www.kolotv.com Open in urlscan Pro
72.247.179.120 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/#%3A~%3Atext%3D%28K...
Effective URL:
https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/
Submission Tags: falconsandbox
Submission: On March 22 via api (March 22nd 2021, 10:37:31 pm UTC) from US

Summary HTTP 207 Redirects Links 35 Behaviour Indicators

Summary

This website contacted 39 IPs in 3 countries across 23 domains to perform 207 HTTP transactions. The main IP is 72.247.179.120, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is www.kolotv.com.
TLS certificate: Issued by R3 on January 22nd 2021. Valid for: 3 months.

This is the only time www.kolotv.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	72.247.179.120 72.247.179.120	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a04:4e42::621 2a04:4e42::621	54113 (FASTLY) (FASTLY)
15	2a02:26f0:64:... 2a02:26f0:64::214:84a9	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2600:9000:218... 2600:9000:2182:a00:b:5584:2800:93a1	16509 (AMAZON-02) (AMAZON-02)
11	23.218.209.87 23.218.209.87	16625 (AKAMAI-AS) (AKAMAI-AS)
5	35.201.98.64 35.201.98.64	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
1 3	151.101.2.137 151.101.2.137	54113 (FASTLY) (FASTLY)
2	2a02:26f0:710... 2a02:26f0:7100:1b8::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
25	184.30.25.193 184.30.25.193	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
1 5	184.25.115.49 184.25.115.49	16625 (AKAMAI-AS) (AKAMAI-AS)
1	70.42.32.31 70.42.32.31	13789 (INTERNAP-...) (INTERNAP-BLK3)
7	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	18.218.162.22 18.218.162.22	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
18	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:64:... 2a02:26f0:64:699::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	142.250.185.230 142.250.185.230	15169 (GOOGLE) (GOOGLE)
1	13.226.155.3 13.226.155.3	16509 (AMAZON-02) (AMAZON-02)
34	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
3	151.101.14.132 151.101.14.132	54113 (FASTLY) (FASTLY)
1	2a02:26f0:64:... 2a02:26f0:64::214:84bc	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2600:9000:214... 2600:9000:214f:7600:7:26e8:af40:21	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:214... 2600:9000:214f:b000:16:e423:f180:21	16509 (AMAZON-02) (AMAZON-02)
15	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:809::2003	15169 (GOOGLE) (GOOGLE)
2 5	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
8	50.31.142.95 50.31.142.95	23352 (SERVERCEN...) (SERVERCENTRAL)
1	2a00:1450:400... 2a00:1450:4001:802::2006	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
207	39

6 72.247.179.120 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a72-247-179-120.deploy.static.akamaitechnologies.com

www.kolotv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::621 (United States)

ASN54113 (FASTLY, US)

polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a02:26f0:64::214:84a9 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

gray-kolo-prod.cdn.arcpublishing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2182:a00:b:5584:2800:93a1 (United States)

ASN16509 (AMAZON-02, US)

d3agakyjgjv5i8.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 23.218.209.87 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-209-87.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widget-pixels.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.201.98.64 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 64.98.201.35.bc.googleusercontent.com

reconditerespect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.2.137 (United States) 1 redirects

ASN54113 (FASTLY, US)

cd.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cds.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:7100:1b8::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
684dd30a.akstat.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 184.30.25.193 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-25-193.deploy.static.akamaitechnologies.com

tcheck.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 184.25.115.49 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a184-25-115-49.deploy.static.akamaitechnologies.com

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 70.42.32.31 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com

log.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.218.162.22 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-218-162-22.us-east-2.compute.amazonaws.com

capi.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 172.217.23.98 (United States)

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:64:699::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

c.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.155.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-155-3.dus51.r.cloudfront.net

gray-prod-cdn.video-api.arcpublishing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

10e5f6d1aa91f9324c0db1844ea17d41.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.14.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

odb.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mv.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:64::214:84bc (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

api-gray-config-prod.cdn.arcpublishing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:7600:7:26e8:af40:21 (United States)

ASN16509 (AMAZON-02, US)

d1bl11pgu3tw3h.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:b000:16:e423:f180:21 (United States)

ASN16509 (AMAZON-02, US)

do0bihdskp9dy.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 50.31.142.95 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: chi.outbrain.com

