www.kiro7.com Open in urlscan Pro
2.16.187.65 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemploymen...
Effective URL:
https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemploymen...
Submission: On August 03 via automatic, source phishtank (August 3rd 2020, 2:38:11 pm UTC)

Summary HTTP 181 Redirects Links 34 Behaviour Indicators

Summary

This website contacted 51 IPs in 7 countries across 43 domains to perform 181 HTTP transactions. The main IP is 2.16.187.65, located in Ascension Island and belongs to AKAMAI-ASN1, EU. The main domain is www.kiro7.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on May 27th 2020. Valid for: 3 months.

This is the only time www.kiro7.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 25	2.16.187.65 2.16.187.65	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	23.111.9.35 23.111.9.35	33438 (HIGHWINDS2) (HIGHWINDS2)
1	2a00:1450:400... 2a00:1450:4001:81e::200a	15169 (GOOGLE) (GOOGLE)
2	2600:9000:214... 2600:9000:214f:1000:a:588b:e680:93a1	16509 (AMAZON-02) (AMAZON-02)
5	99.86.0.120 99.86.0.120	16509 (AMAZON-02) (AMAZON-02)
1	23.210.250.13 23.210.250.13	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:816::2008	15169 (GOOGLE) (GOOGLE)
2	23.210.250.44 23.210.250.44	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a02:26f0:6c0... 2a02:26f0:6c00:185::3282	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2a00:1450:400... 2a00:1450:4001:821::2002	15169 (GOOGLE) (GOOGLE)
4	54.183.239.235 54.183.239.235	16509 (AMAZON-02) (AMAZON-02)
26	151.101.13.44 151.101.13.44	54113 (FASTLY) (FASTLY)
2	2a02:26f0:6c0... 2a02:26f0:6c00:19a::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a00:1450:400... 2a00:1450:4001:824::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81b::2002	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
11	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
2	2600:9000:205... 2600:9000:2057:7000:18:1fcd:34e:d2a1	16509 (AMAZON-02) (AMAZON-02)
5	2606:4700::68... 2606:4700::6810:51a5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	52.45.140.238 52.45.140.238	14618 (AMAZON-AES) (AMAZON-AES)
2 6	23.37.53.17 23.37.53.17	16625 (AKAMAI-AS) (AKAMAI-AS)
1	23.210.248.65 23.210.248.65	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2600:9000:214... 2600:9000:214f:c400:16:b34:fdc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1 1	2a00:1450:400... 2a00:1450:400c:c06::9b	15169 (GOOGLE) (GOOGLE)
2 4	2a00:1450:400... 2a00:1450:4001:81d::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
4	23.210.249.164 23.210.249.164	16625 (AKAMAI-AS) (AKAMAI-AS)
6	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
3	37.252.172.249 37.252.172.249	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2a00:1450:400... 2a00:1450:4001:81e::2001	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:819::2001	15169 (GOOGLE) (GOOGLE)
2	64.202.112.159 64.202.112.159	23352 (SERVERCEN...) (SERVERCENTRAL)
2	52.44.69.185 52.44.69.185	14618 (AMAZON-AES) (AMAZON-AES)
1	2a04:4e42:3::714 2a04:4e42:3::714	54113 (FASTLY) (FASTLY)
1 2	52.95.123.167 52.95.123.167	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:6c0... 2a02:26f0:6c00:192::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	13.89.172.6 13.89.172.6	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	151.101.113.194 151.101.113.194	54113 (FASTLY) (FASTLY)
2	151.101.113.181 151.101.113.181	54113 (FASTLY) (FASTLY)
4	2a00:1450:400... 2a00:1450:4001:81f::2002	15169 (GOOGLE) (GOOGLE)
1	2600:9000:205... 2600:9000:2057:9000:d:77c3:2dc0:21	16509 (AMAZON-02) (AMAZON-02)
2	3.128.54.90 3.128.54.90	16509 (AMAZON-02) (AMAZON-02)
3	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	23.210.249.92 23.210.249.92	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.35.254.61 13.35.254.61	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:6c0... 2a02:26f0:6c00:181::3282	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	15.236.175.233 15.236.175.233	16509 (AMAZON-02) (AMAZON-02)
181	51

25 2.16.187.65 (Ascension Island) 1 redirects

ASN20940 (AKAMAI-ASN1, EU)
PTR: a2-16-187-65.deploy.static.akamaitechnologies.com

www.kiro7.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.111.9.35 (Phoenix, United States)

ASN33438 (HIGHWINDS2, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:214f:1000:a:588b:e680:93a1 (United States)

ASN16509 (AMAZON-02, US)

membercenter-sdk.cmg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 99.86.0.120 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-0-120.fra6.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.210.250.13 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-250-13.deploy.static.akamaitechnologies.com

s.ntv.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.210.250.44 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-250-44.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:185::3282 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

widgets.media.weather.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:821::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.183.239.235 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-183-239-235.us-west-1.compute.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 151.101.13.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
15.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imprammp.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00:19a::11a6 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

s.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
684dd308.akstat.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:824::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f130.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2057:7000:18:1fcd:34e:d2a1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6810:51a5 (United States)

ASN13335 (CLOUDFLARENET, US)

www.lightboxcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.45.140.238 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-140-238.compute-1.amazonaws.com

pr.realvu.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 23.37.53.17 (Netherlands) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-53-17.deploy.static.akamaitechnologies.com

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.210.248.65 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-248-65.deploy.static.akamaitechnologies.com

tcheck.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:c400:16:b34:fdc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

member-center-api.cmg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9b (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81d::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.210.249.164 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-249-164.deploy.static.akamaitechnologies.com

as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 35.244.159.8 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

coxmediagroup-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.172.249 (Ascension Island)

ASN29990 (ASN-APPNEX, US)
PTR: 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

3aa13c75fe4cbb2507c9f773cfbf13bd.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:819::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.202.112.159 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com

log.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.44.69.185 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-44-69-185.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:3::714 (Ascension Island)

ASN54113 (FASTLY, US)

mab.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.95.123.167 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:192::11a6 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

c.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.89.172.6 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

lightboxapi.azurewebsites.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.113.194 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

includemodal.global.ssl.fastly.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.113.181 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

widget.perfectmarket.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:9000:d:77c3:2dc0:21 (United States)

ASN16509 (AMAZON-02, US)

d2s8wlbatk24s7.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.128.54.90 (Seattle, United States)

ASN16509 (AMAZON-02, US)

includemodal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

am-match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-vid-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.210.249.92 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-249-92.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.35.254.61 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-254-61.fra6.r.cloudfront.net

public.servenobid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:181::3282 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)

widgets-green.media.weather.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.236.175.233 (Paris, France) 1 redirects

ASN16509 (AMAZON-02, US)

twcimaxweb.112.2o7.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
29	taboola.com cdn.taboola.com trc.taboola.com 15.taboola.com images.taboola.com vidstat.taboola.com am-match.taboola.com am-vid-events.taboola.com imprammp.taboola.com	779 KB
25	kiro7.com 1 redirects www.kiro7.com	518 KB
14	googlesyndication.com 3aa13c75fe4cbb2507c9f773cfbf13bd.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	148 KB
14	doubleclick.net 2 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net	105 KB
7	amazon-adsystem.com 1 redirects c.amazon-adsystem.com aax-eu.amazon-adsystem.com	31 KB
6	openx.net coxmediagroup-d.openx.net eu-u.openx.net	1 KB
6	scorecardresearch.com 2 redirects sb.scorecardresearch.com	4 KB
5	realvu.net pr.realvu.net	74 KB
5	lightboxcdn.com www.lightboxcdn.com	125 KB
5	google.com 2 redirects adservice.google.com www.google.com	1 KB
4	google.de adservice.google.de www.google.de	488 B
4	postrelease.com jadserve.postrelease.com	3 KB
4	googletagservices.com www.googletagservices.com	100 KB
4	fontawesome.com use.fontawesome.com	151 KB
3	adnxs.com ib.adnxs.com	2 KB
3	casalemedia.com as-sec.casalemedia.com	3 KB
3	outbrainimg.com tcheck.outbrainimg.com log.outbrainimg.com	1 KB
3	chartbeat.com static.chartbeat.com mab.chartbeat.com	32 KB
3	facebook.net connect.facebook.net	117 KB
3	gstatic.com fonts.gstatic.com	33 KB
3	cmg.com membercenter-sdk.cmg.com member-center-api.cmg.com	487 KB
2	2o7.net 1 redirects twcimaxweb.112.2o7.net	558 B
2	includemodal.com includemodal.com	264 B
2	perfectmarket.com widget.perfectmarket.com	32 KB
2	fastly.net includemodal.global.ssl.fastly.net	57 KB
2	facebook.com www.facebook.com	259 B
2	chartbeat.net ping.chartbeat.net	336 B
2	googleadservices.com www.googleadservices.com	13 KB
2	google-analytics.com 1 redirects www.google-analytics.com	18 KB
2	go-mpulse.net s.go-mpulse.net c.go-mpulse.net	51 KB
2	weather.com widgets.media.weather.com widgets-green.media.weather.com	116 KB
2	outbrain.com widgets.outbrain.com	47 KB
1	akstat.io 684dd308.akstat.io	354 B
1	indexww.com js-sec.indexww.com
1	pubmatic.com hbopenbid.pubmatic.com Failed ads.pubmatic.com
1	servenobid.com ads.servenobid.com Failed public.servenobid.com
1	cloudfront.net d2s8wlbatk24s7.cloudfront.net	14 KB
1	azurewebsites.net lightboxapi.azurewebsites.net	782 B
1	googletagmanager.com www.googletagmanager.com	49 KB
1	ntv.io s.ntv.io	96 KB
1	googleapis.com fonts.googleapis.com	1 KB
0	smartadserver.com Failed prg.smartadserver.com Failed
0	rubiconproject.com Failed fastlane.rubiconproject.com Failed
181	43

	Domain	Requested by
25	www.kiro7.com	1 redirects www.kiro7.com
14	images.taboola.com	www.kiro7.com
11	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.kiro7.com
9	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
6	sb.scorecardresearch.com	2 redirects www.kiro7.com cdn.taboola.com www.googletagmanager.com
6	cdn.taboola.com	www.kiro7.com cdn.taboola.com securepubads.g.doubleclick.net
5	pr.realvu.net	www.googletagmanager.com pr.realvu.net
5	www.lightboxcdn.com	www.kiro7.com www.lightboxcdn.com
5	c.amazon-adsystem.com	www.kiro7.com c.amazon-adsystem.com
4	pagead2.googlesyndication.com	www.kiro7.com securepubads.g.doubleclick.net
4	www.google.com	2 redirects www.kiro7.com securepubads.g.doubleclick.net
4	jadserve.postrelease.com	s.ntv.io www.kiro7.com
4	www.googletagservices.com	www.kiro7.com securepubads.g.doubleclick.net
4	use.fontawesome.com	www.kiro7.com
3	eu-u.openx.net	www.kiro7.com
3	trc.taboola.com	cdn.taboola.com www.kiro7.com
3	ib.adnxs.com	www.kiro7.com
3	coxmediagroup-d.openx.net	www.kiro7.com
3	as-sec.casalemedia.com	www.kiro7.com pr.realvu.net
3	www.google.de	www.kiro7.com
3	connect.facebook.net	www.googletagmanager.com connect.facebook.net
3	fonts.gstatic.com	www.kiro7.com
2	twcimaxweb.112.2o7.net	1 redirects
2	am-match.taboola.com	vidstat.taboola.com
2	includemodal.com	www.kiro7.com
2	widget.perfectmarket.com	cdn.taboola.com widget.perfectmarket.com
2	includemodal.global.ssl.fastly.net	securepubads.g.doubleclick.net
2	www.facebook.com	www.kiro7.com connect.facebook.net
2	aax-eu.amazon-adsystem.com	1 redirects c.amazon-adsystem.com
2	ping.chartbeat.net	www.kiro7.com
2	googleads.g.doubleclick.net	1 redirects www.googleadservices.com
2	log.outbrainimg.com	widgets.outbrain.com
2	static.chartbeat.com	www.kiro7.com www.googletagmanager.com
2	www.googleadservices.com	www.googletagmanager.com www.googleadservices.com
2	www.google-analytics.com	1 redirects www.googletagmanager.com
2	widgets.outbrain.com	www.kiro7.com widgets.outbrain.com
2	membercenter-sdk.cmg.com	www.kiro7.com membercenter-sdk.cmg.com
1	684dd308.akstat.io	s.go-mpulse.net
1	widgets-green.media.weather.com	widgets.media.weather.com
1	public.servenobid.com	pr.realvu.net
1	js-sec.indexww.com	pr.realvu.net
1	ads.pubmatic.com	pr.realvu.net
1	imprammp.taboola.com	www.kiro7.com
1	am-vid-events.taboola.com	www.kiro7.com
1	d2s8wlbatk24s7.cloudfront.net	includemodal.global.ssl.fastly.net
1	vidstat.taboola.com	cdn.taboola.com
1	15.taboola.com	cdn.taboola.com
1	lightboxapi.azurewebsites.net	www.lightboxcdn.com
1	c.go-mpulse.net	s.go-mpulse.net
1	mab.chartbeat.com	static.chartbeat.com
1	3aa13c75fe4cbb2507c9f773cfbf13bd.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	stats.g.doubleclick.net	1 redirects
1	member-center-api.cmg.com	membercenter-sdk.cmg.com
1	tcheck.outbrainimg.com	widgets.outbrain.com
1	adservice.google.com	www.googletagservices.com
1	adservice.google.de	www.googletagservices.com
1	s.go-mpulse.net	www.kiro7.com
1	widgets.media.weather.com	www.kiro7.com
1	www.googletagmanager.com	www.kiro7.com
1	s.ntv.io	www.kiro7.com
1	fonts.googleapis.com	www.kiro7.com
0	prg.smartadserver.com Failed	pr.realvu.net
0	hbopenbid.pubmatic.com Failed	pr.realvu.net
0	ads.servenobid.com Failed	pr.realvu.net
0	fastlane.rubiconproject.com Failed	www.kiro7.com
181	65

This site contains links to these domains. Also see Links.

Domain
jessejones.com
kiro7apps.com
storm.wnba.com
www.reignfc.com
jobs.coxenterprises.com
publicfiles.fcc.gov
membercenter.kiro7.com
www.agari.com
ejnql.com
popup.taboola.com
fribbla.de
mexective-emplease.com
www.appurse.com
financialadvisorheroes.com
wlvvo.com
financeblvd.com
www.saverdaily.com
misspennystocks.com
rfvtgb.restwow.com
healthygeorge.com
plarium.com
www.coxmediagroup.com
cmg.jobs.net

Subject Issuer	Validity	Valid
cmg.cdn.arcpublishing.com Let's Encrypt Authority X3	`2020-05-27` - `2020-08-25`	3 months	crt.sh
*.fontawesome.com DigiCert SHA2 Secure Server CA	`2019-10-28` - `2020-12-23`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
cmg.com Amazon	`2020-06-04` - `2021-07-04`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2019-10-07` - `2020-09-29`	a year	crt.sh
*.ntv.io DigiCert SHA2 Secure Server CA	`2019-11-18` - `2021-02-16`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
*.outbrain.com DigiCert SHA2 Secure Server CA	`2020-03-09` - `2021-06-08`	a year	crt.sh
www.weather.com DigiCert Secure Site ECC CA-1	`2020-03-12` - `2021-03-12`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
*.postrelease.com Amazon	`2020-02-28` - `2021-03-28`	a year	crt.sh
*.taboola.com DigiCert SHA2 Secure Server CA	`2020-06-01` - `2020-09-10`	3 months	crt.sh
akstat.io DigiCert Secure Site ECC CA-1	`2020-05-06` - `2021-08-05`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
*.google.de GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-07-21` - `2020-10-12`	3 months	crt.sh
www.googleadservices.com GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2020-06-01` - `2021-06-02`	a year	crt.sh
ssl516460.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2020-05-19` - `2020-11-25`	6 months	crt.sh
ac.realvu.net Amazon	`2020-03-27` - `2021-04-27`	a year	crt.sh
sb.scorecardresearch.com DigiCert Secure Site ECC CA-1	`2020-07-17` - `2021-06-02`	a year	crt.sh
*.outbrainimg.com DigiCert Secure Site ECC CA-1	`2020-03-26` - `2021-06-25`	a year	crt.sh
www.google.de GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2020-03-02` - `2021-04-01`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2019-12-16` - `2020-12-30`	a year	crt.sh
f6.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-06-13` - `2021-04-24`	10 months	crt.sh
aax-eu.amazon-adsystem.com Amazon	`2020-06-15` - `2021-06-15`	a year	crt.sh
www.google.com GTS CA 1O1	`2020-07-07` - `2020-09-29`	3 months	crt.sh
*.azurewebsites.net Microsoft IT TLS CA 5	`2019-09-24` - `2021-09-24`	2 years	crt.sh
*.freetls.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-04-21` - `2021-04-22`	a year	crt.sh
p.ssl.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2019-09-03` - `2021-02-22`	a year	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2020-05-26` - `2021-04-21`	a year	crt.sh
includemodal.com Amazon	`2019-12-13` - `2021-01-13`	a year	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2020-02-26` - `2021-05-27`	a year	crt.sh
*.servenobid.com Amazon	`2020-04-06` - `2021-05-06`	a year	crt.sh
*.112.2o7.net DigiCert SHA2 High Assurance Server CA	`2019-04-23` - `2021-04-27`	2 years	crt.sh

This page contains 17 frames:

Primary Page: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Frame ID: 6BECF11223059A332B543DAFAD472527
Requests: 146 HTTP requests in this frame

Frame: https://s.go-mpulse.net/boomerang/2ARQK-4FEY5-2C44D-9TAQS-ZHZL7
Frame ID: 4D473634643CCDAF58C14C3F4A61445E
Requests: 2 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Frame ID: 7E5991C9FF29A89406C7C634DC04D80E
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=pm-db5_rbd_an-db5&dcc=t
Frame ID: 3F31A433A6753499471FA59F70038AE1
Requests: 1 HTTP requests in this frame

Frame: https://includemodal.global.ssl.fastly.net/pw.js
Frame ID: 6BB8D1265A8B453C569584A869762A2C
Requests: 12 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 006F510AB6C9E8E705501260AEA40E68
Requests: 1 HTTP requests in this frame

Frame: https://membercenter-sdk.cmg.com/sdk/hub.html
Frame ID: F716A9EB9DD9D839042F6DC196AAF074
Requests: 1 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V7CYECFgP6xkUF09cpaQT6xkUF09cpaQUAAAAGBvQHGkXYDJeTyWIxWA5Wm91ushoud5PVbLcYwkYRNsPlZLJYDJaD1Wa3WyxWm-FusJstJ1NYMZbLZFALJCyz33dQUE5Pj9llEBVdb4vd4TR7Dmo1w_IxGiSDxW4Ne2g6HT7XvV7rtPx9c43f7Ze6PJ-XW-q3uzx_od_3Fjo8Xpfl81ZYXm7N6eUwO-0-t9B1N1leJs9bb3OrnWaz02_3vPU2t8hvNjssn7fM8ne7dQ_P0Wn3mf52t-ruchvOfufbZTe9Nc_P6eX2ywEAAADgAUAJcxviBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAOAgGtLA-CZY2EdTs_L8nD9PKd_AAA8FIAAAAwokAAI_NWUAHhQLJ0AAAAAAAAAALD8____xwDkXafIAGRoBfUAPPgAPBAVVBYxAgAAAMjlfF07mtQJlUUVAABBuhXAFQBAwBxt8GpEGAAAgMDYAj0sfr_ZYdf43S4DAAAAAAAAADD7P_tHE_JBsU8DulfoUfsFBABY-wUEAGBTNwCANwG4oCNoxWCwOgLaDCazAwAAALj7____1wOJ3XA52K1mm41jObMZV77RxrdceTyblWs0m80m3iNEEDVvM_5k72sRltnvOygop6fH7DKIiq63xe5wmj0HtZph-RgNksFiNxAfNAzLySCY34QtRqvJZLMczpaLyWA4Go5G-xPAzQAnaDgcLHaDxW6xGE4Wk9FgOVigQAwmOCHD0WayGu1Wu8lyOBmNZpvJBilatZqNNoPhajaZ7Xar4WC4HI2QojWL2WSymI2Wu81gORkNhpPhEGHENFtuhpuNWzYx2dyi4WayFk5ss7XEsjAOVsuNyTYyrEWvj-k2WSxsE8cWBQP29iK4SCcav_GtdVr-btHtIpZoThbpRHbZN3bD5WC3mm02juXMZlz5RhvfcuXxbFau0Ww2m_grptlyM9xs3LKJyeYWDTeTtXBim60lloVxsFpuTLaRYS16fUy3yWJhmzj2jdVyNpqtRqvdvrFazkaz1Wi123foDN_V52yUpg22jk-1FB0P35jpoHAZLN6X-nQeFowF6-9zdAolimVRZ_T7_X6_3-_3-_1-g9ZzMBsUvmnxcHwtXtLZLeVdxBLB6SKdiF7G00UskTwt0olkMXJ4bKbRbrdc7iaj2Wq1cZhcy-XMY1iMdpvdRCxRmi7SiV7q8nxebqnf7vL8hX7fW-jweF2Wz1thebk1p5fD7LT73ELX3WR5mTxvvc2tdprNTr_d89bb3CK_2eywfN4yy9_t1j08R6fdZ_rb3aq7y204-51vl9301jw_p5fbov7jQwxXc8VqNlfsVnPFYLdKAAAAAAAAAABLmDJvAgAAAHAaxGwz2-yWC_CAGKYLDAIAAAAAALBLbDJdknq3VF7c-PHC-I1vrdPyd4tuZ97smSDWarWsAQAABLABAAACuHXzFhAWAQ!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: 727C77A5F8C2C032CBAA30A2463E6414
Requests: 1 HTTP requests in this frame

Frame: https://includemodal.global.ssl.fastly.net/pw.js
Frame ID: 6973A7DF0166FBAF4BD89A845513274B
Requests: 10 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=e31558e5-75b7-420e-989f-cbc513e3a26b&gdpr=0
Frame ID: 7B5E266BC661791A9E1465330978FC63
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=e31558e5-75b7-420e-989f-cbc513e3a26b&gdpr=0
Frame ID: 9D15849A0FEC1CBC5D434CB69C85018C
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=e31558e5-75b7-420e-989f-cbc513e3a26b&gdpr=0
Frame ID: 5D8F46586E4DE4DBB58300A2EAB9BB31
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: CB6595D41F3A31931F21551D31E7556B
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: A55913704E25BF28B1A96500C77313FD
Requests: 1 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: 1E8CE1D0741A26AF62435AFC8483962B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Frame ID: E141EE2B831F7D7814035F3BE6E7C940
Requests: 1 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V7CYECFgP6xkUF09cpaQT6xkUF09cpaQUAAAAGBvQHGkXYDJeTyWIxWA5Wm91ushoud5PVbLcYwkYRNsPlZLJYDJaD1Wa3WyxWm-FusJstJ1NYMZbLZFALJCyz33dQUE5Pj9llEBVdb4vd4TR7Dmo1w_IxGiSDxW4Ne2g6HT7XvV7rtPx9c43f7Ze6PJ-XW-q3uzx_od_3Fjo8Xpfl81ZYXm7N6eUwO-0-t9B1N1leJs9bb3OrnWaz02_3vPU2t8hvNjssn7fM8ne7dQ_P0Wn3mf52t-ruchvOfufbZTe9Nc_P6eX2ywEAAADgAUAJcxviBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAOAgGtLA-CZY2EdTs_L8nD9PKd_AAA8FIAAAAwokAAI_NWUAHhQLJ0AAAAAAAAAALD8____xwDkXafIAGRoBfUAPPgAPBAVVBYxAgAAAMjlfF07mtQJlUUVAABBuhXAFQBAwBxt8GpEGAAAgMDYAj0sfr_ZYdf43S4DAAAAAAAAADD7P_tHE_JBsU8DulfoUfsFBABY-wUEAGBTNwCANwG4oCNoxWCwOgLaDCazAwAAALj7____1wOJ3XA52K1mm41jObMZV77RxrdceTyblWs0m80m3iNEEDVvM_5k72sRltnvOygop6fH7DKIiq63xe5wmj0HtZph-RgNksFiNxAfNAzLySCY34QtRqvJZLMczpaLyWA4Go5G-xPAzQAnaDgcLHaDxW6xGE4Wk9FgOVigQAwmOCHD0WayGu1Wu8lyOBmNZpvJBilatZqNNoPhajaZ7Xar4WC4HI2QojWL2WSymI2Wu81gORkNhpPhEGHENFtuhpuNWzYx2dyi4WayFk5ss7XEsjAOVsuNyTYyrEWvj-k2WSxsE8cWBQP29iK4SCcav_GtdVr-btHtIpZoThbpRHbZN3bD5WC3mm02juXMZlz5RhvfcuXxbFau0Ww2m_grptlyM9xs3LKJyeYWDTeTtXBim60lloVxsFpuTLaRYS16fUy3yWJhmzj2jdVyNpqtRqvdvrFazkaz1Wi123foDN_V52yUpg22jk-1FB0P35jpoHAZLN6X-nQeFowF6-9zdAolimVRZ_T7_X6_3-_3-_1-g9ZzMBsUvmnxcHwtXtLZLeVdxBLB6SKdiF7G00UskTwt0olkMXJ4bKbRbrdc7iaj2Wq1cZhcy-XMY1iMdpvdRCxRmi7SiV7q8nxebqnf7vL8hX7fW-jweF2Wz1thebk1p5fD7LT73ELX3WR5mTxvvc2tdprNTr_d89bb3CK_2eywfN4yy9_t1j08R6fdZ_rb3aq7y204-51vl9301jw_p5fbov7jQwxXc8VqNlfsVnPFYLdKAAAAAAAAAABLmDJvAgAAAHAaxGwz2-yWC_CAGKYLDAIAAAAAALBLbDJdknq3VF7c-PHC-I1vrdPyd4tuZ97smSDWarWsAQAABLABAAACuHXzFhAWAQ!&excid=22&docw=0&cijs=1&nlb=true
Frame ID: 53ED62AE951E91DFAD7C7F5FB7E3DD4B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-wa... HTTP 301
https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-wa... Page URL

Detected technologies

Lua (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

OpenResty (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Lightbox (JavaScript Libraries) Expand

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

Page Statistics

181
Requests

96 %
HTTPS

49 %
IPv6

43
Domains

65
Subdomains

51
IPs

7
Countries

3205 kB
Transfer

10064 kB
Size

0
Cookies

34 Outgoing links

These are links going to different origins than the main page.

