyberattack/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.136 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1507f27f9b35925cf1ca6d3949c006df7e032afc9114006abf1d268ffe2615fc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sacramento.cbslocal.com/2021/12/16/uc-davis-workers-kronos-cyberattack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 16:35:55 GMT
x-rq: hhn2 109 27 443
last-modified: Tue, 23 Nov 2021 14:20:13 GMT
server: nginx
etag: "afe587135dc84def"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1728
expires: Wed, 23 Nov 2022 14:20:13 GMT

GET
H2 200 cbs-local-viacom-logo-white.png
sacramento.cbslocal.com/wp-content/themes/cbs-local/plugins/modules/theme-manager/images/ 16 KB
14 KB 14ms
12ms Image
image/png 192.0.66.136
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sacramento.cbslocal.com/wp-content/themes/cbs-local/plugins/modules/theme-manager/images/cbs-local-viacom-logo-white.png
Requested by: Host: sacramento.cbslocal.com
URL: https://sacramento.cbslocal.com/2021/12/16/uc-davis-workers-kronos-cyberattack/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.136 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 5157485dfe96b5d5e5f45eda01524834c13595e3ce3262a33b75f5e2b09a0c94

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sacramento.cbslocal.com/2021/12/16/uc-davis-workers-kronos-cyberattack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 16:35:55 GMT
x-rq: hhn2 0 4 9980
last-modified: Mon, 15 Nov 2021 15:01:08 GMT
server: nginx
age: 4101793
etag: W/"61927634-40a2"
x-cache: hit
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-encoding: gzip
content-length: 14669
expires: Wed, 04 Jan 2023 16:35:55 GMT

GET
H2 200 /
sacramento.cbslocal.com/_static/ 12 KB
2 KB 6ms
6ms Stylesheet
text/css 192.0.66.136
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://sacramento.cbslocal.com/_static/??-eJylTlsKgCAQvFDbUmHQR3QWXRcTfIQaXj+JTpB/82awXkAxFA4Fy8meM5LK4CJJhzaQu3WT2CvWzckfBGdzGRsd8H8fTLK6Z6SybOkE1WrD/Xco+kvSu3P4fVqXTUzzOosHFn9rLg==
Requested by: Host: sacramento.cbslocal.com
URL: https://sacramento.cbslocal.com/2021/12/16/uc-davis-workers-kronos-cyberattack/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.136 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 7d2bac0f450732a89bb1683c5ffc39e047ba0687da2f43e7f9999cb6362863fe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sacramento.cbslocal.com/2021/12/16/uc-davis-workers-kronos-cyberattack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 16:35:55 GMT
x-rq: hhn2 0 4 9980
last-modified: Tue, 14 Dec 2021 20:10:25 GMT
server: nginx
age: 499896
vary: Accept-Encoding
x-cache: hit
content-type: text/css;charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
content-encoding: gzip
content-length: 1712

GET
H2 200 partners.css
sacramento.cbslocal.com/wp-content/themes/cbs-local/plugins/modules/partners/css/ 3 KB
1000 B 6ms
6ms Stylesheet
text/css 192.0.66.136
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://sacramento.cbslocal.com/wp-content/themes/cbs-local/plugins/modules/partners/css/partners.css?m=1639512625g
Requested by: Host: sacramento.cbslocal.com
URL: https://sacramento.cbslocal.com/2021/12/16/uc-davis-workers-kronos-cyberattack/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.136 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: c46f37a799c20e2173588693aaff8225ad0383e31427b18d1bce5e0ec4563691

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sacramento.cbslocal.com/2021/12/16/uc-davis-workers-kronos-cyberattack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 16:35:55 GMT
x-rq: hhn2 0 4 9980
last-modified: Tue, 14 Dec 2021 20:10:25 GMT
server: nginx
age: 1797126
etag: W/"61b8fa31-d01"
vary: Accept-Encoding
x-cache: hit
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
content-encoding: gzip
content-length: 913
expires: Wed, 04 Jan 2023 16:35:55 GMT

GET
H2 200 / Show response
sacramento.cbslocal.com/_static/ 2 KB
1 KB 7ms
6ms Script
application/javascript 192.0.66.136
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://sacramento.cbslocal.com/_static/??-eJyVjUsOwyAMBS9UcH5NV1WPUgVwKhNsUDHK9Zvuss3ySTPzYC/GZ1EUBW6mpPYhqRBRy+I303d2gjeJB9coBVgXjy7nzSA7DJZJbKw3uBbRnVTxa5QYEwmeMweVWsBDrv95vnnxs5+n7jHMw32MP0yBQXI=
Requested by: Host: sacramento.cbslocal.com
URL: https://sacramento.cbslocal.com/2021/12/16/uc-davis-workers-kronos-cyberattack/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.136 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 3cd60f73211d523c38b8e8d7f421c3772f3010a0f8703251102e685fe7f51dca

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sacramento.cbslocal.com/2021/12/16/uc-davis-workers-kronos-cyberattack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 16:35:55 GMT
x-rq: hhn2 0 4 9980
last-modified: Tue, 28 Dec 2021 21:17:33 GMT
server: nginx
age: 587207
vary: Accept-Encoding
x-cache: hit
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-encoding: gzip
content-length: 1227

GET
H2 200 wxwidget.loader.js Show response
widgets.media.weather.com/ 517 KB
121 KB 327ms
122ms Script
text/javascript 2a02:26f0:fb:5a6::3282
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.weather.com/wxwidget.loader.js?cid=934888385&ver=1.1

Requested by

Host: sacramento.cbslocal.com
URL: https://sacramento.cbslocal.com/2021/12/16/uc-davis-workers-kronos-cyberattack/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

2a02:26f0:fb:5a6::3282 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.20.0 / Express

Resource Hash

c0c1eb58fda11232d296b6f67e6190061aa5a827251ef0e245a478ff8a765390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sacramento.cbslocal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
etag: W/"81218-yWzqhfqxhVGi7oCNx0iT+ohuZtU"
server: nginx/1.20.0
x-powered-by: Express
x-cache-status: MISS
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=67125
date: Tue, 04 Jan 2022 16:35:55 GMT
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 123370
expires: Wed, 05 Jan 2022 11:14:40 GMT

GET
H2 200 e-202201.js Show response
stats.wp.com/ 9 KB
3 KB 28ms
8ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202201.js
Requested by: Host: sacramento.cbslocal.com
URL: https://sacramento.cbslocal.com/2021/12/16/uc-davis-workers-kronos-cyberattack/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sacramento.cbslocal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-nc: HIT hhn
date: Tue, 04 Jan 2022 16:35:55 GMT
content-encoding: br
server: nginx
etag: W/"6197c5cf-3508"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Sat, 31 Dec 2022 23:13:22 GMT

GET
H2 200 7547764e-53b9-4fff-aef7-ce9cb429c721.json Show response
cdn.cookielaw.org/consent/7547764e-53b9-4fff-aef7-ce9cb429c721/ 4 KB
2 KB 38ms
21ms XHR
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/7547764e-53b9-4fff-aef7-ce9cb429c721/7547764e-53b9-4fff-aef7-ce9cb429c721.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce0c7ef95cf301e27161602498891e8bda3a1463a6d0006225cc363539c00c13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sacramento.cbslocal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 04 Jan 2022 16:35:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 0A5diEB3muY5eljeRxqDxg==
age: 13658
vary: Accept-Encoding
content-length: 1430
x-ms-lease-status: unlocked
last-modified: Tue, 31 Aug 2021 22:02:30 GMT
server: cloudflare
etag: 0x8D96CCB07695EA4
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: bc4a7cdb-401e-001e-8063-cc020b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6c85e1fe9f2ad6e1-FRA
expires: Tue, 04 Jan 2022 20:35:55 GMT

GET
H2 200 shamanNotifier.js Show response
production-cmp.isgprivacy.cbsi.com/cps/ 349 KB
96 KB 21ms
20ms Script
application/x-javascript 2a04:4e42:3::444
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://production-cmp.isgprivacy.cbsi.com/cps/shamanNotifier.js

Requested by

Host: production-cmp.isgprivacy.cbsi.com
URL: https://production-cmp.isgprivacy.cbsi.com/dist/optanon-v1.1.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::444 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

25e98a63977ee0f337a49990683a9754331b678acbd0259592f18bebabafb3bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sacramento.cbslocal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 16:35:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2135
via: 1.1 varnish
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:us-east-2:485666168322:build/prod-shaman-notifier-pipeline:4d2ea653-50b5-4b59-95ce-eca60789d114
x-cache: HIT
x-cache-hits: 63
vary: Accept-Encoding
content-length: 98191
x-xss-protection: 1; mode=block
x-served-by: cache-fra19132-FRA
last-modified: Thu, 09 Dec 2021 19:44:42 GMT
x-timer: S1641314155.493637,VS0,VE0
x-frame-options: SAMEORIGIN
etag: "1187e21c301257c03ca05611228a887a"
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/x-javascript
access-control-allow-origin: *
access-control-expose-headers: X-CDN
accept-ranges: bytes
x-amz-id-2: NOWz1LAsbsynFkyoVWeYlGKo/vbNtdaAnflL0QcE7E5pc6PWz4zXiCf7ElDD5UMjQLHoI29HB8Y=

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 165 B
374 B 47ms
31ms Script
text/javascript 2606:4700:10::6814:b944
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:b944 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

77ae4fb56d2da594993ef6f0203c0cef103af28f7e4c5e0ac045909137422cf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sacramento.cbslocal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 16:35:55 GMT
content-encoding: gzip
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-ray: 6c85e2000f9d2484-FRA

GET track.min.js
run.adrizer.com/ 0
0

GET
H2 200 embed.js Show response
launch.newsinc.com/js/ 208 B
721 B 89ms
7ms Script
application/javascript 34.95.105.209
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://launch.newsinc.com/js/embed.js
Requested by: Host: sacramento.cbslocal.com
URL: https://sacramento.cbslocal.com/_static/??-eJy1UEEOwjAM+xBdYMA4Id5Sumy0pGlZWtB+T5k4sNtA4mTFsR0r8IjKBE7ICdIFPQqYsygKRhNYNpTbQjmBGGjsLFHlLVdOVrDU6BY5IuXesoAPbaay0e1kLqDu9WfCLPqWcRjfsEikvO0HnfCnTpNAec26x+EVPSNUuXdNIX71nC6zSTaw/KMQUpk4Sck9+eOm2a0PdVPvt+4JsMe6Ng==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.105.209 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 209.105.95.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 71b4fa19a4ed21aa1def9219942ddc11bff922a06a5828bf007d9dab48067bf8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sacramento.cbslocal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 16:08:47 GMT
x-goog-meta-goog-reserved-file-mtime: 1555959412
age: 1628
x-guploader-uploadid: ADPycdufWj0KKGIxPVD4vej0xKm9qcEi8is3yORDQlKUkVPwnzMSUMYxGITmhI3swERcFpXxlhDpCbtLuxM6JI42dBL7OJvgqQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 208
last-modified: Tue, 30 Apr 2019 17:17:32 GMT
server: UploadServer
etag: "1398347a0368431b9b14993a23edca6a"
x-goog-hash: crc32c=ULK8kg==, md5=E5g0egNoQxubFJk6I+3Kag==
content-language: en
x-goog-generation: 1556644652929924
cache-control: public, max-age=3600
x-goog-stored-content-length: 208
accept-ranges: bytes
content-type: application/javascript
expires: Tue, 04 Jan 2022 17:08:47 GMT