mcdp-chidc2.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
42	googlesyndication.com tpc.googlesyndication.com 10e5f6d1aa91f9324c0db1844ea17d41.safeframe.googlesyndication.com pagead2.googlesyndication.com	292 KB
26	outbrainimg.com tcheck.outbrainimg.com log.outbrainimg.com images.outbrainimg.com	6 MB
23	doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net ad.doubleclick.net googleads.g.doubleclick.net	182 KB
22	outbrain.com widgets.outbrain.com widget-pixels.outbrain.com odb.outbrain.com mcdp-chidc2.outbrain.com mv.outbrain.com	163 KB
17	arcpublishing.com gray-kolo-prod.cdn.arcpublishing.com gray-prod-cdn.video-api.arcpublishing.com api-gray-config-prod.cdn.arcpublishing.com	551 KB
15	ampproject.org cdn.ampproject.org	295 KB
8	gstatic.com fonts.gstatic.com	131 KB
7	google.com 2 redirects adservice.google.com www.google.com	232 B
6	googletagservices.com www.googletagservices.com	190 KB
6	cloudfront.net d3agakyjgjv5i8.cloudfront.net d1bl11pgu3tw3h.cloudfront.net do0bihdskp9dy.cloudfront.net	359 KB
6	kolotv.com www.kolotv.com	382 KB
5	googleapis.com fonts.googleapis.com ajax.googleapis.com	33 KB
5	scorecardresearch.com 1 redirects sb.scorecardresearch.com	4 KB
5	reconditerespect.com reconditerespect.com	36 KB
4	connatix.com 1 redirects cd.connatix.com cds.connatix.com capi.connatix.com	237 KB
3	cloudflare.com cdnjs.cloudflare.com	99 KB
2	google-analytics.com www.google-analytics.com	19 KB
2	go-mpulse.net s.go-mpulse.net c.go-mpulse.net	52 KB
2	googletagmanager.com www.googletagmanager.com	69 KB
1	akstat.io 684dd30a.akstat.io	202 B
1	2mdn.net s0.2mdn.net	39 KB
1	google.de adservice.google.de	165 B
1	polyfill.io polyfill.io	561 B
207	23

	Domain	Requested by
34	tpc.googlesyndication.com	reconditerespect.com securepubads.g.doubleclick.net www.kolotv.com 10e5f6d1aa91f9324c0db1844ea17d41.safeframe.googlesyndication.com tpc.googlesyndication.com
24	images.outbrainimg.com	www.kolotv.com
18	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.kolotv.com
15	cdn.ampproject.org	securepubads.g.doubleclick.net
15	gray-kolo-prod.cdn.arcpublishing.com	www.kolotv.com gray-kolo-prod.cdn.arcpublishing.com
10	widgets.outbrain.com	www.kolotv.com widgets.outbrain.com
8	mcdp-chidc2.outbrain.com	widgets.outbrain.com
8	fonts.gstatic.com	fonts.googleapis.com
6	pagead2.googlesyndication.com	www.kolotv.com securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
6	www.google.com	2 redirects www.kolotv.com securepubads.g.doubleclick.net
6	www.googletagservices.com	www.kolotv.com securepubads.g.doubleclick.net 10e5f6d1aa91f9324c0db1844ea17d41.safeframe.googlesyndication.com
6	www.kolotv.com	www.kolotv.com
5	sb.scorecardresearch.com	1 redirects www.kolotv.com widgets.outbrain.com
5	reconditerespect.com	www.kolotv.com reconditerespect.com
4	fonts.googleapis.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
4	d3agakyjgjv5i8.cloudfront.net	www.kolotv.com d3agakyjgjv5i8.cloudfront.net
3	googleads.g.doubleclick.net	www.kolotv.com 10e5f6d1aa91f9324c0db1844ea17d41.safeframe.googlesyndication.com
3	cdnjs.cloudflare.com	www.kolotv.com cdnjs.cloudflare.com
2	odb.outbrain.com	widgets.outbrain.com
2	10e5f6d1aa91f9324c0db1844ea17d41.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	cds.connatix.com	www.kolotv.com cd.connatix.com
2	www.googletagmanager.com	www.kolotv.com www.googletagmanager.com
1	684dd30a.akstat.io	s.go-mpulse.net
1	s0.2mdn.net	tpc.googlesyndication.com
1	ajax.googleapis.com	tpc.googlesyndication.com
1	mv.outbrain.com	widgets.outbrain.com
1	do0bihdskp9dy.cloudfront.net	www.kolotv.com
1	d1bl11pgu3tw3h.cloudfront.net	d3agakyjgjv5i8.cloudfront.net
1	api-gray-config-prod.cdn.arcpublishing.com	d3agakyjgjv5i8.cloudfront.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	gray-prod-cdn.video-api.arcpublishing.com	d3agakyjgjv5i8.cloudfront.net
1	ad.doubleclick.net	reconditerespect.com
1	c.go-mpulse.net	s.go-mpulse.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	capi.connatix.com	cd.connatix.com
1	log.outbrainimg.com	widgets.outbrain.com
1	widget-pixels.outbrain.com	www.kolotv.com
1	tcheck.outbrainimg.com	widgets.outbrain.com
1	s.go-mpulse.net	www.kolotv.com
1	cd.connatix.com	1 redirects
1	polyfill.io	www.kolotv.com
207	43

This site contains links to these domains. Also see Links.