URL: https://jessejones.com/
Title: Jesse Jones

Search URL Search Domain Scan URL

URL: https://kiro7apps.com/
Title: KIRO 7 Apps

Search URL Search Domain Scan URL

URL: https://storm.wnba.com/news/
Title: Seattle Storm

Search URL Search Domain Scan URL

URL: https://www.reignfc.com/#news
Title: Seattle Reign FC

Search URL Search Domain Scan URL

URL: https://jobs.coxenterprises.com/Businesses/Cox-Media-Group?prefilters=none&CloudSearchLocation=none
Title: Jobs with KIRO 7

Search URL Search Domain Scan URL

URL: https://publicfiles.fcc.gov/tv-profile/kiro-tv
Title: KIRO 7 Public File

Search URL Search Domain Scan URL

URL: https://publicfiles.fcc.gov/tv-profile/kiro-tv/equal-employment-opportunity-records/additional-documents/eeo-public-file-reports/13c34945-0d96-22eb-dfe4-c48013168eea/
Title: KIRO 7 FCC EEO Report

Search URL Search Domain Scan URL

URL: https://membercenter.kiro7.com/newsletters
Title: Newsletter Sign-up

Search URL Search Domain Scan URL

URL: https://jessejones.com/scammers-swoop-in-swipe-washington-unemployment-benefits/
Title: impostor fraud

Search URL Search Domain Scan URL

URL: https://www.agari.com/email-security-blog/covid-19-unemployment-fraud-cares-act/
Title: Scattered Canary

Search URL Search Domain Scan URL

URL: https://jessejones.com/victims-of-unemployment-fraud-have-assets-frozen-by-bank/
Title: Victims of unemployment fraud have assets frozen by bank

Search URL Search Domain Scan URL

URL: https://jessejones.com/impostor-fraud-continues-seattle-mans-information-used-to-apply-for-unemployment-benefits-in-three-states/
Title: Impostor fraud continues: Seattle man's information used to apply for unemployment benefits in three states

Search URL Search Domain Scan URL

URL: https://jessejones.com/at-least-55000-people-in-washington-wait-for-unemployment-decisions/
Title: At least 55,000 people in Washington wait for unemployment decisions

Search URL Search Domain Scan URL

URL: https://jessejones.com/delays-denials-as-coronavirus-fuels-demand-for-unemployment-benefits/
Title: Delays, denials as Coronavirus fuels demand for unemployment benefits

Search URL Search Domain Scan URL

URL: http://ejnql.com/cid/2a27dd44-099d-4e01-a9be-b3a186cd96be?campaignid=5231024&site=cox-kiro-tv&thumbnail=http%3A%2F%2Fejnql.com%2Fcontent%2F40c8ef90-07c7-487a-84df-63d93500c1a4.jpg&title=So+wenig+kosten+Zahnimplantat+in+Zollikofen+wirklich&timestamp=2020-08-03+14%3A37%3A37&platform=Desktop&campaignitemid=2910375104#tblciGiBIuH2XoDAY7ttD2ZR0Fr1AVWNIvQ387J-8-LQGIlMMOCDlok0
Title: Implantat Zahn Kosten | Gesponserte Links

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=cox-kiro-tv&utm_medium=referral&utm_content=thumbs-feed-01-b:Below%20Article%20Thumbnails%20-March%202017%20|%20Card%201:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://fribbla.de/insiders/15-historische-fotos-die-sie-gesehen-haben-sollten/2/?utm_source=t&utm_medium=cox-kiro-tv&utm_campaign=4998657&utm_content=2906508176#tblciGiBIuH2XoDAY7ttD2ZR0Fr1AVWNIvQ387J-8-LQGIlMMOCCG8kU
Title: Fribbla.de

Search URL Search Domain Scan URL

URL: https://mexective-emplease.com/75d23950-e75c-4d08-9f28-c791321d5ac0?widget_id=cox-kiro-tv&teaser_id=2908660937&title=Zehennagelpilz-Entdeckung+macht+%C3%84rzte+sprachlos+%28dies+testen%29&click_id=GiBIuH2XoDAY7ttD2ZR0Fr1AVWNIvQ387J-8-LQGIlMMOCCMlkE&tblci=GiBIuH2XoDAY7ttD2ZR0Fr1AVWNIvQ387J-8-LQGIlMMOCCMlkE#tblciGiBIuH2XoDAY7ttD2ZR0Fr1AVWNIvQ387J-8-LQGIlMMOCCMlkE
Title: Onycosolve

Search URL Search Domain Scan URL

URL: https://www.appurse.com/articles/see-what-tiger-woods-ex-looks-like-now.html?utm_source=cox-kiro-tv&utm_medium=taboola&utm_campaign=4044834&utm_content=2887100520#tblciGiBIuH2XoDAY7ttD2ZR0Fr1AVWNIvQ387J-8-LQGIlMMOCDe0T8
Title: Appurse

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=cox-kiro-tv&utm_medium=referral&utm_content=thumbs-feed-01-a-2x1:Below%20Article%20Thumbnails%20-March%202017%20|%20Card%202:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://financialadvisorheroes.com/celebs/nomakeup-helene-fischer?utm_source=taboola&utm_medium=cox-kiro-tv&utm_campaign=5079952&utm_term=Helene+Fischer%2C+35%2C+l%C3%A4sst+ihr+Make-up+weg+und+wir+sind+sprachlos&utm_content=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F633033fa63bc3002d8182fe221ed9a0c.jpg
Title: FinancialAdvisorHeroes

Search URL Search Domain Scan URL

URL: http://wlvvo.com/cid/d088f1c6-2645-45fd-8052-1cf69268c48b?campaignid=5341809&site=cox-kiro-tv&thumbnail=http%3A%2F%2Fwlvvo.com%2Fcontent%2Fab0735b3-a418-4e65-82d8-d55cf27f8ea8.jpg&title=So+viel+sollten+Zahnimplantate+in+Zollikofen+kosten&timestamp=2020-08-03+14%3A37%3A37&platform=Desktop&campaignitemid=2912463674#tblciGiBIuH2XoDAY7ttD2ZR0Fr1AVWNIvQ387J-8-LQGIlMMOCDlok0
Title: Implantat Zahn Schmerzen | Sponsored Listings

Search URL Search Domain Scan URL

URL: https://financeblvd.com/life-style/diese-42-makellos-gealterten-stars-sind-immer-noch-guter-form-und-sehen-fantastisch-aus?utm_source=taboola&utm_medium=cox-kiro-tv&utm_campaign=4354792&utm_term=Erinnerst+du+dich+an+Pauley%3F+Atme+tief+ein%2C+bevor+du+siehst%2C+wie+sie+jetzt+aussieht%21&utm_content=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F6d8c3761710bfeeee163b165eaf0338c.jpg
Title: Finance BLVD

Search URL Search Domain Scan URL

URL: https://www.saverdaily.com/ubriggebliebene-autos-aus-den-jahren-2018-und-2019-konnten-uberraschend-erschwinglich-sein?cpid=b7241d2e-96b1-4908-bf41-ac95d9619541&click_id=GiBIuH2XoDAY7ttD2ZR0Fr1AVWNIvQ387J-8-LQGIlMMOCD6_Eg&network={network}&campaign=3404410&site=cox-kiro-tv&thumbnail=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F0dd2c95272b917cee80d1cd8f9b820e6.jpg&title=Zollikofen%3A+Unverkaufte+Autos+von+2019+gehen+konnte+f%C3%BCr+einen+Bruchteil+ihres+Werts+weg&adid=2904604980#tblciGiBIuH2XoDAY7ttD2ZR0Fr1AVWNIvQ387J-8-LQGIlMMOCD6_Eg
Title: Autos | Gesponserte Links

Search URL Search Domain Scan URL

URL: http://misspennystocks.com/trending/heartwarming-last-photos-celebrities-passed-away-partners/?utm_source=taboola&utm_medium=cox-kiro-tv&utm_campaign=4741203&utm_term=Patrick+Swayze%27s+Last+Photo+Is+Heartbreaking&utm_content=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2Fa168495099cd142f76722a8b37160660.jpg
Title: Miss Penny Stocks

Search URL Search Domain Scan URL

URL: https://rfvtgb.restwow.com/worldwide/slim-ta-ge?utm_medium=taboola&utm_source=taboola&utm_campaign=ta-rw-slim-s-des-3s-26070&utm_term=cox-kiro-tv
Title: Rest Wow

Search URL Search Domain Scan URL

URL: https://financialadvisorheroes.com/entertainment/german-nmu-hagen?utm_source=taboola&utm_medium=cox-kiro-tv&utm_campaign=4701044&utm_term=Nina+Hagen%2C+65%2C+l%C3%A4sst+ihr+Make-up+weg+und+wir+sind+sprachlos&utm_content=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F231241e2d20acf922b953be4a01e7f1a.jpg
Title: FinancialAdvisorHeroes

Search URL Search Domain Scan URL

URL: https://healthygeorge.com/anti-aging/stars-without-makeup-amal?utm_source=taboola&utm_medium=cox-kiro-tv&utm_campaign=4618413&utm_term=Amal+Clooney+No+Makeup+Photo+Confirms+The+Rumors&utm_content=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F8b50c3c0152c4b476d103af9e71474aa.jpg
Title: Healthy George

Search URL Search Domain Scan URL

URL: https://plarium.com/landings/de/vikings/encyclopedia_f001_a?publisherID=2861321133&placement=cox-kiro-tv&click_Id=GiBIuH2XoDAY7ttD2ZR0Fr1AVWNIvQ387J-8-LQGIlMMOCD4rkE&adpartnerset=452213&plid=128923&pxl=taboola_fr#tblciGiBIuH2XoDAY7ttD2ZR0Fr1AVWNIvQ387J-8-LQGIlMMOCD4rkE
Title: Vikings: Gratis Online Spiel

Search URL Search Domain Scan URL

URL: https://www.coxmediagroup.com/
Title: Cox Media Group

Search URL Search Domain Scan URL

URL: https://cmg.jobs.net/
Title: Cox Media Group

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/ HTTP 301
https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 44

https://sb.scorecardresearch.com/b?c1=2&c2=32816940&ns__t=1596465456314&ns_c=UTF-8&c8=How%20hackers%20are%20stealing%20hundreds%20of%20millions%20of%20dollars%20from%20Washington%E2%80%99s%20unemployment%20system&c7=https%3A%2F%2Fwww.kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=32816940&ns__t=1596465456314&ns_c=UTF-8&c8=How%20hackers%20are%20stealing%20hundreds%20of%20millions%20of%20dollars%20from%20Washington%E2%80%99s%20unemployment%20system&c7=https%3A%2F%2Fwww.kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F&c9=&cs_ak_ss=1

Request Chain 56

https://www.google-analytics.com/r/collect?v=1&_v=j83&a=810983457&t=pageview&_s=1&dl=https%3A%2F%2Fwww.kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F&ul=en-us&de=UTF-8&dt=How%20hackers%20are%20stealing%20hundreds%20of%20millions%20of%20dollars%20from%20Washington%E2%80%99s%20unemployment%20system&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEAB~&jid=1285928932&gjid=224369891&cid=610470161.1596465456&tid=UA-69447481-1&_gid=80899536.1596465456&_r=1&gtm=2wg7m1WJW4B46&cd1=tv&cd2=kiro-tv&cd3=wa%3A%20seattle&cd4=core&cd5=news&cd6=responsive%20site&cd7=kiro7.com&cd8=https%3A%2F%2Fwww.kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F&cd9=how%20hackers%20are%20stealing%20hundreds%20of%20millions%20of%20dollars%20from%20washington%E2%80%99s%20unemployment%20system&cd10=news&cd11=jesse%20jones&cd12=&cd14=article&cd15=WXYQ2IBHV45AXZSL3LOLK4ZUQM&cd17=202005211745&cd18=20200730918&cd19=&cd20=&cd22=standalone%20page&cd26=arc&cd27=%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F&cd29=coronavirus%2Ccybercrime%2Cfraud%2Cgovernment-waste%2Cjesses-story-of-the-day%2CJesseJones&cd48=www.kiro7.com&cd149=coronavirus%2Ccybercrime%2Cfraud%2Cgovernment-waste%2Cjesses-story-of-the-day%2CJesseJones&z=1483855367 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-69447481-1&cid=610470161.1596465456&jid=1285928932&_gid=80899536.1596465456&gjid=224369891&_v=j83&z=1483855367 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-69447481-1&cid=610470161.1596465456&jid=1285928932&_v=j83&z=1483855367 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-69447481-1&cid=610470161.1596465456&jid=1285928932&_v=j83&z=1483855367&slf_rd=1&random=2255951226

Request Chain 86

https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=pm-db5_rbd_an-db5 HTTP 302
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=pm-db5_rbd_an-db5&dcc=t

Request Chain 89

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/767680447/?random=987652613&cv=9&fst=*&num=1&value=0&label=c_PNCPmS2poBEL-_h-4C&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7m1&sendb=1&ig=1&frm=0&url=https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/&tiba=How%20hackers%20are%20stealing%20hundreds%20of%20millions%20of%20dollars%20from%20Washington%E2%80%99s%20unemployment%20system&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=MCEoX4LtJdGalQfWlqugBA&sscte=1&crd=&eitems=ChAI8Oue-QUQlaPnocD-3-lYEh0ADOG3zleu-w-zVzbJYJ8gAodF1qw6ZK3LpHO9bQ HTTP 302
https://www.google.com/pagead/1p-conversion/767680447/?random=987652613&cv=9&fst=*&num=1&value=0&label=c_PNCPmS2poBEL-_h-4C&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7m1&sendb=1&ig=1&frm=0&url=https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/&tiba=How%20hackers%20are%20stealing%20hundreds%20of%20millions%20of%20dollars%20from%20Washington%E2%80%99s%20unemployment%20system&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=MCEoX4LtJdGalQfWlqugBA&cid=CAQSKQCNIrLMkaRvaswe6KARpRNLdmsxTbFsC6Ajuke-8oWSQlSCJBUx-swr&eitems=ChAI8Oue-QUQlaPnocD-3-lYEh0ADOG3zsI-Rn88TNninvvptl2My5IaxayFJf5lIQ&random=3666479488&resp=GooglemKTybQhCsO HTTP 302
https://www.google.de/pagead/1p-conversion/767680447/?random=987652613&cv=9&fst=*&num=1&value=0&label=c_PNCPmS2poBEL-_h-4C&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7m1&sendb=1&ig=1&frm=0&url=https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/&tiba=How%20hackers%20are%20stealing%20hundreds%20of%20millions%20of%20dollars%20from%20Washington%E2%80%99s%20unemployment%20system&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=MCEoX4LtJdGalQfWlqugBA&cid=CAQSKQCNIrLMkaRvaswe6KARpRNLdmsxTbFsC6Ajuke-8oWSQlSCJBUx-swr&eitems=ChAI8Oue-QUQlaPnocD-3-lYEh0ADOG3zsI-Rn88TNninvvptl2My5IaxayFJf5lIQ&random=3666479488&resp=GooglemKTybQhCsO&ipr=y

Request Chain 167

https://sb.scorecardresearch.com/b?c1=7&c2=13739933&c3=20121515121&ns__t=1596465464389&ns_c=UTF-8&cv=3.5&c8=How%20hackers%20are%20stealing%20hundreds%20of%20millions%20of%20dollars%20from%20Washington%E2%80%99s%20unemployment%20system&c7=https%3A%2F%2Fwww.kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1596465464389&ns_c=UTF-8&cv=3.5&c8=How%20hackers%20are%20stealing%20hundreds%20of%20millions%20of%20dollars%20from%20Washington%E2%80%99s%20unemployment%20system&c7=https%3A%2F%2Fwww.kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F&c9=&cs_ak_ss=1

Request Chain 177

https://twcimaxweb.112.2o7.net/b/ss/twcimaxweb/1?pageName=www.kiro7.com&v3=138459890&events=event1 HTTP 302
https://twcimaxweb.112.2o7.net/b/ss/twcimaxweb/1?AQB=1&pccr=true&pageName=www.kiro7.com&v3=138459890&events=event1&AQE=1

181 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Redirect Chain

http://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

106 KB
21 KB

1086ms
768ms

Document
text/html

2.16.187.65
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.187.65 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a2-16-187-65.deploy.static.akamaitechnologies.com

Software

openresty /

Resource Hash

66832b39317001dc90abc0da65a9950475b0d3f2d31a2597c1482fae609c08ef

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

:method: GET
:authority: www.kiro7.com
:scheme: https
:path: /jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
content-type: text/html;charset=UTF-8
server: openresty
pb-rid: rF4EmW1Kh2SsUr
pb-pid: kiro-article
arc-version: __default__
x-akamai-transformed: 9 - 0 pmb=mRUM,2
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=60
expires: Mon, 03 Aug 2020 14:38:35 GMT
date: Mon, 03 Aug 2020 14:37:35 GMT
content-length: 20449
set-cookie: AKA_A2=A; expires=Mon, 03-Aug-2020 15:37:35 GMT; path=/; domain=kiro7.com; secure; HttpOnly
server-timing: cdn-cache; desc=REVALIDATE edge; dur=36 origin; dur=611
link: <https://use.fontawesome.com/releases/v5.2.0/webfonts/fa-brands-400.woff2>;rel="preload";as="font";type="font/woff2";crossorigin,<https://use.fontawesome.com/releases/v5.2.0/webfonts/fa-solid-900.woff2>;rel="preload";as="font";type="font/woff2";crossorigin,<https://use.fontawesome.com/releases/v5.2.0/webfonts/fa-regular-400.woff2>;rel="preload";as="font";type="font/woff2";crossorigin <https://www.googletagmanager.com>;rel="preconnect",<https://c.amazon-adsystem.com>;rel="preconnect",<https://widgets.media.weather.com>;rel="preconnect",<https://membercenter-sdk.cmg.com>;rel="preconnect",<https://static.chartbeat.com>;rel="preconnect",<https://www.lightboxcdn.com>;rel="preconnect",<https://cdn.taboola.com>;rel="preconnect",<https://s.ntv.io>;rel="preconnect"
content-security-policy: upgrade-insecure-requests

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Cache-Control: max-age=0
Expires: Mon, 03 Aug 2020 14:37:34 GMT
Date: Mon, 03 Aug 2020 14:37:34 GMT
Connection: keep-alive
Server-Timing: cdn-cache; desc=HIT edge; dur=1
Content-Security-Policy: upgrade-insecure-requests

GET
H2 200 fa-brands-400.woff2
use.fontawesome.com/releases/v5.2.0/webfonts/ 63 KB
63 KB 104ms
47ms Font
font/woff2 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.2.0/webfonts/fa-brands-400.woff2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 4d0130d314f1669c9ea5a911d401d6250f96386a52b0c38f7b3fb43cdcd10589

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Origin: https://www.kiro7.com

Response headers

date: Mon, 03 Aug 2020 14:37:35 GMT
last-modified: Mon, 23 Jul 2018 17:07:09 GMT
server: NetDNA-cache/2.2
status: 200
etag: "6814d0e8136d34e313623eb7129d538e"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT
accept-ranges: bytes
content-length: 64144

GET
H2 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.2.0/webfonts/ 61 KB
61 KB 131ms
73ms Font
font/woff2 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.2.0/webfonts/fa-solid-900.woff2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 5c7df99df232586111917083a85aa31b82ee29e48ca2990e13fae0c0663a923f

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Origin: https://www.kiro7.com

Response headers

date: Mon, 03 Aug 2020 14:37:35 GMT
last-modified: Mon, 23 Jul 2018 17:07:14 GMT
server: NetDNA-cache/2.2
status: 200
etag: "b75b4bfe0d58faeced5006c785eaae23"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT
accept-ranges: bytes
content-length: 62472

GET
H2 200 fa-regular-400.woff2
use.fontawesome.com/releases/v5.2.0/webfonts/ 15 KB
15 KB 127ms
70ms Font
font/woff2 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.2.0/webfonts/fa-regular-400.woff2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 0ecd9f5bb492be71e3aacc8ca4f170c8f9890242a25e2c6ec9a42f13561b028f

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Origin: https://www.kiro7.com

Response headers

date: Mon, 03 Aug 2020 14:37:35 GMT
last-modified: Mon, 23 Jul 2018 17:07:12 GMT
server: NetDNA-cache/2.2
status: 200
etag: "8d9ab84bfe87a3f77112a6698cf639fb"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT
accept-ranges: bytes
content-length: 14888

GET
H2 200 all.css
use.fontawesome.com/releases/v5.2.0/css/ 46 KB
12 KB 75ms
26ms Stylesheet
text/css 23.111.9.35
HIGHWINDS2

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.2.0/css/all.css
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software: NetDNA-cache/2.2 /
Resource Hash: 8891a160f8a2afb81de5259f9f68e5af3782348ea2927ad9e969bc88c7d39984

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Origin: https://www.kiro7.com

Response headers

date: Mon, 03 Aug 2020 14:37:35 GMT
content-encoding: gzip
last-modified: Mon, 23 Jul 2018 17:06:58 GMT
server: NetDNA-cache/2.2
status: 200
etag: W/"20a9ce516eaea76da29a23adc43e8998"
vary: Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=31556926
x-cache: HIT

GET
H2 200 css
fonts.googleapis.com/ 14 KB
1 KB 17ms
12ms Stylesheet
text/css 2a00:1450:4001:81e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,400i,500,500i,700,700i

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fabbb74833cdd9063a2219ddd3240bb4f71a499e8838ec1d90e396548afc9d56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 03 Aug 2020 14:34:46 GMT
server: ESF
date: Mon, 03 Aug 2020 14:37:35 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 03 Aug 2020 14:37:35 GMT

GET
H2 200 cmg-framework0b08a005255398cce0d2.css
www.kiro7.com/pb/resources/dist/0b08a005255398cce0d2/cmg/ 32 KB
7 KB 3ms
0ms Stylesheet
text/css 2.16.187.65
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kiro7.com/pb/resources/dist/0b08a005255398cce0d2/cmg/cmg-framework0b08a005255398cce0d2.css?v=95

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.187.65 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a2-16-187-65.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

e212e3161632a4224e3e49b5af5d23622235d08db416499aa4c24aa2c83a9ca8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, upgrade-insecure-requests

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests, upgrade-insecure-requests
content-encoding: br
etag: "ba32167271cdd7a75ece23cd323645dd"
x-akamai-ro-tunnel-origin-edge-control: max-age=365d, downstream-ttl=365d
status: 200
server-timing: cdn-cache; desc=HIT, edge; dur=1
x-amz-request-id: 9E329CE787D57ED5
x-amz-id-2: sqo9XJab+9SPHfct1cyEa64Fii81EfkV2oPzICarC9aL/BcmPKDrMfobI66X0/N/pPbI/HwT8yM=
accept-ranges: bytes
x-akamai-http2-push: 1
arc-version: 95
last-modified: Tue, 21 Jul 2020 20:49:13 GMT
server: Akamai Resource Optimizer
date: Mon, 03 Aug 2020 14:37:34 GMT
vary: Accept-Encoding
x-amz-version-id: yzHmsAdpfv1z1xUKz7cgSpcHGs12qbfs
access-control-allow-origin: *
cache-control: max-age=31536000
content-length: 6086
content-type: text/css; charset=utf-8
expires: Tue, 03 Aug 2021 14:37:34 GMT

GET
H2 200 cmg-features0b08a005255398cce0d2.css
www.kiro7.com/pb/resources/dist/0b08a005255398cce0d2/cmg/ 35 KB
5 KB 3ms
0ms Stylesheet
text/css 2.16.187.65
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kiro7.com/pb/resources/dist/0b08a005255398cce0d2/cmg/cmg-features0b08a005255398cce0d2.css?v=95

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.187.65 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a2-16-187-65.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

680168566ee9750e5db2b29af40845da0bf6ae8a6647f71f2feaa85948b6499d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, upgrade-insecure-requests

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests, upgrade-insecure-requests
content-encoding: br
etag: "5503d7fbb19c29fb8994d8644b693d60"
x-akamai-ro-tunnel-origin-edge-control: max-age=365d, downstream-ttl=365d
status: 200
server-timing: cdn-cache; desc=HIT, edge; dur=9
x-amz-request-id: 38032BC44E9B7E92
x-amz-id-2: C8Rw7HAymAI5AmbfE6ScgTfxZTE/uZeobJW3BOYDW0Zbn/k6rQ+ZK2QKvQVJpL6GYIIR5hPc/GY=
accept-ranges: bytes
x-akamai-http2-push: 1
arc-version: 95
last-modified: Tue, 21 Jul 2020 20:18:51 GMT
server: Akamai Resource Optimizer
date: Mon, 03 Aug 2020 14:37:34 GMT
vary: Accept-Encoding
x-amz-version-id: msjWCi19VtaJKIQbimxUXkEWXHx5XOOX
access-control-allow-origin: *
cache-control: max-age=31536000
content-length: 4698
content-type: text/css; charset=utf-8
expires: Tue, 03 Aug 2021 14:37:34 GMT

GET
H2 200 cmg-services0b08a005255398cce0d2.css
www.kiro7.com/pb/resources/dist/0b08a005255398cce0d2/cmg/ 0
500 B 4ms
0ms Stylesheet
text/css 2.16.187.65
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kiro7.com/pb/resources/dist/0b08a005255398cce0d2/cmg/cmg-services0b08a005255398cce0d2.css?v=95

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.187.65 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a2-16-187-65.deploy.static.akamaitechnologies.com

Software

openresty /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, upgrade-insecure-requests

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: iCE1gr9HaYWV49S6h2B.YhExj.D1.Wc1
etag: "d41d8cd98f00b204e9800998ecf8427e"
x-amz-request-id: 6CC6F4E5A39735A2
status: 200
date: Mon, 03 Aug 2020 14:37:34 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=13
content-length: 0
x-amz-id-2: u6GLHQbIYhz0pVGwr7FyrM8LHwHXsqeED7hwhp5/tiWqksw4qmo12Nl38e1cU//4tuWuckMSSUA=
x-akamai-http2-push: 1
arc-version: 95
last-modified: Fri, 17 Jul 2020 21:11:52 GMT
server: openresty
x-edgeconnect-cache-status: 0
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
content-security-policy: upgrade-insecure-requests, upgrade-insecure-requests
accept-ranges: bytes
expires: Tue, 03 Aug 2021 14:37:34 GMT

GET
H2 200 main.min.js Show response
membercenter-sdk.cmg.com/sdk/ 3 MB
476 KB 82ms
12ms Script
application/javascript 2600:9000:214f:1000:a:588b:e680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://membercenter-sdk.cmg.com/sdk/main.min.js
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:1000:a:588b:e680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cbdd20706135f61957fc52135a64586fa2a836d06f9fbba78f973c7ba96b5fba

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 14:37:33 GMT
content-encoding: gzip
last-modified: Thu, 23 Jul 2020 18:50:46 GMT
server: AmazonS3
age: 3
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: louz_1DUpYRH3cvd27Bwh17yjcGkZItQcfl0jx4cJ0dQuQ3YjM9Ydw==
via: 1.1 80d90c7955dda88e3912960ead8e99d6.cloudfront.net (CloudFront)

GET
H2 200 js-cookie-2.2.1.min.js Show response
www.kiro7.com/pb/resources/scripts/ 2 KB
1 KB 4ms
0ms Script
application/javascript 2.16.187.65
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kiro7.com/pb/resources/scripts/js-cookie-2.2.1.min.js

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.187.65 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a2-16-187-65.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

15222558c59d8869576c6579a2b115258dc1a73efbdd38eafddd044a92756768

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, upgrade-insecure-requests

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests, upgrade-insecure-requests
content-encoding: br
etag: "bdb32"
x-akamai-ro-tunnel-origin-edge-control: max-age=365d, downstream-ttl=365d
status: 200
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 965
x-akamai-http2-push: 1
arc-version: __default__
last-modified: Thu, 09 Jul 2020 17:25:11 GMT
server: Akamai Resource Optimizer
date: Mon, 03 Aug 2020 14:37:34 GMT
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Tue, 03 Aug 2021 14:37:34 GMT

GET
H2 200 prebid2.41.0.js Show response
www.kiro7.com/pb/resources/scripts/ 170 KB
47 KB 43ms
42ms Script
application/javascript 2.16.187.65
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kiro7.com/pb/resources/scripts/prebid2.41.0.js

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.187.65 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a2-16-187-65.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

fa44b74a77714d909c063e148f48d8c6ee818985a299dd9b408d40a50c209bab

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, upgrade-insecure-requests

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests, upgrade-insecure-requests
content-encoding: br
etag: "ea0ae"
x-akamai-ro-tunnel-origin-edge-control: max-age=365d, downstream-ttl=365d
status: 200
server-timing: cdn-cache; desc=HIT, edge; dur=6
content-length: 47271
arc-version: __default__
last-modified: Wed, 08 Jul 2020 22:39:49 GMT
server: Akamai Resource Optimizer
date: Mon, 03 Aug 2020 14:37:35 GMT
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Tue, 03 Aug 2021 14:37:35 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 102 KB
26 KB 46ms
41ms Script
application/javascript 99.86.0.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.86.0.120 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-0-120.fra6.r.cloudfront.net
Software: Server /
Resource Hash: 7301462cb27dcb0cf467822211f6cdd478be091ed9d776b29f426ce78c4a414f

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 14:31:09 GMT
content-encoding: gzip
server: Server
age: 386
etag: b586b236f6b3db3c4ca9410451195336
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
cache-control: public, max-age=900
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: ilp1ABsVUX9WSa7Pc-klqia2c8wUZzCTNmq8mDMs7_LLrrQsE3BHnA==
via: 1.1 87b272b7d9b97f38da15c91c833c3292.cloudfront.net (CloudFront)

GET
H2 200 84612eb819.js Show response
www.kiro7.com/pb/gr/c/default/rF4EmW1Kh2SsUr/arcAdsJS/ 13 KB
4 KB 4ms
0ms Script
application/javascript 2.16.187.65
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kiro7.com/pb/gr/c/default/rF4EmW1Kh2SsUr/arcAdsJS/84612eb819.js?v=95

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.187.65 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a2-16-187-65.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

68632f1c4edadde25df7c227f597bc41ec7c9a019cc6e0196d7060907e10b298

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, upgrade-insecure-requests

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests, upgrade-insecure-requests
content-encoding: br
etag: "d8dc7"
x-akamai-ro-tunnel-origin-edge-control: max-age=365d, downstream-ttl=365d
status: 200
server-timing: cdn-cache; desc=HIT, edge; dur=21
content-length: 3907
x-akamai-http2-push: 1
arc-version: 95
last-modified: Tue, 21 Jul 2020 20:36:56 GMT
server: Akamai Resource Optimizer
date: Mon, 03 Aug 2020 14:37:34 GMT
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Tue, 03 Aug 2021 14:37:34 GMT

GET
H/1.1 200
OK load.js Show response
s.ntv.io/serve/ 327 KB
96 KB 132ms
56ms Script
application/x-javascript 23.210.250.13
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ntv.io/serve/load.js
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.250.13 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-13.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 64174c77b5a80870cf978e69f024e86c45f235a3f59c7041010074031b9fe2fb

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 03 Aug 2020 14:37:35 GMT
Content-Encoding: gzip
x-amz-request-id: B63996ABC76C38B7
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
x-amz-id-2: D2IDsa9Cf//vX76/gCPoLxMoj4dJ1NmIf+3PWeHf9g+le2Z0kukBig5TvWOooqBJEbfCWBazI4E=
Last-Modified: Thu, 30 Jul 2020 00:22:46 GMT
Server: AmazonS3
ETag: "089c54e1b3f2bf79c74b9194c7697ea2"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2 200 DF7LUBGFVANPTYKOOV6SRGBSCM.jpg
www.kiro7.com/resizer/NylGT7CnIOla-jl-r_LpdKgx2OI=/1200x675/cloudfront-us-east-1.images.arcpublishing.com/cmg/ 44 KB
44 KB 41ms
41ms Image
image/webp 2.16.187.65
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.kiro7.com/resizer/NylGT7CnIOla-jl-r_LpdKgx2OI=/1200x675/cloudfront-us-east-1.images.arcpublishing.com/cmg/DF7LUBGFVANPTYKOOV6SRGBSCM.jpg

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.187.65 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a2-16-187-65.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

a489da137c52471d00bcf24ce4d6ac81e6798419f0ac07f4828244498942f6cd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 14:37:35 GMT
last-modified: Thu, 30 Jul 2020 13:17:00 GMT
server: Akamai Image Manager
etag: "c13db246989ffae6ef261bf8f6001a7bcb14283f"
content-type: image/webp
status: 200
cache-control: private, no-transform, max-age=31185688
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 45156
expires: Fri, 30 Jul 2021 13:19:03 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 172 KB
49 KB 32ms
25ms Script
application/javascript 2a00:1450:4001:816::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WJW4B46

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

921dc7697fdde21fbeb8b1d305a491f670af0883df8d8fb10f76dd151f1e195a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 14:37:35 GMT
content-encoding: br
vary: Accept-Encoding
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50222
x-xss-protection: 0
last-modified: Mon, 03 Aug 2020 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 03 Aug 2020 14:37:35 GMT

GET
H2 200 t_30717ad00af8486ab9eced543edbc59e_name_89277ADC947446488B8785EECC703855.jpg
www.kiro7.com/resizer/QjLmAbzymJxbntrtgzvHqMPeZP0=/0x10/d1hfln2sfez66z.cloudfront.net/08-03-2020/ 226 B
548 B 51ms
45ms Image
image/webp 2.16.187.65
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.kiro7.com/resizer/QjLmAbzymJxbntrtgzvHqMPeZP0=/0x10/d1hfln2sfez66z.cloudfront.net/08-03-2020/t_30717ad00af8486ab9eced543edbc59e_name_89277ADC947446488B8785EECC703855.jpg

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.187.65 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a2-16-187-65.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