GET
H/1.1 200
OK cbs_local_form_f.html Show response
bh-ems-static-content.s3.amazonaws.com/cbsi/2706/ Frame A9DD 12 KB
13 KB 658ms
167ms Document
text/html 52.218.168.219
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bh-ems-static-content.s3.amazonaws.com/cbsi/2706/cbs_local_form_f.html?market=sacramento
Requested by: Host: sacramento.cbslocal.com
URL: https://sacramento.cbslocal.com/2021/12/16/uc-davis-workers-kronos-cyberattack/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.168.219 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: c8e31ccf6dfaa59c974aafe5dd814618619fb659c7c11314d9020ea16c298873

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sacramento.cbslocal.com/

Response headers

x-amz-id-2: iMB8Ue4F6P0HALtp1W5CVoI5+Bine5X/IPz9NbpHhnEl0z/qGUaPKu41ddgehZub5Z6XZVDp2G4=
x-amz-request-id: 1212ED7VSGNS8V80
Date: Tue, 04 Jan 2022 16:35:57 GMT
Last-Modified: Tue, 17 Dec 2019 08:08:29 GMT
ETag: "c657bdd7255f0386576a775c8e7afd17"
x-amz-meta-cb-modifiedtime: Tue, 17 Dec 2019 08:08:03 GMT
x-amz-version-id: 2Stx39K_4FKh8E5JivhKizTHyoLgSKlr
Accept-Ranges: bytes
Content-Type: text/html
Server: AmazonS3
Content-Length: 12518

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 1038ms
7ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: sacramento.cbslocal.com
URL: https://sacramento.cbslocal.com/_static/??-eJyVjUsOwyAMBS9UcH5NV1WPUgVwKhNsUDHK9Zvuss3ySTPzYC/GZ1EUBW6mpPYhqRBRy+I303d2gjeJB9coBVgXjy7nzSA7DJZJbKw3uBbRnVTxa5QYEwmeMweVWsBDrv95vnnxs5+n7jHMw32MP0yBQXI=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3f909cd75aa7bfe580c47bf5822688dba5caac20cceb4c416ec4dd0f08682e5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sacramento.cbslocal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: NGZafZ1+wN9WTAfXHlEpmw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: agM8CRCAurUELpIK4kZfZsMOi4bJC29Ija5WPdk9NBrqRd0TAe6CcdI81/7VMldo1WGicukSV8IxdUDFvFgvLw==
x-fb-trip-id: 917726464
x-fb-content-md5: c1730f57e47a3686e467dbf8fbbcd15c
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Tue, 04 Jan 2022 16:35:56 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "af521dcebbfda357ae6f5b5423ba38a8"
timing-allow-origin: *
priority: u=3,i
expires: Tue, 04 Jan 2022 16:50:15 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 281ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: sacramento.cbslocal.com
URL: https://sacramento.cbslocal.com/_static/??-eJyVjUsOwyAMBS9UcH5NV1WPUgVwKhNsUDHK9Zvuss3ySTPzYC/GZ1EUBW6mpPYhqRBRy+I303d2gjeJB9coBVgXjy7nzSA7DJZJbKw3uBbRnVTxa5QYEwmeMweVWsBDrv95vnnxs5+n7jHMw32MP0yBQXI=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6796) /
Resource Hash: 97719c71e44494e537beba8d51c6bb268a34dcd867fdefc431229225ca734b46

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sacramento.cbslocal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Tue, 04 Jan 2022 16:35:55 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Age: 1173
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Content-Length: 29126
x-tw-cdn: VZ
Last-Modified: Thu, 02 Dec 2021 21:35:27 GMT
Server: ECS (frb/6796)
Etag: "50ec7e701ed018305368886c39cac301+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800

GET
H2 200 social-media-color-v2.png
sacramento.cbslocal.com/wp-content/themes/cbs-local/images/global/sprites/ 22 KB
21 KB 7ms
6ms Image
image/png 192.0.66.136
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sacramento.cbslocal.com/wp-content/themes/cbs-local/images/global/sprites/social-media-color-v2.png
Requested by: Host: sacramento.cbslocal.com
URL: https://sacramento.cbslocal.com/_static/??-eJydU+1yAiEMfKFG7NXaX50+Sw7iicKFgZz23r45v61Oe/qDmU1gl00IZpvAcivUipElRSrG1gUCWwwmha7xbTGRXRd0Z3cAIrbYUDa2aKZPNJsoejF/CfnWhs4NKeVsvSMQiimgUHmQnDDLCM5v52XJWSwfVc7hA9dTrMnt+TsIwRcBi4KBmwfL0Cq8DQSb2+YdresSbDJGWBC5ve0aztkKqkn07Yl/pe/Umqn14rW6rDPm3hTpA91nrLRR5DxSUM9q4TLQV+opQ6AGbT+OrnuX8RVp9IvplDQkp4kZ8I1I7OBIW5Ek1Gpfp5PZjcYCLdXMQy/WCr4PvXhWTjhB4qLovs4T/yhiXg/S+/OWA+cnpvw/Xd5Q3mYv40sfNA6JgfMVP1/ns+lHNa/e334AH4OVTw==
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.136 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: d57815d84d1c5bcad4e891fa3637ccf41000a3130eeca1764bf5b870def87d87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sacramento.cbslocal.com/_static/??-eJydU+1yAiEMfKFG7NXaX50+Sw7iicKFgZz23r45v61Oe/qDmU1gl00IZpvAcivUipElRSrG1gUCWwwmha7xbTGRXRd0Z3cAIrbYUDa2aKZPNJsoejF/CfnWhs4NKeVsvSMQiimgUHmQnDDLCM5v52XJWSwfVc7hA9dTrMnt+TsIwRcBi4KBmwfL0Cq8DQSb2+YdresSbDJGWBC5ve0aztkKqkn07Yl/pe/Umqn14rW6rDPm3hTpA91nrLRR5DxSUM9q4TLQV+opQ6AGbT+OrnuX8RVp9IvplDQkp4kZ8I1I7OBIW5Ek1Gpfp5PZjcYCLdXMQy/WCr4PvXhWTjhB4qLovs4T/yhiXg/S+/OWA+cnpvw/Xd5Q3mYv40sfNA6JgfMVP1/ns+lHNa/e334AH4OVTw==
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 16:35:55 GMT
x-rq: hhn2 0 4 9980
last-modified: Mon, 15 Nov 2021 15:01:08 GMT
server: nginx
age: 4100783
etag: W/"61927634-59b2"
x-cache: hit
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-encoding: gzip
content-length: 21837
expires: Wed, 04 Jan 2023 16:35:55 GMT

GET
H2 200 social-media-blue-v2.png
sacramento.cbslocal.com/wp-content/themes/cbs-local/images/global/sprites/ 18 KB
17 KB 7ms
7ms Image
image/png 192.0.66.136
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sacramento.cbslocal.com/wp-content/themes/cbs-local/images/global/sprites/social-media-blue-v2.png
Requested by: Host: sacramento.cbslocal.com
URL: https://sacramento.cbslocal.com/_static/??-eJytj0sOwjAMRC9EsFrUSiwQZ8nHlKiOHeUjrk9I2bCCSqxsj/1GY3hEZYULcoFyx4AZrMmKxGoCz5aqe0k5w02kYDq29gA/QRgMuo2NCUm0+w5HqovnDEFcpbbRb4NW98P9QAXNesHUbT4U1UKuReKOlzaPGgxrT4o8r/9PhdQmLv3fa7gM8+k8DeM8Tk91lp9Z
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.136 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 04701af970b70e438437ab5e05abb4869148fb5ad9c1c5b5778749f9c5352655

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sacramento.cbslocal.com/_static/??-eJytj0sOwjAMRC9EsFrUSiwQZ8nHlKiOHeUjrk9I2bCCSqxsj/1GY3hEZYULcoFyx4AZrMmKxGoCz5aqe0k5w02kYDq29gA/QRgMuo2NCUm0+w5HqovnDEFcpbbRb4NW98P9QAXNesHUbT4U1UKuReKOlzaPGgxrT4o8r/9PhdQmLv3fa7gM8+k8DeM8Tk91lp9Z
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 16:35:55 GMT
x-rq: hhn2 0 4 9980
last-modified: Mon, 15 Nov 2021 15:01:08 GMT
server: nginx
age: 4100783
etag: W/"61927634-4818"
x-cache: hit
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-encoding: gzip
content-length: 17335
expires: Wed, 04 Jan 2023 16:35:55 GMT

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v20/ 23 KB
24 KB 30ms
6ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A300%2C400%2C700%2C900&ver=1.0.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sacramento.cbslocal.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 20:12:18 GMT
x-content-type-options: nosniff
age: 505417
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23484
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:19:01 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 29 Dec 2022 20:12:18 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/ 22 KB
23 KB 36ms
12ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A300%2C400%2C700%2C900&ver=1.0.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sacramento.cbslocal.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 20:12:20 GMT
x-content-type-options: nosniff
age: 591815
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22992
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:18:57 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 28 Dec 2022 20:12:20 GMT

GET
H2 200 S6u9w4BMUTPHh50XSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/ 22 KB
22 KB 38ms
15ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh50XSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato%3A300%2C400%2C700%2C900&ver=1.0.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d4243c8e973ec0cfc707904891ae4e3efc03dbc8923acb9755f9a35c92269a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://sacramento.cbslocal.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 23:06:17 GMT
x-content-type-options: nosniff
age: 581378
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22572
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:18:56 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 28 Dec 2022 23:06:17 GMT