Domain
www.graytvlocal.com
gray.tv
www.fullcourtgreta.com
www.circleallaccess.com
www.graydc.com
www.investigatetv.com
www.vuit.com
www.facebook.com
www.instagram.com
www.twitter.com
washoesheriff.com
www.washoesheriff.com
ag.nv.gov
detr.nv.gov
www.snelleofferte.nl
galleries.parentsdome.com
vbhlb.rdtk.io
zonnepaneelofferte.nl
kneefixproshop.com
newzgeeks.net
www.outbrain.com
chansouri-halist.com
couponclub.cc
trck.tracking505.com
www.pchelpsoft.net
rfvtgb.worldemand.com
rfvtgb.richouses.com
www.farandwide.com
publicfiles.fcc.gov
webpubcontent.gray.tv

Subject Issuer	Validity	Valid
gray.cdn.arcpublishing.com R3	`2021-01-22` - `2021-04-22`	3 months	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2021-03-09` - `2021-04-17`	a month	crt.sh
*.cdn.arcpublishing.com Entrust Certification Authority - L1K	`2020-11-27` - `2021-12-20`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-21` - `2021-10-20`	a year	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2021-02-22` - `2022-02-21`	a year	crt.sh
*.outbrain.com DigiCert SHA2 Secure Server CA	`2020-03-09` - `2021-06-08`	a year	crt.sh
reconditerespect.com R3	`2021-03-21` - `2021-06-19`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.connatix.com Go Daddy Secure Certificate Authority - G2	`2020-09-29` - `2021-10-19`	a year	crt.sh
akstat.io DigiCert Secure Site ECC CA-1	`2020-05-06` - `2021-08-05`	a year	crt.sh
*.outbrainimg.com DigiCert Secure Site ECC CA-1	`2020-03-26` - `2021-06-25`	a year	crt.sh
sb.scorecardresearch.com DigiCert Secure Site ECC CA-1	`2020-07-17` - `2021-06-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.video-api.arcpublishing.com Amazon	`2020-09-01` - `2021-10-01`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
misc-sni.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh

This page contains 16 frames:

Primary Page: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/
Frame ID: 3B6B680D83AB934E193008D5AE76496D
Requests: 110 HTTP requests in this frame

Frame: https://cds.connatix.com/p/109019/connatix.playspace.dc.js
Frame ID: 3681F78EEC903259361B2EFEBD7121A1
Requests: 2 HTTP requests in this frame

Frame: https://s.go-mpulse.net/boomerang/2E2M7-67B4A-DL5Z6-QJNZK-YUVYQ
Frame ID: D47CCAEF1E2664F112CD553C8C77DD2F
Requests: 2 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/cookie/test.html
Frame ID: 09A88E63066AC5B29FE0E17CD3EF6399
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-23/html/container.html
Frame ID: 84BFB6057539A83AA4A6D2DB67AEDB54
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs
Frame ID: 9E51974300EBA29A71097A1079D7DF13
Requests: 15 HTTP requests in this frame

Frame: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Frame ID: 258814B9DE8E0BB35F59D37841FDAEF4
Requests: 3 HTTP requests in this frame

Frame: https://10e5f6d1aa91f9324c0db1844ea17d41.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Frame ID: A5FAA71C7DC5EB8E64932EF88F5DD5FC
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7329966907555823337/300x250/index.html
Frame ID: A9493F7FE8F576FA409BA033DAA1537E
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 1DD34C11A6681425F48CBE51F7DF8912
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvyA-eIz3HSrpdTwKa5ULEFWCnX_UtMpp66Gvpv6xzr5By4t57R6zQ_1DlsJ4Kpi5A_64gVYB2itNM-ZMdRK5bOyq_fggdPdk6CEO3qHJs7sRr836iVBNDJ45WMcFizpUAVJ2TjWtXcV1tqq_IzHSfi0iaEjpGl_DLvG_ql91QkGLnEvbe4oT6KH-r5BWMOs7gm313ZDnm6RDxFxGyO306tr69RNzYBXoVp3Q0iYufSTvRyMqXJSTkjmPkRc-2a1SLq5mXzYmv64TXmke8Wb84zwzZ5rcL0aJPm5WUkJQG_15-48x46TNKn_yQyFORuy2c&sig=Cg0ArKJSzLv8iujgUHwLEAE&adurl=
Frame ID: AC90212D748677CB903E72830E564AEC
Requests: 8 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs
Frame ID: C7B109F9249206302B8C0D0DB1B395C0
Requests: 15 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs
Frame ID: E2927956300C0712F1A55185A044EAC7
Requests: 14 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst7x8dihr6gZr3LEya4sa6srkq6nZiumzihhBIjw_fQY8iX7-i57H5vxDWgh3FGBDRIk0gvvxAi_6I4IBoihf3HjEEpD28374kuBPYw4F_pOfLqtiJogkleFCJTm4CxTrNfO4h_-cKdETRewcfGhblmji8E-_3baCRfKULKfw4Udtd5oS_pXWZ5n_y1M0mfY0M7SH0qGbtBr1VfTQO6FP88Cb1pz0bB6oecQy6hP1UA_CZ4igjkfbPFv51HLCHCQWe-e3Sh1RuvQiyA70x3z9y6DqHmTLGZfjRI4kh_PEtBX25ffg&sig=Cg0ArKJSzLP5GHQU_lThEAE&adurl=
Frame ID: 964265131751C0DCA25E2008DF5D35D2
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 1A4AE9EB056FC9823D39446D48BC958D
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssP0kTguMRzGkqf-uSZ3xCJRguMudz99N1pjt5Neg3MB9rRrzedBMHXUPigVopT3tSwtfuH1KOoDcSqUWhq8HQNKLD8GihgCAZArrBv1qLIOJ49mldit-Xksj4Vqfd0y4u4ZSs-iXzP23Mm5nCvXfsyOSNd_W4MerVoBc7sSzTWFan4DBYUOdYv2CYUAZgvuWCrCkvS62CeiUGJkbtxHI-LznPqAsv7fWuoCm7iRnAc9LcM5akin3R0o4szNRTb2afojaqm4JkGKreLgXujld6uaKv6dcvLjvkcK3ugTCTrhAMcGg&sig=Cg0ArKJSzKUVtWR8LzmIEAE&adurl=
Frame ID: 9B3354DC18D99010676C5E97E7815BBC
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