2cdc0eccfb048983df117662b71b766038f80c63d48594277595cbc3052e0872

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 14:37:36 GMT
x-check-cacheable: YES
server: Akamai Image Manager
etag: "d7c256ffbf4c3b230eadbba6ec1b41b298e28779"
x-serial: 339
content-type: image/webp
status: 200
cache-control: private, no-transform, max-age=31535950
last-modified: Mon, 03 Aug 2020 14:36:17 GMT
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 226
expires: Tue, 03 Aug 2021 14:36:46 GMT

GET
H2 200 t_33e405222b9c431fbc416a6496c9da6e_name_FA75DADE2CE840989C9ED51EBB7F7793.jpg
www.kiro7.com/resizer/sx647ocqlBQjJLmiYHLyc0KGX-Y=/0x10/d1hfln2sfez66z.cloudfront.net/08-03-2020/ 262 B
554 B 63ms
57ms Image
image/webp 2.16.187.65
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.kiro7.com/resizer/sx647ocqlBQjJLmiYHLyc0KGX-Y=/0x10/d1hfln2sfez66z.cloudfront.net/08-03-2020/t_33e405222b9c431fbc416a6496c9da6e_name_FA75DADE2CE840989C9ED51EBB7F7793.jpg

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.187.65 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a2-16-187-65.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

c8f3edd64e567835915eadd8fd2dc788e95ca891f64bb424b7a3083801da3581

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 14:37:36 GMT
last-modified: Mon, 03 Aug 2020 13:54:53 GMT
server: Akamai Image Manager
etag: "ff669bee25e0987c1254604aac03f4cc69e0431c"
content-type: image/webp
status: 200
cache-control: private, no-transform, max-age=31533528
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 262
expires: Tue, 03 Aug 2021 13:56:24 GMT

GET
H2 200 t_1eb2b99fad9645d0aca70e20b2263410_name_A1424FDC1D2F4499BD8D03B11FFE2667.jpg
www.kiro7.com/resizer/MBJou1CZ5ucqQe7xxEeH6sv4tFE=/0x10/d1hfln2sfez66z.cloudfront.net/08-03-2020/ 304 B
627 B 72ms
66ms Image
image/webp 2.16.187.65
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.kiro7.com/resizer/MBJou1CZ5ucqQe7xxEeH6sv4tFE=/0x10/d1hfln2sfez66z.cloudfront.net/08-03-2020/t_1eb2b99fad9645d0aca70e20b2263410_name_A1424FDC1D2F4499BD8D03B11FFE2667.jpg

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.187.65 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a2-16-187-65.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

9f0f1d8b888e34f5853026208521d033a64867c561c837c113e6289a2bb0b5ad

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 14:37:36 GMT
x-check-cacheable: YES
server: Akamai Image Manager
etag: "99288903a135d95d2b88e2493147216eb67300c1"
x-serial: 988
content-type: image/webp
status: 200
cache-control: private, no-transform, max-age=31534349
last-modified: Mon, 03 Aug 2020 14:08:31 GMT
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 304
expires: Tue, 03 Aug 2021 14:10:05 GMT

GET
H2 200 t_a8919f939c8945ec9f920f7222e3cfe8_name_2B76FEE19684404E8EE15AC1A5165C05.jpg
www.kiro7.com/resizer/HE6nNxgPTcoM4Tu6dN_8-nMewck=/0x10/d1hfln2sfez66z.cloudfront.net/08-03-2020/ 254 B
546 B 84ms
78ms Image
image/webp 2.16.187.65
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.kiro7.com/resizer/HE6nNxgPTcoM4Tu6dN_8-nMewck=/0x10/d1hfln2sfez66z.cloudfront.net/08-03-2020/t_a8919f939c8945ec9f920f7222e3cfe8_name_2B76FEE19684404E8EE15AC1A5165C05.jpg

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.187.65 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a2-16-187-65.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

a8e2048e0f1fc3b956d7685ba714e75cdbc52886dbd69d0e2d272668ffa918c8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 14:37:36 GMT
last-modified: Mon, 03 Aug 2020 12:01:31 GMT
server: Akamai Image Manager
etag: "6d5a048010d3d600be6a20dfa5dc96c85f661ba1"
content-type: image/webp
status: 200
cache-control: private, no-transform, max-age=31526610
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 254
expires: Tue, 03 Aug 2021 12:01:06 GMT

GET
H2 200 t_29e8288f50ca4bd98c373aac1baf54cd_name_D021CBBC8954484186A7C9FFD15C0CB7.jpg
www.kiro7.com/resizer/jmX1JmsGCmk_bS5Zg5xaZ2zoW88=/0x10/d1hfln2sfez66z.cloudfront.net/08-03-2020/ 142 B
434 B 94ms
89ms Image
image/webp 2.16.187.65
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.kiro7.com/resizer/jmX1JmsGCmk_bS5Zg5xaZ2zoW88=/0x10/d1hfln2sfez66z.cloudfront.net/08-03-2020/t_29e8288f50ca4bd98c373aac1baf54cd_name_D021CBBC8954484186A7C9FFD15C0CB7.jpg

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.187.65 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a2-16-187-65.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

d0aec1b0c7e65096d212a9054ed81197dfb701f3ffb429e0a2dd0e8cca109476

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 14:37:36 GMT
last-modified: Mon, 03 Aug 2020 12:11:31 GMT
server: Akamai Image Manager
etag: "d66bd53f7fb2acdcab2a314ca8b614fc0524cdfd"
content-type: image/webp
status: 200
cache-control: private, no-transform, max-age=31527154
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 142
expires: Tue, 03 Aug 2021 12:10:10 GMT

GET
H2 200 outbrain.js Show response
widgets.outbrain.com/ 140 KB
47 KB 103ms
30ms Script
application/x-javascript 23.210.250.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/outbrain.js
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.250.44 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-44.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: b7c75ced414597a228d7dcb267cc769ce75fed381b3b6eda6b6397eec4052f13

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 14:37:36 GMT
content-encoding: gzip
last-modified: Thu, 30 Jul 2020 11:49:39 GMT
status: 200
etag: W/"231e2-929MIpk5DXzowNgBR+1d0WJIa4c"
vary: Accept-Encoding
edge-cache-tag: widget-cheetah
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
timing-allow-origin: *
content-length: 47978
expires: Mon, 03 Aug 2020 18:37:36 GMT

GET
H2 200 wxwidget.loader.js Show response
widgets.media.weather.com/ 480 KB
115 KB 38ms
6ms Script
text/javascript 2a02:26f0:6c00:185::3282
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets.media.weather.com/wxwidget.loader.js?cid=138459890

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

2a02:26f0:6c00:185::3282 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

nginx/1.16.1 / Express

Resource Hash

678411243c99862b378011c1c8ce74be91ccf15481b2eb8d7596d88a7439a67f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
etag: W/"781b9-UhHZMltauYQzxZEqvWoggWokm/c"
server: nginx/1.16.1
status: 200
x-powered-by: Express
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=54218
date: Mon, 03 Aug 2020 14:37:36 GMT
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 116774
expires: Tue, 04 Aug 2020 05:41:14 GMT

GET
H2 200 render.js Show response
www.kiro7.com/pb/gr/p/default/rF4EmW1Kh2SsUr/ 5 KB
1 KB 112ms
107ms Script
application/javascript 2.16.187.65
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kiro7.com/pb/gr/p/default/rF4EmW1Kh2SsUr/render.js?v=95

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.187.65 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a2-16-187-65.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

0e6dfa442177b789845d0ccd6d0ee0123d1cd971aec7da66f9ee0baef2bfd953

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, upgrade-insecure-requests

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests, upgrade-insecure-requests
content-encoding: br
etag: "3523a"
x-akamai-ro-tunnel-origin-edge-control: max-age=365d, downstream-ttl=365d
status: 200
server-timing: cdn-cache; desc=HIT, edge; dur=10
content-length: 1048
arc-version: 95
last-modified: Tue, 21 Jul 2020 20:13:11 GMT
server: Akamai Resource Optimizer
date: Mon, 03 Aug 2020 14:37:36 GMT
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Tue, 03 Aug 2021 14:37:36 GMT

GET
H2 200 cmg-index0b08a005255398cce0d2.js Show response
www.kiro7.com/pb/resources/dist/0b08a005255398cce0d2/cmg/ 379 KB
77 KB 119ms
114ms Script
application/javascript 2.16.187.65
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kiro7.com/pb/resources/dist/0b08a005255398cce0d2/cmg/cmg-index0b08a005255398cce0d2.js

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.187.65 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a2-16-187-65.deploy.static.akamaitechnologies.com

Software

Akamai Resource Optimizer /

Resource Hash

36ad80a8bbf3902b110f7c30e7f1573bf449fb2cf7bbf9bbada7e6c93662a833

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, upgrade-insecure-requests

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests, upgrade-insecure-requests
content-encoding: br
etag: "26525"
x-akamai-ro-tunnel-origin-edge-control: max-age=365d, downstream-ttl=365d
status: 200
server-timing: cdn-cache; desc=HIT, edge; dur=10
content-length: 78502
arc-version: __default__
last-modified: Tue, 21 Jul 2020 20:23:44 GMT
server: Akamai Resource Optimizer
date: Mon, 03 Aug 2020 14:37:36 GMT
vary: Accept-Encoding
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Tue, 03 Aug 2021 14:37:36 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 26ms
26ms XHR
application/javascript 99.86.0.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.86.0.120 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-0-120.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 08:01:29 GMT
content-encoding: gzip
vary: Origin
age: 23767
x-cache: Hit from cloudfront
status: 200
access-control-allow-origin: *
last-modified: Tue, 23 Jun 2020 10:10:39 GMT
server: AmazonS3
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 6e432daa93321d42e8840614082fcdc3.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: iePF4BCV_kBtj5H5PFOhXGyVqsz6XYGxZ6csZ7tLVuaqnOk3DOHcrg==

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 48 KB
17 KB 44ms
18ms Script
text/javascript 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/pb/gr/c/default/rF4EmW1Kh2SsUr/arcAdsJS/84612eb819.js?v=95

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cedb397b90b34513144fdc38df337ca77ed53c128544b4df435d455eb9c6d9d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 14:37:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "590 / 38 of 1000 / last-modified: 1596463657"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=43200
timing-allow-origin: *
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 16633
x-xss-protection: 0
expires: Mon, 03 Aug 2020 14:37:36 GMT

GET
H2 200 t Show response
jadserve.postrelease.com/ 1 KB
1 KB 1162ms
267ms Script
text/javascript 54.183.239.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fwww.kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F&ntv_mvi
Requested by: Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.183.239.235 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-183-239-235.us-west-1.compute.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: ec0bb06f6ba18c932ed710f0bcd823c25c101580538df3f5bc05a30c177fa8d9

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Aug 2020 14:37:37 GMT
content-encoding: gzip
server: nginx/1.12.1
status: 200
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: text/javascript;charset=UTF-8
content-length: 702
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/cox-network/ 500 KB
55 KB 1085ms
28ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/cox-network/loader.js
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f43bf3f9d15653a837639962962c05a36830d8bd86623815eac3da29c7bcc135

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: j7Rxc4o7gjgHoy6vw9GmLakYSUmT5fpj
content-encoding: gzip
etag: "af7446d3a6060eff4e48170bb2efd084"
age: 11318
x-cache: HIT
status: 200
content-length: 55883
x-amz-id-2: lU99E8sVVldNeZv5j+Fsq4BeoxTwAwsx6tL9NstLDhqs+OH5Lp1TrZQsdt8ttRjiUuGGHg6dens=
x-served-by: cache-fra19134-FRA
last-modified: Mon, 03 Aug 2020 11:27:58 GMT
server: AmazonS3
x-timer: S1596465457.047125,VS0,VE1
date: Mon, 03 Aug 2020 14:37:37 GMT
vary: Accept-Encoding
x-amz-request-id: BC2D3B474813E12E
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 84
x-cache-hits: 1

GET
H2 200 2ARQK-4FEY5-2C44D-9TAQS-ZHZL7 Show response
s.go-mpulse.net/boomerang/ Frame 4D47 202 KB
51 KB 36ms
7ms Script
application/javascript 2a02:26f0:6c00:19a::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.go-mpulse.net/boomerang/2ARQK-4FEY5-2C44D-9TAQS-ZHZL7
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:19a::11a6 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: 95a439c4e11ace2484e8d42c30ff56cf7db5ea7c6463df9ce2fdafa7f6ccbf54

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 14:37:36 GMT
content-encoding: br
last-modified: Mon, 15 Jun 2020 22:23:49 GMT
x-n: S
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
status: 200
cache-control: max-age=604800
timing-allow-origin: *
content-length: 51580

GET
H2 200 kiro-logo.png
www.kiro7.com/pb/resources/images/cmg_icons/ 4 KB
4 KB 134ms
130ms Image
image/webp 2.16.187.65
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.kiro7.com/pb/resources/images/cmg_icons/kiro-logo.png?v=95

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.187.65 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a2-16-187-65.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

b67b0f1771650f302642d45e7f9aacc8f93ad163d316b43dd98721193102f300

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 14:37:36 GMT
last-modified: Tue, 21 Jul 2020 20:12:30 GMT
server: Akamai Image Manager
etag: "6dffb9465cdfff128f115becd11a3113"
status: 200
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=30432902
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=HIT, edge; dur=2
content-length: 4100
expires: Wed, 21 Jul 2021 20:12:38 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:400,400i,500,500i,700,700i
Origin: https://www.kiro7.com

Response headers

date: Wed, 29 Jul 2020 23:10:45 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:50 GMT
server: sffe
age: 401210
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11016
x-xss-protection: 0
expires: Thu, 29 Jul 2021 23:10:45 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:400,400i,500,500i,700,700i
Origin: https://www.kiro7.com

Response headers

date: Wed, 29 Jul 2020 22:18:12 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:58 GMT
server: sffe
age: 404363
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11020
x-xss-protection: 0
expires: Thu, 29 Jul 2021 22:18:12 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v20/ 11 KB
11 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto:400,400i,500,500i,700,700i
Origin: https://www.kiro7.com

Response headers

date: Thu, 09 Jul 2020 02:32:55 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:48 GMT
server: sffe
age: 2203480
status: 200
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11056
x-xss-protection: 0
expires: Fri, 09 Jul 2021 02:32:55 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
168 B 17ms
15ms Script
application/javascript 2a00:1450:4001:81b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.kiro7.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 03 Aug 2020 14:37:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
168 B 16ms
14ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.kiro7.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 03 Aug 2020 14:37:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 104
x-xss-protection: 0

GET
H2 200 pubads_impl_2020072701.js Show response
securepubads.g.doubleclick.net/gpt/ 254 KB
90 KB 35ms
33ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072701.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

sffe /

Resource Hash

edf6ab3553d76573e5d5939c0c4a3ada737c98ee962379b25cbf23c96f17d732

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 14:37:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 27 Jul 2020 13:08:11 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 91625
x-xss-protection: 0
expires: Mon, 03 Aug 2020 14:37:36 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 45 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJW4B46

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 04 Jun 2020 23:38:14 GMT
server: Golfe2
age: 235
date: Mon, 03 Aug 2020 14:33:41 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18469
expires: Mon, 03 Aug 2020 16:33:41 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 103 KB
22 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJW4B46

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

eecdf607f41793e61a58937f215d9b1192888fc67ba525b041b05f2b3ab9685f

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 22450
x-xss-protection: 0
pragma: public
x-fb-debug: DOHoyYVixM6vd6C1g1afi6/pIWvDMXQiWhukEuJLOGmUobsVyaoo9pKlpIiNBAe2IYjcx8pd49OwGd61JwEOzw==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Mon, 03 Aug 2020 14:37:36 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 29 KB
11 KB 41ms
40ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJW4B46

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

6718a07fa13fa05273a15a3442277d187b1b712d9eccef98fba120ef9442e975

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 14:37:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 11328
x-xss-protection: 0
server: cafe
etag: 4229961699705442162
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 03 Aug 2020 14:37:36 GMT

GET
H2 200 chartbeat_video.js Show response
static.chartbeat.com/js/ 69 KB
23 KB 35ms
17ms Script
application/x-javascript 2600:9000:2057:7000:18:1fcd:34e:d2a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_video.js
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2057:7000:18:1fcd:34e:d2a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: ba607af2c8d414ab6d4bac90c526d90a939cb0adf507b6ba063265347479159d

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 12:58:14 GMT
content-encoding: gzip
last-modified: Fri, 24 Apr 2020 00:58:19 GMT
server: nginx
age: 5962
etag: W/"5ea239ab-11347"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=7200
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: Xo-3bQUZbJdZPD3QN9feU8fCA9MzsNfw9NxMrjBsvkay2y8BJpYrqg==
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
expires: Mon, 03 Aug 2020 14:58:14 GMT

GET
H2 200 chartbeat_mab.js Show response
static.chartbeat.com/js/ 19 KB
8 KB 35ms
18ms Script
application/x-javascript 2600:9000:2057:7000:18:1fcd:34e:d2a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_mab.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJW4B46
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2057:7000:18:1fcd:34e:d2a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: c1acfa727754dab58bedc79995a642e235c6fde6449824c4fba4318fc060c91c

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 13:01:56 GMT
content-encoding: gzip
last-modified: Wed, 14 Aug 2019 01:44:12 GMT
server: nginx
age: 5740
etag: W/"5d53676c-4a99"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=7200
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: Srca8S8ijLm-upaC_S82X8-K8i3-rskWrIZKWL2DQYd6_Ii7ma8aAQ==
via: 1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
expires: Mon, 03 Aug 2020 15:01:56 GMT

GET
H2 200 lightbox_cox.js Show response
www.lightboxcdn.com/static/ 1 KB
1 KB 68ms
19ms Script
text/javascript 2606:4700::6810:51a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/static/lightbox_cox.js
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:51a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e56ce6a9217ef5d350cbff4f936b54330265c12481627a604b20567e5fc7ca2e

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 03 Aug 2020 14:37:36 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: Aps0dZUf+zH8VCPP3Ccpcg==
age: 232927
cf-polished: origSize=1761
status: 200
last-modified: Fri, 08 May 2020 21:48:15 GMT
cf-request-id: 04565abcef000032601ea74200000001
x-ms-lease-status: unlocked
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
x-ms-request-id: 3a96601f-c01e-0012-0482-2561dd000000
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
cf-ray: 5bd0c70e4edb3260-FRA
expires: Tue, 03 Aug 2021 14:37:36 GMT

GET
H/1.1 200
OK c=E5NS_f=site_si=1407 Show response
pr.realvu.net/flip/2/ 24 KB
10 KB 719ms
119ms Script
application/javascript 52.45.140.238
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pr.realvu.net/flip/2/c=E5NS_f=site_si=1407
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJW4B46
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.140.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-140-238.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b8bd830f3757aa64431697b39faa92cda6bfb040be54c4337356f1eb179ab814

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 03 Aug 2020 14:37:36 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=21600
Connection: keep-alive
Content-Length: 9960
X-Proxy-Cache: BYPASS

GET
H/1.1

204
No Content

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=32816940&ns__t=1596465456314&ns_c=UTF-8&c8=How%20hackers%20are%20stealing%20hundreds%20of%20millions%20of%20dollars%20from%20Washington%E2%80%99s%20unempl...
https://sb.scorecardresearch.com/b2?c1=2&c2=32816940&ns__t=1596465456314&ns_c=UTF-8&c8=How%20hackers%20are%20stealing%20hundreds%20of%20millions%20of%20dollars%20from%20Washington%E2%80%99s%20unemp...

0
528 B

36ms
35ms

Image
text/plain

23.37.53.17
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=32816940&ns__t=1596465456314&ns_c=UTF-8&c8=How%20hackers%20are%20stealing%20hundreds%20of%20millions%20of%20dollars%20from%20Washington%E2%80%99s%20unemployment%20system&c7=https%3A%2F%2Fwww.kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F&c9=&cs_ak_ss=1
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.53.17 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-53-17.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 03 Aug 2020 14:37:36 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/b2?c1=2&c2=32816940&ns__t=1596465456314&ns_c=UTF-8&c8=How%20hackers%20are%20stealing%20hundreds%20of%20millions%20of%20dollars%20from%20Washington%E2%80%99s%20unemployment%20system&c7=https%3A%2F%2Fwww.kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F&c9=&cs_ak_ss=1
Pragma: no-cache
Date: Mon, 03 Aug 2020 14:37:36 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 put.html
widgets.outbrain.com/nanoWidget/externals/cookie/ Frame 7E59 0
0 35ms
31ms Document
text/html 23.210.250.44
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.250.44 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-250-44.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash

Request headers

:method: GET
:authority: widgets.outbrain.com
:scheme: https
:path: /nanoWidget/externals/cookie/put.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Response headers

status: 200
accept-ranges: bytes
content-type: text/html
etag: "c0311cf15c21ddda054005e92fad3f9e:1594808292.728446"
last-modified: Wed, 15 Jul 2020 08:19:29 GMT
server: AkamaiNetStorage
content-length: 416
cache-control: max-age=345600
date: Mon, 03 Aug 2020 14:37:36 GMT
timing-allow-origin: *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
set-cookie: akacd_widgets_routing=1596465456~rv=89~id=ccc428ed0a2ab35fcae5dc7cda226a87; path=/; Expires=Mon, 03 Aug 2020 14:37:36 GMT; Secure; SameSite=None

GET
H/1.1 200
OK d3d3Lmtpcm83LmNvbQ== Show response
tcheck.outbrainimg.com/tcheck/check/ 16 B
418 B 3117ms
30ms XHR
application/json 23.210.248.65
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tcheck.outbrainimg.com/tcheck/check/d3d3Lmtpcm83LmNvbQ==
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.210.248.65 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-248-65.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 03 Aug 2020 14:37:39 GMT
ETag: W/"10-us8lSJutAxKqLzf8c1+n5XstcwY"
Access-Control-Max-Age: 43200
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=8307
Access-Control-Allow-Credentials: false
Connection: keep-alive
Content-Length: 16
Expires: Mon, 03 Aug 2020 16:56:06 GMT

GET
H2 200 / Show response
member-center-api.cmg.com/api/v1/configs/ 71 KB
11 KB 532ms
532ms Fetch
application/json 2600:9000:214f:c400:16:b34:fdc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://member-center-api.cmg.com/api/v1/configs/?station=kiro-tv
Requested by: Host: membercenter-sdk.cmg.com
URL: https://membercenter-sdk.cmg.com/sdk/main.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:c400:16:b34:fdc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 558927ad5d1d06e0802f36ca4ab513a74d6cc3cf03187dc6ec163327f21c6919

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
x-api-key: Ac36ZEKNDB4pjb2SXGbsI8X2LuWyyJz347mAWfJk

Response headers

date: Mon, 03 Aug 2020 14:37:37 GMT
via: 1.1 2fcedcc055e24d7ac99fbc19ed8fc8ec.cloudfront.net (CloudFront), 1.1 f2db75b601dc30df73b1beb29596a375.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2, FRA53-C1
status: 200
x-amzn-requestid: 42636c0a-b4f1-46e4-98d9-239cef7f50c8
vary: Accept-Encoding
access-control-allow-methods: POST
content-type: application/json
access-control-allow-origin: *
cache-control: no-store
x-amzn-trace-id: Root=1-5f282131-cbe779a228a77252816ccd9c;Sampled=0
x-cache: Miss from cloudfront
content-encoding: gzip
x-amz-apigw-id: QsofsEAQIAMF9Pw=
x-amz-cf-id: M2CRbo02BLbN0rqgcKpDEfT5W_u-9wPQBWm3efBA_t9tqiNp43wgFA==

GET
H2 200 / Show response
www.kiro7.com/api/classic-collection/4WSAXOA2OFHE3LLQRTO3VKK7MQ/ 411 B
568 B 623ms
618ms XHR
application/json 2.16.187.65
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kiro7.com/api/classic-collection/4WSAXOA2OFHE3LLQRTO3VKK7MQ/?outputType=json&query=9&filter=0&source=%257B%2522schema%2522%253A%2522ans%2522%257D

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/pb/resources/dist/0b08a005255398cce0d2/cmg/cmg-index0b08a005255398cce0d2.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.187.65 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a2-16-187-65.deploy.static.akamaitechnologies.com

Software

openresty /

Resource Hash

37c950ed2fef062f761b7b2e4c8d4f230718b3824fe8b2be6cc714b83b55b01b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 14:37:37 GMT
content-encoding: gzip
server: openresty
etag: W/"19b-cRxGH0MseZt+l9qDzyd7Ibz/X4c"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
status: 200
cache-control: max-age=60
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=REVALIDATE, edge; dur=136, origin; dur=446
content-length: 265
expires: Mon, 03 Aug 2020 14:38:37 GMT

GET
H2 404 / Show response
www.kiro7.com/api/classic-collection/5KTBI4FNIZAZNAIF3DGUFOPYUI/ 9 B
254 B 96ms
93ms XHR
text/plain 2.16.187.65
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kiro7.com/api/classic-collection/5KTBI4FNIZAZNAIF3DGUFOPYUI/?outputType=json&query=9&filter=0&source=%257B%2522schema%2522%253A%2522ans%2522%257D

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/pb/resources/dist/0b08a005255398cce0d2/cmg/cmg-index0b08a005255398cce0d2.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.187.65 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a2-16-187-65.deploy.static.akamaitechnologies.com

Software

openresty /

Resource Hash

0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 14:37:36 GMT
server: openresty
etag: W/"9-0gXL1ngzMqISxa6S1zx3F4wtLyg"
content-type: text/plain; charset=utf-8
status: 404
cache-control: max-age=52
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=HIT, edge; dur=49
content-length: 9
expires: Mon, 03 Aug 2020 14:38:28 GMT

GET
H2 404 feature Show response
www.kiro7.com/pb/api/v2/render/ 71 B
313 B 106ms
103ms XHR
application/json 2.16.187.65
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kiro7.com/pb/api/v2/render/feature?name=weather-alerts-bar&uri=%2Fkiro-weather-alerts%2F&_website=kiro&contentConfig=%7B%7D&customFields=%7B%7D&wrapper=true

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/pb/resources/dist/0b08a005255398cce0d2/cmg/cmg-index0b08a005255398cce0d2.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.187.65 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a2-16-187-65.deploy.static.akamaitechnologies.com

Software

openresty /

Resource Hash

d701f1aeeca64b8b1deacc747a73af64c787d04fc83403663461e9c8cd045884

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 14:37:36 GMT
arc-version: __default__
server: openresty
status: 404
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=82
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=HIT, edge; dur=48
content-length: 71
expires: Mon, 03 Aug 2020 14:38:58 GMT

GET
H2 200 t_30717ad00af8486ab9eced543edbc59e_name_89277ADC947446488B8785EECC703855.jpg
www.kiro7.com/resizer/5ZmCIDr50PmiULwGLpdLSmmumoM=/1200x675/d1hfln2sfez66z.cloudfront.net/08-03-2020/ 56 KB
56 KB 552ms
550ms Image
image/webp 2.16.187.65
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.kiro7.com/resizer/5ZmCIDr50PmiULwGLpdLSmmumoM=/1200x675/d1hfln2sfez66z.cloudfront.net/08-03-2020/t_30717ad00af8486ab9eced543edbc59e_name_89277ADC947446488B8785EECC703855.jpg

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.187.65 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a2-16-187-65.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

b354cb22c436ea8ed0637a35e9da56f06f7d84ae2912f87a54b680bc06388d3c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 14:37:36 GMT
x-check-cacheable: YES
server: Akamai Image Manager
etag: "6b8d1c13535137744a314d5ea90d6ba7b0fecb31"
x-serial: 402
content-type: image/webp
status: 200
cache-control: private, no-transform, max-age=31535843
last-modified: Mon, 03 Aug 2020 14:36:14 GMT
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=MISS, edge; dur=307, origin; dur=189
content-length: 57250
expires: Tue, 03 Aug 2021 14:34:59 GMT

GET
H2 200 t_33e405222b9c431fbc416a6496c9da6e_name_FA75DADE2CE840989C9ED51EBB7F7793.jpg
www.kiro7.com/resizer/VeN6OCsvBZJTLCNOvq0gxNzpqmc=/1200x675/d1hfln2sfez66z.cloudfront.net/08-03-2020/ 80 KB
81 KB 165ms
162ms Image
image/jpeg 2.16.187.65
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.kiro7.com/resizer/VeN6OCsvBZJTLCNOvq0gxNzpqmc=/1200x675/d1hfln2sfez66z.cloudfront.net/08-03-2020/t_33e405222b9c431fbc416a6496c9da6e_name_FA75DADE2CE840989C9ED51EBB7F7793.jpg

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.187.65 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a2-16-187-65.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

3d85f73737f002750bde0de3a6cab67046cf5dd45000e5cf451f63accfdf1e5a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 14:37:36 GMT
x-check-cacheable: YES
server: Akamai Image Manager
etag: "7a18256a43c038f760df5e2fde3d3fa34dda1b54"
x-serial: 1097
content-type: image/jpeg
status: 200
cache-control: private, no-transform, max-age=31533665
last-modified: Mon, 03 Aug 2020 13:58:56 GMT
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=MISS, edge; dur=-191, origin; dur=287
x-edgeconnect-cache-status: 1
content-length: 82181
expires: Tue, 03 Aug 2021 13:58:41 GMT

GET
H2 200 t_1eb2b99fad9645d0aca70e20b2263410_name_A1424FDC1D2F4499BD8D03B11FFE2667.jpg
www.kiro7.com/resizer/1VyJ9-2Ke9E4q3kd2wc39Ihtsao=/1200x675/d1hfln2sfez66z.cloudfront.net/08-03-2020/ 76 KB
77 KB 616ms
614ms Image
image/jpeg 2.16.187.65
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.kiro7.com/resizer/1VyJ9-2Ke9E4q3kd2wc39Ihtsao=/1200x675/d1hfln2sfez66z.cloudfront.net/08-03-2020/t_1eb2b99fad9645d0aca70e20b2263410_name_A1424FDC1D2F4499BD8D03B11FFE2667.jpg

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.187.65 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a2-16-187-65.deploy.static.akamaitechnologies.com

Software

Akamai Image Server /

Resource Hash

b6664030f7bc5deb4fcd12b1af12172912f0e437fd1f91179895aaeadaf529f2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, upgrade-insecure-requests