GET
H2 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/ 75 KB
76 KB 23ms
16ms Font
font/woff2 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: maxcdn.bootstrapcdn.com
URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css?ver=4.7.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css?ver=4.7.0
Origin: https://sacramento.cbslocal.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 16:35:55 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
cdn-edgestorageid: 601, 617, 718
age: 5843617
cdn-cachedat: 2021-08-02 20:43:32
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 77160
timing-allow-origin: *
access-control-allow-origin: *
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
server: cloudflare
cdn-requestpullcode: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: font/woff2
cdn-cache: HIT
vary: Accept-Encoding
cache-control: public, max-age=31919000
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestid: d2c0deedf0336195459ff3d69bf3f858
accept-ranges: bytes
cf-ray: 6c85e1fff81ec277-FRA
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.23.0/ 312 KB
75 KB 14ms
14ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.23.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99ac0e388250281fe8851ef71799b3222bab0db5612c2c17deba3962626e0ec1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sacramento.cbslocal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 04 Jan 2022 16:35:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: joMckLq8BtEunD8NH/4XVA==
age: 12473
vary: Accept-Encoding
content-length: 76366
x-ms-lease-status: unlocked
last-modified: Thu, 02 Sep 2021 03:11:58 GMT
server: cloudflare
etag: 0x8D96DBF6CBEE741
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 804868b5-301e-0077-1904-f65da7000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6c85e2009a724351-FRA

GET
H2 200 embed.js Show response
launch.inform.com/2/js/ 270 KB
271 KB 25ms
8ms Script
application/javascript 34.95.105.209
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://launch.inform.com/2/js/embed.js
Requested by: Host: launch.newsinc.com
URL: https://launch.newsinc.com/js/embed.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.105.209 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 209.105.95.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b6001c79ff05080996f77cd3e4561352163af6996b6f6f434ac6fc96fe67b605

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sacramento.cbslocal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 16:25:15 GMT
x-goog-meta-goog-reserved-file-mtime: 1568920283
age: 640
x-guploader-uploadid: ADPycdu6OUtug-PXvutgs30mAdDxWXRSwHeOHSKxTINLZwzwJx5lQmJUPXiEjiNmhmnjWScTKUNI8_sm4wMYCv8otDV5mIOzCQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 276619
last-modified: Thu, 19 Sep 2019 19:12:50 GMT
server: UploadServer
etag: "4ce437e3e9be478eae83573da9cd057b"
x-goog-hash: crc32c=CMT3cA==, md5=TOQ34+m+R46ug1c9qc0Few==
content-language: en
x-goog-generation: 1568920370729109
cache-control: public, max-age=3600
x-goog-stored-content-length: 276619
accept-ranges: bytes
content-type: application/javascript
expires: Tue, 04 Jan 2022 17:25:15 GMT

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/7547764e-53b9-4fff-aef7-ce9cb429c721/e85c1ee3-5deb-4520-b7c1-33019ce83f8e/ 121 KB
22 KB 23ms
23ms Fetch
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/7547764e-53b9-4fff-aef7-ce9cb429c721/e85c1ee3-5deb-4520-b7c1-33019ce83f8e/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.23.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97f2c9e32cad92f3ff1b3e7cc050c5d52370e118a6932abfddbc8721539cf084

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sacramento.cbslocal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 04 Jan 2022 16:35:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: DoSTS9S8I60Pllm/qOKhhQ==
age: 11232
vary: Accept-Encoding
content-length: 22061
x-ms-lease-status: unlocked
last-modified: Tue, 31 Aug 2021 22:02:13 GMT
server: cloudflare
etag: 0x8D96CCAFD4440C1
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 49f12979-701e-013b-5115-b6dced000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6c85e200ead7d6e1-FRA
expires: Tue, 04 Jan 2022 20:35:55 GMT

GET
H2 200 otFloatingRoundedCorner.json Show response
cdn.cookielaw.org/scripttemplates/6.23.0/assets/ 10 KB
3 KB 15ms
15ms Fetch
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.23.0/assets/otFloatingRoundedCorner.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.23.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e26546fe02973398b85689be6c6f31533e60f49a725061b9848ba5bdc5989aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sacramento.cbslocal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 04 Jan 2022 16:35:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: hTIYVomvm2FVlc/U1vXWew==
age: 6711919
vary: Accept-Encoding
content-length: 2568
x-ms-lease-status: unlocked
last-modified: Thu, 02 Sep 2021 03:11:52 GMT
server: cloudflare
etag: 0x8D96DBF69B0506A
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: fa0ddda7-001e-005d-376c-c428e2000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6c85e2012b3ad6e1-FRA

GET
H2 200 otPcTab.json Show response
cdn.cookielaw.org/scripttemplates/6.23.0/assets/ 57 KB
14 KB 15ms
15ms Fetch
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.23.0/assets/otPcTab.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.23.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f149e7c38f464d9bd33c60ec2f2cf3ef8b9ff5a713015193a5122b06b955a7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sacramento.cbslocal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 04 Jan 2022 16:35:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: ULEj+AmhmqX/My/OHG+gcg==
age: 6711919
vary: Accept-Encoding
content-length: 14253
x-ms-lease-status: unlocked
last-modified: Thu, 02 Sep 2021 03:11:52 GMT
server: cloudflare
etag: 0x8D96DBF697C8C7D
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 03a3eda3-d01e-0179-4e6c-c4f7f9000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 6c85e2012b3cd6e1-FRA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/6.23.0/assets/ 20 KB
4 KB 16ms
16ms Fetch
text/css 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.23.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.23.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ee6fdf3d0f4d826380054030e5a9fd6fc8c451d9fe28123f1d76e632332e659

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sacramento.cbslocal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 04 Jan 2022 16:35:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Ye6OeZcNyuFoWog7CYs00A==
age: 6711919
vary: Accept-Encoding
x-ms-lease-status: unlocked
last-modified: Thu, 02 Sep 2021 03:12:05 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 4126b0b3-001e-0019-386c-c4f48e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
cf-ray: 6c85e2012b3ed6e1-FRA

GET
H2 200 quant.js Show response
secure.quantserve.com/ 24 KB
10 KB 24ms
8ms Script
application/javascript 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: launch.inform.com
URL: https://launch.inform.com/2/js/embed.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 487fce51fd801415c362f3f9f2df43c445a4b9ba38f9b6d49dfc898dc85ede94

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sacramento.cbslocal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 16:35:55 GMT
content-encoding: gzip
etag: "FMCWFRCBdbNj8Eh2c0G78Q=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Tue, 11 Jan 2022 16:35:55 GMT

GET
H2 200 g.gif
pixel.wp.com/ 50 B
93 B 7ms
6ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&j=1%3A10.4&blog=162246063&post=729019&tz=-8&srv=sacramento.cbslocal.com&host=sacramento.cbslocal.com&ref=&fcp=806&rand=0.4170085689683234
Requested by: Host: sacramento.cbslocal.com
URL: https://sacramento.cbslocal.com/2021/12/16/uc-davis-workers-kronos-cyberattack/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sacramento.cbslocal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 04 Jan 2022 16:35:55 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H2 200 personality-social-icons.png
sacramento.cbslocal.com/wp-content/themes/cbs-local/includes/images/thumbnail-social-link-icons/ 46 KB
45 KB 7ms
6ms Image
image/png 192.0.66.136
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sacramento.cbslocal.com/wp-content/themes/cbs-local/includes/images/thumbnail-social-link-icons/personality-social-icons.png
Requested by: Host: sacramento.cbslocal.com
URL: https://sacramento.cbslocal.com/_static/??-eJytj0sOwjAMRC9EsFrUSiwQZ8nHlKiOHeUjrk9I2bCCSqxsj/1GY3hEZYULcoFyx4AZrMmKxGoCz5aqe0k5w02kYDq29gA/QRgMuo2NCUm0+w5HqovnDEFcpbbRb4NW98P9QAXNesHUbT4U1UKuReKOlzaPGgxrT4o8r/9PhdQmLv3fa7gM8+k8DeM8Tk91lp9Z
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.136 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f9a31cee5907cb828c9686bcec4eda7eca22bc4bdee8b2915ee31f7aee8525ac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sacramento.cbslocal.com/_static/??-eJytj0sOwjAMRC9EsFrUSiwQZ8nHlKiOHeUjrk9I2bCCSqxsj/1GY3hEZYULcoFyx4AZrMmKxGoCz5aqe0k5w02kYDq29gA/QRgMuo2NCUm0+w5HqovnDEFcpbbRb4NW98P9QAXNesHUbT4U1UKuReKOlzaPGgxrT4o8r/9PhdQmLv3fa7gM8+k8DeM8Tk91lp9Z
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 16:35:55 GMT
x-rq: hhn2 0 4 9980
last-modified: Mon, 15 Nov 2021 15:01:08 GMT
server: nginx
age: 4095755
etag: W/"61927634-b9af"
x-cache: hit
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-encoding: gzip
content-length: 46024
expires: Wed, 04 Jan 2023 16:35:55 GMT

GET
H2 200 pl Show response
analytics.inform.com/ 43 B
192 B 147ms
94ms XHR
image/gif 34.95.81.205
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.inform.com/pl?uut=5b7d8729-ba4b-4717-e386-a857b0ef6340&insid=4552f587-011c-4f3c-1eac-70cc5d4a5668&atei=0&atets=0&vw=1600&vh=1200&sw=1600&sh=1200&furl=https%253A%252F%252Fsacramento.cbslocal.com%252F2021%252F12%252F16%252Fuc-davis-workers-kronos-cyberattack%252F&ua=chrome+96&embedCount=0&eo=https%3A%2F%2Fsacramento.cbslocal.com%2F2021%2F12%2F16%2Fuc-davis-workers-kronos-cyberattack%2F&iframe=0&fe=0&fv=0&env=production&bn=2&ref=&_=1641314155854
Requested by: Host: launch.inform.com
URL: https://launch.inform.com/2/js/embed.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.81.205 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 205.81.95.34.bc.googleusercontent.com
Software: nginx/1.17.0 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept: */*
Referer: https://sacramento.cbslocal.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 16:35:55 GMT
via: 1.1 google
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.17.0
content-type: image/gif
access-control-allow-origin: https://sacramento.cbslocal.com
alt-svc: clear
content-length: 43

GET
H/1.1 200
OK widget_iframe.21f942bb866c2823339b839747a0c50c.html Show response
platform.twitter.com/widgets/ Frame F3F2 319 KB
103 KB 7ms
7ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.21f942bb866c2823339b839747a0c50c.html?origin=https%3A%2F%2Fsacramento.cbslocal.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6772) /
Resource Hash: c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://sacramento.cbslocal.com/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 2232570
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Tue, 04 Jan 2022 16:35:55 GMT
Etag: "8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified: Thu, 02 Dec 2021 21:34:18 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6772)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105433