207
Requests

100 %
HTTPS

66 %
IPv6

23
Domains

43
Subdomains

39
IPs

3
Countries

9696 kB
Transfer

15081 kB
Size

9
Cookies

35 Outgoing links

These are links going to different origins than the main page.

URL: https://www.graytvlocal.com/market/reno-nv
Title: Open For Business

Search URL Search Domain Scan URL

URL: https://gray.tv/careers#currentopenings
Title: Jobs

Search URL Search Domain Scan URL

URL: https://www.fullcourtgreta.com/
Title: Full Court Press with Greta Van Susteren

Search URL Search Domain Scan URL

URL: http://www.circleallaccess.com/
Title: Circle - Country Music & Lifestyle

Search URL Search Domain Scan URL

URL: https://www.graydc.com/
Title: Gray DC Bureau

Search URL Search Domain Scan URL

URL: https://www.investigatetv.com/
Title: Investigate TV

Search URL Search Domain Scan URL

URL: https://www.vuit.com/live/12761/kolo/vod
Title: Latest Newscasts

Search URL Search Domain Scan URL

URL: https://www.facebook.com/kolotv

Search URL Search Domain Scan URL

URL: https://www.instagram.com/kolo8newsnow

Search URL Search Domain Scan URL

URL: https://www.twitter.com/KOLO8

Search URL Search Domain Scan URL

URL: https://washoesheriff.com/sub.php?page=begin-report
Title: WCSO is taking identity theft reports online

Search URL Search Domain Scan URL

URL: https://www.washoesheriff.com/resources/files/pr_files/2000087_XTYC.pdf
Title: in English

Search URL Search Domain Scan URL

URL: https://www.washoesheriff.com/resources/files/pr_files/2000087_jIyj.pdf
Title: in Spanish

Search URL Search Domain Scan URL

URL: http://ag.nv.gov/uploadedFiles/agnvgov/Content/Complaints/2019-06-05_AG_COMPLAINT_FORM2.pdf
Title: encouraged to file a complaint online

Search URL Search Domain Scan URL

URL: https://detr.nv.gov/Page/DETR_Unemployment_Insurance_Fraud_Reporting_Form
Title: a Fraud Reporting Form on DETR’s website

Search URL Search Domain Scan URL

URL: https://www.snelleofferte.nl/trapliften-keuzehulp/?utm_content=6593-im_80-ad_een_traplift_is_goed-bs_re&utm_img=80-50-res-sta_gen-fe-nt-nb-not&utm_source=outbrain&utm_medium=cpc&utm_campaign=sta_gen-2002871-de-pr-prp_compare_prices&utm_ctype=disp&utm_term=$section_name$&obOrigUrl=true
Title: Een traplift is goedkoper dan u denkt. Vergelijk de prijzen en bespaar! SnelleOfferte.nl

Search URL Search Domain Scan URL

URL: https://galleries.parentsdome.com/hilarious-walmart-moments-v2/?utm_source=outbrain&utm_medium=$publisher_name$-$section_name$&utm_term=$publisher_name$&utm_content=00b94d8255d67bc6a9b801a3ad1548cf0c&utm_campaign=xpd-ob-eur3-d-walmartpics-21.03.17-tsg_OB2_chrome-9718&utm_cpc=$cpc$&obOrigUrl=true
Title: [Pics] The Most Funky Walmart Shoppers Of All Time Parentsdome Galleries