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests, upgrade-insecure-requests
last-modified: Thu, 01 Jan 1970 00:00:01 GMT
server: Akamai Image Server
etag: "b6cc47ac3a5596d3fc7d5f7d0043765cc68f57b3"
content-type: image/jpeg
status: 200
cache-control: private, max-age=900
date: Mon, 03 Aug 2020 14:37:37 GMT
server-timing: cdn-cache; desc=MISS, edge; dur=5, origin; dur=539
x-akamai-note: original-image
content-length: 78035
expires: Mon, 03 Aug 2020 14:52:37 GMT

GET
H2 200 t_a8919f939c8945ec9f920f7222e3cfe8_name_2B76FEE19684404E8EE15AC1A5165C05.jpg
www.kiro7.com/resizer/U-C2kjbiF68vG3JzO9ZipoZWKvs=/1200x675/d1hfln2sfez66z.cloudfront.net/08-03-2020/ 60 KB
61 KB 152ms
150ms Image
image/webp 2.16.187.65
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.kiro7.com/resizer/U-C2kjbiF68vG3JzO9ZipoZWKvs=/1200x675/d1hfln2sfez66z.cloudfront.net/08-03-2020/t_a8919f939c8945ec9f920f7222e3cfe8_name_2B76FEE19684404E8EE15AC1A5165C05.jpg

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.187.65 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a2-16-187-65.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

c78b763ffb87074091fff5dbe0906f06afcf945430a438f364d89e344ca8d33e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 14:37:36 GMT
x-check-cacheable: YES
server: Akamai Image Manager
etag: "8d84304e49048c25d8a995f391913591da65261f"
x-serial: 739
content-type: image/webp
status: 200
cache-control: private, no-transform, max-age=31526597
last-modified: Mon, 03 Aug 2020 12:01:32 GMT
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=MISS, edge; dur=-242, origin; dur=312
content-length: 61776
expires: Tue, 03 Aug 2021 12:00:53 GMT

GET
H2 200 t_29e8288f50ca4bd98c373aac1baf54cd_name_D021CBBC8954484186A7C9FFD15C0CB7.jpg
www.kiro7.com/resizer/AYff2iQM2o_ZAO1fD1Y0Acw11RU=/1200x675/d1hfln2sfez66z.cloudfront.net/08-03-2020/ 25 KB
25 KB 158ms
157ms Image
image/webp 2.16.187.65
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.kiro7.com/resizer/AYff2iQM2o_ZAO1fD1Y0Acw11RU=/1200x675/d1hfln2sfez66z.cloudfront.net/08-03-2020/t_29e8288f50ca4bd98c373aac1baf54cd_name_D021CBBC8954484186A7C9FFD15C0CB7.jpg

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.187.65 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

a2-16-187-65.deploy.static.akamaitechnologies.com

Software

Akamai Image Manager /

Resource Hash

cd77ab73113b7c9e7b3ff1c037d14854bc45dcd5e5e22c84fc945827b11d4665

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 14:37:36 GMT
last-modified: Mon, 03 Aug 2020 12:11:32 GMT
server: Akamai Image Manager
etag: "3c0b680d6031bd149fd6b9e2f1468132c3454a37"
content-type: image/webp
status: 200
cache-control: private, no-transform, max-age=31527335
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=HIT, edge; dur=61
content-length: 25470
expires: Tue, 03 Aug 2021 12:13:11 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j83&a=810983457&t=pageview&_s=1&dl=https%3A%2F%2Fwww.kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washin...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-69447481-1&cid=610470161.1596465456&jid=1285928932&_gid=80899536.1596465456&gjid=224369891&_v=j83&z=1483855367
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-69447481-1&cid=610470161.1596465456&jid=1285928932&_v=j83&z=1483855367
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-69447481-1&cid=610470161.1596465456&jid=1285928932&_v=j83&z=1483855367&slf_rd=1&random=2255951226

42 B
106 B

17ms
17ms

Image
image/gif

2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-69447481-1&cid=610470161.1596465456&jid=1285928932&_v=j83&z=1483855367&slf_rd=1&random=2255951226

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Aug 2020 14:37:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 03 Aug 2020 14:37:36 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-69447481-1&cid=610470161.1596465456&jid=1285928932&_v=j83&z=1483855367&slf_rd=1&random=2255951226
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK cygnus Show response
as-sec.casalemedia.com/ 24 B
986 B 139ms
74ms XHR
application/json 23.210.249.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/cygnus?s=220808&v=7.2&r=%7B%22id%22%3A%2214f2dcb5341172%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22217e9d317486f5%22%2C%22ext%22%3A%7B%22siteID%22%3A%22220808%22%2C%22sid%22%3A%22728x90%22%7D%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%7D&ac=j&sd=1&
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/pb/resources/scripts/prebid2.41.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.164 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-164.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e8ae3545f316d09f64ed38a4ed1bd24e50008a50920000e0d7506bc6c2bf1d5c

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Aug 2020 14:37:36 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin: https://www.kiro7.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 44
Expires: Mon, 03 Aug 2020 14:37:36 GMT

GET
H2 200 arj Show response
coxmediagroup-d.openx.net/w/1.0/ 173 B
379 B 120ms
71ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://coxmediagroup-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.0&dddid=ee38208f-af1b-453c-9704-29b91408aaa5&nocache=1596465456496&aus=970x90%2C728x90%2C728x90%2C320x50&divIds=ad329&auid=539739792&
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/pb/resources/scripts/prebid2.41.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.190.0 /
Resource Hash: 2cd1e3308865283a667753286478b9f487d5d1734b34746e725e5f7140b7136e

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 03 Aug 2020 14:37:36 GMT
content-encoding: gzip
server: OXGW/16.190.0
status: 200
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.kiro7.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 165
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET fastlane.json
fastlane.rubiconproject.com/a/api/ 0
0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 53 B
746 B 963ms
36ms XHR
application/json 37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/pb/resources/scripts/prebid2.41.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.249 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Aug 2020 14:37:37 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 534.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.28:80
AN-X-Request-Uuid: 5dc25d82-3c14-4a5b-9f0c-725227e4ff31
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.kiro7.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 53
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 119 B
503 B 159ms
158ms XHR
text/javascript 99.86.0.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=3185&u=https%3A%2F%2Fwww.kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F&pid=EhCiNTqwtzhbI&cb=0&ws=1600x1200&v=7.52.00&t=2000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F12523293%2FSeattle_TV%2Fkiro_web_default%2Fnews%2Fjesse_jones%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.86.0.120 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-0-120.fra6.r.cloudfront.net
Software: Server /
Resource Hash: 3cd39cb32bd2edb00a2f3b7d724fd4c7d7f09f4b2e5885bbc86b9b37fb1d96a7

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 14:37:36 GMT
content-encoding: gzip
server: Server
x-amz-cf-pop: FRA6-C1
status: 200
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.kiro7.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 127
via: 1.1 87b272b7d9b97f38da15c91c833c3292.cloudfront.net (CloudFront)
x-amz-cf-id: TZDDYYOhI1tOo4IWYlrTa187X_HI_6TM1iVvtExaxXnGpMEJvSqlaQ==

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 53 B
747 B 1075ms
115ms XHR
application/json 37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/pb/resources/scripts/prebid2.41.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.249 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Aug 2020 14:37:37 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 534.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.198:80
AN-X-Request-Uuid: 58e3efb4-89f8-4635-a016-292823ec6d50
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.kiro7.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 53
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 arj Show response
coxmediagroup-d.openx.net/w/1.0/ 173 B
358 B 121ms
87ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://coxmediagroup-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.0&dddid=f184384c-ffe5-40fb-9205-152e48a09391&nocache=1596465456511&aus=300x250%2C300x250%2C300x250&divIds=ad1584&auid=539872219&
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/pb/resources/scripts/prebid2.41.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.190.0 /
Resource Hash: 0ea3f6d3b31e9c24d77d1466de04df3b9a3317171ea8d9514e2de1119abcf566

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 03 Aug 2020 14:37:36 GMT
content-encoding: gzip
server: OXGW/16.190.0
status: 200
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.kiro7.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 165
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET fastlane.json
fastlane.rubiconproject.com/a/api/ 0
0

GET
H/1.1 200
OK cygnus Show response
as-sec.casalemedia.com/ 25 B
987 B 246ms
120ms XHR
application/json 23.210.249.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/cygnus?s=260241&v=7.2&r=%7B%22id%22%3A%2215697b195830ad6%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22164d435a04a7fef%22%2C%22ext%22%3A%7B%22siteID%22%3A%22260241%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%7D&ac=j&sd=1&
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/pb/resources/scripts/prebid2.41.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.164 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-164.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: bedea1f8cf80a5ec83f5129f2ebe6dbb3bd2abe6f63d996974abc30f5c08ea84

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Aug 2020 14:37:36 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin: https://www.kiro7.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 45
Expires: Mon, 03 Aug 2020 14:37:36 GMT

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 119 B
502 B 144ms
144ms XHR
text/javascript 99.86.0.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=3185&u=https%3A%2F%2Fwww.kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F&pid=EhCiNTqwtzhbI&cb=1&ws=1600x1200&v=7.52.00&t=2000&slots=%5B%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F12523293%2FSeattle_TV%2Fkiro_web_default%2Fnews%2Fjesse_jones%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.86.0.120 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-0-120.fra6.r.cloudfront.net
Software: Server /
Resource Hash: 6c8a38e7a5cf21c2e725e23283a36abf4de52b1e994d37d5a5fbace8d212364e

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 14:37:36 GMT
content-encoding: gzip
server: Server
x-amz-cf-pop: FRA6-C1
status: 200
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.kiro7.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 127
via: 1.1 87b272b7d9b97f38da15c91c833c3292.cloudfront.net (CloudFront)
x-amz-cf-id: rSABBzih4JPrH7ATtYQjABa2rQlb-O-SBX4WaZOgS_8H_OSAqZp0gA==

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 53 B
746 B 1098ms
29ms XHR
application/json 37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/pb/resources/scripts/prebid2.41.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.249 , Ascension Island, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Aug 2020 14:37:37 GMT
X-Proxy-Origin: 185.156.175.107; 185.156.175.107; 534.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.50:80
AN-X-Request-Uuid: ca3b5b15-c6e2-4c07-ba94-cb7c50b69df4
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.kiro7.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 53
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 arj Show response
coxmediagroup-d.openx.net/w/1.0/ 173 B
358 B 121ms
94ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://coxmediagroup-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.0&dddid=2d6fd47a-dbab-417d-b3bf-432d790ce804&nocache=1596465456518&aus=300x250%2C300x250%2C300x250&divIds=ad1092&auid=539739793&
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/pb/resources/scripts/prebid2.41.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.190.0 /
Resource Hash: 9f028d6dc716d2a125d7e1a97a01b06db849c673f68590f50520055276798788

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 03 Aug 2020 14:37:36 GMT
content-encoding: gzip
server: OXGW/16.190.0
status: 200
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.kiro7.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 165
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK cygnus Show response
as-sec.casalemedia.com/ 25 B
987 B 324ms
80ms XHR
application/json 23.210.249.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/cygnus?s=220809&v=7.2&r=%7B%22id%22%3A%2221f735790aff2b4%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2222f20f066e2f276%22%2C%22ext%22%3A%7B%22siteID%22%3A%22220809%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%7D&ac=j&sd=1&
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/pb/resources/scripts/prebid2.41.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.164 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-164.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: eedb8ef546b6121564bff746c268a3dfe985fcd845c1b1d5a0112188ce2017dd

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 03 Aug 2020 14:37:36 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin: https://www.kiro7.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 45
Expires: Mon, 03 Aug 2020 14:37:36 GMT

GET fastlane.json
fastlane.rubiconproject.com/a/api/ 0
0

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 119 B
503 B 211ms
211ms XHR
text/javascript 99.86.0.120
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=3185&u=https%3A%2F%2Fwww.kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F&pid=EhCiNTqwtzhbI&cb=2&ws=1600x1200&v=7.52.00&t=2000&slots=%5B%7B%22sd%22%3A%222%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F12523293%2FSeattle_TV%2Fkiro_web_default%2Fnews%2Fjesse_jones%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.86.0.120 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-0-120.fra6.r.cloudfront.net
Software: Server /
Resource Hash: 1ada6cba8fa53b338e731e5e8813a53ed00637c9b6a44ce728e34c46959120b1

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 14:37:36 GMT
content-encoding: gzip
server: Server
x-amz-cf-pop: FRA6-C1
status: 200
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.kiro7.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 127
via: 1.1 87b272b7d9b97f38da15c91c833c3292.cloudfront.net (CloudFront)
x-amz-cf-id: zBbKPvRzRLQjdRV6Pi58ImAWEgTBtywUE4nCMTgXG4Qy_A8Ol_Q0ww==

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 432 B
335 B 68ms
68ms XHR
text/plain 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2926558707364091&correlator=2036054493030866&output=ldjh&impl=fifs&adsid=NT&eid=21066095%2C21065725%2C21066533%2C21065728&vrg=2020072701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200803&iu_parts=12523293%2CSeattle_TV%2Ckiro_web_default%2Cnews%2Cjesse_jones&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=1x1&prev_scp=ad_slot%3DWP01%26position%3D%255Bobject%2520Object%255D%26pt%3Da%26cid%3DWXYQ2IBHV45AXZSL3LOLK4ZUQM%26category%3Dnews%26breakpoint%3D992px%26type_name%3Dstory%26topics%3Dcoronavirus%252C%2520cybercrime%252C%2520fraud%252C%2520government-waste%252C%2520jesses-story-of-the-day%252C%2520JesseJones&eri=1&cust_params=weather%3D28%26temp_range%3D60%2520to%252064%26sky%3DMostly%2520Cloudy%26obj_id%3Dkiro%252FWXYQ2IBHV45AXZSL3LOLK4ZUQM%26type_name%3Dstory&cookie_enabled=1&bc=31&abxe=1&lmt=1596465456&dt=1596465456557&dlt=1596465455411&idt=1071&frm=20&biw=1600&bih=1200&oid=3&adxs=800&adys=147&adks=1508523578&ucis=1&ifi=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F&dssz=51&icsg=16341696527&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x1&msz=1x1&ga_vid=610470161.1596465456&ga_sid=1596465457&ga_hid=810983457&fws=0&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

0082f52bee45e11a98243053d63ec5d29b47f138254e0f87253da0d06ccd9d9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 14:37:36 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 232
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.kiro7.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
3aa13c75fe4cbb2507c9f773cfbf13bd.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 40ms
13ms Other
text/html 2a00:1450:4001:81e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://3aa13c75fe4cbb2507c9f773cfbf13bd.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072701.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 6ms
5ms Other
text/html 2a00:1450:4001:819::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072701.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 20 KB
6 KB 383ms
382ms XHR
text/plain 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2926558707364091&correlator=2036054493030866&output=ldjh&impl=fifs&adsid=NT&eid=21066095%2C21065725%2C21066533%2C21065728&vrg=2020072701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200803&iu_parts=12523293%2CSeattle_TV%2Ckiro_web_default%2Cnews%2Cjesse_jones&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=300x250&prev_scp=ad_slot%3DRP02%26position%3D%255Bobject%2520Object%255D%26pt%3Da%26cid%3DWXYQ2IBHV45AXZSL3LOLK4ZUQM%26category%3Dnews%26breakpoint%3D992px%26type_name%3Dstory%26topics%3Dcoronavirus%252C%2520cybercrime%252C%2520fraud%252C%2520government-waste%252C%2520jesses-story-of-the-day%252C%2520JesseJones&eri=1&cust_params=weather%3D28%26temp_range%3D60%2520to%252064%26sky%3DMostly%2520Cloudy%26obj_id%3Dkiro%252FWXYQ2IBHV45AXZSL3LOLK4ZUQM%26type_name%3Dstory&cookie_enabled=1&bc=31&abxe=1&lmt=1596465456&dt=1596465456573&dlt=1596465455411&idt=1071&frm=20&biw=1600&bih=1200&oid=3&adxs=1085&adys=874&adks=4275136746&ucis=2&ifi=2&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F&dssz=51&icsg=16341696527&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=409x250&msz=300x250&ga_vid=610470161.1596465456&ga_sid=1596465457&ga_hid=810983457&fws=0&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

eae9a47e21c5ee85ff399eaad4b19500b00f68338dcf8cdcb7be3c89e83f54e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 14:37:36 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5929
x-xss-protection: 0
google-lineitem-id: 5345428960
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138316827124
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.kiro7.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 432 B
309 B 61ms
61ms XHR
text/plain 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2926558707364091&correlator=2036054493030866&output=ldjh&impl=fifs&adsid=NT&eid=21066095%2C21065725%2C21066533%2C21065728&vrg=2020072701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200803&iu_parts=12523293%2CSeattle_TV%2Ckiro_web_default%2Cnews%2Cjesse_jones&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=1x1&prev_scp=ad_slot%3DPX01%26position%3D%255Bobject%2520Object%255D%26pt%3Da%26cid%3DWXYQ2IBHV45AXZSL3LOLK4ZUQM%26category%3Dnews%26breakpoint%3D992px%26type_name%3Dstory%26topics%3Dcoronavirus%252C%2520cybercrime%252C%2520fraud%252C%2520government-waste%252C%2520jesses-story-of-the-day%252C%2520JesseJones&eri=1&cust_params=weather%3D28%26temp_range%3D60%2520to%252064%26sky%3DMostly%2520Cloudy%26obj_id%3Dkiro%252FWXYQ2IBHV45AXZSL3LOLK4ZUQM%26type_name%3Dstory&cookie_enabled=1&bc=31&abxe=1&lmt=1596465456&dt=1596465456578&dlt=1596465455411&idt=1071&frm=20&biw=1600&bih=1200&oid=3&adxs=1235&adys=1164&adks=3216219378&ucis=3&ifi=3&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F&dssz=51&icsg=16341696527&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=409x1&msz=1x1&ga_vid=610470161.1596465456&ga_sid=1596465457&ga_hid=810983457&fws=0&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

6ed50daf4c2153bb4cf9525af6c183257c0529730b353892d98af55f653f0dcc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 14:37:36 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 234
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.kiro7.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dwce_cheq_events Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 438ms
109ms XHR
application/json 64.202.112.159
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1596465456592&sessionId=1dec4027-41d7-25c8-b25f-487ffeceeb6c&url=www.kiro7.com&cheqSource=1&cheqEvent=0&exitReason=1
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.159 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 03 Aug 2020 14:37:36 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 43c9cc1b30f2b598d2922a9301ff1a28
Content-Length: 4
Expires: 0

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/767680447/ 2 KB
1 KB 37ms
36ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/767680447/?random=1596465456596&cv=9&fst=1596465456596&num=1&value=0&label=c_PNCPmS2poBEL-_h-4C&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7m1&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F&tiba=How%20hackers%20are%20stealing%20hundreds%20of%20millions%20of%20dollars%20from%20Washington%E2%80%99s%20unemployment%20system&hn=www.googleadservices.com&bttype=purchase&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

f53d6a0404e5b3dda3559494d9e21c682feee793a0e8a3e3f8fdf75c53974123

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Aug 2020 14:37:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1261
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/767680447/ 2 KB
1 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/767680447/?random=1596465456601&cv=9&fst=1596465456601&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7m1&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F&tiba=How%20hackers%20are%20stealing%20hundreds%20of%20millions%20of%20dollars%20from%20Washington%E2%80%99s%20unemployment%20system&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b77845c2050a7ffe65bfa833bca905b80608b1b9dd433090b391cdde8de4f2a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Aug 2020 14:37:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1107
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 lightbox.js Show response
www.lightboxcdn.com/vendor/458eb58b-8ae1-48ae-b99e-cfbb948d1b54/ 326 B
322 B 19ms
18ms Script
application/javascript 2606:4700::6810:51a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/vendor/458eb58b-8ae1-48ae-b99e-cfbb948d1b54/lightbox.js?cb=1596465456602
Requested by: Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/static/lightbox_cox.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:51a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: d20beb8bd7c6778095f019514f2008592a9c74a5204bb4b5993bcd10ee38ba4d

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 14:37:36 GMT
content-encoding: br
cf-cache-status: HIT
cf-bgj: minify
server: cloudflare
age: 255873
x-powered-by: ASP.NET
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cf-ray: 5bd0c70fca373260-FRA
cf-request-id: 04565abddb000032601ea81200000001

GET
H2 200 identity.js Show response
connect.facebook.net/signals/plugins/ 37 KB
9 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.5

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9d6775f96b398119dd2519629eaebad2ef2475d71375d7bca6f08a1bbfbf3826

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 9257
x-xss-protection: 0
pragma: public
x-fb-debug: StqNHvn9Aoloo7dt9EofJkIE2ybL7zE8dUpCkAd4SIBtMlEERj2h6EeXwixF3qvcn9KfRe3aVbk4XYo1XXlcVg==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Mon, 03 Aug 2020 14:37:36 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 281660582191764 Show response
connect.facebook.net/signals/config/ 355 KB
86 KB 111ms
111ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/281660582191764?v=2.9.5&r=c2

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9c3304c0c82663f30f68b0eaa367a0e284fca6ed5ed9435c61a5112c83ba9bd2

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: I3qHG3JcBCDWAZVdiVZlFsvTFvT6LuZ/klJoy8RFEW+L2KX/vo7getHfS8l8Pr5zHS8vgKglcUYpH4VU/5MEqA==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Mon, 03 Aug 2020 14:37:36 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ping
ping.chartbeat.net/ 43 B
168 B 3406ms
139ms Image
image/gif 52.44.69.185
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=kiro7.com&p=%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F&u=BfoPxGCrXbSADi3EZV&d=kiro7.com&g=31585&g0=news&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=3843&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=2440&t=CktepoDVpG5PF3LPNk-mzuEAgHm&V=120&i=how%20hackers%20are%20stealing%20hundreds%20of%20millions%20of%20dollars%20from%20washington%E2%80%99s%20unemployment%20system&tz=-120&sn=1&sv=C_50eAB93v2JC2NK9iCVO_TzCoK0KB&sd=1&im=067b2ffa&_
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.44.69.185 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-44-69-185.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
pragma: no-cache
date: Mon, 03 Aug 2020 14:37:39 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

GET
H2 200 / Show response
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 256 B
513 B 180ms
105ms XHR
application/json 2a04:4e42:3::714
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=kiro7.com&domain=kiro7.com&path=%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F
Requested by: Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:3::714 , Ascension Island, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 930a3fd7f254f3bb339528ae7f05669aa8faa93ef0fe2eaaae7af7cc66b6a5ac

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 14:37:36 GMT
content-encoding: gzip
age: 0
x-cache: MISS
status: 200
x-cache-hits: 0
content-length: 192
x-served-by: cache-fra19134-FRA
access-control-allow-origin: *
x-timer: S1596465457.778852,VS0,VE99
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: application/json
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
cache-control: no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges: bytes
expires: Sat, 01 Aug 2020 14:37:36 GMT

GET
H2 200 user.js Show response
www.lightboxcdn.com/vendor/458eb58b-8ae1-48ae-b99e-cfbb948d1b54/ 616 KB
122 KB 118ms
78ms Script
application/javascript 2606:4700::6810:51a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/vendor/458eb58b-8ae1-48ae-b99e-cfbb948d1b54/user.js?cb=637298881634715824
Requested by: Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/458eb58b-8ae1-48ae-b99e-cfbb948d1b54/lightbox.js?cb=1596465456602
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:51a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80f5317ac5620c70618497fb3930ca9d235971a466e99b5b0c2b590489228afd

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 03 Aug 2020 14:37:36 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: ClA/mRoTb4aqqHHOFqjo8A==
age: 255508
cf-polished: origSize=1047669
status: 200
last-modified: Fri, 03 Jul 2020 15:22:34 GMT
cf-request-id: 04565abe7b000032601ea90200000001
x-ms-lease-status: unlocked
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
x-ms-request-id: 0421b526-401e-012e-58cf-569353000000
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
cf-ray: 5bd0c710ccb93260-FRA
expires: Tue, 03 Aug 2021 14:37:36 GMT

GET
H/1.1

200
OK

Cookie set iu3
aax-eu.amazon-adsystem.com/s/ Frame 3F31
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=pm-db5_rbd_an-db5
https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=pm-db5_rbd_an-db5&dcc=t

0
0

221ms
220ms

Document
text/html

52.95.123.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=pm-db5_rbd_an-db5&dcc=t
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.95.123.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash

Request headers

Host: aax-eu.amazon-adsystem.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: ad-id=A-Lees0rOkKUobr2doxYs-c|t
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Response headers

Server: Server
Date: Mon, 03 Aug 2020 14:37:37 GMT
Content-Type: text/html;charset=ISO-8859-1
Content-Length: 196
Connection: keep-alive
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Set-Cookie: ad-id=A-Lees0rOkKUobr2doxYs-c; Domain=.amazon-adsystem.com; Expires=Thu, 01-Apr-2021 14:37:36 GMT; Path=/; Secure; HttpOnly; SameSite=None ad-privacy=0; Domain=.amazon-adsystem.com; Expires=Wed, 01-Oct-2025 14:37:37 GMT; Path=/; Secure; HttpOnly; SameSite=None
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip

Redirect headers

Server: Server
Date: Mon, 03 Aug 2020 14:37:36 GMT
Content-Length: 0
Connection: keep-alive
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/iu3?cm3ppd=1&d=dtb-pub&csif=t&dl=pm-db5_rbd_an-db5&dcc=t
Set-Cookie: ad-id=A-Lees0rOkKUobr2doxYs-c|t; Domain=.amazon-adsystem.com; Expires=Thu, 01-Apr-2021 14:37:36 GMT; Path=/; Secure; HttpOnly; SameSite=None
Vary: User-Agent

GET
H2 200 /
www.google.com/pagead/1p-user-list/767680447/ 42 B
107 B 59ms
20ms Image
image/gif 2a00:1450:4001:81d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/767680447/?random=1596465456601&cv=9&fst=1596463200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7m1&sendb=1&frm=0&url=https%3A%2F%2Fwww.kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F&tiba=How%20hackers%20are%20stealing%20hundreds%20of%20millions%20of%20dollars%20from%20Washington%E2%80%99s%20unemployment%20system&async=1&fmt=3&is_vtc=1&random=3381510957&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Aug 2020 14:37:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/767680447/ 42 B
107 B 57ms
18ms Image
image/gif 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/767680447/?random=1596465456601&cv=9&fst=1596463200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7m1&sendb=1&frm=0&url=https%3A%2F%2Fwww.kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F&tiba=How%20hackers%20are%20stealing%20hundreds%20of%20millions%20of%20dollars%20from%20Washington%E2%80%99s%20unemployment%20system&async=1&fmt=3&is_vtc=1&random=3381510957&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Aug 2020 14:37:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
www.google.de/pagead/1p-conversion/767680447/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/767680447/?random=987652613&cv=9&fst=*&num=1&value=0&label=c_PNCPmS2poBEL-_h-4C&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah...
https://www.google.com/pagead/1p-conversion/767680447/?random=987652613&cv=9&fst=*&num=1&value=0&label=c_PNCPmS2poBEL-_h-4C&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=...
https://www.google.de/pagead/1p-conversion/767680447/?random=987652613&cv=9&fst=*&num=1&value=0&label=c_PNCPmS2poBEL-_h-4C&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=2...