GET
H2 200 settings Show response
syndication.twitter.com/ Frame F3F2 232 B
448 B 142ms
127ms Fetch
application/json 104.244.42.136
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=d661656402bb92c9356b1194c3851b66a08cad9f

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.21f942bb866c2823339b839747a0c50c.html?origin=https%3A%2F%2Fsacramento.cbslocal.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.136 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-response-time: 120
date: Tue, 04 Jan 2022 16:35:55 GMT
content-encoding: gzip
last-modified: Tue, 04 Jan 2022 16:35:56 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: 128e42d44e79af3675b0acb39fa8cded129ddb8e371d86eab8704af7d68b48fa
content-length: 166

GET
H2

200

check_entry.js Show response
enewsadmin.cbslocal.com/two/phase2/bhecho_files/smartlists/ Frame A9DD
Redirect Chain

https://enewsadmin.cbslocal.com/phase2/bhecho_files/smartlists/check_entry.js
https://enewsadmin.cbslocal.com/two/phase2/bhecho_files/smartlists/check_entry.js

3 KB
4 KB

307ms
307ms

Script
text/javascript

34.216.241.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://enewsadmin.cbslocal.com/two/phase2/bhecho_files/smartlists/check_entry.js
Requested by: Host: bh-ems-static-content.s3.amazonaws.com
URL: https://bh-ems-static-content.s3.amazonaws.com/cbsi/2706/cbs_local_form_f.html?market=sacramento
Protocol: H2
Server: 34.216.241.12 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-216-241-12.us-west-2.compute.amazonaws.com
Software: Apache /
Resource Hash: d8ed54f09696c15d1cc32ba39976fec13d51b776ec5c5d64e09eb42700ccfe6c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bh-ems-static-content.s3.amazonaws.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 16:35:57 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 07 Dec 2021 04:47:10 GMT
server: Apache
etag: "bc3-5d28710edef80"
vary: X-Forwarded-Proto
content-type: text/javascript
cache-control: max-age=18000
amfplus-ver: 1.4.0.0
accept-ranges: bytes
content-length: 3011
expires: Tue, 04 Jan 2022 21:35:57 GMT

Redirect headers

location: https://enewsadmin.cbslocal.com/two/phase2/bhecho_files/smartlists/check_entry.js
date: Tue, 04 Jan 2022 16:35:56 GMT
server: Apache
content-length: 289
content-type: text/html; charset=iso-8859-1

GET
H2 200 jquery-1.9.1.js Show response
enewsadmin.cbslocal.com/builder/js/ Frame A9DD 262 KB
263 KB 840ms
462ms Script
text/javascript 34.216.241.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://enewsadmin.cbslocal.com/builder/js/jquery-1.9.1.js
Requested by: Host: bh-ems-static-content.s3.amazonaws.com
URL: https://bh-ems-static-content.s3.amazonaws.com/cbsi/2706/cbs_local_form_f.html?market=sacramento
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.216.241.12 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-216-241-12.us-west-2.compute.amazonaws.com
Software: Apache /
Resource Hash: 7bd80d06c01c0340c1b9159b9b4a197db882ca18cbac8e9b9aa025e68f998d40

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bh-ems-static-content.s3.amazonaws.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 16:35:56 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 07 Dec 2021 04:47:09 GMT
server: Apache
etag: "4185d-5d28710dead40"
vary: X-Forwarded-Proto
content-type: text/javascript
cache-control: max-age=18000
amfplus-ver: 1.4.0.0
accept-ranges: bytes
content-length: 268381
expires: Tue, 04 Jan 2022 21:35:56 GMT

GET
H2 200 jquery.validate.js Show response
enewsadmin.cbslocal.com/builder/js/ Frame A9DD 38 KB
38 KB 687ms
309ms Script
text/javascript 34.216.241.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://enewsadmin.cbslocal.com/builder/js/jquery.validate.js
Requested by: Host: bh-ems-static-content.s3.amazonaws.com
URL: https://bh-ems-static-content.s3.amazonaws.com/cbsi/2706/cbs_local_form_f.html?market=sacramento
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.216.241.12 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-216-241-12.us-west-2.compute.amazonaws.com
Software: Apache /
Resource Hash: 562b70e166462955c6fb79b9ad1e5406a3c7d2f68584ae3a19c1b74a78ed980d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bh-ems-static-content.s3.amazonaws.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 16:35:56 GMT
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 07 Dec 2021 04:47:09 GMT
server: Apache
etag: "9708-5d28710dead40"
vary: X-Forwarded-Proto
content-type: text/javascript
cache-control: max-age=18000
amfplus-ver: 1.4.0.0
accept-ranges: bytes
content-length: 38664
expires: Tue, 04 Jan 2022 21:35:56 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame A9DD 2 KB
412 B 30ms
15ms Stylesheet
text/css 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato:400,700,900

Requested by

Host: bh-ems-static-content.s3.amazonaws.com
URL: https://bh-ems-static-content.s3.amazonaws.com/cbsi/2706/cbs_local_form_f.html?market=sacramento

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c41d685a2cd44db5c83be7ec5c47745b7f969f26c44c72a052c447656c920043

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bh-ems-static-content.s3.amazonaws.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 04 Jan 2022 16:12:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 04 Jan 2022 16:35:56 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 04 Jan 2022 16:35:56 GMT

GET
H/1.1 200
OK mail_icon.jpg
bh-ems-static-content.s3.amazonaws.com/cbsi/2706/img/ Frame A9DD 2 KB
2 KB 168ms
167ms Image
image/jpeg 52.218.168.219
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bh-ems-static-content.s3.amazonaws.com/cbsi/2706/img/mail_icon.jpg
Requested by: Host: bh-ems-static-content.s3.amazonaws.com
URL: https://bh-ems-static-content.s3.amazonaws.com/cbsi/2706/cbs_local_form_f.html?market=sacramento
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.168.219 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-us-west-2-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: a33543abd5834d293d8bcf1c7fa313ea8062135c70b8cdb70b5cda6e215c02aa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bh-ems-static-content.s3.amazonaws.com/cbsi/2706/cbs_local_form_f.html?market=sacramento
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-meta-cb-modifiedtime: Thu, 12 Apr 2018 03:27:22 GMT
Date: Tue, 04 Jan 2022 16:35:58 GMT
Last-Modified: Thu, 12 Apr 2018 03:24:01 GMT
Server: AmazonS3
x-amz-request-id: B4ZD3E0V7Z70TPTX
ETag: "25b6fdc5834044d58a248b240a63af6a"
x-amz-version-id: NGgJMkTlV._ujfl_dHndh7o1O2HS_BEI
Accept-Ranges: bytes
Content-Type: image/jpeg
Content-Length: 1725
x-amz-id-2: D75E3e9KzYctMx/2q5XAUBDM/k4TEGQt/m0qwz6k9DcJH3aDvz+YQ340gG4xBNgjB1UPREZhr7c=

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 290 KB
82 KB 19ms
7ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=53a011dc272ca6337d002a830863421f

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

414d341a41c14a2d46f04417651234003045a89be98907990eac5dbbc2776a8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://sacramento.cbslocal.com/
Origin: https://sacramento.cbslocal.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: oRG3HZDNzhDzvgjYSzggiQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 83415
x-fb-rlafr: 0
x-fb-debug: +soiN0QoMjC2lI/ovMrvB30Tye632APCu5GQzszkfS3mURozzL402+uaaBsbbg/fZ2HskHJPy7226kMOVS1vRw==
x-fb-content-md5: 982c66556bdc757a567bbfa1542fc632
x-frame-options: DENY
date: Tue, 04 Jan 2022 16:35:56 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "8061a59dfddcceb22cb7ff2506ac3c3a"
timing-allow-origin: *
priority: u=3,i
expires: Wed, 04 Jan 2023 15:07:04 GMT

GET
H3 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v20/ Frame A9DD 23 KB
23 KB 26ms
11ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,900

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bh-ems-static-content.s3.amazonaws.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 29 Dec 2021 20:12:18 GMT
x-content-type-options: nosniff
age: 505419
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23484
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:19:01 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 29 Dec 2022 20:12:18 GMT

GET
H3 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v20/ Frame A9DD 22 KB
22 KB 22ms
8ms Font
font/woff2 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v20/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:400,700,900

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bh-ems-static-content.s3.amazonaws.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 20:12:20 GMT
x-content-type-options: nosniff
age: 591817
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22992
x-xss-protection: 0
last-modified: Tue, 10 Aug 2021 00:18:57 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 28 Dec 2022 20:12:20 GMT

OPTIONS
H2 200 /
api.amplitude.com/ Frame 0
0 485ms
158ms Preflight 52.33.158.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.amplitude.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.33.158.97 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-33-158-97.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: cross-origin-resource-policy
Origin: https://sacramento.cbslocal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 04 Jan 2022 16:35:57 GMT
content-length: 0
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: cross-origin-resource-policy
strict-transport-security: max-age=15768000

POST
H2 200 / Show response
api.amplitude.com/ 7 B
167 B 165ms
165ms XHR
text/html 52.33.158.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.amplitude.com/

Requested by

Host: widgets.media.weather.com
URL: https://widgets.media.weather.com/wxwidget.loader.js?cid=934888385&ver=1.1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.33.158.97 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-33-158-97.us-west-2.compute.amazonaws.com

Software

Resource Hash

aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://sacramento.cbslocal.com/
Cross-Origin-Resource-Policy: cross-origin
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 04 Jan 2022 16:35:58 GMT
content-length: 7
strict-transport-security: max-age=15768000
access-control-allow-methods: GET, POST
content-type: text/html;charset=utf-8

GET
H2 200 wxwidget.common.js Show response
widgets-red.media.weather.com/ 742 KB
169 KB 1523ms
1505ms Script
text/javascript 2a02:26f0:fb:5a6::3282
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets-red.media.weather.com/wxwidget.common.js?cid=934888385&v=035f73f1436fcbacfa0c

Requested by

Host: widgets.media.weather.com
URL: https://widgets.media.weather.com/wxwidget.loader.js?cid=934888385&ver=1.1

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

2a02:26f0:fb:5a6::3282 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.20.0 /

Resource Hash

f9f4371a4445ea909cd35eae5533a0c4bf6224810530756efcf0d55a2ace55b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sacramento.cbslocal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx/1.20.0
etag: W/"b96a2-AyY2p+EAQAtjdZQduIzbkje1y+0"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=599
date: Tue, 04 Jan 2022 16:35:59 GMT
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
expires: Tue, 04 Jan 2022 16:45:58 GMT