Search URL Search Domain Scan URL

URL: https://vbhlb.rdtk.io/604f2fbec7eae60001b89281?cost=$CPC$&ref_id=$ob_click_id$&sub1=Weet+u+dat+uw+lichaam+vol+onzuiverheden+zit%3F&sub2=00498c7cef97877689dc7bb39ea33e147e&sub3=$publisher_name$&sub4=$publisher_id$&sub5=00fd1d924f42fcac1c51e078b70f279a60&sub6=$section_id$&sub7=$section_name$&obOrigUrl=true
Title: Weet u dat uw lichaam vol onzuiverheden zit? Nuubu.com

Search URL Search Domain Scan URL

URL: https://zonnepaneelofferte.nl/bespaar?utm_source=Outbrain&utm_medium=cpc&utm_campaign=zpoNL&utm_content=$ob_click_id$&obOrigUrl=true
Title: Nieuwe ontdekking over zonnepanelen zorgt voor prijsdoorbraak ZonnepaneelExperts

Search URL Search Domain Scan URL

URL: https://kneefixproshop.com/?widipub_id=5a9d47612fcedb21dc301551&wtrd_offer_id=5f7445bd31fdc270340b48e2&wtrd_offer_pids=5fb528e7f7cc354ca250aea3&_locale=en&wtrd_offer_lids=5fa27c7a88a89c10f74f7042&wtrd_extId=006ab457ed13ec4490539d53d2cf93fc7a&wtrd_subPubId=$publisher_id$&wtrd_subPubName=$publisher_name$&wtrd_sectionId=$section_id$&wtrd_sectName=$section_name$&widipub_custom2=$section_name$&widipub_custom3=$ob_click_id$&obOrigUrl=true
Title: The knee brace that has taken the world by a storm. Knee Fix PRO™

Search URL Search Domain Scan URL

URL: http://newzgeeks.net/celebrities-that-said-goodbye-to-their-career-to-take-on-regular-jobs/?utm_source=Outbrain&utm_campaign=00fe8ef536589b06490cc7ed94d3bc3099&utm_medium=$section_id$&utm_content=1_00379c89dcc94389bf50c39bf7e90c27db&utm_term=$publisher_id$_$origsrcname$&obOrigUrl=true
Title: [pics] He Was A Legendary Actor - Today He Works 9 To 5 newzgeeks.net

Search URL Search Domain Scan URL

URL: https://www.outbrain.com/what-is/default/en

Search URL Search Domain Scan URL

URL: https://chansouri-halist.com/4273ae56-bd3c-45fe-b921-8ad610b70388?ad=00bc0dae8cd6344a6f7219d8a8e2c698d9&ad_title=The+Japanese+Way+To+Remove+Body+Toxins&publisher_id=$publisher_id$&publisher_name=$publisher_name$&section_id=$section_id$&section_name=$section_name$&pub=$source_id$&oci=$ob_click_id$&obOrigUrl=true
Title: The Japanese Way To Remove Body Toxins

Search URL Search Domain Scan URL

URL: https://www.snelleofferte.nl/scootmobiel/?utm_content=6722-im_219-ad_wist_u_dat_een_scoot-bs_re&utm_img=219-67-res-sco_gen-np-nt-nb-not&utm_source=outbrain&utm_medium=cpc&utm_campaign=sco_gen-2002922-de-pr-prp_compare_prices&utm_ctype=disp&utm_term=$section_name$&obOrigUrl=true
Title: Wist u dat een scootmobiel niet zo duur hoeft te zijn?

Search URL Search Domain Scan URL

URL: https://vbhlb.rdtk.io/604f2fbec7eae60001b89281?cost=$CPC$&ref_id=$ob_click_id$&sub1=Verbeter+je+lichaam+en+je+geest+met+deze+compleet+Japanse+oplossing&sub2=0077a41838916a259bb0020ee5f48425b5&sub3=$publisher_name$&sub4=$publisher_id$&sub5=00fd1d924f42fcac1c51e078b70f279a60&sub6=$section_id$&sub7=$section_name$&obOrigUrl=true
Title: Verbeter je lichaam en je geest met deze compleet Japanse oplossing

Search URL Search Domain Scan URL

URL: https://couponclub.cc/blog/nl/ecobooster/1907/?aff_id=2&offer=176&clickid=OB&utm_source=Outbrain&utm_medium=Discovery&utm_campaign=EcoBooster_D_v1&utm_content=Je+Hele+Woning+Kalkvrij%21+Verminder+Kalkaanslag+Tot+Wel+99%25&utm_term=$publisher_name$_$section_name$&OutbrainClickId=$ob_click_id$&name=PurchaseEco&obOrigUrl=true
Title: Je Hele Woning Kalkvrij! Verminder Kalkaanslag Tot Wel 99%