42 B
107 B

23ms
23ms

Image
image/gif

2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/767680447/?random=987652613&cv=9&fst=*&num=1&value=0&label=c_PNCPmS2poBEL-_h-4C&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7m1&sendb=1&ig=1&frm=0&url=https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/&tiba=How%20hackers%20are%20stealing%20hundreds%20of%20millions%20of%20dollars%20from%20Washington%E2%80%99s%20unemployment%20system&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=MCEoX4LtJdGalQfWlqugBA&cid=CAQSKQCNIrLMkaRvaswe6KARpRNLdmsxTbFsC6Ajuke-8oWSQlSCJBUx-swr&eitems=ChAI8Oue-QUQlaPnocD-3-lYEh0ADOG3zsI-Rn88TNninvvptl2My5IaxayFJf5lIQ&random=3666479488&resp=GooglemKTybQhCsO&ipr=y

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Aug 2020 14:37:36 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 03 Aug 2020 14:37:36 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/767680447/?random=987652613&cv=9&fst=*&num=1&value=0&label=c_PNCPmS2poBEL-_h-4C&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg7m1&sendb=1&ig=1&frm=0&url=https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/&tiba=How%20hackers%20are%20stealing%20hundreds%20of%20millions%20of%20dollars%20from%20Washington%E2%80%99s%20unemployment%20system&hn=www.googleadservices.com&async=1&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=MCEoX4LtJdGalQfWlqugBA&cid=CAQSKQCNIrLMkaRvaswe6KARpRNLdmsxTbFsC6Ajuke-8oWSQlSCJBUx-swr&eitems=ChAI8Oue-QUQlaPnocD-3-lYEh0ADOG3zsI-Rn88TNninvvptl2My5IaxayFJf5lIQ&random=3666479488&resp=GooglemKTybQhCsO&ipr=y
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK config.json Show response
c.go-mpulse.net/api/ Frame 4D47 588 B
861 B 276ms
260ms XHR
application/json 2a02:26f0:6c00:192::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=2ARQK-4FEY5-2C44D-9TAQS-ZHZL7&d=www.kiro7.com&t=5321552&v=1.632.0&if=&sl=0&si=w37foquy0a-qehsmo&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,Angular,Backbone,Ember,History,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,LOGN&acao=&ak.ai=576087
Requested by: Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/2ARQK-4FEY5-2C44D-9TAQS-ZHZL7
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:192::11a6 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software: /
Resource Hash: 6a444d01ae90ffe2ed89f55b35ac2f606ee4a8f0c06e0784d3a401be7e79d034

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 03 Aug 2020 14:37:37 GMT
Cache-Control: private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 588
Content-Type: application/json

GET
H2 200 /
www.facebook.com/tr/ 44 B
259 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=281660582191764&ev=PageView&dl=https%3A%2F%2Fwww.kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F&rl=&if=false&ts=1596465456790&sw=1600&sh=1200&v=2.9.5&r=c2&ec=0&o=30&fbp=fb.1.1596465456790.495621566&it=1596465456607&coo=false&rqm=GET

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 14:37:36 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 03 Aug 2020 14:37:36 GMT

GET
H2 200 fb_lightbox.2.1.5.css
www.lightboxcdn.com/static/ 4 KB
1 KB 14ms
14ms Stylesheet
text/css 2606:4700::6810:51a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.lightboxcdn.com/static/fb_lightbox.2.1.5.css?cb=637293865540854657
Requested by: Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/458eb58b-8ae1-48ae-b99e-cfbb948d1b54/user.js?cb=637298881634715824
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:51a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b9028c7ecccf4f31fafcfca176cd6ed38197d7b3d6ea4c107b98af8eecc525b

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 03 Aug 2020 14:37:36 GMT
content-encoding: br
cf-cache-status: HIT
content-md5: q4B4xYJoZwx9ikt94o1nCA==
age: 255956
cf-polished: origSize=6016
x-ms-meta-cbmodifiedtime: Wed, 10 Apr 2019 18:50:43 GMT
status: 200
last-modified: Wed, 10 Apr 2019 19:06:17 GMT
cf-request-id: 04565abf05000032601ea97200000001
x-ms-lease-status: unlocked
cf-bgj: minify
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
x-ms-request-id: 7aad5c57-901e-0045-1a4e-518850000000
cache-control: public, max-age=31536000
x-ms-version: 2009-09-19
cf-ray: 5bd0c711aef93260-FRA
expires: Tue, 03 Aug 2021 14:37:36 GMT

GET
H/1.1 200
OK z Show response
lightboxapi.azurewebsites.net/z9gd/42629/www.kiro7.com/jsonp/ 528 B
782 B 637ms
155ms Script
application/javascript 13.89.172.6
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://lightboxapi.azurewebsites.net/z9gd/42629/www.kiro7.com/jsonp/z?cb=1596465456923&callback=jQuery1710018015984664496276_1596465456891&_=1596465456924
Requested by: Host: www.lightboxcdn.com
URL: https://www.lightboxcdn.com/vendor/458eb58b-8ae1-48ae-b99e-cfbb948d1b54/user.js?cb=637298881634715824
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.89.172.6 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 2365d7136ba5d04b4a90eb5f54a6f6fb94127cbb2bbafdcbccdb1f5328c2ed9e

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 03 Aug 2020 14:37:36 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H2 200 t.gif
www.lightboxcdn.com/z9g/ 35 B
281 B 18ms
17ms Image
image/gif 2606:4700::6810:51a5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.lightboxcdn.com/z9g/t.gif?c=1596465456899&h=www.kiro7.com&e=p&u=42629
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6810:51a5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 03 Aug 2020 14:37:36 GMT
cf-cache-status: HIT
content-md5: KNaBTzCeoon4R8ac+RGUxg==
age: 1014004
cf-polished: status=not_needed
x-ms-meta-cbmodifiedtime: Tue, 26 Feb 2019 00:59:40 GMT
status: 200
content-length: 35
cf-request-id: 04565abf21000032601ea99200000001
x-ms-lease-status: unlocked
last-modified: Tue, 26 Feb 2019 01:15:02 GMT
server: cloudflare
etag: 0x8D69B87D5A1B25F
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/gif
x-ms-request-id: ac5326e6-701e-00aa-4564-84832e000000
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 5bd0c711cf5f3260-FRA
cf-bgj: imgq:85

GET
H/1.1 200
OK pw.js Show response
includemodal.global.ssl.fastly.net/ Frame 6BB8 85 KB
28 KB 1105ms
25ms Script
application/javascript 151.101.113.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://includemodal.global.ssl.fastly.net/pw.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072701.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a573a447abaae8b55fc53b84dcb7c0be93c1ab5a6226384c3b35787f0ccddce7

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 03 Aug 2020 14:37:38 GMT
Content-Encoding: gzip
Age: 1659
X-Cache: HIT
Connection: keep-alive
Content-Length: 28495
x-amz-id-2: M00sLYEgBDGeNRsN7mO13funyKtcbJzM0UhebN6c/F4pyP4gZTQtgAh8mQSXrh99379MfgVmI24=
X-Served-By: cache-hhn4068-HHN
Last-Modified: Sun, 02 Aug 2020 04:09:08 GMT
Server: AmazonS3
X-Timer: S1596465458.071020,VS0,VE0
ETag: "3b455f48d4685253b866815981a7ef7e"
Vary: Accept-Encoding
x-amz-request-id: B08C120AE6E48B44
Via: 1.1 varnish
Accept-Ranges: bytes
Content-Type: application/javascript
X-Cache-Hits: 56

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6BB8 0
0 60ms
60ms Fetch
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstIVRL3Foaghlf-HuAf_rp7me68ASyPyPD5RZReqGj_-Vr1OTRSDyXW1-GoCioPgr9BmQqztLqYFASXgiH99kL2TWejQ8c6j5kOZuzusw189beln8kb8KqdpJxrq0okQfPw6Ah_tZxH8IZdZcm6OPyj0RrtLY0shJeXjCgXfWJ4c-c_52LEOQbM3PotaT0phYfbZvJ_K-d4NLbqr1eozRv0HavXs57g6zRTw4KNqV0jo8lTNqZ3tUaecSBqTaY9_2lFmBYZMcQysiew4hXWUzfNiwQEuXj9FSNSI3XlXlKffnM&sig=Cg0ArKJSzBtk_XTVvR8ZEAE&adurl=

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 03 Aug 2020 14:37:37 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20200729/r20110914/client/ Frame 6BB8 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:819::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20200729/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57514090aa4e30755dfb478a8e596474b2c1dcb0c4258a6a2b324853d73840e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 29 Jul 2020 15:51:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 427562
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 8966445102869121928
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 Aug 2020 15:51:34 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6BB8 73 KB
28 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a144a0ddb054805ab87d8603010836d660aa41bef7a38d962781cd3af6c4e864

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 14:37:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1596194598985842"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28389
x-xss-protection: 0
expires: Mon, 03 Aug 2020 14:37:36 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 6BB8 0
0 17ms
15ms Image
text/html 2a00:1450:4001:81d::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQR1Gf01oemJSjC2G3EsN3XGGEegZuHsb1V3BxxSYyOPFERMGMCDA01kdw-gcUPqohBkXVEXxS_BvmRTH_UlklKGb-X-w
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072701.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:81d::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20200729/r20110914/client/ Frame 6BB8 20 KB
9 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:819::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20200729/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ac81845bd64dfcbf434dc4e697130c045d294b75d4335d989239c0cab1719cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 29 Jul 2020 15:51:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 427562
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8639
x-xss-protection: 0
server: cafe
etag: 17029868841816248738
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 Aug 2020 15:51:34 GMT

GET
H2 200 6689646930131180015
tpc.googlesyndication.com/simgad/ Frame 6BB8 70 KB
71 KB 9ms
8ms Image
image/jpeg 2a00:1450:4001:819::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6689646930131180015

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c0883d747f2f0715eabe46219a1ccfc1a366c06d71cbf62ffae9abd2674235ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 23 Jul 2020 00:23:50 GMT
x-content-type-options: nosniff
age: 1001626
x-dns-prefetch-control: off
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72094
x-xss-protection: 0
last-modified: Tue, 07 Jul 2020 23:59:41 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 23 Jul 2021 00:23:50 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 71 KB
27 KB 21ms
15ms Script
text/javascript 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a6a77d4af8485f801196e0abb887d745c1ebaf38df310027cf720ad7517e9b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 14:37:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1596194598985842"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 27106
x-xss-protection: 0
expires: Mon, 03 Aug 2020 14:37:37 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6BB8 0
54 B 61ms
61ms Image
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssh4-5Eln8eSQAB3vHx4J76SyHleEje0QkNfhtKaN7SGvRRLXCIKrudNyV2HBxl61XI6UOEm6LrMgBQxt97jWc4kF8xVH7IlkCpIB2YhCLUulV8yItxMM6u71TW_rUZnZu5ZHaIQFRJq05xqAk9rV70YjE2B3jNtTWPadmDbYpAHMayJxYusqzKm8rkJ0a6MhyR7Cgcxx-kO6snKvVK_bvW5oI-za_NEiyYRqvCSaAsMffAQx6DtzihGs8UgQ4GHQ9NVhlR1fnuinAfGEVO7nRfLHHYggDdpVxkU6uydYMBfl6zRQ&sig=Cg0ArKJSzF0X7d9TwoiVEAE&adurl=

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 03 Aug 2020 14:37:37 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 6BB8 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ac548acfa55077b067d2ea4132a77965937a526d9757f570273541232c021651

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK c=E5NS_f=spot_si=1407_s=300x250_lid=5345428960 Show response
pr.realvu.net/flip/2/ 1 KB
893 B 120ms
118ms Script
application/javascript 52.45.140.238
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pr.realvu.net/flip/2/c=E5NS_f=spot_si=1407_s=300x250_lid=5345428960
Requested by: Host: pr.realvu.net
URL: https://pr.realvu.net/flip/2/c=E5NS_f=site_si=1407
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.140.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-140-238.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 38db8016c9a71b8590311347a397e56764effd444da1db744884e551a48fefe4

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 03 Aug 2020 14:37:37 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=3600
Connection: keep-alive
Content-Length: 601
X-Proxy-Cache: BYPASS

GET
H2 200 load.js Show response
widget.perfectmarket.com/cox-network/ 4 KB
2 KB 7214ms
43ms Script
application/javascript 151.101.113.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.perfectmarket.com/cox-network/load.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/cox-network/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.181 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fbb0e86ccce48b6e3624ebec3313ede4b3a5fce48047f324267f65110b40acad

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: IZ8OTIoenzcg.cleqFwBPbWlbDW1hgyb
content-encoding: gzip
etag: "8e2dc1f5b2d46f4b95f576b6989d0a3a"
age: 213
x-cache: HIT, HIT
status: 200
content-length: 1384
x-amz-id-2: mGFEmEkf4Z2NlYAKtx1qtrkW6YqxSTIozF1FlaCVz0NBthY8GAusgACb8h8GC8bSv1wpaMIBYyY=
x-served-by: cache-lax8635-LAX, cache-hhn4060-HHN
last-modified: Wed, 18 Mar 2020 08:48:23 GMT
server: AmazonS3
x-timer: S1596465464.361499,VS0,VE0
date: Mon, 03 Aug 2020 14:37:44 GMT
vary: Accept-Encoding,,
x-amz-request-id: 34C7F03FFD16BC00
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=300
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 1, 1

GET
H2 200 impl.20200801-2-RELEASE.js Show response
cdn.taboola.com/libtrc/ 458 KB
130 KB 28ms
27ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20200801-2-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/cox-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c3c816e688e1dc01d297a87071ea3d920cc21366eb4407b57b3df30a2ff18157

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: ES0X5kBlPI9mWyfNGNFj0HQ9LnaighIk
content-encoding: gzip
etag: "88c0efcccea736694fbdedf435d60c9b"
age: 42
x-cache: HIT
status: 200
x-amz-replication-status: COMPLETED
content-length: 132330
x-amz-id-2: w2dPnxIPevnLxsiC2W5sfbyPYn1Syw2yZvth3UZ6bk97U1sTWdPKVze+tERf9zDGOQ/NjvlfT1o=
x-served-by: cache-fra19134-FRA
last-modified: Sun, 02 Aug 2020 07:18:22 GMT
server: AmazonS3
x-timer: S1596465457.178365,VS0,VE0
date: Mon, 03 Aug 2020 14:37:37 GMT
vary: Accept-Encoding
x-amz-request-id: 84F2A1579139610F
via: 1.1 varnish
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 44
x-cache-hits: 8200

GET
H/1.1 200
OK beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 7225ms
37ms Script
application/x-javascript 23.37.53.17
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/cox-network/loader.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.53.17 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-53-17.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 03 Aug 2020 14:37:44 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 884
Expires: Tue, 04 Aug 2020 14:37:44 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
624 B 194ms
192ms Image
image/gif 54.183.239.235
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_at=394&ntv_usid=4545111&ntv_pl=1079778
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.183.239.235 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-183-239-235.us-west-1.compute.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Aug 2020 14:37:37 GMT
server: nginx/1.12.1
status: 200
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
624 B 199ms
197ms Image
image/gif 54.183.239.235
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_ui=ee0c71cf-78ba-4e88-8f64-f39035289e43&ntv_fl=5j6K0SrXS9BkMDZOoNh3cuY5ZAD_5yeHB3tygZWitd39pmjgrsBIdrYwnxIm53UHTF3xMExMFtJr_Wlwxuf93NhAKzmotxq2MqmwNi2z9fs=&ntv_ht=MSEoXwA&ntv_at=303,302&ntv_a=AAAAAAAAAA4nkQA&ord=1596465457175&ntv_dpl=1009,1011,1028,1001,1050,1003,1019,1007&ntv_it
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.183.239.235 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-183-239-235.us-west-1.compute.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Aug 2020 14:37:37 GMT
server: nginx/1.12.1
status: 200
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
624 B 196ms
195ms Image
image/gif 54.183.239.235
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_ui=ee0c71cf-78ba-4e88-8f64-f39035289e43&ntv_fl=5j6K0SrXS9BkMDZOoNh3cuY5ZAD_5yeHB3tygZWitd39pmjgrsBIdrYwnxIm53UHTF3xMExMFtJr_Wlwxuf93NhAKzmotxq2MqmwNi2z9fs=&ntv_ht=MSEoXwA&ntv_at=321,322,333&ntv_a=AAAAAAAAAA4nkQA&ntv_jlt=1712&ntv_jad=1221&ntv_jte=32&ntv_it
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.183.239.235 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-183-239-235.us-west-1.compute.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Aug 2020 14:37:37 GMT
server: nginx/1.12.1
status: 200
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 json Show response
trc.taboola.com/cox-kiro-tv/trc/3/ 29 KB
10 KB 499ms
481ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/cox-kiro-tv/trc/3/json?tim=16%3A37%3A37.411&lti=deflated&data=%7B%22id%22%3A538%2C%22ii%22%3A%22%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22vi%22%3A1596465457384%2C%22cv%22%3A%2220200801-2-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fkiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F%22%2C%22bv%22%3A%220%22%2C%22ul%22%3A%5B%22en-US%22%5D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A3843%2C%22nsid%22%3A%22cox-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A8%2C%22uim%22%3A%22alternating-thumbnails-e%3Apub%3Dcox-network%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%20-March%202017%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%20-March%202017%22%2C%22cd%22%3A3432.515625%2C%22mw%22%3A1280%7D%5D%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20200801-2-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f9d75feb18941875349eab4daaa63e1f7992ed9c3f774d99648b20351908a496

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 457
date: Mon, 03 Aug 2020 14:37:37 GMT
content-encoding: gzip
access-control-allow-origin: *
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 200
x-served-by: cache-fra19134-FRA
server: nginx
x-timer: S1596465457.445877,VS0,VE457
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
via: 1.1 varnish
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

POST
H2 200 /
www.facebook.com/tr/ Frame 006F 0
0 11ms
6ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: POST
:authority: www.facebook.com
:scheme: https
:path: /tr/
content-length: 2416
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
origin: https://www.kiro7.com
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: fr=0SGR5DTdVEwRLEbpG..BfKCEw...1.0.BfKCEw.
Upgrade-Insecure-Requests: 1
Origin: https://www.kiro7.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Response headers

status: 200
content-type: text/plain
access-control-allow-origin: https://www.kiro7.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-length: 0
server: proxygen-bolt
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
date: Mon, 03 Aug 2020 14:37:37 GMT

GET
H2 200 hub.html
membercenter-sdk.cmg.com/sdk/ Frame F716 0
0 10ms
10ms Document
text/html 2600:9000:214f:1000:a:588b:e680:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://membercenter-sdk.cmg.com/sdk/hub.html
Requested by: Host: membercenter-sdk.cmg.com
URL: https://membercenter-sdk.cmg.com/sdk/main.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:1000:a:588b:e680:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

:method: GET
:authority: membercenter-sdk.cmg.com
:scheme: https
:path: /sdk/hub.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Response headers

status: 200
content-type: text/html
content-length: 211
last-modified: Thu, 23 Jul 2020 18:50:46 GMT
accept-ranges: bytes
server: AmazonS3
date: Mon, 03 Aug 2020 14:37:35 GMT
etag: "acd60f16e40239bb3c813ef87db325b5"
x-cache: Hit from cloudfront
via: 1.1 80d90c7955dda88e3912960ead8e99d6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: 60Fzn97ilRvixWgNU_4GWnGu_OMQF8epa0i7VYu4_pg46nulubQ1UA==
age: 3

GET
H2 200 tb Show response
15.taboola.com/ 32 KB
10 KB 41ms
40ms Script
text/html 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://15.taboola.com/tb?oid=15&pubnm=cox-kiro-tv&unitType=244&tbloc=&pageType=text&pstn=Below%20Article%20Thumbnails%20-March%202017&uuip=Feed%20-%20Below%20Article%20Thumbnails%20-March%202017&cisrf=&cirf=https%3A%2F%2Fkiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F&encoded=1&uid=b469383c-6bdf-4832-8b66-b2a8059cd6d0-tuct621a6b1&variant=-100|4302&callback=TRC.videoTagCallbacks.videoCallback1&cb=1596465457920&tagid=&cntry=CH&platform=1&normp=1&sesid=178907563c19ff8e74c79ec33e54666b&itemid=/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system&viewid=1596465457384&geolat=&geoing=&deviceifa=&appid=&sd=v2_178907563c19ff8e74c79ec33e54666b_b469383c-6bdf-4832-8b66-b2a8059cd6d0-tuct621a6b1_1596465457_1596465457_CNawjgYQ4ZA-GOjRhqa7LiABKAEwKziy0A1AuogQSPDb2QNQ____________AVgAYABo4qaqkbKtl-Jw&ri=21dacf447799724655cad599fc014737&appname=&cdb=&gdprApplies=&rid=&sii=-4312527434450252827&oee=true&tpubid=1017953&uis=2&fagg=1&ccpaDns=false&ccpaPrivacy=&region=BE
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20200801-2-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 82065f13e759bc37e30a66afa04d925bef8f4d232811f749a3d60408c40661ab

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 14:37:37 GMT
content-encoding: gzip
machineid: 1429
x-cache: MISS
status: 200
x-cache-hits: 0
x-served-by: cache-fra19134-FRA
pragma: no-cache
server: nginx
x-timer: S1596465458.937133,VS0,VE16
vary: Accept-Encoding
content-type: text/html;charset=ISO-8859-1
via: 1.1 varnish
cache-control: no-cache,must-revalidate,no-store,max-age=0,s-maxage=0
accept-ranges: bytes
link: <https://am-wf.taboola.com>; rel=preconnect
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 feed-card-placeholder.20200801-2-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 5 KB
2 KB 25ms
25ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/feed-card-placeholder.20200801-2-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/cox-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: beb713130ffd6c0d3e827e036c9112623aab43051600265708f574b1800c7d54

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: .CB3i9a35ftRv7kXWchV_eoh1hzevwVw
content-encoding: gzip
etag: "f18d4870d416d5b13dccdb839f90b3fa"
age: 31
x-cache: HIT
status: 200
x-amz-replication-status: COMPLETED
content-length: 1268
x-amz-id-2: z2Kryn2NisREPr7aZsCs5zDRgfKtv/PIU+can297/abQj4XKUypjNNinBzTcuBZEp0AB/GPCQ1E=
x-served-by: cache-fra19134-FRA
last-modified: Sun, 02 Aug 2020 07:18:40 GMT
server: AmazonS3
x-timer: S1596465458.939191,VS0,VE0
date: Mon, 03 Aug 2020 14:37:37 GMT
vary: Accept-Encoding
x-amz-request-id: 221BD7B5094A114A
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 71
x-cache-hits: 27

GET
H2 200 userx.20200801-2-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 22 KB
8 KB 25ms
24ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20200801-2-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/cox-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6a21dcfd78c871e15b508485486dc0ac1133b20d9b98ac0c0fd9f3ae32b58161

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: kSkk2WHPDm6hnBKYOzAkou7BKhTQ9.mY
content-encoding: gzip
etag: "48056e4a5f717dfd2e393c844d67fa1d"
age: 38
x-cache: HIT
status: 200
x-amz-replication-status: COMPLETED
content-length: 7749
x-amz-id-2: EoXls+2H2LigIdAudDPzIaL51aBD/oStSQ3aU4BAdJihufjivImcjb0vE5vQgel/RGDTK8bEnFc=
x-served-by: cache-fra19134-FRA
last-modified: Sun, 02 Aug 2020 07:18:30 GMT
server: AmazonS3
x-timer: S1596465458.952102,VS0,VE0
date: Mon, 03 Aug 2020 14:37:37 GMT
vary: Accept-Encoding
x-amz-request-id: 227045F4B437C265
via: 1.1 varnish
cache-control: private,max-age=14400
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 71
x-cache-hits: 15

GET
H2 200 f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 4 KB
2 KB 24ms
24ms Image
image/svg+xml 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding: gzip
etag: "b8b410e4b18d45aa2f3d9bc09cd335fb"
age: 95
via: 1.1 varnish
x-cache: HIT
status: 200
x-amz-replication-status: COMPLETED
content-length: 1758
x-amz-id-2: 2YEYCbq4sAj61Z+B05gO0AppCwXXJAaNbXsCI+kCUo7AvvChWdBg8FiGZxAZyEH9D84pHHl5ciE=
x-served-by: cache-fra19134-FRA
last-modified: Wed, 07 Feb 2018 11:15:52 GMT
server: AmazonS3
x-timer: S1596465458.970920,VS0,VE0
date: Mon, 03 Aug 2020 14:37:37 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
x-amz-request-id: 0617C658162064A0
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: image/svg+xml
access-control-allow-headers: *
abp: 71
x-cache-hits: 235

GET
H2 200 40c8ef90-07c7-487a-84df-63d93500c1a4.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//ejnql.com/content/ 20 KB
21 KB 26ms
25ms Image
image/jpeg 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//ejnql.com/content/40c8ef90-07c7-487a-84df-63d93500c1a4.jpg
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: d8f1c105623165e8a632ee84c28863aa6ad5b4fb21b5f558ac4acf437a6d5517

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Mon, 03 Aug 2020 14:37:37 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 2179651
edge-cache-tag: 621293045940373875098618898656648785884,321542333818713782252267784064847624608,29ecf9b93bbf306179626feeda1fab70
status: 200
expiration: expiry-date="Sat, 01 Aug 2020 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//ejnql.com/content/40c8ef90-07c7-487a-84df-63d93500c1a4.jpg
content-length: 20789
x-served-by: cache-dca17750-DCA, cache-dca17739-DCA, cache-fra19134-FRA
last-modified: Wed, 01 Jul 2020 14:32:29 GMT
server: cloudinary
x-timer: S1596465458.997562,VS0,VE0
etag: "a11af96ce5f5179a1c53c012fa8edf93"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 11

GET
H2 200 fdf33ee0e53d2559391622989cbc92a1.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 55 KB
55 KB 25ms
25ms Image
image/jpeg 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fdf33ee0e53d2559391622989cbc92a1.jpg
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: d5bdb7da1ec534bd29701bbfdbc259759cbc50ce9616eedfc5cc5d48636d05a7

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Mon, 03 Aug 2020 14:37:37 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 2767082
edge-cache-tag: 567918879647455938658868542966647247628,321542333818713782252267784064847624608,29ecf9b93bbf306179626feeda1fab70
status: 200
expiration: expiry-date="Fri, 17 Jul 2020 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, MISS, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fdf33ee0e53d2559391622989cbc92a1.jpg
content-length: 55881
x-served-by: cache-dca17780-DCA, cache-dca17726-DCA, cache-fra19134-FRA
last-modified: Tue, 16 Jun 2020 18:28:46 GMT
server: cloudinary
x-timer: S1596465458.997580,VS0,VE0
etag: "957d52bbe6b71f1fd770af3a10de9990"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 2

GET
H2 200 f37de222325e39488a9009843f3a63a4.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//imghosts.com/t/2020-05/373073/ 17 KB
17 KB 29ms
28ms Image
image/jpeg 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//imghosts.com/t/2020-05/373073/f37de222325e39488a9009843f3a63a4.jpeg
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 10498af6ea08b4401b0e3c94f8795cfc55859c762614ab9c7e6a6d1021fa3fb6

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Mon, 03 Aug 2020 14:37:37 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 4866018
edge-cache-tag: 614692483731908167430796570158302108134,321542333818713782252267784064847624608,29ecf9b93bbf306179626feeda1fab70
status: 200, 200 OK
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//imghosts.com/t/2020-05/373073/f37de222325e39488a9009843f3a63a4.jpeg
content-length: 17353
x-request-id: d4893871f24805961489e06fadee165d
x-served-by: cache-dca17753-DCA, cache-dca17740-DCA, cache-fra19134-FRA
last-modified: Wed, 13 May 2020 08:35:09 GMT
server: cloudinary
x-timer: S1596465458.999365,VS0,VE0
etag: "8d61328632a9079e9db3d1248cc97ee9"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 143

GET
H2 200 a05bca3ec477ff1317f9e282b6c6b74e.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_445%2Cw_800%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 32 KB
32 KB 31ms
30ms Image
image/jpeg 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_445%2Cw_800%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a05bca3ec477ff1317f9e282b6c6b74e.jpg
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 9924de65dae7767c2d8ac914a04e01c80f21e0296ccc943b220aa559dc28c995

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 03 Aug 2020 14:37:38 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 2791480
edge-cache-tag: 376023566597610662212024876261279802473,593403765205910191011298921050050489110,29ecf9b93bbf306179626feeda1fab70
status: 200
expiration: expiry-date="Thu, 23 Apr 2020 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_445%2Cw_800%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a05bca3ec477ff1317f9e282b6c6b74e.jpg
content-length: 32417
x-served-by: cache-dca17752-DCA, cache-dca17723-DCA, cache-fra19134-FRA
last-modified: Mon, 23 Mar 2020 10:40:15 GMT
server: cloudinary
x-timer: S1596465458.002623,VS0,VE1
etag: "5ad77e7b2baa31207b1b82d68b548217"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1

GET
H2 200 633033fa63bc3002d8182fe221ed9a0c.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_445%2Cw_800%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 55 KB
55 KB 26ms
26ms Image
image/jpeg 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_445%2Cw_800%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/633033fa63bc3002d8182fe221ed9a0c.jpg
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 4e058533c50c48b051e0e92b9cde871229291c44f7de01a45932bd1a9fa660d4

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Mon, 03 Aug 2020 14:37:38 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 1152550
edge-cache-tag: 478536035843206084280766017951505981711,593403765205910191011298921050050489110,29ecf9b93bbf306179626feeda1fab70
status: 200
expiration: expiry-date="Sun, 16 Aug 2020 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: HIT, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_445%2Cw_800%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/633033fa63bc3002d8182fe221ed9a0c.jpg
content-length: 55955
x-served-by: cache-dca17741-DCA, cache-dca17739-DCA, cache-fra19134-FRA
last-modified: Thu, 16 Jul 2020 07:22:26 GMT
server: cloudinary
x-timer: S1596465458.002587,VS0,VE0
etag: "0183eb31a97c65d3ebd8cc8702bf8e3a"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 4

GET
H2 200 ab0735b3-a418-4e65-82d8-d55cf27f8ea8.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//wlvvo.com/content/ 17 KB
18 KB 30ms
29ms Image
image/jpeg 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//wlvvo.com/content/ab0735b3-a418-4e65-82d8-d55cf27f8ea8.jpg
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 745f4b11e491de328e1088fb94e7c5f3e7ee943369af5e3364776de7a87e86f9

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Mon, 03 Aug 2020 14:37:38 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 2239325
edge-cache-tag: 543613443482621803305007297850702500036,321542333818713782252267784064847624608,29ecf9b93bbf306179626feeda1fab70
status: 200, 200 OK
x-cache: MISS, MISS, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//wlvvo.com/content/ab0735b3-a418-4e65-82d8-d55cf27f8ea8.jpg
content-length: 17594
x-request-id: 6ba2d223a445592bc8dcdb719f96dd32
x-served-by: cache-dca17754-DCA, cache-dca17758-DCA, cache-fra19134-FRA
last-modified: Tue, 23 Jun 2020 16:10:53 GMT
server: cloudinary
x-timer: S1596465458.005639,VS0,VE0
etag: "a092bd2b6b6d82c94af7c5cf3e21dcb7"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 3

GET
H2 200 6d8c3761710bfeeee163b165eaf0338c.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 19 KB
19 KB 27ms
26ms Image
image/jpeg 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6d8c3761710bfeeee163b165eaf0338c.jpg
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 1c5fc6075edb20483422f165da4de1b91338d187cc65b6f66afed3f0eb9684cf

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Mon, 03 Aug 2020 14:37:38 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 1140779
edge-cache-tag: 383281224013294058633167991409811036487,321542333818713782252267784064847624608,29ecf9b93bbf306179626feeda1fab70
status: 200
expiration: expiry-date="Tue, 18 Aug 2020 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6d8c3761710bfeeee163b165eaf0338c.jpg
content-length: 19221
x-served-by: cache-dca17745-DCA, cache-dca17771-DCA, cache-fra19134-FRA
last-modified: Sat, 18 Jul 2020 09:02:59 GMT
server: cloudinary
x-timer: S1596465458.027977,VS0,VE0
etag: "8561a9211c8b44b4049413ca8a823db9"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 4

GET
H2 200 0dd2c95272b917cee80d1cd8f9b820e6.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 46 KB
46 KB 28ms
27ms Image
image/jpeg 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0dd2c95272b917cee80d1cd8f9b820e6.jpg
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 14e374776a27e3fe5d16e10041c4028fb3cb216e622a0fcfce35b196e8d7647c

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Mon, 03 Aug 2020 14:37:38 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 4839789
edge-cache-tag: 616336082642080667731097600411816074911,321542333818713782252267784064847624608,29ecf9b93bbf306179626feeda1fab70
status: 200, 200 OK
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/0dd2c95272b917cee80d1cd8f9b820e6.jpg
content-length: 46900
x-request-id: 13a150f9e5251eb6e3cb875d9c00f9ae
x-served-by: cache-dca17777-DCA, cache-dca17723-DCA, cache-fra19134-FRA
last-modified: Sat, 06 Jun 2020 08:48:30 GMT
server: cloudinary
x-timer: S1596465458.027957,VS0,VE0
etag: "695c3c80281104c1880b916e9675e3fa"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 2

GET
H2 200 a168495099cd142f76722a8b37160660.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_445%2Cw_800%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 50 KB
51 KB 29ms
28ms Image
image/jpeg 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_445%2Cw_800%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a168495099cd142f76722a8b37160660.jpg
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 766b5a644b14c4ba0728186856569abab6071a413bda610fff5a87bb4e7e4218