GET
H2 200 wxwidget.current-conditions.js Show response
widgets-red.media.weather.com/widgets/ 24 KB
6 KB 450ms
432ms Script
text/javascript 2a02:26f0:fb:5a6::3282
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets-red.media.weather.com/widgets/wxwidget.current-conditions.js?cid=934888385&v=035f73f1436fcbacfa0c&referrer=sacramento.cbslocal.com

Requested by

Host: widgets.media.weather.com
URL: https://widgets.media.weather.com/wxwidget.loader.js?cid=934888385&ver=1.1

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

2a02:26f0:fb:5a6::3282 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx/1.20.0 /

Resource Hash

34b62dc3ab94aaaf4c2c6fd27e8c23a465fe600c956ffd30ef4fdd9ef473be08

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sacramento.cbslocal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx/1.20.0
etag: W/"6130-Uq17WVbLfd410dycPT/vGvT3WHE"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=600
date: Tue, 04 Jan 2022 16:35:57 GMT
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 5565
expires: Tue, 04 Jan 2022 16:45:57 GMT

GET
H2 200 nr-1212.min.js Show response
js-agent.newrelic.com/ 34 KB
13 KB 38ms
21ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1212.min.js
Requested by: Host: sacramento.cbslocal.com
URL: https://sacramento.cbslocal.com/2021/12/16/uc-davis-workers-kronos-cyberattack/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e8fd6832e13fca9622a46af5fddb394c358ef083d84002896aca34613d77780e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sacramento.cbslocal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id: S6r4yaeB6jo_ZylmZ_5cM21n7ZH1t6gc
content-encoding: gzip
etag: "9dfe540eb31e6fc0e0dddd91e3511f68"
x-amz-request-id: YXKSRKQXSAVQSE4H
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 12828
x-amz-id-2: O4JKwZC9VFoJXBRd/NFCO0gPTS39j/XLNaWXaKgHazkl5CgZvT66crlfLN37ZUtrHbYn5R9QuA4=
x-served-by: cache-fra19157-FRA
last-modified: Thu, 04 Nov 2021 21:16:16 GMT
server: AmazonS3
x-timer: S1641314158.543764,VS0,VE0
date: Tue, 04 Jan 2022 16:35:57 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 13017

GET
H2 200 263F0CAEF4B055EE9EB0BA39F08D49B8.jpg
m101675-ucdn.mp.lura.live/anv-iupl/263/F0C/ 280 KB
280 KB 192ms
164ms Image
image/jpeg 35.241.3.24
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m101675-ucdn.mp.lura.live/anv-iupl/263/F0C/263F0CAEF4B055EE9EB0BA39F08D49B8.jpg?Expires=1735948800&KeyName=mcpkey1&Signature=qXOyIVOgy1VSsMiFwaRRHqGHMkc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.3.24 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 24.3.241.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 7ffe9379916d10552791da4f5d6c76ad8513cff5b429784cf5e99573f485d701

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sacramento.cbslocal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 16:35:57 GMT
age: 0
x-guploader-uploadid: ADPycdvRnkMdzKU9kl8dJCa61Vdv0u_o7fv9tUmTL4SCR31N2oOgTKcisS9Wq4TS-lWp0MzIa6uQYCPNN6KpY_ct0weF5LsOVA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 286697
last-modified: Tue, 04 Jan 2022 15:32:17 GMT
server: UploadServer
etag: "4cf093b4a55658ee32e55829afeb99cc"
x-goog-hash: crc32c=7fKzpA==, md5=TPCTtKVWWO4y5Vgpr+uZzA==
x-goog-generation: 1641310337480852
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Date, ETag, Access-Control-Allow-Origin
cache-control: max-age=3600,public
x-goog-stored-content-length: 286697
accept-ranges: bytes
content-type: image/jpeg

GET
H2 200 0C3343558CF52451ADA187971EFC7C2A.jpg
m101675-ucdn.mp.lura.live/anv-iupl/0C3/343/ 243 KB
243 KB 186ms
159ms Image
image/jpeg 35.241.3.24
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m101675-ucdn.mp.lura.live/anv-iupl/0C3/343/0C3343558CF52451ADA187971EFC7C2A.jpg?Expires=1735948800&KeyName=mcpkey1&Signature=is4a9HvSMRec-QRcIRewdpEiCLs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.3.24 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 24.3.241.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 1248e44430cd845ebd815781fd4bbd18df69e93a0ca6dedd5fa0ef17b191717e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sacramento.cbslocal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 16:35:57 GMT
age: 0
x-guploader-uploadid: ADPycdtijx3lCnc5iTXv5uLPpcoSmDVTL4AYCREzoZiDlszwDw0lK2xq_PC4ku1w0eUoqO7GSvBCw0ALqVLtnE_JQT66UjtrQA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 248862
last-modified: Tue, 04 Jan 2022 15:28:56 GMT
server: UploadServer
etag: "71cb3a6642799328beadd4804084d9a3"
x-goog-hash: crc32c=MPI96Q==, md5=ccs6ZkJ5kyi+rdSAQITZow==
x-goog-generation: 1641310136744085
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Date, ETag, Access-Control-Allow-Origin
cache-control: max-age=3600,public
x-goog-stored-content-length: 248862
accept-ranges: bytes
content-type: image/jpeg

GET
H2 200 E18070C799449A8EFE3E81540C6E3E76.jpg
m101675-ucdn.mp.lura.live/anv-iupl/E18/070/ 225 KB
226 KB 193ms
166ms Image
image/jpeg 35.241.3.24
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m101675-ucdn.mp.lura.live/anv-iupl/E18/070/E18070C799449A8EFE3E81540C6E3E76.jpg?Expires=1735948800&KeyName=mcpkey1&Signature=i2kQVVTl9qt4HbQqwr-LCg72ZAQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.3.24 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 24.3.241.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: b80f971fe4e359d908c6b7dae74a7d02aee2536fe7c70933c49763a618767bbd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sacramento.cbslocal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 16:35:57 GMT
age: 0
x-guploader-uploadid: ADPycdsUdHawBXE0KzTPEhgdDYdxiEPkFqBOLrqODettyOAYY4sYxbw-8Hy69k9BkSpeaf1iwy8G-Q41sHie4AA1i3Q
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 230859
last-modified: Tue, 04 Jan 2022 15:21:06 GMT
server: UploadServer
etag: "ef6928a7495756cb24a442236e484608"
x-goog-hash: crc32c=sMCTHg==, md5=72kop0lXVsskpEIjbkhGCA==
x-goog-generation: 1641309666724263
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Date, ETag, Access-Control-Allow-Origin
cache-control: max-age=3600,public
x-goog-stored-content-length: 230859
accept-ranges: bytes
content-type: image/jpeg

GET
H2 200 GettyImages-1291819448.jpg
sacramento.cbslocal.com/wp-content/uploads/sites/15909776/2022/01/ 39 KB
39 KB 10ms
6ms Image
image/webp 192.0.66.136
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sacramento.cbslocal.com/wp-content/uploads/sites/15909776/2022/01/GettyImages-1291819448.jpg?w=640&h=360&crop=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.136 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 21dbb481d97cd8524c3dcf2c4ddbcfcec42eeba7fe08c779922a3b55ffa1c18c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sacramento.cbslocal.com/2021/12/16/uc-davis-workers-kronos-cyberattack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 16:35:57 GMT
x-rq: hhn2 109 196 443
last-modified: Tue, 04 Jan 2022 16:33:48 GMT
server: nginx
etag: "16afb84745d7de3f"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 40256
expires: Wed, 04 Jan 2023 16:33:48 GMT

GET
H2 200 DF30EE2CD37D42A0B4A8020536529BD6.jpeg
sacramento.cbslocal.com/wp-content/uploads/sites/15909776/2022/01/ 29 KB
29 KB 11ms
6ms Image
image/webp 192.0.66.136
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sacramento.cbslocal.com/wp-content/uploads/sites/15909776/2022/01/DF30EE2CD37D42A0B4A8020536529BD6.jpeg?w=640&h=360&crop=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.136 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 4a9f3c43f55d4ecbfe2ba662ac293f7fc6b9b424fbe2eb3530cacdff87cb98ac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sacramento.cbslocal.com/2021/12/16/uc-davis-workers-kronos-cyberattack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 16:35:57 GMT
x-rq: hhn2 109 83 443
last-modified: Tue, 04 Jan 2022 16:19:49 GMT
server: nginx
etag: "74f5f3cc470ff662"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 30028
expires: Wed, 04 Jan 2023 16:19:49 GMT

GET
H2 200 PLACER-CO-DEPUTY-SHOVELS-SNOW.jpg
sacramento.cbslocal.com/wp-content/uploads/sites/15909776/2022/01/ 50 KB
50 KB 11ms
6ms Image
image/webp 192.0.66.136
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sacramento.cbslocal.com/wp-content/uploads/sites/15909776/2022/01/PLACER-CO-DEPUTY-SHOVELS-SNOW.jpg?w=640&h=360&crop=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.136 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 29246bd0464e77ba1a212d9897e38193a60554676d67ea689b9dcef53ad2b6ed

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sacramento.cbslocal.com/2021/12/16/uc-davis-workers-kronos-cyberattack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 16:35:57 GMT
x-rq: hhn2 109 139 443
last-modified: Tue, 04 Jan 2022 16:19:49 GMT
server: nginx
etag: "135cdae7d22e2d68"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 51600
expires: Wed, 04 Jan 2023 16:19:49 GMT

GET
H2 200 7B342547D33DDE24BFCD10555590A5DD.jpg
m101675-ucdn.mp.lura.live/anv-iupl/7B3/425/ 301 KB
302 KB 182ms
155ms Image
image/jpeg 35.241.3.24
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m101675-ucdn.mp.lura.live/anv-iupl/7B3/425/7B342547D33DDE24BFCD10555590A5DD.jpg?Expires=1735948800&KeyName=mcpkey1&Signature=s5_P5p3U6OmxXHGLyvwDtC1iccc
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.3.24 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 24.3.241.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 29f5bad433ba5bdd89d1eb05da28d9ed386601508ecc56bc42bd86b627607d3c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sacramento.cbslocal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 16:35:57 GMT
age: 0
x-guploader-uploadid: ADPycdtK_Mw6TG-rZxgeUPTksUcL0UAICh35gwWG0qDWWLuuxOomvvYHCzxg_W7AMbfT_yeSH3wOTe5z0p4JbnhaOoifjuXJjQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 308508
last-modified: Tue, 04 Jan 2022 02:54:22 GMT
server: UploadServer
etag: "3d650408666030bd03c8d5a1da8606b1"
x-goog-hash: crc32c=XwMGtA==, md5=PWUECGZgML0DyNWh2oYGsQ==
x-goog-generation: 1641264862822831
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Date, ETag, Access-Control-Allow-Origin
cache-control: max-age=3600,public
x-goog-stored-content-length: 308508
accept-ranges: bytes
content-type: image/jpeg