Search URL Search Domain Scan URL

URL: https://trck.tracking505.com/1eb6acea-5c05-4c67-b5a5-d340958ddac9?campaign_id=00a18a8420f49345cee7cf894c5d73762f&publisher_id=$publisher_id$&publisher_name=$publisher_name$&ad_id=000577547f637fdb06e33063ab9fd4fca2&ad_title=Het+salaris+van+een+programmeur+vandaag+zal+je+misschien+verbazen&section_id=$section_id$&section_name=$section_name$&req_id=$req_id$&promoted_link_id=000577547f637fdb06e33063ab9fd4fca2&time_stamp=$time_stamp$&cpc=$cpc$&ob_click_id=$ob_click_id$&obOrigUrl=true
Title: Het salaris van een programmeur vandaag zal je misschien verbazen

Search URL Search Domain Scan URL

URL: https://www.pchelpsoft.net/pc-cleaner/nl/LP14.php?campaignid=OUTB&tracking=PH_NL_OUTB_0506_PCC&filter=$publisher_name$&keyword=$publisher_id$&clickid=$ob_click_id$&obOrigUrl=true
Title: Verbeter de prestaties van je pc met een paar klikken pchelpsoft.net

Search URL Search Domain Scan URL

URL: https://rfvtgb.worldemand.com/worldwide/guitar-ob?utm_medium=outbrain&utm_source=outbrainjk&utm_campaign=wd-baking-des-ne-ag-11031q&utm_term=$section_name$&obOrigUrl=true
Title: [Pics] The Best Guitarists Ever Ranked In Order Worldemand

Search URL Search Domain Scan URL

URL: http://rfvtgb.richouses.com/worldwide/oldho-ob-du?utm_medium=outbrain&utm_source=outbrainjk&utm_campaign=rh-oldho-des-ne-sg-15031&utm_term=$section_name$&obOrigUrl=true
Title: [Foto's] Een vrouw van 96 jaar verkoopt haar huis en wat de makelaar aantrof is ongelofelijk: Richouses

Search URL Search Domain Scan URL

URL: https://www.farandwide.com/s/cool-maps-europe-11a66f6c5ec04106?utm_campaign=cooleuropemaps-72a105105f574db7&utm_medium=cpc&utm_source=out&aid=008d034cf1b163e30d943e921a0636ed90&utm_term=$publisher_name$&obOrigUrl=true
Title: Mapping Europe in Unexpected Ways Far & Wide

Search URL Search Domain Scan URL

URL: https://www.snelleofferte.nl/trapliften-keuzehulp/?utm_content=6743-im_302-ad_wat_kost_een_traplif-bs_re&utm_img=302-130-nrs-sta_gen-fe-nt-nb-not&utm_source=outbrain&utm_medium=cpc&utm_campaign=sta_gen-2002871-de-pr-prp_compare_prices&utm_ctype=disp&utm_term=$section_name$&obOrigUrl=true
Title: Wat kost een traplift? Vergelijk hier traplift prijzen en bespaar! Snelleofferte.nl

Search URL Search Domain Scan URL

URL: https://publicfiles.fcc.gov/tv-profile/kolo-tv
Title: Public Inspection File

Search URL Search Domain Scan URL

URL: https://webpubcontent.gray.tv/gdm/fcc/kolo-fcc_applications.pdf
Title: FCC Applications

Search URL Search Domain Scan URL

URL: https://publicfiles.fcc.gov/tv-profile/kolo-tv/equal-employment-opportunity-records/additional-documents/eeo-public-file-reports/1626f10a-1a81-4928-8243-b4ba52a849c6/
Title: EEO Statement

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 25

https://cd.connatix.com/connatix.playspace.js HTTP 302
https://cds.connatix.com/p/109019/connatix.playspace.dc.js

Request Chain 41

https://sb.scorecardresearch.com/b?c1=2&c2=10477191&cs_ucfr=1&ns__t=1616452628861&ns_c=UTF-8&cv=3.5&c8=Increase%20in%20identity%20theft%20tied%20to%20fraudulent%20unemployment%20claims&c7=https%3A%2F%2Fwww.kolotv.com%2F2020%2F07%2F11%2Fincrease-in-identity-theft-tied-to-fraudulent-unemployment-claims%2F%23%253A~%253Atext%253D%2528KOLO%2529%2520-%2520The%2520Washoe%2520County%252Ctied%2520to%2520fraudulent%2520unemployment%2520claims.%2526text%253DThe%2520Nevada%2520Attorney%2520General%2520also%252Cat%2520888-434-9989.&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=10477191&cs_ucfr=1&ns__t=1616452628861&ns_c=UTF-8&cv=3.5&c8=Increase%20in%20identity%20theft%20tied%20to%20fraudulent%20unemployment%20claims&c7=https%3A%2F%2Fwww.kolotv.com%2F2020%2F07%2F11%2Fincrease-in-identity-theft-tied-to-fraudulent-unemployment-claims%2F%23%253A~%253Atext%253D%2528KOLO%2529%2520-%2520The%2520Washoe%2520County%252Ctied%2520to%2520fraudulent%2520unemployment%2520claims.%2526text%253DThe%2520Nevada%2520Attorney%2520General%2520also%252Cat%2520888-434-9989.&c9=&cs_ak_ss=1