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 03 Aug 2020 14:37:38 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 328412
edge-cache-tag: 465807714184284168177757584516980513969,593403765205910191011298921050050489110,29ecf9b93bbf306179626feeda1fab70
status: 200
expiration: expiry-date="Tue, 04 Aug 2020 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_445%2Cw_800%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/a168495099cd142f76722a8b37160660.jpg
content-length: 51588
x-served-by: cache-dca17775-DCA, cache-dca17758-DCA, cache-fra19134-FRA
last-modified: Sat, 04 Jul 2020 23:19:38 GMT
server: cloudinary
x-timer: S1596465458.029700,VS0,VE1
etag: "9d5d544d14cf6cb78b0ef8523250d8b3"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1

GET
H2 200 90d53f90e056a4b0bed7f89dfd6df2a9.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_445%2Cw_800%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 20 KB
20 KB 27ms
26ms Image
image/jpeg 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_445%2Cw_800%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/90d53f90e056a4b0bed7f89dfd6df2a9.jpg
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: d46e24bc27d15994c2a1f38565953996bcd518d5d3b3f1501b3cb4b58e3626ef

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Mon, 03 Aug 2020 14:37:38 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 1738829
edge-cache-tag: 486235546211518425476818729151596603062,593403765205910191011298921050050489110,29ecf9b93bbf306179626feeda1fab70
status: 200, 200 OK
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_445%2Cw_800%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/90d53f90e056a4b0bed7f89dfd6df2a9.jpg
content-length: 20406
x-request-id: a4525dc53dca643b86ac665250a9bf49
x-served-by: cache-dca17730-DCA, cache-dca17738-DCA, cache-fra19134-FRA
last-modified: Mon, 13 Jul 2020 15:52:52 GMT
server: cloudinary
x-timer: S1596465458.032231,VS0,VE0
etag: "f7529bc7a5d7bf7d02420c24033e5d16"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 223

GET
H2 200 231241e2d20acf922b953be4a01e7f1a.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 30 KB
31 KB 27ms
26ms Image
image/jpeg 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/231241e2d20acf922b953be4a01e7f1a.jpg
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: c2c402361bd7cb9fc369974c8ebd8c1ee61be5006f0d0bb84b40d7fb3cff8a29

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 03 Aug 2020 14:37:38 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 335102
edge-cache-tag: 344503288521412964304113821508369649219,321542333818713782252267784064847624608,29ecf9b93bbf306179626feeda1fab70
status: 200
expiration: expiry-date="Sun, 03 May 2020 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, MISS, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/231241e2d20acf922b953be4a01e7f1a.jpg
content-length: 31056
x-served-by: cache-dca17760-DCA, cache-dca17773-DCA, cache-fra19134-FRA
last-modified: Thu, 02 Apr 2020 13:05:15 GMT
server: cloudinary
x-timer: S1596465458.036394,VS0,VE1
etag: "df1474c38d7f43eaebe806a18a93fd11"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1

GET
H2 200 8b50c3c0152c4b476d103af9e71474aa.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 20 KB
20 KB 28ms
27ms Image
image/jpeg 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8b50c3c0152c4b476d103af9e71474aa.jpg
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 5108ccd81bd97893d37ce90a21fe218bb3fdce67ee6e8a0616323b34ab2ee7a1

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Mon, 03 Aug 2020 14:37:38 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 4554983
edge-cache-tag: 345583881559944400513528656514472782951,321542333818713782252267784064847624608,29ecf9b93bbf306179626feeda1fab70
status: 200
expiration: expiry-date="Sun, 12 Jul 2020 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/8b50c3c0152c4b476d103af9e71474aa.jpg
content-length: 20345
x-served-by: cache-dca17737-DCA, cache-dca17737-DCA, cache-fra19134-FRA
last-modified: Thu, 11 Jun 2020 17:12:30 GMT
server: cloudinary
x-timer: S1596465458.036363,VS0,VE1
etag: "54384f634d3d104905a438161256df0f"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 70, 1

GET
H2 200 V_EN_600x500_Viva_2018-0417_02_Grass-Army-vs-Army_Zaic%26IMG%3D16CS.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gallery-pl.go-game.io/uploads/2018/04/ 83 KB
84 KB 27ms
27ms Image
image/jpeg 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gallery-pl.go-game.io/uploads/2018/04/V_EN_600x500_Viva_2018-0417_02_Grass-Army-vs-Army_Zaic%26IMG%3D16CS.jpg
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: a09a8573d1a6a838bac438cf3f9181088247dc9b7eca5cc47ab368f001d5cebf

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Mon, 03 Aug 2020 14:37:38 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 211342
edge-cache-tag: 479427817952018161751025177961281881551,321542333818713782252267784064847624608,29ecf9b93bbf306179626feeda1fab70
status: 200
expiration: expiry-date="Sun, 23 Aug 2020 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_278%2Cw_500%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//gallery-pl.go-game.io/uploads/2018/04/V_EN_600x500_Viva_2018-0417_02_Grass-Army-vs-Army_Zaic%26IMG%3D16CS.jpg
content-length: 85235
x-served-by: cache-dca17766-DCA, cache-dca17773-DCA, cache-fra19134-FRA
last-modified: Thu, 23 Jul 2020 06:06:38 GMT
server: cloudinary
x-timer: S1596465458.056501,VS0,VE0
etag: "597ce108f82e3159872be37ddbc28b02"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 2

GET
H2 200 t_9349d200f2d745129e1c08843a549c1b_name_iNSLEE.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_445%2Cw_800%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.kiro7.com/resizer/K5vqkaeapTnXN8XGSMueoRAKwHE%3D/1200x628/d1hfln2sfez66z.clou... 64 KB
64 KB 26ms
26ms Image
image/jpeg 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_445%2Cw_800%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.kiro7.com/resizer/K5vqkaeapTnXN8XGSMueoRAKwHE%3D/1200x628/d1hfln2sfez66z.cloudfront.net/07-24-2020/t_9349d200f2d745129e1c08843a549c1b_name_iNSLEE.jpg
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: cloudinary /
Resource Hash: 4749f95d6ba82bfeefaf03591643f873461c42ad2e0e973b21ace71c41bbfc81

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Mon, 03 Aug 2020 14:37:38 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
age: 869252
edge-cache-tag: 596482821880013192175916407143236899484,593403765205910191011298921050050489110,29ecf9b93bbf306179626feeda1fab70
status: 200, 200 OK
x-cache: MISS, HIT, HIT
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_445%2Cw_800%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//www.kiro7.com/resizer/K5vqkaeapTnXN8XGSMueoRAKwHE%3D/1200x628/d1hfln2sfez66z.cloudfront.net/07-24-2020/t_9349d200f2d745129e1c08843a549c1b_name_iNSLEE.jpg
content-length: 65334
x-request-id: f0f8bd13f161abf23c970e5e467082b7
x-served-by: cache-dca17727-DCA, cache-dca17740-DCA, cache-fra19134-FRA
last-modified: Fri, 24 Jul 2020 13:10:06 GMT
server: cloudinary
x-timer: S1596465458.056492,VS0,VE0
etag: "c4a73ba7778acbaf9b234583958810b9"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=7776000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 586

GET
H2 200 UnitFeedManagerDesktop.min.js Show response
vidstat.taboola.com/lite-unit/2.1.3/ 88 KB
26 KB 29ms
26ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/lite-unit/2.1.3/UnitFeedManagerDesktop.min.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20200801-2-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 79cf058fe61429a23dd4fe831fb68769c6bff837fee81b7015a6278622ece51e

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 14:37:38 GMT
via: 1.1 25c6baf0a31a5ef699c1e219b25ce7b9.cloudfront.net (CloudFront), 1.1 varnish
age: 451908
x-cache: Miss from cloudfront, HIT
status: 200
content-encoding: gzip
content-length: 25922
x-served-by: cache-fra19134-FRA
last-modified: Wed, 29 Jul 2020 08:25:47 GMT
server: AmazonS3
x-timer: S1596465458.062258,VS0,VE0
etag: "87fa3394791a9ba7833f9b770eabf0f0"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: 0hPwA7pEx3T0d2n-Y17_o2itXu1t7q2upSEiO0xmbpU3QB9ebOOJWQ==
x-cache-hits: 47694

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 254 B
732 B 24ms
24ms Image
image/png 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072701.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
via: 1.1 varnish
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
age: 9745
x-cache: HIT
status: 200
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: Vjnfq2okxpLEG/cBVxSfv3DOOCGN7KTpixt29L7DwUhoZL6eRlgDSODZqhfatrYL58q01gaLKf4=
x-served-by: cache-fra19134-FRA
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1596465458.036950,VS0,VE0
date: Mon, 03 Aug 2020 14:37:38 GMT
x-amz-request-id: F6D91014AAA6CDC4
cache-control: private,max-age=31536000
accept-ranges: bytes
content-type: image/png
abp: 71
x-cache-hits: 11784

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 20 KB
6 KB 651ms
350ms XHR
text/plain 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2926558707364091&correlator=2036054493030866&output=ldjh&impl=fifs&adsid=NT&eid=21066095%2C21065725%2C21066533%2C21065728&vrg=2020072701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200803&iu_parts=12523293%2CSeattle_TV%2Ckiro_web_default%2Cnews%2Cjesse_jones&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=970x90%7C728x90&prev_scp=ad_slot%3DHP01%26position%3D%255Bobject%2520Object%255D%26pt%3Da%26cid%3DWXYQ2IBHV45AXZSL3LOLK4ZUQM%26category%3Dnews%26breakpoint%3D992px%26type_name%3Dstory%26topics%3Dcoronavirus%252C%2520cybercrime%252C%2520fraud%252C%2520government-waste%252C%2520jesses-story-of-the-day%252C%2520JesseJones%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=weather%3D28%26temp_range%3D60%2520to%252064%26sky%3DMostly%2520Cloudy%26obj_id%3Dkiro%252FWXYQ2IBHV45AXZSL3LOLK4ZUQM%26type_name%3Dstory&cookie=ID%3D57ea8b130617931e%3AT%3D1596465456%3AS%3DALNI_MZiQQJcsgDICKQXZM1a9I9H-NvLnQ&bc=31&abxe=1&lmt=1596465458&dt=1596465458027&dlt=1596465455411&idt=1071&frm=20&biw=1600&bih=1200&oid=3&adxs=315&adys=107&adks=904183767&ucis=4&ifi=4&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F&dssz=67&icsg=4183474438159&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x114&msz=970x90&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H_wPTLd5hj8JoRRA0ZuszV8Rk6bV5Rqj138ZG7iVfaCz1m_snygtU5r1k8PZL0AjPt0gbFkfIVqNsot012cqNBaeqZlOH6K%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=610470161.1596465456&ga_sid=1596465457&ga_hid=810983457&fws=0&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

c6f8b9c3089e1462473b0344b095a0b242e10ef4e8a70efa4015c867c65ece82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 14:37:38 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5719
x-xss-protection: 0
google-lineitem-id: 5345428960
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138316827130
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.kiro7.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 338 B
224 B 1061ms
780ms XHR
text/plain 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2926558707364091&correlator=2036054493030866&output=ldjh&impl=fifs&adsid=NT&eid=21066095%2C21065725%2C21066533%2C21065728&vrg=2020072701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200803&iu_parts=12523293%2CSeattle_TV%2Ckiro_web_default%2Cnews%2Cjesse_jones&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=300x250&prev_scp=ad_slot%3DRP04%26position%3D%255Bobject%2520Object%255D%26breakpoint%3D992px%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=weather%3D28%26temp_range%3D60%2520to%252064%26sky%3DMostly%2520Cloudy%26obj_id%3Dkiro%252FWXYQ2IBHV45AXZSL3LOLK4ZUQM%26type_name%3Dstory&cookie=ID%3D57ea8b130617931e%3AT%3D1596465456%3AS%3DALNI_MZiQQJcsgDICKQXZM1a9I9H-NvLnQ&bc=31&abxe=1&lmt=1596465458&dt=1596465458047&dlt=1596465455411&idt=1071&frm=20&biw=1600&bih=1200&oid=3&adxs=430&adys=1243&adks=4275138087&ucis=5&ifi=5&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F&dssz=67&icsg=4183474438159&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x250&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H_wPTLd5hj8JoRRA0ZuszV8Rk6bV5Rqj138ZG7iVfaCz1m_snygtU5r1k8PZL0AjPt0gbFkfIVqNsot012cqNBaeqZlOH6K%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=610470161.1596465456&ga_sid=1596465457&ga_hid=810983457&fws=0&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

5248473fe39fc26c6daafdbef959b193dd0e85f32beff8d71e24af8de43c0b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 14:37:39 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 149
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.kiro7.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 338 B
232 B 828ms
556ms XHR
text/plain 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2926558707364091&correlator=2036054493030866&output=ldjh&impl=fifs&adsid=NT&eid=21066095%2C21065725%2C21066533%2C21065728&vrg=2020072701&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20200803&iu_parts=12523293%2CSeattle_TV%2Ckiro_web_default%2Cnews%2Cjesse_jones&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=300x250%7C300x600&prev_scp=ad_slot%3DRP01%26position%3D%255Bobject%2520Object%255D%26pt%3Da%26cid%3DWXYQ2IBHV45AXZSL3LOLK4ZUQM%26category%3Dnews%26breakpoint%3D992px%26type_name%3Dstory%26topics%3Dcoronavirus%252C%2520cybercrime%252C%2520fraud%252C%2520government-waste%252C%2520jesses-story-of-the-day%252C%2520JesseJones%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=weather%3D28%26temp_range%3D60%2520to%252064%26sky%3DMostly%2520Cloudy%26obj_id%3Dkiro%252FWXYQ2IBHV45AXZSL3LOLK4ZUQM%26type_name%3Dstory&cookie=ID%3D57ea8b130617931e%3AT%3D1596465456%3AS%3DALNI_MZiQQJcsgDICKQXZM1a9I9H-NvLnQ&bc=31&abxe=1&lmt=1596465458&dt=1596465458056&dlt=1596465455411&idt=1071&frm=20&biw=1600&bih=1200&oid=3&adxs=1085&adys=283&adks=614848598&ucis=6&ifi=6&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F&dssz=67&icsg=4183474438159&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=409x250&msz=300x250&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H_wPTLd5hj8JoRRA0ZuszV8Rk6bV5Rqj138ZG7iVfaCz1m_snygtU5r1k8PZL0AjPt0gbFkfIVqNsot012cqNBaeqZlOH6K%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=610470161.1596465456&ga_sid=1596465457&ga_hid=810983457&fws=0&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

854a8fe51d28727c66b6c669749470ee004e287c23a7f29c7085e7619d5c8b16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 14:37:38 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 150
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.kiro7.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 6BB8 42 B
773 B 51ms
40ms Image
image/gif 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstI17APbAZw56Lp2Po5O50v3GA4555piyu7c6wGrtQV2sBKyF4gRB9fiptwwTaMy0a6kTq5kJr9z_ENld4jApaWTwE3kg62jquGt2PrEuI&sig=Cg0ArKJSzNn-82P1NamQEAE&adk=4275136746&tt=-1&bs=1600%2C1200&mtos=1065,1065,1065,1065,1065&tos=1065,0,0,0,0&p=875,1085,1125,1385&mcvt=1065&rs=0&ht=0&tfs=9&tls=1075&mc=1&lte=1&bas=0&bac=0&met=mue&avms=nio&exg=1&md=2&btr=0&cpmav=0&lm=2&rst=1596465456979&dlt&rpt=188&isd=0&msd=0&ext&xdi=0&ps=1600%2C6239&ss=1600%2C1200&pt=-1&bin=4&deb=1-0-0-10-7-9-9-0-0-0&tvt=1069&is=300%2C250&iframe_loc=https%3A%2F%2Fwww.kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F&r=v&id=osdim&vs=4&uc=10&upc=0&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=300x250&itpl=3&v=20200731

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Aug 2020 14:37:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 5c69bc07-70d4-410b-9795-09e10e53fa8f.js Show response
d2s8wlbatk24s7.cloudfront.net/service/js/ Frame 6BB8 41 KB
14 KB 36ms
9ms XHR
application/javascript 2600:9000:2057:9000:d:77c3:2dc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2s8wlbatk24s7.cloudfront.net/service/js/5c69bc07-70d4-410b-9795-09e10e53fa8f.js
Requested by: Host: includemodal.global.ssl.fastly.net
URL: https://includemodal.global.ssl.fastly.net/pw.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2057:9000:d:77c3:2dc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: f2df53bc079789db6b2b39dcba23a22c89211ddef35cd8a8919bac79d39f8579

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 12:28:12 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 7766
x-cache: Hit from cloudfront
status: 200
access-control-allow-origin: *
server: nginx/1.10.3 (Ubuntu)
access-control-max-age: 14400
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/javascript
via: 1.1 92ab13182d4b89ed20b3b5c10adc4f23.cloudfront.net (CloudFront)
cache-control: public, max-age=14400
x-amz-cf-pop: FRA6-C1
access-control-allow-headers: *
x-amz-cf-id: tdU91_MbIF-LwNQ73N7gOs8y6K7T6iyNCKmNdcoDLxlHyph12nM0YQ==

GET
H2 200 /
includemodal.com/service/imp/5c69bc07-70d4-410b-9795-09e10e53fa8f/ Frame 6BB8 42 B
132 B 1424ms
139ms Image
image/gif 3.128.54.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://includemodal.com/service/imp/5c69bc07-70d4-410b-9795-09e10e53fa8f/?rand=8363470&referer=https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.128.54.90 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Mon, 03 Aug 2020 14:37:39 GMT
server: nginx/1.10.3 (Ubuntu)
content-length: 42
content-type: image/gif

GET
H2 200 sync
am-match.taboola.com/ Frame 727C 0
0 383ms
35ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V7CYECFgP6xkUF09cpaQT6xkUF09cpaQUAAAAGBvQHGkXYDJeTyWIxWA5Wm91ushoud5PVbLcYwkYRNsPlZLJYDJaD1Wa3WyxWm-FusJstJ1NYMZbLZFALJCyz33dQUE5Pj9llEBVdb4vd4TR7Dmo1w_IxGiSDxW4Ne2g6HT7XvV7rtPx9c43f7Ze6PJ-XW-q3uzx_od_3Fjo8Xpfl81ZYXm7N6eUwO-0-t9B1N1leJs9bb3OrnWaz02_3vPU2t8hvNjssn7fM8ne7dQ_P0Wn3mf52t-ruchvOfufbZTe9Nc_P6eX2ywEAAADgAUAJcxviBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAOAgGtLA-CZY2EdTs_L8nD9PKd_AAA8FIAAAAwokAAI_NWUAHhQLJ0AAAAAAAAAALD8____xwDkXafIAGRoBfUAPPgAPBAVVBYxAgAAAMjlfF07mtQJlUUVAABBuhXAFQBAwBxt8GpEGAAAgMDYAj0sfr_ZYdf43S4DAAAAAAAAADD7P_tHE_JBsU8DulfoUfsFBABY-wUEAGBTNwCANwG4oCNoxWCwOgLaDCazAwAAALj7____1wOJ3XA52K1mm41jObMZV77RxrdceTyblWs0m80m3iNEEDVvM_5k72sRltnvOygop6fH7DKIiq63xe5wmj0HtZph-RgNksFiNxAfNAzLySCY34QtRqvJZLMczpaLyWA4Go5G-xPAzQAnaDgcLHaDxW6xGE4Wk9FgOVigQAwmOCHD0WayGu1Wu8lyOBmNZpvJBilatZqNNoPhajaZ7Xar4WC4HI2QojWL2WSymI2Wu81gORkNhpPhEGHENFtuhpuNWzYx2dyi4WayFk5ss7XEsjAOVsuNyTYyrEWvj-k2WSxsE8cWBQP29iK4SCcav_GtdVr-btHtIpZoThbpRHbZN3bD5WC3mm02juXMZlz5RhvfcuXxbFau0Ww2m_grptlyM9xs3LKJyeYWDTeTtXBim60lloVxsFpuTLaRYS16fUy3yWJhmzj2jdVyNpqtRqvdvrFazkaz1Wi123foDN_V52yUpg22jk-1FB0P35jpoHAZLN6X-nQeFowF6-9zdAolimVRZ_T7_X6_3-_3-_1-g9ZzMBsUvmnxcHwtXtLZLeVdxBLB6SKdiF7G00UskTwt0olkMXJ4bKbRbrdc7iaj2Wq1cZhcy-XMY1iMdpvdRCxRmi7SiV7q8nxebqnf7vL8hX7fW-jweF2Wz1thebk1p5fD7LT73ELX3WR5mTxvvc2tdprNTr_d89bb3CK_2eywfN4yy9_t1j08R6fdZ_rb3aq7y204-51vl9301jw_p5fbov7jQwxXc8VqNlfsVnPFYLdKAAAAAAAAAABLmDJvAgAAAHAaxGwz2-yWC_CAGKYLDAIAAAAAALBLbDJdknq3VF7c-PHC-I1vrdPyd4tuZ97smSDWarWsAQAABLABAAACuHXzFhAWAQ!&excid=22&docw=0&cijs=1&nlb=true
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/2.1.3/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

:method: GET
:authority: am-match.taboola.com
:scheme: https
:path: /sync?dast=V7CYECFgP6xkUF09cpaQT6xkUF09cpaQUAAAAGBvQHGkXYDJeTyWIxWA5Wm91ushoud5PVbLcYwkYRNsPlZLJYDJaD1Wa3WyxWm-FusJstJ1NYMZbLZFALJCyz33dQUE5Pj9llEBVdb4vd4TR7Dmo1w_IxGiSDxW4Ne2g6HT7XvV7rtPx9c43f7Ze6PJ-XW-q3uzx_od_3Fjo8Xpfl81ZYXm7N6eUwO-0-t9B1N1leJs9bb3OrnWaz02_3vPU2t8hvNjssn7fM8ne7dQ_P0Wn3mf52t-ruchvOfufbZTe9Nc_P6eX2ywEAAADgAUAJcxviBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAOAgGtLA-CZY2EdTs_L8nD9PKd_AAA8FIAAAAwokAAI_NWUAHhQLJ0AAAAAAAAAALD8____xwDkXafIAGRoBfUAPPgAPBAVVBYxAgAAAMjlfF07mtQJlUUVAABBuhXAFQBAwBxt8GpEGAAAgMDYAj0sfr_ZYdf43S4DAAAAAAAAADD7P_tHE_JBsU8DulfoUfsFBABY-wUEAGBTNwCANwG4oCNoxWCwOgLaDCazAwAAALj7____1wOJ3XA52K1mm41jObMZV77RxrdceTyblWs0m80m3iNEEDVvM_5k72sRltnvOygop6fH7DKIiq63xe5wmj0HtZph-RgNksFiNxAfNAzLySCY34QtRqvJZLMczpaLyWA4Go5G-xPAzQAnaDgcLHaDxW6xGE4Wk9FgOVigQAwmOCHD0WayGu1Wu8lyOBmNZpvJBilatZqNNoPhajaZ7Xar4WC4HI2QojWL2WSymI2Wu81gORkNhpPhEGHENFtuhpuNWzYx2dyi4WayFk5ss7XEsjAOVsuNyTYyrEWvj-k2WSxsE8cWBQP29iK4SCcav_GtdVr-btHtIpZoThbpRHbZN3bD5WC3mm02juXMZlz5RhvfcuXxbFau0Ww2m_grptlyM9xs3LKJyeYWDTeTtXBim60lloVxsFpuTLaRYS16fUy3yWJhmzj2jdVyNpqtRqvdvrFazkaz1Wi123foDN_V52yUpg22jk-1FB0P35jpoHAZLN6X-nQeFowF6-9zdAolimVRZ_T7_X6_3-_3-_1-g9ZzMBsUvmnxcHwtXtLZLeVdxBLB6SKdiF7G00UskTwt0olkMXJ4bKbRbrdc7iaj2Wq1cZhcy-XMY1iMdpvdRCxRmi7SiV7q8nxebqnf7vL8hX7fW-jweF2Wz1thebk1p5fD7LT73ELX3WR5mTxvvc2tdprNTr_d89bb3CK_2eywfN4yy9_t1j08R6fdZ_rb3aq7y204-51vl9301jw_p5fbov7jQwxXc8VqNlfsVnPFYLdKAAAAAAAAAABLmDJvAgAAAHAaxGwz2-yWC_CAGKYLDAIAAAAAALBLbDJdknq3VF7c-PHC-I1vrdPyd4tuZ97smSDWarWsAQAABLABAAACuHXzFhAWAQ!&excid=22&docw=0&cijs=1&nlb=true
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: t_gid=b469383c-6bdf-4832-8b66-b2a8059cd6d0-tuct621a6b1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Response headers

status: 200
server: nginx
date: Mon, 03 Aug 2020 14:37:38 GMT
content-type: text/html;charset=ISO-8859-1
machineid: 3404

GET
H2 200 st
am-vid-events.taboola.com/ 0
44 B 1388ms
35ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=7984937&crid=4888795&dast=V7CYECFgP6xkUF09cpaQT6xkUF09cpaQUAAAAGBvQHGkXYDJeTyWIxWA5Wm91ushoud5PVbLcYwkYRNsPlZLJYDJaD1Wa3WyxWm-FusJstJ1NYMZbLZFALJCyz33dQUE5Pj9llEBVdb4vd4TR7Dmo1w_IxGiSDxW4Ne2g6HT7XvV7rtPx9c43f7Ze6PJ-XW-q3uzx_od_3Fjo8Xpfl81ZYXm7N6eUwO-0-t9B1N1leJs9bb3OrnWaz02_3vPU2t8hvNjssn7fM8ne7dQ_P0Wn3mf52t-ruchvOfufbZTe9Nc_P6eX2ywEAAADgAUAJcxviBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAOAgGtLA-CZY2EdTs_L8nD9PKd_AAA8FIAAAAwokAAI_NWUAHhQLJ0AAAAAAAAAALD8____xwDkXafIAGRoBfUAPPgAPBAVVBYxAgAAAMjlfF07mtQJlUUVAABBuhXAFQBAwBxt8GpEGAAAgMDYAj0sfr_ZYdf43S4DAAAAAAAAADD7P_tHE_JBsU8DulfoUfsFBABY-wUEAGBTNwCANwG4oCNoxWCwOgLaDCazAwAAALj7____1wOJ3XA52K1mm41jObMZV77RxrdceTyblWs0m80m3iNEEDVvM_5k72sRltnvOygop6fH7DKIiq63xe5wmj0HtZph-RgNksFiNxAfNAzLySCY34QtRqvJZLMczpaLyWA4Go5G-xPAzQAnaDgcLHaDxW6xGE4Wk9FgOVigQAwmOCHD0WayGu1Wu8lyOBmNZpvJBilatZqNNoPhajaZ7Xar4WC4HI2QojWL2WSymI2Wu81gORkNhpPhEGHENFtuhpuNWzYx2dyi4WayFk5ss7XEsjAOVsuNyTYyrEWvj-k2WSxsE8cWBQP29iK4SCcav_GtdVr-btHtIpZoThbpRHbZN3bD5WC3mm02juXMZlz5RhvfcuXxbFau0Ww2m_grptlyM9xs3LKJyeYWDTeTtXBim60lloVxsFpuTLaRYS16fUy3yWJhmzj2jdVyNpqtRqvdvrFazkaz1Wi123foDN_V52yUpg22jk-1FB0P35jpoHAZLN6X-nQeFowF6-9zdAolimVRZ_T7_X6_3-_3-_1-g9ZzMBsUvmnxcHwtXtLZLeVdxBLB6SKdiF7G00UskTwt0olkMXJ4bKbRbrdc7iaj2Wq1cZhcy-XMY1iMdpvdRCxRmi7SiV7q8nxebqnf7vL8hX7fW-jweF2Wz1thebk1p5fD7LT73ELX3WR5mTxvvc2tdprNTr_d89bb3CK_2eywfN4yy9_t1j08R6fdZ_rb3aq7y204-51vl9301jw_p5fbov7jQwxXc8VqNlfsVnPFYLdKAAAAAAAAAABLmDJvAgAAAHAaxGwz2-yWC_CAGKYLDAIAAAAAALBLbDJdknq3VF7c-PHC-I1vrdPyd4tuZ97smSDWarWsAQAABLABAAACuHXzFhAWAQ!&cmcv=&pix=31589837&cb=1596465458354&uv=28124&tms=1596465458354&abt=aat1_vB!expl_vZ!t45!ufm_vC&ft=0&su=2&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1596465454201.615!ts:1596465458354&mntl=1
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Mon, 03 Aug 2020 14:37:39 GMT
server: nginx
content-length: 0