GET
H2 200 06E801151EE3D1B2B8C440C0E1308B98.jpg
m101675-ucdn.mp.lura.live/anv-iupl/06E/801/ 462 KB
463 KB 193ms
166ms Image
image/jpeg 35.241.3.24
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m101675-ucdn.mp.lura.live/anv-iupl/06E/801/06E801151EE3D1B2B8C440C0E1308B98.jpg?Expires=1735948800&KeyName=mcpkey1&Signature=papavW1zE61IH8Ia2G2Ne8G85fw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.3.24 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 24.3.241.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: ee5295f13ca649b64ccc980c4f8a8c51f25e443fdbf9bbc8738257609c2dd78e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sacramento.cbslocal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 16:35:57 GMT
age: 0
x-guploader-uploadid: ADPycdvhB8znRBTrZcxnxcWPrCXd3UmToo3qb26CUMCLlqXLDVNqHKrYxK-RWs2QmghPtRVhO_4VEsSDQg6aM-PLb2UVB_14aw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 473257
last-modified: Mon, 03 Jan 2022 21:00:15 GMT
server: UploadServer
etag: "968df82c5c17bdc650ae633b3ede8292"
x-goog-hash: crc32c=rOuEbw==, md5=lo34LFwXvcZQrmM7Pt6Ckg==
x-goog-generation: 1641243615804913
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Date, ETag, Access-Control-Allow-Origin
cache-control: max-age=3600,public
x-goog-stored-content-length: 473257
accept-ranges: bytes
content-type: image/jpeg

GET
H2 200 634D7CD0A33FF75B2269103558080774.jpg
m101675-ucdn.mp.lura.live/anv-iupl/634/D7C/ 208 KB
208 KB 176ms
150ms Image
image/jpeg 35.241.3.24
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m101675-ucdn.mp.lura.live/anv-iupl/634/D7C/634D7CD0A33FF75B2269103558080774.jpg?Expires=1735948800&KeyName=mcpkey1&Signature=zrKT0pNGf7JsH82M6uAZUVv8WqQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.3.24 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 24.3.241.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 5477936b81543eeb046036c8a25ef0d68a0a5ed8755ac4a62649975ae7fbddaf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sacramento.cbslocal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 16:35:57 GMT
content-encoding: none
age: 0
x-guploader-uploadid: ADPycdtFiFpMv4pCQ11yVnRXbOgY3rU172X7pvtrde1XwU_vYxOHaEBdu9XhwBG2NkvuRkZhCpPx-zRXFM3xGecT0tq46yi0fQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: none
alt-svc: clear
content-length: 212939
last-modified: Mon, 03 Jan 2022 15:01:23 GMT
server: UploadServer
etag: "104acedd4112c0bac231a3c267cb53c5"
x-goog-hash: crc32c=AubBkA==, md5=EErO3UESwLrCMaPCZ8tTxQ==
x-goog-generation: 1641222083142209
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Date, ETag, Access-Control-Allow-Origin
cache-control: public,max-age=3600
x-goog-stored-content-length: 212939
accept-ranges: bytes
content-type: image/jpeg

GET
H2 200 GettyImages-1201508898-1.jpg
sacramento.cbslocal.com/wp-content/uploads/sites/15909776/2020/01/ 54 KB
54 KB 19ms
15ms Image
image/webp 192.0.66.136
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sacramento.cbslocal.com/wp-content/uploads/sites/15909776/2020/01/GettyImages-1201508898-1.jpg?w=640&h=360&crop=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.136 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1d8408c3ed080578a47e2a70785fcc9825420074fadb2668c5aed8a6030cdb32

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sacramento.cbslocal.com/2021/12/16/uc-davis-workers-kronos-cyberattack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 16:35:57 GMT
x-rq: hhn2 109 144 443
last-modified: Mon, 03 Jan 2022 18:30:35 GMT
server: nginx
etag: "eaa720b70c79fc7c"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 54886
expires: Tue, 03 Jan 2023 18:30:35 GMT

GET
H2 200 GettyImages-1362429462.jpg
sacramento.cbslocal.com/wp-content/uploads/sites/15909776/2022/01/ 88 KB
88 KB 19ms
16ms Image
image/webp 192.0.66.136
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sacramento.cbslocal.com/wp-content/uploads/sites/15909776/2022/01/GettyImages-1362429462.jpg?w=640&h=360&crop=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.136 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 473b3cdaff88cc5db1dc8705a118868e006e99970e6016a7c688aaa31ea9276b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sacramento.cbslocal.com/2021/12/16/uc-davis-workers-kronos-cyberattack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 16:35:57 GMT
x-rq: hhn2 109 142 443
last-modified: Sun, 02 Jan 2022 21:36:38 GMT
server: nginx
etag: "7e74ad37e1d45fd1"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 89612
expires: Mon, 02 Jan 2023 21:36:38 GMT

GET
H2 200 GettyImages-1362140904.jpg
sacramento.cbslocal.com/wp-content/uploads/sites/15909776/2021/12/ 78 KB
78 KB 19ms
16ms Image
image/webp 192.0.66.136
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sacramento.cbslocal.com/wp-content/uploads/sites/15909776/2021/12/GettyImages-1362140904.jpg?w=640&h=360&crop=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.136 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 42ad18553dd994e4bb088a02721d0a5c23f63431d0b8a9a012f27a8e148f2f48

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sacramento.cbslocal.com/2021/12/16/uc-davis-workers-kronos-cyberattack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 16:35:57 GMT
x-rq: hhn2 109 86 443
last-modified: Sat, 01 Jan 2022 01:35:40 GMT
server: nginx
etag: "5ff8b11a50b7608a"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 79856
expires: Sun, 01 Jan 2023 01:35:40 GMT

GET
H2 200 GettyImages-1361245794.jpg
sacramento.cbslocal.com/wp-content/uploads/sites/15909776/2021/12/ 115 KB
115 KB 19ms
16ms Image
image/webp 192.0.66.136
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sacramento.cbslocal.com/wp-content/uploads/sites/15909776/2021/12/GettyImages-1361245794.jpg?w=640&h=360&crop=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.136 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 8e662e5bad9e57608828a84f7636449c7a97d54afd9513a46cc1a0a0a27c8b3c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sacramento.cbslocal.com/2021/12/16/uc-davis-workers-kronos-cyberattack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 16:35:57 GMT
x-rq: hhn2 109 28 443
last-modified: Fri, 31 Dec 2021 03:49:56 GMT
server: nginx
etag: "ec43725ed09591cc"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 117358
expires: Sat, 31 Dec 2022 03:49:56 GMT

GET
H2 200 Screen-Shot-2021-12-16-at-3.32.07-PM-27.png
sacramento.cbslocal.com/wp-content/uploads/sites/15909776/2021/12/ 283 KB
283 KB 19ms
16ms Image
image/webp 192.0.66.136
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sacramento.cbslocal.com/wp-content/uploads/sites/15909776/2021/12/Screen-Shot-2021-12-16-at-3.32.07-PM-27.png?w=640&h=360&crop=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.136 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 931855441b1a0de8c470a291329a62f527002b5caa8418a8c337257af5800253

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sacramento.cbslocal.com/2021/12/16/uc-davis-workers-kronos-cyberattack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 16:35:57 GMT
x-rq: hhn2 109 30 443
last-modified: Fri, 17 Dec 2021 21:37:37 GMT
server: nginx
etag: "49b523b47f9f3bd0"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 289824
expires: Sat, 17 Dec 2022 21:37:37 GMT

GET
H2 200 surviror-41-cbs-photo.jpg
sacramento.cbslocal.com/wp-content/uploads/sites/15909776/2021/12/ 285 KB
286 KB 19ms
16ms Image
image/webp 192.0.66.136
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sacramento.cbslocal.com/wp-content/uploads/sites/15909776/2021/12/surviror-41-cbs-photo.jpg?w=640&h=360&crop=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.136 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 2f8300574f32142a77969ab5f0296880a70d73b55bdb33b7408dc3ed2e3397f9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sacramento.cbslocal.com/2021/12/16/uc-davis-workers-kronos-cyberattack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 16:35:57 GMT
x-rq: hhn2 109 195 443
last-modified: Thu, 16 Dec 2021 16:47:01 GMT
server: nginx
etag: "292d77b74ad7c222"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 292178
expires: Fri, 16 Dec 2022 16:47:01 GMT

GET
H2 200 GettyImages-654352808-e1639583279563.jpg
sacramento.cbslocal.com/wp-content/uploads/sites/15909776/2021/12/ 31 KB
31 KB 19ms
17ms Image
image/webp 192.0.66.136
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sacramento.cbslocal.com/wp-content/uploads/sites/15909776/2021/12/GettyImages-654352808-e1639583279563.jpg?w=640&h=360&crop=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.136 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e02eea71731a2b89c79ce7dd1d9979ad96cc2df1b85c7f641329d44dda96ae9b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sacramento.cbslocal.com/2021/12/16/uc-davis-workers-kronos-cyberattack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 16:35:57 GMT
x-rq: hhn2 109 30 443
last-modified: Thu, 16 Dec 2021 16:47:01 GMT
server: nginx
etag: "a9041fedbb10cc23"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 31956
expires: Fri, 16 Dec 2022 16:47:01 GMT

GET
H2 200 hotmessholiday.jpeg
sacramento.cbslocal.com/wp-content/uploads/sites/15909776/2021/12/ 29 KB
30 KB 35ms
32ms Image
image/webp 192.0.66.136
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sacramento.cbslocal.com/wp-content/uploads/sites/15909776/2021/12/hotmessholiday.jpeg?w=640&h=360&crop=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.136 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 604df8e24bfd37e54c4a3dc8f09c6c903cb85cb20e89699dbe7b9933a1ab971f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sacramento.cbslocal.com/2021/12/16/uc-davis-workers-kronos-cyberattack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 16:35:57 GMT
x-rq: hhn2 109 200 443
last-modified: Fri, 10 Dec 2021 01:36:03 GMT
server: nginx
etag: "fd5f0ac22020e3cd"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 30120
expires: Sat, 10 Dec 2022 01:36:03 GMT