Request Chain 82

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 147

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

207 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/ 208 KB
41 KB 1221ms
1059ms Document
text/html 72.247.179.120
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

72.247.179.120 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a72-247-179-120.deploy.static.akamaitechnologies.com

Software

openresty /

Resource Hash

e4ccfffa23ce5cd68fdf4c82f3b114cd983c2a07ed3a453d68a2da0bb4b78725

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

:method: GET
:authority: www.kolotv.com
:scheme: https
:path: /2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
server: openresty
x-aws-lambda-call-status: 200
content-encoding: gzip
etag: W/"331b2-WuKgwhxQmEkyjy98TXbzd2oO43k"
last-modified: Mon, 22 Mar 2021 22:37:07 GMT
vary: Accept-Encoding
x-akamai-transformed: 9 39099 0 pmb=mRUM,2
cache-control: private, max-age=60
expires: Mon, 22 Mar 2021 22:38:07 GMT
date: Mon, 22 Mar 2021 22:37:07 GMT
set-cookie: AKA_A2=A; expires=Mon, 22-Mar-2021 23:37:07 GMT; path=/; domain=kolotv.com; secure; HttpOnly
server-timing: cdn-cache; desc=MISS edge; dur=601 origin; dur=427
link: <https://polyfill.io>;rel="preconnect",<https://gray-kolo-prod.cdn.arcpublishing.com>;rel="preconnect",<https://www.googletagmanager.com>;rel="preconnect",<https://www.google-analytics.com>;rel="preconnect"
content-security-policy: upgrade-insecure-requests

GET
H2 200 polyfill.min.js Show response
polyfill.io/v3/ 72 B
561 B 42ms
13ms Script
text/javascript 2a04:4e42::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://polyfill.io/v3/polyfill.min.js?features=NodeList.prototype.forEach%2CArray.prototype.forEach%2CSymbol.hasInstance%2Ces6%2CIntl%2ClocalStorage%2CDate.prototype.toISOString%2CDate.now%2Cdefault%2CObject.entries%2CArray.prototype.entries

Requested by

Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

aaecd144d2b8763b2fa5c91f09778294363cef363c10504205f4203922644d11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.kolotv.com
Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
content-type: text/javascript; charset=utf-8
age: 2744650
detected-user-agent: Chrome/89.0.4389
server-timing: MISS-CLUSTER, fastly;desc="Edge time";dur=61, HIT, fastly;desc="Edge time";dur=1
content-length: 74
referrer-policy: origin-when-cross-origin
last-modified: Thu, 18 Feb 2021 11:40:32 GMT
date: Mon, 22 Mar 2021 22:37:07 GMT
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
normalized-user-agent: chrome/89.0.0
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 react.js Show response
www.kolotv.com/pf/dist/engine/ 594 KB
137 KB 443ms
442ms Script
application/javascript 72.247.179.120
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kolotv.com/pf/dist/engine/react.js?d=139

Requested by

Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

72.247.179.120 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a72-247-179-120.deploy.static.akamaitechnologies.com

Software

openresty /

Resource Hash

f04784905cbe4e4b4d86d9ebaa7f7180a0ce1b6ae1e6436fc2a6877e309e0f3d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, upgrade-insecure-requests

Request headers

Referer: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests, upgrade-insecure-requests
content-encoding: gzip
last-modified: Thu, 11 Mar 2021 15:36:37 GMT
server: openresty
x-amz-request-id: J0C0M1E6R9XQ7BQM
etag: W/"cfb944db49dbac0860d5e4511f6ec24f"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=694
date: Mon, 22 Mar 2021 22:37:07 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=411
content-length: 139162
x-amz-id-2: M5dZQJ4sgkuJlLcxCcJj5yEmPtSevvAhLNQtkco16o+crnUkzyaHVgELyOEZQwjVcSzky3qoPWs=
expires: Mon, 22 Mar 2021 22:48:41 GMT

GET
H2 200 default.js Show response
www.kolotv.com/pf/dist/components/combinations/ 629 KB
156 KB 318ms
318ms Script
application/javascript 72.247.179.120
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kolotv.com/pf/dist/components/combinations/default.js?d=139

Requested by

Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

72.247.179.120 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a72-247-179-120.deploy.static.akamaitechnologies.com