GET
H2 200 st
imprammp.taboola.com/ 0
68 B 35ms
33ms Image
text/plain 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=7984937&crid=4888795&dast=V7CYECFgP6xkUF09cpaQT6xkUF09cpaQUAAAAGBvQHGkXYDJeTyWIxWA5Wm91ushoud5PVbLcYwkYRNsPlZLJYDJaD1Wa3WyxWm-FusJstJ1NYMZbLZFALJCyz33dQUE5Pj9llEBVdb4vd4TR7Dmo1w_IxGiSDxW4Ne2g6HT7XvV7rtPx9c43f7Ze6PJ-XW-q3uzx_od_3Fjo8Xpfl81ZYXm7N6eUwO-0-t9B1N1leJs9bb3OrnWaz02_3vPU2t8hvNjssn7fM8ne7dQ_P0Wn3mf52t-ruchvOfufbZTe9Nc_P6eX2ywEAAADgAUAJcxviBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAOAgGtLA-CZY2EdTs_L8nD9PKd_AAA8FIAAAAwokAAI_NWUAHhQLJ0AAAAAAAAAALD8____xwDkXafIAGRoBfUAPPgAPBAVVBYxAgAAAMjlfF07mtQJlUUVAABBuhXAFQBAwBxt8GpEGAAAgMDYAj0sfr_ZYdf43S4DAAAAAAAAADD7P_tHE_JBsU8DulfoUfsFBABY-wUEAGBTNwCANwG4oCNoxWCwOgLaDCazAwAAALj7____1wOJ3XA52K1mm41jObMZV77RxrdceTyblWs0m80m3iNEEDVvM_5k72sRltnvOygop6fH7DKIiq63xe5wmj0HtZph-RgNksFiNxAfNAzLySCY34QtRqvJZLMczpaLyWA4Go5G-xPAzQAnaDgcLHaDxW6xGE4Wk9FgOVigQAwmOCHD0WayGu1Wu8lyOBmNZpvJBilatZqNNoPhajaZ7Xar4WC4HI2QojWL2WSymI2Wu81gORkNhpPhEGHENFtuhpuNWzYx2dyi4WayFk5ss7XEsjAOVsuNyTYyrEWvj-k2WSxsE8cWBQP29iK4SCcav_GtdVr-btHtIpZoThbpRHbZN3bD5WC3mm02juXMZlz5RhvfcuXxbFau0Ww2m_grptlyM9xs3LKJyeYWDTeTtXBim60lloVxsFpuTLaRYS16fUy3yWJhmzj2jdVyNpqtRqvdvrFazkaz1Wi123foDN_V52yUpg22jk-1FB0P35jpoHAZLN6X-nQeFowF6-9zdAolimVRZ_T7_X6_3-_3-_1-g9ZzMBsUvmnxcHwtXtLZLeVdxBLB6SKdiF7G00UskTwt0olkMXJ4bKbRbrdc7iaj2Wq1cZhcy-XMY1iMdpvdRCxRmi7SiV7q8nxebqnf7vL8hX7fW-jweF2Wz1thebk1p5fD7LT73ELX3WR5mTxvvc2tdprNTr_d89bb3CK_2eywfN4yy9_t1j08R6fdZ_rb3aq7y204-51vl9301jw_p5fbov7jQwxXc8VqNlfsVnPFYLdKAAAAAAAAAABLmDJvAgAAAHAaxGwz2-yWC_CAGKYLDAIAAAAAALBLbDJdknq3VF7c-PHC-I1vrdPyd4tuZ97smSDWarWsAQAABLABAAACuHXzFhAWAQ!&cmcv=&pix=undefined&cb=1596465458354&uv=28124&tms=1596465458354&abt=aat1_vB!expl_vZ!t45!ufm_vC&ft=0&su=2&unm=FEED_MANAGER&aure=false&agl=1&cirid=E0389221109053772589725671&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=false
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 14:37:38 GMT
via: 1.1 varnish
server: nginx
x-timer: S1596465458.376987,VS0,VE9
x-cache: MISS
status: 200
x-cache-hits: 0
accept-ranges: bytes
content-length: 0
x-served-by: cache-fra19134-FRA

GET
H/1.1 200
OK pw.js Show response
includemodal.global.ssl.fastly.net/ Frame 6973 85 KB
28 KB 24ms
24ms Script
application/javascript 151.101.113.194
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://includemodal.global.ssl.fastly.net/pw.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072701.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.194 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a573a447abaae8b55fc53b84dcb7c0be93c1ab5a6226384c3b35787f0ccddce7

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 03 Aug 2020 14:37:38 GMT
Content-Encoding: gzip
Age: 1660
X-Cache: HIT
Connection: keep-alive
Content-Length: 28495
x-amz-id-2: M00sLYEgBDGeNRsN7mO13funyKtcbJzM0UhebN6c/F4pyP4gZTQtgAh8mQSXrh99379MfgVmI24=
X-Served-By: cache-hhn4068-HHN
Last-Modified: Sun, 02 Aug 2020 04:09:08 GMT
Server: AmazonS3
X-Timer: S1596465459.707217,VS0,VE0
ETag: "3b455f48d4685253b866815981a7ef7e"
Vary: Accept-Encoding
x-amz-request-id: B08C120AE6E48B44
Via: 1.1 varnish
Accept-Ranges: bytes
Content-Type: application/javascript
X-Cache-Hits: 57

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6973 0
0 66ms
60ms Fetch
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvCHdv94boUp860hBLQPSvZdLdJpWV_Rqp7z-rU5ZVJwiWj4fThH__BDaqu8smjnsuMRDNe_uvZH-gC9dFaTrozc15Ype2AmZ2vUh5F2cCMOfFBNPYagjkybbIlkREyO8t9boEIqro_D1Whb5OEgEGY2moVe_M3Fu6BpufhOYd64XqtMJyZ9L_1gNPwJlzhRoQuD92-8o0UwfoVWI9Kgf3IwMZ_vph5z8nYpi4Pz0EoiVo2qMeJgO8aj9Z0gF7leN_75dCmQBjtV-vh1pqp3fGm5llzc4ixgOfUhUTV1Zw0zGo&sig=Cg0ArKJSzAt2-a46-dHCEAE&adurl=

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 03 Aug 2020 14:37:38 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20200729/r20110914/client/ Frame 6973 2 KB
1 KB 24ms
7ms Script
text/javascript 2a00:1450:4001:819::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20200729/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

57514090aa4e30755dfb478a8e596474b2c1dcb0c4258a6a2b324853d73840e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 29 Jul 2020 15:51:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 427564
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 8966445102869121928
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 Aug 2020 15:51:34 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6973 73 KB
28 KB 32ms
15ms Script
text/javascript 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a144a0ddb054805ab87d8603010836d660aa41bef7a38d962781cd3af6c4e864

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 14:37:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1596194598985842"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28389
x-xss-protection: 0
expires: Mon, 03 Aug 2020 14:37:38 GMT

GET
H2 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20200729/r20110914/client/ Frame 6973 20 KB
9 KB 22ms
6ms Script
text/javascript 2a00:1450:4001:819::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20200729/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ac81845bd64dfcbf434dc4e697130c045d294b75d4335d989239c0cab1719cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 29 Jul 2020 15:51:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 427564
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8639
x-xss-protection: 0
server: cafe
etag: 17029868841816248738
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 Aug 2020 15:51:34 GMT

GET
H2 200 1684444555908820919
tpc.googlesyndication.com/simgad/ Frame 6973 44 KB
44 KB 23ms
7ms Image
image/jpeg 2a00:1450:4001:819::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1684444555908820919

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca7df3a16649aa4c0a68e44c8256882465a546a30fcc50f45229778d66b59b5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 23 Jul 2020 00:23:50 GMT
x-content-type-options: nosniff
age: 1001628
x-dns-prefetch-control: off
status: 200
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45154
x-xss-protection: 0
last-modified: Tue, 07 Jul 2020 23:59:42 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 23 Jul 2021 00:23:50 GMT

GET
H/1.1 200
OK c=E5NS_f=spot_si=1407_s=728x90_lid=5345428960 Show response
pr.realvu.net/flip/2/ 1 KB
896 B 1398ms
123ms Script
application/javascript 52.45.140.238
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pr.realvu.net/flip/2/c=E5NS_f=spot_si=1407_s=728x90_lid=5345428960
Requested by: Host: pr.realvu.net
URL: https://pr.realvu.net/flip/2/c=E5NS_f=site_si=1407
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.140.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-140-238.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 0533256b047eccb48e0ea7bef7a32cb48afaf011c65b74e604dae529709f5747

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 03 Aug 2020 14:37:40 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=3600
Connection: keep-alive
Content-Length: 604
X-Proxy-Cache: BYPASS

GET
H2 200 /
includemodal.com/service/imp/5c69bc07-70d4-410b-9795-09e10e53fa8f/ Frame 6973 42 B
132 B 632ms
141ms Image
image/gif 3.128.54.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://includemodal.com/service/imp/5c69bc07-70d4-410b-9795-09e10e53fa8f/?rand=5831607&referer=https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.128.54.90 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
date: Mon, 03 Aug 2020 14:37:39 GMT
server: nginx/1.10.3 (Ubuntu)
content-length: 42
content-type: image/gif

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6973 0
54 B 63ms
63ms Image
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstCvOhBsOeKggQMmrYNQAke-Tsmv9_2I-S_byH_0-2IF0WDYHTUJpTVshk1Uuw3uoItRP5jNM58h5FbZWWbcJmWG381HSg6hF7cYzSfF68mMJ7oUFHZhLFeFfeBDY7metb7gx9bfU1XOB5zilN2nDFBKQfU_SKn2zXX5N8GGwm3b3jIfM4arTIIlRFCBxKXN_2lE3ryQRKBo9ANapAPTLScMDDpnuL-U0IiClqnsYzyHSjst8MkhyXWEQUDTy6kDU7KtXOojW1f5EAEfssv9ltIrNm3A_3iQIoN7ZQ_QsY62BkzGA&sig=Cg0ArKJSzCSbhuy2OgWWEAE&adurl=

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 03 Aug 2020 14:37:38 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 6973 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4780a9eb5233f4e1110fd7d9fb439ceab6f5ef7fb480f9ca3068ef7220332c31

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK c=E5NS_f=spot_si=1407_s=300x250_lid=null Show response
pr.realvu.net/flip/2/ 1 KB
889 B 1300ms
125ms Script
application/javascript 52.45.140.238
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pr.realvu.net/flip/2/c=E5NS_f=spot_si=1407_s=300x250_lid=null
Requested by: Host: pr.realvu.net
URL: https://pr.realvu.net/flip/2/c=E5NS_f=site_si=1407
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.140.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-140-238.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 77eff823bfb895038c13cee3cda8bb2535aac178145763f9e21156d7072b18e5

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 03 Aug 2020 14:37:40 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=3600
Connection: keep-alive
Content-Length: 597
X-Proxy-Cache: BYPASS

POST
H2 204 bulk Show response
trc.taboola.com/cox-kiro-tv/log/3/ 0
386 B 53ms
52ms XHR
image/gif 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/cox-kiro-tv/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=6
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20200801-2-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 27
date: Mon, 03 Aug 2020 14:37:39 GMT
via: 1.1 varnish
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 204
x-served-by: cache-fra19134-FRA
pragma: no-cache
server: nginx
x-timer: S1596465459.993934,VS0,VE27
content-type: image/gif
access-control-allow-origin: https://www.kiro7.com
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H/1.1 200
OK dwce_cheq_events Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 461ms
116ms XHR
application/json 64.202.112.159
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1596465459478&sessionId=1dec4027-41d7-25c8-b25f-487ffeceeb6c&url=www.kiro7.com&cheqSource=1&cheqEvent=3&responseTime=3129
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.159 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 03 Aug 2020 14:37:39 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: b03541b8d0f7cd209be0ce43205a0eae
Content-Length: 4
Expires: 0

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 6973 42 B
107 B 39ms
39ms Image
image/gif 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssUWPlOqzbbBNn1tzvPbx3c93V4gzeVAqhHQbGbqF-RCwNvUy2limpFdh2135-zo_zfEh3p_idXNvG8nEpKimhZzTPOvOlNx_aa5DMDuGc&sig=Cg0ArKJSzDkCzlZ1tsuVEAE&adk=904183767&tt=-1&bs=1600%2C1200&mtos=1015,1015,1015,1015,1015&tos=1015,0,0,0,0&p=107,436,197,1164&mcvt=1015&rs=0&ht=0&tfs=5&tls=1020&mc=1&lte=1&bas=0&bac=0&met=mue&avms=nio&exg=1&md=2&btr=0&cpmav=0&lm=2&rst=1596465458695&dlt&rpt=238&isd=0&msd=0&ext&xdi=0&ps=1600%2C6579&ss=1600%2C1200&pt=-1&bin=4&deb=1-0-0-11-5-10-10-0-0-0&tvt=1017&is=728%2C90&iframe_loc=https%3A%2F%2Fwww.kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F&r=v&id=osdim&vs=4&uc=11&upc=1&tgt=DIV&cl=1&cec=1&wf=0&cac=1&cd=728x90&itpl=3&v=20200731

Requested by

Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Aug 2020 14:37:39 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK prebid3.23.js Show response
pr.realvu.net/ 197 KB
61 KB 226ms
225ms Script
application/javascript 52.45.140.238
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://pr.realvu.net/prebid3.23.js
Requested by: Host: pr.realvu.net
URL: https://pr.realvu.net/flip/2/c=E5NS_f=site_si=1407
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.140.238 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-45-140-238.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 7183c63341a2b365ecdb3ccc70ef4c95eae74e4bfaae7e8df6b809b9a5f007d2

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 03 Aug 2020 14:37:40 GMT
Content-Encoding: gzip
Last-Modified: Fri, 31 Jul 2020 15:53:08 GMT
Server: nginx
ETag: "5f243e64-f337"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=43200
Connection: keep-alive
Content-Length: 62263

POST adreq
ads.servenobid.com/ 0
0

POST translator
hbopenbid.pubmatic.com/ 0
0

GET cygnus
as-sec.casalemedia.com/ 0
0

POST v1
prg.smartadserver.com/prebid/ 0
0

GET
H2 200 pd
eu-u.openx.net/w/1.0/ Frame 7B5E 0
0 37ms
36ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=e31558e5-75b7-420e-989f-cbc513e3a26b&gdpr=0
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/pb/resources/scripts/prebid2.41.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.190.0 /
Resource Hash

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=6&ph=e31558e5-75b7-420e-989f-cbc513e3a26b&gdpr=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=bd124d54-c9e5-4f32-bb66-1a136050e7cf|1596465460
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Response headers

status: 200
vary: Accept, Accept-Encoding
set-cookie: i=bd124d54-c9e5-4f32-bb66-1a136050e7cf|1596465460; Version=1; Expires=Tue, 03-Aug-2021 14:37:41 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1596465461|gekin0vNiygu; Version=1; Expires=Tue, 18-Aug-2020 14:37:41 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.190.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Mon, 03 Aug 2020 14:37:41 GMT
content-type: text/html
content-length: 418
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H2 200 pd
eu-u.openx.net/w/1.0/ Frame 9D15 0
0 36ms
35ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=e31558e5-75b7-420e-989f-cbc513e3a26b&gdpr=0
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/pb/resources/scripts/prebid2.41.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.190.0 /
Resource Hash

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=6&ph=e31558e5-75b7-420e-989f-cbc513e3a26b&gdpr=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=bd124d54-c9e5-4f32-bb66-1a136050e7cf|1596465460
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Response headers

status: 200
vary: Accept, Accept-Encoding
set-cookie: i=bd124d54-c9e5-4f32-bb66-1a136050e7cf|1596465460; Version=1; Expires=Tue, 03-Aug-2021 14:37:41 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1596465461|gekin0vNiygu; Version=1; Expires=Tue, 18-Aug-2020 14:37:41 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.190.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Mon, 03 Aug 2020 14:37:41 GMT
content-type: text/html
content-length: 418
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H2 200 pd
eu-u.openx.net/w/1.0/ Frame 5D8F 0
0 36ms
35ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=e31558e5-75b7-420e-989f-cbc513e3a26b&gdpr=0
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/pb/resources/scripts/prebid2.41.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.190.0 /
Resource Hash

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=6&ph=e31558e5-75b7-420e-989f-cbc513e3a26b&gdpr=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=bd124d54-c9e5-4f32-bb66-1a136050e7cf|1596465460
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Response headers

status: 200
vary: Accept, Accept-Encoding
set-cookie: i=bd124d54-c9e5-4f32-bb66-1a136050e7cf|1596465460; Version=1; Expires=Tue, 03-Aug-2021 14:37:41 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1596465461|gekin0vNiygu; Version=1; Expires=Tue, 18-Aug-2020 14:37:41 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.190.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Mon, 03 Aug 2020 14:37:41 GMT
content-type: text/html
content-length: 418
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H2 200 pmk-202002191.24.js Show response
widget.perfectmarket.com/cox-network/ 111 KB
30 KB 24ms
24ms Script
application/javascript 151.101.113.181
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.perfectmarket.com/cox-network/pmk-202002191.24.js
Requested by: Host: widget.perfectmarket.com
URL: https://widget.perfectmarket.com/cox-network/load.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.181 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9c088796f9990e19374762ed19b3101f2ce74f08dcff8959c260f6a596adcbc9

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: ei3mj3MCMsmfeLhxEHizVjAML_x7dBYM
content-encoding: gzip
etag: "7c53f5a4bb6d69f0e058c85d17cbe74e"
age: 11944159
x-cache: HIT, HIT
status: 200
content-length: 30933
x-amz-id-2: 0tXChLZoXOLqzyrlHSKx+d7VFfo9mbexieUmSBxMcRB/Z0meSzHQNYqZGW+g0N42Owyd9u/tNzY=
x-served-by: cache-lax8651-LAX, cache-hhn4060-HHN
last-modified: Wed, 18 Mar 2020 08:48:22 GMT
server: AmazonS3
x-timer: S1596465464.388532,VS0,VE0
date: Mon, 03 Aug 2020 14:37:44 GMT
vary: Accept-Encoding,,
x-amz-request-id: 6A7CB9547A1656ED
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=31536000
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-cache-hits: 15411, 6

GET
H/1.1

204
No Content

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=7&c2=13739933&c3=20121515121&ns__t=1596465464389&ns_c=UTF-8&cv=3.5&c8=How%20hackers%20are%20stealing%20hundreds%20of%20millions%20of%20dollars%20from%20Washing...
https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1596465464389&ns_c=UTF-8&cv=3.5&c8=How%20hackers%20are%20stealing%20hundreds%20of%20millions%20of%20dollars%20from%20Washin...

0
528 B

37ms
37ms

Image
text/plain

23.37.53.17
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1596465464389&ns_c=UTF-8&cv=3.5&c8=How%20hackers%20are%20stealing%20hundreds%20of%20millions%20of%20dollars%20from%20Washington%E2%80%99s%20unemployment%20system&c7=https%3A%2F%2Fwww.kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F&c9=&cs_ak_ss=1
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.53.17 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-53-17.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 03 Aug 2020 14:37:44 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/b2?c1=7&c2=13739933&c3=20121515121&ns__t=1596465464389&ns_c=UTF-8&cv=3.5&c8=How%20hackers%20are%20stealing%20hundreds%20of%20millions%20of%20dollars%20from%20Washington%E2%80%99s%20unemployment%20system&c7=https%3A%2F%2Fwww.kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F&c9=&cs_ak_ss=1
Pragma: no-cache
Date: Mon, 03 Aug 2020 14:37:44 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 204 social
trc.taboola.com/cox-kiro-tv/log/3/ 0
204 B 34ms
33ms Image
image/gif 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/cox-kiro-tv/log/3/social?route=AM:AM:V&lti=deflated&ri=21dacf447799724655cad599fc014737&sd=v2_178907563c19ff8e74c79ec33e54666b_b469383c-6bdf-4832-8b66-b2a8059cd6d0-tuct621a6b1_1596465457_1596465457_CNawjgYQ4ZA-GOjRhqa7LiABKAEwKziy0A1AuogQSPDb2QNQ____________AVgAYABo4qaqkbKtl-Jw&ui=b469383c-6bdf-4832-8b66-b2a8059cd6d0-tuct621a6b1&pi=/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system&wi=-4312527434450252827&pt=text&vi=1596465457384&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fwww.kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22%22%2C%22hdl%22%3A%22How%20hackers%20are%20stealing%20hundreds%20of%20millions%20of%20dollars%20from%20Washington%E2%80%99s%20unemployment%20system%22%2C%22sec%22%3A%22%22%2C%22aut%22%3A%5B%5D%2C%22img%22%3A%22https%3A%2F%2Fcloudfront-us-east-1.images.arcpublishing.com%2Fcmg%2FDF7LUBGFVANPTYKOOV6SRGBSCM.jpg%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=16%3A37%3A44.442&id=4750&llvl=1&cv=20200801-2-RELEASE&
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Mon, 03 Aug 2020 14:37:44 GMT
via: 1.1 varnish
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
status: 204
x-served-by: cache-fra19134-FRA
pragma: no-cache
server: nginx
x-timer: S1596465464.459424,VS0,VE9
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H/1.1 200
OK showad.js
ads.pubmatic.com/AdServer/js/ Frame CB65 0
0 35ms
34ms Document
text/html 23.210.249.92
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: pr.realvu.net
URL: https://pr.realvu.net/prebid3.23.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.92 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-92.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KRTBCOOKIE_1101=23040-6856766948521998483; PugT=1596465462; PUBMDCID=3; KRTBCOOKIE_336=5844-1154198578937724094
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Response headers

Last-Modified: Sat, 01 Aug 2020 14:58:34 GMT
ETag: "13006b6-94fd-5abd223c2ac92"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 13837
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=156826
Expires: Wed, 05 Aug 2020 10:11:30 GMT
Date: Mon, 03 Aug 2020 14:37:44 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK ixmatch.html
js-sec.indexww.com/um/ Frame A559 0
0 29ms
29ms Document
text/html 23.210.249.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: pr.realvu.net
URL: https://pr.realvu.net/prebid3.23.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.164 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-164.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash

Request headers

Host: js-sec.indexww.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Response headers

Server: Apache
Last-Modified: Mon, 19 Jun 2017 19:18:19 GMT
ETag: "74087b-112-55254ff6699bb"
Accept-Ranges: bytes
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 211
Date: Mon, 03 Aug 2020 14:37:44 GMT
Connection: keep-alive

GET
H2 200 sync.html
public.servenobid.com/ Frame 1E8C 0
0 74ms
24ms Document
text/html 13.35.254.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://public.servenobid.com/sync.html
Requested by: Host: pr.realvu.net
URL: https://pr.realvu.net/prebid3.23.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.35.254.61 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-254-61.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

:method: GET
:authority: public.servenobid.com
:scheme: https
:path: /sync.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Response headers

status: 200
content-type: text/html
last-modified: Tue, 28 Jul 2020 16:59:16 GMT
server: AmazonS3
content-encoding: gzip
date: Mon, 03 Aug 2020 12:23:13 GMT
cache-control: max-age=86400
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: J41fJvXKsro0Ma7xc8NwjT4xyh_hm9VTCN5T5mn5wcvlb8RVmXCUZQ==
age: 8072

GET
H2 200 ping
ping.chartbeat.net/ 43 B
168 B 122ms
122ms Image
image/gif 52.44.69.185
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=kiro7.com&p=%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F&u=BfoPxGCrXbSADi3EZV&d=kiro7.com&g=31585&g0=news&g1=No%20Author&n=1&f=00001&c=0.25&x=0&m=0&y=6579&o=1600&w=1200&j=30&R=1&W=0&I=0&E=5&e=5&r=&b=2440&t=CktepoDVpG5PF3LPNk-mzuEAgHm&V=120&tz=-120&sn=2&sv=C_50eAB93v2JC2NK9iCVO_TzCoK0KB&sd=1&im=067b2ffa&_
Requested by: Host: www.kiro7.com
URL: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.44.69.185 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-44-69-185.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status: 200
pragma: no-cache
date: Mon, 03 Aug 2020 14:37:51 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

GET
H2 200 wxwidget.measurement.js Show response
widgets-green.media.weather.com/chunks/ 2 KB
1 KB 32ms
7ms Script
text/javascript 2a02:26f0:6c00:181::3282
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://widgets-green.media.weather.com/chunks/wxwidget.measurement.js?v=32fc4b97e2c206e3a91b

Requested by

Host: widgets.media.weather.com
URL: https://widgets.media.weather.com/wxwidget.loader.js?cid=138459890

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

2a02:26f0:6c00:181::3282 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

nginx/1.16.1 /

Resource Hash

ea1321d511a75cd158b307b8c4480f91f84f802a70a1d0c556ee9663c1fd2028

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: nginx/1.16.1
status: 200
etag: W/"8d8-w3oHgFZXhvm52E/hPRrBHj8QoTg"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=54317
date: Mon, 03 Aug 2020 14:37:54 GMT
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 969
expires: Tue, 04 Aug 2020 05:43:11 GMT

GET
H/1.1 200
OK cs.js Show response
sb.scorecardresearch.com/c2/32816940/ 0
400 B 41ms
40ms Script
application/x-javascript 23.37.53.17
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/c2/32816940/cs.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WJW4B46
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.53.17 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-53-17.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 03 Aug 2020 14:37:54 GMT
Content-Encoding: gzip
Last-Modified: Fri, 08 Apr 2011 23:11:26 GMT
ETag: "d41d8cd98f00b204e9800998ecf8427e:1349196464"
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=259200
Connection: keep-alive
Content-Length: 20
Expires: Thu, 06 Aug 2020 14:37:54 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 7 KB
6 KB 30ms
19ms XHR
application/json 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2020072701&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38bef824a4f7af7c2c47ade85a220974cf0702f1b90b373e28d97ea3ebdec68a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 03 Aug 2020 14:37:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 5699
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 14 KB
6 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:819::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 14:37:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1591403518460474"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5540
x-xss-protection: 0
expires: Mon, 03 Aug 2020 14:37:54 GMT

GET
H2

200

1
twcimaxweb.112.2o7.net/b/ss/twcimaxweb/
Redirect Chain

https://twcimaxweb.112.2o7.net/b/ss/twcimaxweb/1?pageName=www.kiro7.com&v3=138459890&events=event1
https://twcimaxweb.112.2o7.net/b/ss/twcimaxweb/1?AQB=1&pccr=true&pageName=www.kiro7.com&v3=138459890&events=event1&AQE=1

43 B
0

42ms
42ms

Fetch
image/gif

15.236.175.233
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://twcimaxweb.112.2o7.net/b/ss/twcimaxweb/1?AQB=1&pccr=true&pageName=www.kiro7.com&v3=138459890&events=event1&AQE=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.236.175.233 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

jag /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 03 Aug 2020 14:37:54 GMT
x-content-type-options: nosniff
x-c: master-1315.Ia06625.M0-426
p3p: CP="This is not a P3P policy"
status: 200
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Tue, 04 Aug 2020 14:37:54 GMT
server: jag
xserver: anedge-7447d85976-dqgmq
etag: 3428383500096864256-4614368369227322809
vary: *
content-type: image/gif;charset=utf-8
access-control-allow-origin: https://www.kiro7.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
expires: Sun, 02 Aug 2020 14:37:54 GMT

Redirect headers

date: Mon, 03 Aug 2020 14:37:54 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.kiro7.com
x-c: master-1315.Ia06625.M0-426
p3p: CP="This is not a P3P policy"
status: 302
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Tue, 04 Aug 2020 14:37:54 GMT
server: jag
xserver: anedge-7447d85976-zz4zb
content-type: text/plain;charset=utf-8
location: https://twcimaxweb.112.2o7.net/b/ss/twcimaxweb/1?AQB=1&pccr=true&pageName=www.kiro7.com&v3=138459890&events=event1&AQE=1
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
expires: Sun, 02 Aug 2020 14:37:54 GMT

POST
H/1.1 204
No Content /
684dd308.akstat.io/ 0
354 B 422ms
394ms Other
image/gif 2a02:26f0:6c00:19a::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://684dd308.akstat.io/

Requested by

Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/2ARQK-4FEY5-2C44D-9TAQS-ZHZL7

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

2a02:26f0:6c00:19a::11a6 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Mon, 03 Aug 2020 14:37:54 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: https://www.kiro7.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
X-XSS-Protection: 0
Expires: Mon, 03 Aug 2020 14:37:54 GMT

GET
H2 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/210/ Frame E141 0
0 6ms
5ms Document
text/html 2a00:1450:4001:819::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/210/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
content-length: 11302
date: Mon, 03 Aug 2020 14:37:33 GMT
expires: Tue, 03 Aug 2021 14:37:33 GMT
last-modified: Wed, 26 Feb 2020 19:47:50 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 21
alt-svc: h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
57 B 40ms
39ms Image
image/gif 2a00:1450:4001:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gpt_2020072701&jk=2926558707364091&bg=!a2ilaHBYcXoPIFvxOnMCAAAASVIAAAAPCgA2Mq-7Fkvrki2mc04nl6yqqUlSSJdOUmpFzmyFeWxAmvMwqXkKEKupS44gW6w6VUzOSiFn9tZ0mQGEB5QqHd5fELM2N_vO2jGIB_WLJBB3v9OTNU9wC2C9nNIvUzTyfBc0s7ytEe3H-kcPp4_vduUGSQ3TuMS7XsG5lQoLHQuLftNkQ82b8FLUHM0FLq9M5GiqyQg-nfvCdsCb3lEalYxFkkuUWurVRDBUKq8oCY8MC83q3b5Ga7og14h5FUExyLy9a9IbBwW_ddSEmtoB5cIPDvc6YmHCtHzl7OfG5tkz0o1107-f_1YAbids1nG-hDi25glAxfrO4BkWal5D2KPKKNACVM54TDdCVOKzsvlFt1lvNNlRji_9TvZH7jb3E2W7z_CWW1hIEt08pUyefMtdL62_Z53wp59PF1UCdDZiyOf0xsRyCIfaVpNlaF0a-sNGqWomk31oDJnWtoFm1lcJDToLuoNQya12MPhaKZpramkvqZJXU7BOkc66yw1wFCYB_izUEFx73X77UclHmLOtPydWJFF4Z7d710QQfe3k8AWFxLp0QE8ReTE1lwu2yElYwNfOjFc2fmPEWOeIAA