GET
H2 200 117527_48257b.jpg
sacramento.cbslocal.com/wp-content/uploads/sites/15909776/2021/12/ 86 KB
86 KB 35ms
33ms Image
image/webp 192.0.66.136
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sacramento.cbslocal.com/wp-content/uploads/sites/15909776/2021/12/117527_48257b.jpg?w=640&h=360&crop=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.136 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ac0f0afbf9b772435bd76494a46ea1cebfb75a263847a2ba8147849587fcf87d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sacramento.cbslocal.com/2021/12/16/uc-davis-workers-kronos-cyberattack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 16:35:57 GMT
x-rq: hhn2 109 140 443
last-modified: Fri, 10 Dec 2021 00:21:51 GMT
server: nginx
etag: "eeeab7063e24944a"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 88240
expires: Sat, 10 Dec 2022 00:21:51 GMT

GET
H2 200 RVD604a_0180r.jpg
sacramento.cbslocal.com/wp-content/uploads/sites/15909776/2021/12/ 37 KB
37 KB 35ms
33ms Image
image/webp 192.0.66.136
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sacramento.cbslocal.com/wp-content/uploads/sites/15909776/2021/12/RVD604a_0180r.jpg?w=640&h=360&crop=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.136 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: b281b5a1c8394272e801ab5aef9b4b39bd90825ab46412039198d1b9e77438a0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sacramento.cbslocal.com/2021/12/16/uc-davis-workers-kronos-cyberattack/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 16:35:57 GMT
x-rq: hhn2 109 83 443
last-modified: Tue, 07 Dec 2021 00:06:47 GMT
server: nginx
etag: "d63a7f5d920b459b"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 37458
expires: Wed, 07 Dec 2022 00:06:47 GMT

GET
H2 200 8D982FE13816345924035112B94995D1.jpg
m101675-ucdn.mp.lura.live/anv-iupl/8D9/82F/ 175 KB
176 KB 162ms
162ms Image
image/jpeg 35.241.3.24
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m101675-ucdn.mp.lura.live/anv-iupl/8D9/82F/8D982FE13816345924035112B94995D1.jpg?Expires=1735948800&KeyName=mcpkey1&Signature=duRdtUCop0tVt0NQSnqXEmmKgRE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.3.24 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 24.3.241.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 3c6cce60beaa1d7b4bfcc88fcbf8e35513c7ecb1b6c98e41485137718df23381

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sacramento.cbslocal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 16:35:57 GMT
age: 0
x-guploader-uploadid: ADPycdv2TM9jGDe81DSeqzHMpnDu8zPxYTMj-vaQAEGGoSDQ6GclOquse9u2Qp-XaNHONV4XdxqbP8m0uPwfz2qbICdwrDLkEg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 179568
last-modified: Tue, 04 Jan 2022 15:26:31 GMT
server: UploadServer
etag: "0ab77874e89bee9a69156e84b4f5a232"
x-goog-hash: crc32c=54nG4g==, md5=Crd4dOib7pppFW6EtPWiMg==
x-goog-generation: 1641309991972021
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Date, ETag, Access-Control-Allow-Origin
cache-control: max-age=3600,public
x-goog-stored-content-length: 179568
accept-ranges: bytes
content-type: image/jpeg

GET
H2 200 882BE4AAE180D8BADC381B31A7F78F26.jpg
m101675-ucdn.mp.lura.live/anv-iupl/882/BE4/ 98 KB
98 KB 135ms
135ms Image
image/jpeg 35.241.3.24
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m101675-ucdn.mp.lura.live/anv-iupl/882/BE4/882BE4AAE180D8BADC381B31A7F78F26.jpg?Expires=1735948800&KeyName=mcpkey1&Signature=9reEsTLwYkPHohJIbY2CZlJy5Hg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.3.24 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 24.3.241.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: baa1c009134d0d649f1a30d99cf01edce1d37531bd689aad6ee33311596a319f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sacramento.cbslocal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 04 Jan 2022 16:35:57 GMT
age: 0
x-guploader-uploadid: ADPycdt9m_5d9XOu4qVh6BSJzY1_lmCT-ur-JX1xmSu1FdlEnhP_eu6s-9esjst0jRfREXD_hGO41wI2kOgusVSAFftmYrPqqA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: clear
content-length: 99900
last-modified: Tue, 04 Jan 2022 06:58:59 GMT
server: UploadServer
etag: "6d7aac8b69a09a62b39a4f65f96e0308"
x-goog-hash: crc32c=1xLfSQ==, md5=bXqsi2mgmmKzmk9l+W4DCA==
x-goog-generation: 1641279539093404
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Date, ETag, Access-Control-Allow-Origin
cache-control: max-age=3600,public
x-goog-stored-content-length: 99900
accept-ranges: bytes
content-type: image/jpeg

GET
H/1.1 200
OK 103fa8ca15 Show response
bam-cell.nr-data.net/1/ 49 B
711 B 910ms
891ms Script
text/javascript 162.247.243.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/1/103fa8ca15?a=144794115&v=1212.e95d35c&to=ZwdaZBdUX0VTVEBRC15NeVMRXF5YHV5aXAFI&rst=2815&ck=1&ref=https://sacramento.cbslocal.com/2021/12/16/uc-davis-workers-kronos-cyberattack/&ap=315&be=481&fe=2769&dc=1040&perf=%7B%22timing%22:%7B%22of%22:1641314154744,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:20,%22c%22:20,%22s%22:25,%22ce%22:35,%22rq%22:35,%22rp%22:386,%22rpe%22:475,%22dl%22:388,%22di%22:1038,%22ds%22:1039,%22de%22:1082,%22dc%22:2737,%22l%22:2769,%22le%22:2780%7D,%22navigation%22:%7B%7D%7D&fp=806&fcp=806&at=S0BNEl9OTBoQVhYCH00f&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1212.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b91234b576455d66e12dd661a2539eb2418a831078ecef9ebc7f4bbd4e580d9c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://sacramento.cbslocal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Tue, 04 Jan 2022 16:35:58 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
access-control-allow-credentials: true
CF-Ray: 6c85e20cef8a4d84-FRA

OPTIONS
H2 200 /
api.amplitude.com/ Frame 0
0 158ms
158ms Preflight 52.33.158.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.amplitude.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.33.158.97 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-33-158-97.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: cross-origin-resource-policy
Origin: https://sacramento.cbslocal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 04 Jan 2022 16:35:59 GMT
content-length: 0
access-control-allow-origin: *
access-control-allow-methods: GET, POST
access-control-allow-headers: cross-origin-resource-policy
strict-transport-security: max-age=15768000

POST
H2 200 / Show response
api.amplitude.com/ 7 B
167 B 179ms
179ms XHR
text/html 52.33.158.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.amplitude.com/

Requested by

Host: widgets.media.weather.com
URL: https://widgets.media.weather.com/wxwidget.loader.js?cid=934888385&ver=1.1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.33.158.97 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-33-158-97.us-west-2.compute.amazonaws.com

Software

Resource Hash

aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Referer: https://sacramento.cbslocal.com/
Cross-Origin-Resource-Policy: cross-origin
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 04 Jan 2022 16:35:59 GMT
content-length: 7
strict-transport-security: max-age=15768000
access-control-allow-methods: GET, POST
content-type: text/html;charset=utf-8

GET
H2 200 observations.json Show response
api.weather.com/v1/geocode/38.575764/-121.478851/ 1 KB
889 B 632ms
582ms XHR
application/json 2a02:26f0:fb:5a6::3282
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://api.weather.com/v1/geocode/38.575764/-121.478851/observations.json?language=en-US&units=e&apiKey=35d9608b339540bd99608b339520bdcb

Requested by

Host: widgets.media.weather.com
URL: https://widgets.media.weather.com/wxwidget.loader.js?cid=934888385&ver=1.1

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

2a02:26f0:fb:5a6::3282 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

bcc56bdbeb43af8588c4cb551d1b7832645a22894bedfc8d45558e0644f0a701

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'
Strict-Transport-Security	max-age=86400
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/plain, */*
Referer: https://sacramento.cbslocal.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Tue, 04 Jan 2022 16:35:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
grace
x-shard: varnish-service-oapi-monolith-varnish-10
x-region: fra05
vary: Accept-Encoding
content-length: 527
x-served-by: varnish-service-oapi-monolith-varnish-8
strict-transport-security: max-age=86400
content-language: en-US
access-control-allow-origin: *
cache-control: public, max-age=188, s-maxage=300
content-security-policy: default-src 'none'
accept-ranges: bytes
content-type: application/json;charset=UTF-8
expires: Tue, 04 Jan 2022 16:39:07 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: run.adrizer.com
URL: http://run.adrizer.com/track.min.js

Verdicts & Comments Add Verdict or Comment

99 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.cbslocal.com/	1970-01-20 08:40:50	Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Tue+Jan+04+2022+16%3A35%3A55+GMT%2B0000+(GMT)&version=6.23.0&isIABGlobal=false&hosts=&consentId=2607498c-c29e-4c7c-803c-734fcee7235d&interactionCount=0&landingPath=https%3A%2F%2Fsacramento.cbslocal.com%2F2021%2F12%2F16%2Fuc-davis-workers-kronos-cyberattack%2F&groups=1%3A1%2C2%3A0%2C3%3A0%2C4%3A0%2C5%3A0
enewsadmin.cbslocal.com/	1970-01-20 00:05:18	Name: AWSALBCORS Value: I1h6E239q8898WoHupKGcM8HfezBLV2Qidr6YwzLeJC9Kbi+bo+K0t2+cHPn1gDBw3h0LspWKy3Ld5cxLIs/9cIsLAr6bJQITp4oVbSYkxNzk5ZJk14pjho38xVM
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: b8fc82d20951d7f5