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 03 Aug 2020 14:37:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sync
am-match.taboola.com/ Frame 53ED 0
0 36ms
35ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V7CYECFgP6xkUF09cpaQT6xkUF09cpaQUAAAAGBvQHGkXYDJeTyWIxWA5Wm91ushoud5PVbLcYwkYRNsPlZLJYDJaD1Wa3WyxWm-FusJstJ1NYMZbLZFALJCyz33dQUE5Pj9llEBVdb4vd4TR7Dmo1w_IxGiSDxW4Ne2g6HT7XvV7rtPx9c43f7Ze6PJ-XW-q3uzx_od_3Fjo8Xpfl81ZYXm7N6eUwO-0-t9B1N1leJs9bb3OrnWaz02_3vPU2t8hvNjssn7fM8ne7dQ_P0Wn3mf52t-ruchvOfufbZTe9Nc_P6eX2ywEAAADgAUAJcxviBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAOAgGtLA-CZY2EdTs_L8nD9PKd_AAA8FIAAAAwokAAI_NWUAHhQLJ0AAAAAAAAAALD8____xwDkXafIAGRoBfUAPPgAPBAVVBYxAgAAAMjlfF07mtQJlUUVAABBuhXAFQBAwBxt8GpEGAAAgMDYAj0sfr_ZYdf43S4DAAAAAAAAADD7P_tHE_JBsU8DulfoUfsFBABY-wUEAGBTNwCANwG4oCNoxWCwOgLaDCazAwAAALj7____1wOJ3XA52K1mm41jObMZV77RxrdceTyblWs0m80m3iNEEDVvM_5k72sRltnvOygop6fH7DKIiq63xe5wmj0HtZph-RgNksFiNxAfNAzLySCY34QtRqvJZLMczpaLyWA4Go5G-xPAzQAnaDgcLHaDxW6xGE4Wk9FgOVigQAwmOCHD0WayGu1Wu8lyOBmNZpvJBilatZqNNoPhajaZ7Xar4WC4HI2QojWL2WSymI2Wu81gORkNhpPhEGHENFtuhpuNWzYx2dyi4WayFk5ss7XEsjAOVsuNyTYyrEWvj-k2WSxsE8cWBQP29iK4SCcav_GtdVr-btHtIpZoThbpRHbZN3bD5WC3mm02juXMZlz5RhvfcuXxbFau0Ww2m_grptlyM9xs3LKJyeYWDTeTtXBim60lloVxsFpuTLaRYS16fUy3yWJhmzj2jdVyNpqtRqvdvrFazkaz1Wi123foDN_V52yUpg22jk-1FB0P35jpoHAZLN6X-nQeFowF6-9zdAolimVRZ_T7_X6_3-_3-_1-g9ZzMBsUvmnxcHwtXtLZLeVdxBLB6SKdiF7G00UskTwt0olkMXJ4bKbRbrdc7iaj2Wq1cZhcy-XMY1iMdpvdRCxRmi7SiV7q8nxebqnf7vL8hX7fW-jweF2Wz1thebk1p5fD7LT73ELX3WR5mTxvvc2tdprNTr_d89bb3CK_2eywfN4yy9_t1j08R6fdZ_rb3aq7y204-51vl9301jw_p5fbov7jQwxXc8VqNlfsVnPFYLdKAAAAAAAAAABLmDJvAgAAAHAaxGwz2-yWC_CAGKYLDAIAAAAAALBLbDJdknq3VF7c-PHC-I1vrdPyd4tuZ97smSDWarWsAQAABLABAAACuHXzFhAWAQ!&excid=22&docw=0&cijs=1&nlb=true
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/2.1.3/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

:method: GET
:authority: am-match.taboola.com
:scheme: https
:path: /sync?dast=V7CYECFgP6xkUF09cpaQT6xkUF09cpaQUAAAAGBvQHGkXYDJeTyWIxWA5Wm91ushoud5PVbLcYwkYRNsPlZLJYDJaD1Wa3WyxWm-FusJstJ1NYMZbLZFALJCyz33dQUE5Pj9llEBVdb4vd4TR7Dmo1w_IxGiSDxW4Ne2g6HT7XvV7rtPx9c43f7Ze6PJ-XW-q3uzx_od_3Fjo8Xpfl81ZYXm7N6eUwO-0-t9B1N1leJs9bb3OrnWaz02_3vPU2t8hvNjssn7fM8ne7dQ_P0Wn3mf52t-ruchvOfufbZTe9Nc_P6eX2ywEAAADgAUAJcxviBxAAIAIAAABAAgAAAIAioOLfQuACAAAAAAOAgGtLA-CZY2EdTs_L8nD9PKd_AAA8FIAAAAwokAAI_NWUAHhQLJ0AAAAAAAAAALD8____xwDkXafIAGRoBfUAPPgAPBAVVBYxAgAAAMjlfF07mtQJlUUVAABBuhXAFQBAwBxt8GpEGAAAgMDYAj0sfr_ZYdf43S4DAAAAAAAAADD7P_tHE_JBsU8DulfoUfsFBABY-wUEAGBTNwCANwG4oCNoxWCwOgLaDCazAwAAALj7____1wOJ3XA52K1mm41jObMZV77RxrdceTyblWs0m80m3iNEEDVvM_5k72sRltnvOygop6fH7DKIiq63xe5wmj0HtZph-RgNksFiNxAfNAzLySCY34QtRqvJZLMczpaLyWA4Go5G-xPAzQAnaDgcLHaDxW6xGE4Wk9FgOVigQAwmOCHD0WayGu1Wu8lyOBmNZpvJBilatZqNNoPhajaZ7Xar4WC4HI2QojWL2WSymI2Wu81gORkNhpPhEGHENFtuhpuNWzYx2dyi4WayFk5ss7XEsjAOVsuNyTYyrEWvj-k2WSxsE8cWBQP29iK4SCcav_GtdVr-btHtIpZoThbpRHbZN3bD5WC3mm02juXMZlz5RhvfcuXxbFau0Ww2m_grptlyM9xs3LKJyeYWDTeTtXBim60lloVxsFpuTLaRYS16fUy3yWJhmzj2jdVyNpqtRqvdvrFazkaz1Wi123foDN_V52yUpg22jk-1FB0P35jpoHAZLN6X-nQeFowF6-9zdAolimVRZ_T7_X6_3-_3-_1-g9ZzMBsUvmnxcHwtXtLZLeVdxBLB6SKdiF7G00UskTwt0olkMXJ4bKbRbrdc7iaj2Wq1cZhcy-XMY1iMdpvdRCxRmi7SiV7q8nxebqnf7vL8hX7fW-jweF2Wz1thebk1p5fD7LT73ELX3WR5mTxvvc2tdprNTr_d89bb3CK_2eywfN4yy9_t1j08R6fdZ_rb3aq7y204-51vl9301jw_p5fbov7jQwxXc8VqNlfsVnPFYLdKAAAAAAAAAABLmDJvAgAAAHAaxGwz2-yWC_CAGKYLDAIAAAAAALBLbDJdknq3VF7c-PHC-I1vrdPyd4tuZ97smSDWarWsAQAABLABAAACuHXzFhAWAQ!&excid=22&docw=0&cijs=1&nlb=true
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.kiro7.com/jesse-jones/how-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system/

Response headers

status: 200
server: nginx
date: Mon, 03 Aug 2020 14:37:58 GMT
content-type: text/html;charset=ISO-8859-1
machineid: 3402

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: fastlane.rubiconproject.com
URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21718&site_id=297328&zone_id=1501256&size_id=2&alt_size_ids=55&rf=https%3A%2F%2Fwww.kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F&tk_flint=pbjs_lite_v2.41.0&x_source.tid=ee38208f-af1b-453c-9704-29b91408aaa5&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.36047885462437823

Domain: fastlane.rubiconproject.com
URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21718&site_id=297328&zone_id=1501270&size_id=15&rf=https%3A%2F%2Fwww.kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F&tk_flint=pbjs_lite_v2.41.0&x_source.tid=f184384c-ffe5-40fb-9205-152e48a09391&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.7063412149047283

Domain: fastlane.rubiconproject.com
URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=21718&site_id=297328&zone_id=1501260&size_id=15&rf=https%3A%2F%2Fwww.kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F&tk_flint=pbjs_lite_v2.41.0&x_source.tid=2d6fd47a-dbab-417d-b3bf-432d790ce804&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.25128121214922405

Domain: ads.servenobid.com
URL: https://ads.servenobid.com/adreq?cb=7559

Domain: hbopenbid.pubmatic.com
URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client

Domain: as-sec.casalemedia.com
URL: https://as-sec.casalemedia.com/cygnus?s=518771&v=7.2&r=%7B%22id%22%3A%2250621e5ecafe48%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2264b556bad241b7%22%2C%22ext%22%3A%7B%22siteID%22%3A518771%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.kiro7.com%2Fjesse-jones%2Fhow-hackers-are-stealing-hundreds-of-millions-of-dollars-from-washington-unemployment-system%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22durationmedia.net%22%2C%22sid%22%3A%2221851507967%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D&ac=j&sd=1

Domain: prg.smartadserver.com
URL: https://prg.smartadserver.com/prebid/v1

Verdicts & Comments Add Verdict or Comment

303 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

16 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	(Line 1) Message: digioh fired
console-api	log	URL: https://membercenter-sdk.cmg.com/sdk/main.min.js(Line 311) Message: [MemberCenter] SDK fetching tenantConfig
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072701.js(Line 6) Message: Invalid GPT fixed size specification: [[[970,90],[728,90]],[[728,90]],[[320,50]]]
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072701.js(Line 6) Message: Invalid GPT fixed size specification: [[[1,1]],[[1,1]],[[1,1]]]
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072701.js(Line 6) Message: Invalid GPT fixed size specification: [[[300,250]],[[300,250]],[[300,250]]]
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072701.js(Line 6) Message: Invalid GPT fixed size specification: [[[300,250],[300,600]],[[300,250]],[[300,250]]]
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072701.js(Line 6) Message: Invalid GPT fixed size specification: [[[300,250]],[[300,250]],[[300,250]]]
console-api	warning	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2020072701.js(Line 6) Message: Invalid GPT fixed size specification: [[[1,1]],[[1,1]],[[1,1]]]
console-api	warning	URL: https://connect.facebook.net/en_US/fbevents.js(Line 23) Message: [Facebook Pixel] - Unable to parse JSON-LD tag. Malformed JSON found: ' { "@context": "http://schema.org", "@type": "NewsArticle", "mainEntityOfPage": { "@type": "WebPage", "@id": "" }, "headline": "How hackers are stealing hundreds of millions of dollars from Washington’s unemployment system", "datePublished": "2020-05-22T00:45:56Z", "dateModified": "2020-05-22T00:45:56Z", "articleBody": "Dawn Gately’s hair salon in Port Townsend has been shut down for months. When she applied for unemployment benefits, she received an all too familiar response.“Someone else had used my social security number and it also showed a strange email address,” says Dawn.Dawn is one of a growing number of victims of "impostor fraud" through the Employment Security Department, which administers unemployment benefits.ESD would not give precise figures, but now admits tens of thousands of fraudulent accounts have been created, and hundreds of millions of dollars have been paid out to impostors through May 21. Those numbers are for Washington alone, and may rise as more individuals and businesses come forward to report fraud.Federal investigators appear to be focusing on a cybercrime conglomerate in Nigeria. Armen Najarian, Chief Identity Officer with Silicon Valley-based internet security company Agari, has been tracking them, too.“They’re very good at what they do and they’ve been doing it for a long time,” says Armen.Agari has connected more than 140 of the first 700 fraudulent unemployment claims in our state to a Nigerian cybercrime group named Scattered Canary.“They’re diversified. They have a number of lines of businesses. One is business email compromise, where they might impersonate a CEO reaching a CFO asking for an urgent wire transfer,” says Armen. “They’re involved in real estate fraud scams where they are diverting a payment or mortgage transfer.”Armen says the group has found a way to have a single scammer obtain, and then use, hundreds of Gmail accounts to fraudulently apply for unemployment benefits using stolen social security numbers and other personal information. He adds that the Washington Employment Security Department’s rush to pay applicants may have made things easier for the thieves.“The law of unintended consequences, right? What was intended to be a pro-citizen policy has perhaps been exploited because maybe there wasn’t [sic] the in-depth verification checks that have existed if it wasn’t more locked down,” says Armen.The Commissioner of the Employment Security Department says additional measures recently put in place have blocked "hundreds of millions" in additional fraudulent claims, but would not explain how she got that number.Mike Hamilton, with the Seattle-based internet security company CI Security, has also been following the Scattered Canary developments. He believes American authorities may have to consider new incentives for countries known to harbor cyber-criminals, to prevent those groups from attacking american targets.“If we treat our logical borders like we treat our physical borders. and say you can’t control all the crime in your country that’s sucking money out of my country – great! We’re going to cut off legitimate business at the border router and we’re going to let your business community howl at you until you clean up your problem,” says Mike.And that could help cyber crime victims like Dawn get the benefits they desperately need.“It’s hard because I’ve gone through a lot of money on my own when I could have been receiving unemployment,” says Dawn. “A lot of savings for my retirement, so I’m going to be working when I’m 80.”You can check out our previous reporting for a checklist to see if you’ve been victimized, report the fraud, and protect your identity.UPDATE: Washington’s Employment Security Department says the Department of Justice is leading the fraud investigation. Here is a statement their Seattle office sent us after our story ran:“In any fraud investigation and prosecution, our focus is on finding and securing the proceeds of crime, so that we can return them to their rightful owner. This investigation is no different. A team of federal law enforcement agents is working hard to identify, and recover funds from, accounts that have been used in this fraud. Last week, a diligent financial institution, with which agents were working, was able to prevent $120 million from being distributed to criminals. Agents are assisting in recovering millions of additional dollars, with assistance from scores of other banks and credit unions. I commend the Social Security Administration Office of the Inspector General, the Secret Service, the FBI, and the Department of Labor Office of the Inspector General for their quick and urgent work to reclaim these funds and other criminal proceeds that we are working to identify.”See the rest of our reporting on Washington’s unemployment crisis:Victims of unemployment fraud have assets frozen by bankImpostor fraud continues: Seattle man's information used to apply for unemployment benefits in three statesScammers swoop in, swipe Washington unemployment benefits – and how to protect yourself if you're a victimAt least 55,000 people in Washington wait for unemployment decisionsDelays, denials as Coronavirus fuels demand for unemployment benefits", "author": [ { "@type": "Organization", "name": "Cox Media Group", "logo": { "@type": "ImageObject", "url": "https://www.kiro7.com/pb/resources/images/cmg_icons/kiro-logo.png?token=123", "width": 152, "height": 60 } } ], "publisher": { "@type": "Organization", "name": "Cox Media Group", "logo": { "@type": "ImageObject", "url": "https://www.kiro7.com/pb/resources/images/cmg_icons/kiro-logo.png?token=123", "width": 152, "height": 60 } } }, // will be empty for branded publishing "description": "May 21, 2020 Dawn Gately’s hair salon in Port Townsend has been shut down for months. When she applied for unemployment benefits, she received an all too familiar response. “Someone else had used my social security number and it also showed a strange email address,” says Dawn. Dawn is one of a growing number of […]" } '.
console-api	log	URL: https://www.kiro7.com/pb/gr/c/default/rF4EmW1Kh2SsUr/arcAdsJS/84612eb819.js?v=95(Line 1) Message: Bid Back Handler [object Object]
console-api	log	URL: https://www.kiro7.com/pb/gr/c/default/rF4EmW1Kh2SsUr/arcAdsJS/84612eb819.js?v=95(Line 1) Message: Bid Back Handler [object Object]
console-api	log	URL: https://www.kiro7.com/pb/gr/c/default/rF4EmW1Kh2SsUr/arcAdsJS/84612eb819.js?v=95(Line 1) Message: Bid Back Handler [object Object]
console-api	log	URL: https://includemodal.global.ssl.fastly.net/pw.js(Line 2) Message: Scanner Online
console-api	log	URL: https://includemodal.global.ssl.fastly.net/pw.js(Line 2) Message: Scanner Online
console-api	log	URL: https://includemodal.global.ssl.fastly.net/pw.js(Line 2) Message: TypeError: Cannot read property 'replace' of undefined
console-api	log	URL: https://includemodal.global.ssl.fastly.net/pw.js(Line 2) Message: TypeError: Cannot read property 'replace' of undefined

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

15.taboola.com
3aa13c75fe4cbb2507c9f773cfbf13bd.safeframe.googlesyndication.com
684dd308.akstat.io
aax-eu.amazon-adsystem.com
ads.pubmatic.com
ads.servenobid.com
adservice.google.com
adservice.google.de
am-match.taboola.com
am-vid-events.taboola.com
as-sec.casalemedia.com
c.amazon-adsystem.com
c.go-mpulse.net
cdn.taboola.com
connect.facebook.net
coxmediagroup-d.openx.net
d2s8wlbatk24s7.cloudfront.net
eu-u.openx.net
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
hbopenbid.pubmatic.com
ib.adnxs.com
images.taboola.com
imprammp.taboola.com
includemodal.com
includemodal.global.ssl.fastly.net
jadserve.postrelease.com
js-sec.indexww.com
lightboxapi.azurewebsites.net
log.outbrainimg.com
mab.chartbeat.com
member-center-api.cmg.com
membercenter-sdk.cmg.com
pagead2.googlesyndication.com
ping.chartbeat.net
pr.realvu.net
prg.smartadserver.com
public.servenobid.com
s.go-mpulse.net
s.ntv.io
sb.scorecardresearch.com
securepubads.g.doubleclick.net
static.chartbeat.com
stats.g.doubleclick.net
tcheck.outbrainimg.com
tpc.googlesyndication.com
trc.taboola.com
twcimaxweb.112.2o7.net
use.fontawesome.com
vidstat.taboola.com
widget.perfectmarket.com
widgets-green.media.weather.com
widgets.media.weather.com
widgets.outbrain.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.kiro7.com
www.lightboxcdn.com
ads.servenobid.com
as-sec.casalemedia.com
fastlane.rubiconproject.com
hbopenbid.pubmatic.com
prg.smartadserver.com
13.35.254.61
13.89.172.6
141.226.228.48
15.236.175.233
151.101.113.181
151.101.113.194
151.101.13.44
172.217.16.130
172.217.16.194
2.16.187.65
23.111.9.35
23.210.248.65
23.210.249.164
23.210.249.92
23.210.250.13
23.210.250.44
23.37.53.17
2600:9000:2057:7000:18:1fcd:34e:d2a1
2600:9000:2057:9000:d:77c3:2dc0:21
2600:9000:214f:1000:a:588b:e680:93a1
2600:9000:214f:c400:16:b34:fdc0:93a1
2606:4700::6810:51a5
2a00:1450:4001:800::2002
2a00:1450:4001:801::2003
2a00:1450:4001:808::200e
2a00:1450:4001:816::2008
2a00:1450:4001:819::2001
2a00:1450:4001:81b::2002
2a00:1450:4001:81d::2004
2a00:1450:4001:81e::2001
2a00:1450:4001:81e::200a
2a00:1450:4001:81f::2002
2a00:1450:4001:821::2002
2a00:1450:4001:824::2003
2a00:1450:400c:c06::9b
2a02:26f0:6c00:181::3282
2a02:26f0:6c00:185::3282
2a02:26f0:6c00:192::11a6
2a02:26f0:6c00:19a::11a6
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
2a04:4e42:3::714
3.128.54.90
35.244.159.8
37.252.172.249
52.44.69.185
52.45.140.238
52.95.123.167
54.183.239.235
64.202.112.159
99.86.0.120
0019dfc4b32d63c1392aa264aed2253c1e0c2fb09216f8e2cc269bbfb8bb49b5
0082f52bee45e11a98243053d63ec5d29b47f138254e0f87253da0d06ccd9d9b
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0533256b047eccb48e0ea7bef7a32cb48afaf011c65b74e604dae529709f5747
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c
0b9028c7ecccf4f31fafcfca176cd6ed38197d7b3d6ea4c107b98af8eecc525b
0d9fd7ccabde9b202de45ee6b65878ce9594975d8e8810b0878d3f3fa3637d0e
0e6dfa442177b789845d0ccd6d0ee0123d1cd971aec7da66f9ee0baef2bfd953
0ea3f6d3b31e9c24d77d1466de04df3b9a3317171ea8d9514e2de1119abcf566
0ecd9f5bb492be71e3aacc8ca4f170c8f9890242a25e2c6ec9a42f13561b028f
10498af6ea08b4401b0e3c94f8795cfc55859c762614ab9c7e6a6d1021fa3fb6
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
14e374776a27e3fe5d16e10041c4028fb3cb216e622a0fcfce35b196e8d7647c
15222558c59d8869576c6579a2b115258dc1a73efbdd38eafddd044a92756768
1ada6cba8fa53b338e731e5e8813a53ed00637c9b6a44ce728e34c46959120b1
1c5fc6075edb20483422f165da4de1b91338d187cc65b6f66afed3f0eb9684cf
2365d7136ba5d04b4a90eb5f54a6f6fb94127cbb2bbafdcbccdb1f5328c2ed9e
2cd1e3308865283a667753286478b9f487d5d1734b34746e725e5f7140b7136e
2cdc0eccfb048983df117662b71b766038f80c63d48594277595cbc3052e0872
36ad80a8bbf3902b110f7c30e7f1573bf449fb2cf7bbf9bbada7e6c93662a833
37c950ed2fef062f761b7b2e4c8d4f230718b3824fe8b2be6cc714b83b55b01b
38bef824a4f7af7c2c47ade85a220974cf0702f1b90b373e28d97ea3ebdec68a
38db8016c9a71b8590311347a397e56764effd444da1db744884e551a48fefe4
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3cd39cb32bd2edb00a2f3b7d724fd4c7d7f09f4b2e5885bbc86b9b37fb1d96a7
3d85f73737f002750bde0de3a6cab67046cf5dd45000e5cf451f63accfdf1e5a
4749f95d6ba82bfeefaf03591643f873461c42ad2e0e973b21ace71c41bbfc81
4780a9eb5233f4e1110fd7d9fb439ceab6f5ef7fb480f9ca3068ef7220332c31
4d0130d314f1669c9ea5a911d401d6250f96386a52b0c38f7b3fb43cdcd10589
4e058533c50c48b051e0e92b9cde871229291c44f7de01a45932bd1a9fa660d4
5108ccd81bd97893d37ce90a21fe218bb3fdce67ee6e8a0616323b34ab2ee7a1
5248473fe39fc26c6daafdbef959b193dd0e85f32beff8d71e24af8de43c0b14
558927ad5d1d06e0802f36ca4ab513a74d6cc3cf03187dc6ec163327f21c6919
57514090aa4e30755dfb478a8e596474b2c1dcb0c4258a6a2b324853d73840e4
5c7df99df232586111917083a85aa31b82ee29e48ca2990e13fae0c0663a923f
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
64174c77b5a80870cf978e69f024e86c45f235a3f59c7041010074031b9fe2fb
66832b39317001dc90abc0da65a9950475b0d3f2d31a2597c1482fae609c08ef
6718a07fa13fa05273a15a3442277d187b1b712d9eccef98fba120ef9442e975
678411243c99862b378011c1c8ce74be91ccf15481b2eb8d7596d88a7439a67f
680168566ee9750e5db2b29af40845da0bf6ae8a6647f71f2feaa85948b6499d
68632f1c4edadde25df7c227f597bc41ec7c9a019cc6e0196d7060907e10b298
6a21dcfd78c871e15b508485486dc0ac1133b20d9b98ac0c0fd9f3ae32b58161
6a444d01ae90ffe2ed89f55b35ac2f606ee4a8f0c06e0784d3a401be7e79d034
6a6a77d4af8485f801196e0abb887d745c1ebaf38df310027cf720ad7517e9b2
6c8a38e7a5cf21c2e725e23283a36abf4de52b1e994d37d5a5fbace8d212364e
6ed50daf4c2153bb4cf9525af6c183257c0529730b353892d98af55f653f0dcc
7183c63341a2b365ecdb3ccc70ef4c95eae74e4bfaae7e8df6b809b9a5f007d2
7301462cb27dcb0cf467822211f6cdd478be091ed9d776b29f426ce78c4a414f
745f4b11e491de328e1088fb94e7c5f3e7ee943369af5e3364776de7a87e86f9
766b5a644b14c4ba0728186856569abab6071a413bda610fff5a87bb4e7e4218
77eff823bfb895038c13cee3cda8bb2535aac178145763f9e21156d7072b18e5
79cf058fe61429a23dd4fe831fb68769c6bff837fee81b7015a6278622ece51e
80f5317ac5620c70618497fb3930ca9d235971a466e99b5b0c2b590489228afd
82065f13e759bc37e30a66afa04d925bef8f4d232811f749a3d60408c40661ab
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
854a8fe51d28727c66b6c669749470ee004e287c23a7f29c7085e7619d5c8b16
8891a160f8a2afb81de5259f9f68e5af3782348ea2927ad9e969bc88c7d39984
8ac81845bd64dfcbf434dc4e697130c045d294b75d4335d989239c0cab1719cb
921dc7697fdde21fbeb8b1d305a491f670af0883df8d8fb10f76dd151f1e195a
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f
930a3fd7f254f3bb339528ae7f05669aa8faa93ef0fe2eaaae7af7cc66b6a5ac
95a439c4e11ace2484e8d42c30ff56cf7db5ea7c6463df9ce2fdafa7f6ccbf54
9924de65dae7767c2d8ac914a04e01c80f21e0296ccc943b220aa559dc28c995
9c088796f9990e19374762ed19b3101f2ce74f08dcff8959c260f6a596adcbc9
9c3304c0c82663f30f68b0eaa367a0e284fca6ed5ed9435c61a5112c83ba9bd2
9d6775f96b398119dd2519629eaebad2ef2475d71375d7bca6f08a1bbfbf3826
9f028d6dc716d2a125d7e1a97a01b06db849c673f68590f50520055276798788
9f0f1d8b888e34f5853026208521d033a64867c561c837c113e6289a2bb0b5ad
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a09a8573d1a6a838bac438cf3f9181088247dc9b7eca5cc47ab368f001d5cebf
a144a0ddb054805ab87d8603010836d660aa41bef7a38d962781cd3af6c4e864
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a489da137c52471d00bcf24ce4d6ac81e6798419f0ac07f4828244498942f6cd
a573a447abaae8b55fc53b84dcb7c0be93c1ab5a6226384c3b35787f0ccddce7
a68a70f7be9281f3f7148b38d7f5971f1dc946d3034a40e55021d0fb6fb78d73
a8e2048e0f1fc3b956d7685ba714e75cdbc52886dbd69d0e2d272668ffa918c8
ac548acfa55077b067d2ea4132a77965937a526d9757f570273541232c021651
b354cb22c436ea8ed0637a35e9da56f06f7d84ae2912f87a54b680bc06388d3c
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b6664030f7bc5deb4fcd12b1af12172912f0e437fd1f91179895aaeadaf529f2
b67b0f1771650f302642d45e7f9aacc8f93ad163d316b43dd98721193102f300
b77845c2050a7ffe65bfa833bca905b80608b1b9dd433090b391cdde8de4f2a4
b7c75ced414597a228d7dcb267cc769ce75fed381b3b6eda6b6397eec4052f13
b8bd830f3757aa64431697b39faa92cda6bfb040be54c4337356f1eb179ab814
ba607af2c8d414ab6d4bac90c526d90a939cb0adf507b6ba063265347479159d
beb713130ffd6c0d3e827e036c9112623aab43051600265708f574b1800c7d54
bedea1f8cf80a5ec83f5129f2ebe6dbb3bd2abe6f63d996974abc30f5c08ea84
c0883d747f2f0715eabe46219a1ccfc1a366c06d71cbf62ffae9abd2674235ad
c1acfa727754dab58bedc79995a642e235c6fde6449824c4fba4318fc060c91c
c2c402361bd7cb9fc369974c8ebd8c1ee61be5006f0d0bb84b40d7fb3cff8a29
c3c816e688e1dc01d297a87071ea3d920cc21366eb4407b57b3df30a2ff18157
c6f8b9c3089e1462473b0344b095a0b242e10ef4e8a70efa4015c867c65ece82
c78b763ffb87074091fff5dbe0906f06afcf945430a438f364d89e344ca8d33e
c8f3edd64e567835915eadd8fd2dc788e95ca891f64bb424b7a3083801da3581
ca7df3a16649aa4c0a68e44c8256882465a546a30fcc50f45229778d66b59b5f
cbdd20706135f61957fc52135a64586fa2a836d06f9fbba78f973c7ba96b5fba
cd77ab73113b7c9e7b3ff1c037d14854bc45dcd5e5e22c84fc945827b11d4665
ce897833ac6e362df7c91ac8223fe511c6defcf33964928a81004600a2dd4c2e
cedb397b90b34513144fdc38df337ca77ed53c128544b4df435d455eb9c6d9d3
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0aec1b0c7e65096d212a9054ed81197dfb701f3ffb429e0a2dd0e8cca109476
d20beb8bd7c6778095f019514f2008592a9c74a5204bb4b5993bcd10ee38ba4d
d46e24bc27d15994c2a1f38565953996bcd518d5d3b3f1501b3cb4b58e3626ef
d5bdb7da1ec534bd29701bbfdbc259759cbc50ce9616eedfc5cc5d48636d05a7
d701f1aeeca64b8b1deacc747a73af64c787d04fc83403663461e9c8cd045884
d8f1c105623165e8a632ee84c28863aa6ad5b4fb21b5f558ac4acf437a6d5517
e212e3161632a4224e3e49b5af5d23622235d08db416499aa4c24aa2c83a9ca8
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e56ce6a9217ef5d350cbff4f936b54330265c12481627a604b20567e5fc7ca2e
e8ae3545f316d09f64ed38a4ed1bd24e50008a50920000e0d7506bc6c2bf1d5c
ea1321d511a75cd158b307b8c4480f91f84f802a70a1d0c556ee9663c1fd2028
eae9a47e21c5ee85ff399eaad4b19500b00f68338dcf8cdcb7be3c89e83f54e8
ec0bb06f6ba18c932ed710f0bcd823c25c101580538df3f5bc05a30c177fa8d9
edf6ab3553d76573e5d5939c0c4a3ada737c98ee962379b25cbf23c96f17d732
eecdf607f41793e61a58937f215d9b1192888fc67ba525b041b05f2b3ab9685f
eedb8ef546b6121564bff746c268a3dfe985fcd845c1b1d5a0112188ce2017dd
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2df53bc079789db6b2b39dcba23a22c89211ddef35cd8a8919bac79d39f8579
f43bf3f9d15653a837639962962c05a36830d8bd86623815eac3da29c7bcc135
f53d6a0404e5b3dda3559494d9e21c682feee793a0e8a3e3f8fdf75c53974123
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f9d75feb18941875349eab4daaa63e1f7992ed9c3f774d99648b20351908a496
fa44b74a77714d909c063e148f48d8c6ee818985a299dd9b408d40a50c209bab
fabbb74833cdd9063a2219ddd3240bb4f71a499e8838ec1d90e396548afc9d56
fbb0e86ccce48b6e3624ebec3313ede4b3a5fce48047f324267f65110b40acad
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955

www.kiro7.com Open in urlscan Pro 2.16.187.65 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

181 Requests

96 %HTTPS

49 %IPv6

43 Domains

65 Subdomains

51 IPs

7 Countries

3205 kBTransfer

10064 kBSize

0 Cookies

34 Outgoing links

Page URL History

Redirected requests

181 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.kiro7.com Open in urlscan Pro
2.16.187.65 Public Scan

Screenshot
Live screenshot

Full Image

181
Requests

96 %
HTTPS

49 %
IPv6

43
Domains

65
Subdomains

51
IPs

7
Countries

3205 kB
Transfer

10064 kB
Size

0
Cookies

181 HTTP transactions
2 data transactions