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://sacramento.cbslocal.com/2021/12/16/uc-davis-workers-kronos-cyberattack/ Message: Mixed Content: The page at 'https://sacramento.cbslocal.com/2021/12/16/uc-davis-workers-kronos-cyberattack/' was loaded over HTTPS, but requested an insecure script 'http://run.adrizer.com/track.min.js'. This request has been blocked; the content must be served over HTTPS.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.inform.com
api.amplitude.com
api.weather.com
bam-cell.nr-data.net
bh-ems-static-content.s3.amazonaws.com
cdn.cookielaw.org
connect.facebook.net
enewsadmin.cbslocal.com
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
i0.wp.com
i1.wp.com
i2.wp.com
js-agent.newrelic.com
launch.inform.com
launch.newsinc.com
m101675-ucdn.mp.lura.live
maxcdn.bootstrapcdn.com
pixel.wp.com
platform.twitter.com
production-cmp.isgprivacy.cbsi.com
run.adrizer.com
sacramento.cbslocal.com
secure.quantserve.com
stats.wp.com
syndication.twitter.com
w3.mp.lura.live
wayne.cbslocal.com
widgets-red.media.weather.com
widgets.media.weather.com
run.adrizer.com
104.244.42.136
151.101.2.137
162.247.243.147
192.0.66.136
192.0.76.3
192.0.77.2
2600:9000:206f:e400:14:b4ba:1100:93a1
2606:2800:234:59:254c:406:2366:268c
2606:4700:10::6814:b944
2606:4700::6810:9540
2606:4700::6812:acf
2620:116:800d:21:5a23:9c4e:e774:96c1
2a00:1450:4001:808::200a
2a00:1450:4001:810::2003
2a02:26f0:fb:5a6::3282
2a03:2880:f02d:100:face:b00c:0:3
2a04:4e42:3::444
34.216.241.12
34.95.105.209
34.95.81.205
35.241.3.24
52.218.168.219
52.33.158.97
69.16.175.10
01979524c2cdf508b56e465d8cf02b9fc130073a7cb30967e3ba1621fd299cb5
04701af970b70e438437ab5e05abb4869148fb5ad9c1c5b5778749f9c5352655
0f4a840d4c7c143e4810261ca6f64c873448af9682dee66eedb615bd03415e7d
1248e44430cd845ebd815781fd4bbd18df69e93a0ca6dedd5fa0ef17b191717e
1493b5ff5ed26550e9f9db08ac794773e32e51979d6cd5960d3ee1255ae5e03b
1507f27f9b35925cf1ca6d3949c006df7e032afc9114006abf1d268ffe2615fc
1bc3050ed2fe13c304aa685037fdaf4e1c65baa779ab8b4de62e2db956357279
1c5af1f53f57687651dc322d823e512050cf1cda2187bdea93cab2299333f018
1d8408c3ed080578a47e2a70785fcc9825420074fadb2668c5aed8a6030cdb32
21dbb481d97cd8524c3dcf2c4ddbcfcec42eeba7fe08c779922a3b55ffa1c18c
25e98a63977ee0f337a49990683a9754331b678acbd0259592f18bebabafb3bc
2680c4b7bf6353641b532e79f40f2e360de321480d0b08eb8dd7435a3c433e7c
29246bd0464e77ba1a212d9897e38193a60554676d67ea689b9dcef53ad2b6ed
29f5bad433ba5bdd89d1eb05da28d9ed386601508ecc56bc42bd86b627607d3c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2e26546fe02973398b85689be6c6f31533e60f49a725061b9848ba5bdc5989aa
2ee6fdf3d0f4d826380054030e5a9fd6fc8c451d9fe28123f1d76e632332e659
2f149e7c38f464d9bd33c60ec2f2cf3ef8b9ff5a713015193a5122b06b955a7b
2f8300574f32142a77969ab5f0296880a70d73b55bdb33b7408dc3ed2e3397f9
30c7c639fd48a0186026f900282a3b92893c32043019a5efb0ddf7e0805e296f
34b62dc3ab94aaaf4c2c6fd27e8c23a465fe600c956ffd30ef4fdd9ef473be08
3c6cce60beaa1d7b4bfcc88fcbf8e35513c7ecb1b6c98e41485137718df23381
3cd60f73211d523c38b8e8d7f421c3772f3010a0f8703251102e685fe7f51dca
3f909cd75aa7bfe580c47bf5822688dba5caac20cceb4c416ec4dd0f08682e5a
414d341a41c14a2d46f04417651234003045a89be98907990eac5dbbc2776a8d
42ad18553dd994e4bb088a02721d0a5c23f63431d0b8a9a012f27a8e148f2f48
45b83f139410925692d60949399c22da337a14c92e096e89e1079aefb45d3403
473b3cdaff88cc5db1dc8705a118868e006e99970e6016a7c688aaa31ea9276b
487fce51fd801415c362f3f9f2df43c445a4b9ba38f9b6d49dfc898dc85ede94
4a9f3c43f55d4ecbfe2ba662ac293f7fc6b9b424fbe2eb3530cacdff87cb98ac
4d2a74d8b25e1ccd4b1294b0b937804bc24aeea7f46edad3f3c1f91604d2708c
5157485dfe96b5d5e5f45eda01524834c13595e3ce3262a33b75f5e2b09a0c94
5477936b81543eeb046036c8a25ef0d68a0a5ed8755ac4a62649975ae7fbddaf
562b70e166462955c6fb79b9ad1e5406a3c7d2f68584ae3a19c1b74a78ed980d
604df8e24bfd37e54c4a3dc8f09c6c903cb85cb20e89699dbe7b9933a1ab971f
71b4fa19a4ed21aa1def9219942ddc11bff922a06a5828bf007d9dab48067bf8
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
77ae4fb56d2da594993ef6f0203c0cef103af28f7e4c5e0ac045909137422cf9
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7bd80d06c01c0340c1b9159b9b4a197db882ca18cbac8e9b9aa025e68f998d40
7d2bac0f450732a89bb1683c5ffc39e047ba0687da2f43e7f9999cb6362863fe
7d4243c8e973ec0cfc707904891ae4e3efc03dbc8923acb9755f9a35c92269a6
7ffe9379916d10552791da4f5d6c76ad8513cff5b429784cf5e99573f485d701
80e63ff2e640e365ec969b3f070c39bde56a74f85e4e9f9e6e49aca2488bd8d4
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
8d3ca80fa271e94b0c36cf3053b0f806b7a42bb3395b424c99dc0bd218f0ac20
8d4d7fb46b39d1c959a641a3f7608ae0291798600cf8713402e2a51e695808c9
8e662e5bad9e57608828a84f7636449c7a97d54afd9513a46cc1a0a0a27c8b3c
931855441b1a0de8c470a291329a62f527002b5caa8418a8c337257af5800253
93aaf053e829c9d266fed877033e5e2e0043540566847b5445aa81817612fd33
97719c71e44494e537beba8d51c6bb268a34dcd867fdefc431229225ca734b46
97f2c9e32cad92f3ff1b3e7cc050c5d52370e118a6932abfddbc8721539cf084
99ac0e388250281fe8851ef71799b3222bab0db5612c2c17deba3962626e0ec1
9d7e8053393966dc580d9a8fe9a066ef76de205f9b5d065834bbb58063fe3e47
a33543abd5834d293d8bcf1c7fa313ea8062135c70b8cdb70b5cda6e215c02aa
a4221ee405c5f5d7c2b1a5b891ba0eca3aae58d5b4e6e56c22815018ae5a7233
ac0f0afbf9b772435bd76494a46ea1cebfb75a263847a2ba8147849587fcf87d
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
b281b5a1c8394272e801ab5aef9b4b39bd90825ab46412039198d1b9e77438a0
b5ac1cf729bced42e16359c288ee8767a7dee9d703efdacdcafb6f784e67e6e5
b6001c79ff05080996f77cd3e4561352163af6996b6f6f434ac6fc96fe67b605
b80f971fe4e359d908c6b7dae74a7d02aee2536fe7c70933c49763a618767bbd
b91234b576455d66e12dd661a2539eb2418a831078ecef9ebc7f4bbd4e580d9c
baa1c009134d0d649f1a30d99cf01edce1d37531bd689aad6ee33311596a319f
bcbe6d6462acffc0236d2d8d695413071fa52fb6c8b571b5fb2995ac37cab7b8
bcc56bdbeb43af8588c4cb551d1b7832645a22894bedfc8d45558e0644f0a701
c0c1eb58fda11232d296b6f67e6190061aa5a827251ef0e245a478ff8a765390
c3c0d3f472358aac78455515c4800771426770c22698e2486d39fdb5505634e1
c41d685a2cd44db5c83be7ec5c47745b7f969f26c44c72a052c447656c920043
c46f37a799c20e2173588693aaff8225ad0383e31427b18d1bce5e0ec4563691
c535f51728d66a07fd6379cf1dc511ea36ff182bafd4f667203c35d81090c592
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c8e31ccf6dfaa59c974aafe5dd814618619fb659c7c11314d9020ea16c298873
cb9c04cf0be07c04879097a4c865739ea18d25daa2d4a80e145b688e0c8b4f22
ce0c7ef95cf301e27161602498891e8bda3a1463a6d0006225cc363539c00c13
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d57815d84d1c5bcad4e891fa3637ccf41000a3130eeca1764bf5b870def87d87
d6bd6d2b993746a146115168cf4e08fe45d46d2e4aab5b85e51fff852778a507
d8ed54f09696c15d1cc32ba39976fec13d51b776ec5c5d64e09eb42700ccfe6c
df2b580f1e2167117e8f9ea13faabba92d4d1c677951eba50a5aacb0cafb1e24
e02eea71731a2b89c79ce7dd1d9979ad96cc2df1b85c7f641329d44dda96ae9b
e371b8dcc031a250c49d0212681ff04157566db169112b49295d9f681b2227d5
e8fd6832e13fca9622a46af5fddb394c358ef083d84002896aca34613d77780e
ee5295f13ca649b64ccc980c4f8a8c51f25e443fdbf9bbc8738257609c2dd78e
f2203b599cd331cec0e0e127e80a85bfe5b64439aab0cca9118227cfa5360b63
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f8490531ab6b07cb2b6155c11447ea32318df38ab59c89a7a823604fb2b34500
f9a31cee5907cb828c9686bcec4eda7eca22bc4bdee8b2915ee31f7aee8525ac
f9f4371a4445ea909cd35eae5533a0c4bf6224810530756efcf0d55a2ace55b1

sacramento.cbslocal.com Open in urlscan Pro 192.0.66.136 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

95 Requests

97 %HTTPS

46 %IPv6

20 Domains

31 Subdomains

25 IPs

2 Countries

5173 kBTransfer

8073 kBSize

3 Cookies

22 Outgoing links

Redirected requests

95 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

sacramento.cbslocal.com Open in urlscan Pro
192.0.66.136 Public Scan

Screenshot
Live screenshot

Full Image

95
Requests

97 %
HTTPS

46 %
IPv6

20
Domains

31
Subdomains

25
IPs

2
Countries

5173 kB
Transfer

8073 kB
Size

3
Cookies

95 HTTP transactions
0 data transactions