Software

openresty /

Resource Hash

251c4a697ab0a65ce127726a15bd7e36a00f192818f051caa33a312c3ac4cc53

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, upgrade-insecure-requests

Request headers

Referer: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests, upgrade-insecure-requests
content-encoding: gzip
last-modified: Thu, 11 Mar 2021 15:36:37 GMT
server: openresty
x-amz-request-id: J0C91T2VQZ2D757Z
etag: W/"73e59a86dddd912c6ec09683be1c4109"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
x-edgeconnect-cache-status: 1
cache-control: public, max-age=356
date: Mon, 22 Mar 2021 22:37:08 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=285
content-length: 158819
x-amz-id-2: N9aPM58a2XfmZk3fnpEm59UoMhE1mSbz/pEadAvC+NLCEjrPxOO2BnlHl90vGOwoHj/DtiTie9U=
expires: Mon, 22 Mar 2021 22:43:04 GMT

GET
H2 200 main.css
gray-kolo-prod.cdn.arcpublishing.com/pf/resources/dist/__global/css/ 81 KB
14 KB 718ms
683ms Stylesheet
text/css 2a02:26f0:64::214:84a9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://gray-kolo-prod.cdn.arcpublishing.com/pf/resources/dist/__global/css/main.css?d=139

Requested by

Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:64::214:84a9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

5cfc2d0c3c6747d61f916efd19ed1ea1e236e65251ab20997729daae478b3e71

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, upgrade-insecure-requests

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests, upgrade-insecure-requests
content-encoding: gzip
last-modified: Thu, 11 Mar 2021 15:36:36 GMT
server: openresty
x-amz-request-id: T6CNRSZ0GKCDV7FC
etag: W/"4d6d48cd09433ad9103c460f1c4d0363"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, private, max-age=31536000
date: Mon, 22 Mar 2021 22:37:08 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=675
content-length: 14219
x-amz-id-2: UP4nwljk1bMs6f9pbDICYpV8GyFbKzh8zwqM/zG9zCwl0ywVOeIGxpHX1Bstpfh206cJ6AV8Iks=
expires: Tue, 22 Mar 2022 22:37:08 GMT

GET
H2 200 main.css
gray-kolo-prod.cdn.arcpublishing.com/pf/resources/dist/kolo/css/ 92 KB
15 KB 571ms
536ms Stylesheet
text/css 2a02:26f0:64::214:84a9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://gray-kolo-prod.cdn.arcpublishing.com/pf/resources/dist/kolo/css/main.css?d=139

Requested by

Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:64::214:84a9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

fc6a361dd5d4a26ab8db109dd02bf6cf256eb13b31993f0da85e33e898bf410c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, upgrade-insecure-requests

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests, upgrade-insecure-requests
content-encoding: gzip
last-modified: Thu, 11 Mar 2021 15:36:36 GMT
server: openresty
x-amz-request-id: T6CHY1SRAK5YDB0Z
etag: W/"48226243038c577ce4bf81ad06c2f933"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, private, max-age=31536000
date: Mon, 22 Mar 2021 22:37:08 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=524
content-length: 14916
x-amz-id-2: aCWpuJEvgOMcgJnoT6G5i5oHKgI6zaknUuGygl29OK+W/vKOyN82qHFky71eWGme/RO6Xsdl9EE=
expires: Tue, 22 Mar 2022 22:37:08 GMT

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.10.2/css/ 55 KB
11 KB 26ms
12ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.10.2/css/all.min.css?d=139

Requested by

Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce67cd6665e835604c7a650ea355d41857dcd2284618b61d82d252dca0abfe5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 22:37:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2198
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9974
cf-request-id: 08fdaec45100002b5924802000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:08 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e60-dcc5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4wLNi4he1%2Fm3b%2Bs9LWkZfCoDN0CWSPoFHy2n%2FNW3y07dMp7zsLIO%2BECcRHgB1U4lUswLLt83qsQ%2Bk25MGFGVDBNWxAXgAgU59T%2BKukBv8YlsOqNZ2m2PfyZ9aYDwi431rw%3D%3D"}],"max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6342e71a1f242b59-FRA
expires: Sat, 12 Mar 2022 22:37:07 GMT

GET
H2 200 gtm.js Show response
gray-kolo-prod.cdn.arcpublishing.com/pf/resources/js/analytics/ 584 B
763 B 329ms
294ms Script
application/javascript 2a02:26f0:64::214:84a9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://gray-kolo-prod.cdn.arcpublishing.com/pf/resources/js/analytics/gtm.js?d=139

Requested by

Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:64::214:84a9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

a47715e7a74a758bf33f6b1547b2eb7b4724d17ad6c13651c0945ac9c6187ff7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, upgrade-insecure-requests

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests, upgrade-insecure-requests
content-encoding: gzip
last-modified: Thu, 11 Mar 2021 15:36:37 GMT
server: openresty
x-amz-request-id: T6CQ6NXRGNAGDKHY
etag: W/"d95f5027a66e33b82dc537faa5603017"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, private, max-age=31536000
date: Mon, 22 Mar 2021 22:37:07 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=279
content-length: 305
x-amz-id-2: hWvKNGe6QyfHWujQdZwEaIfvSIX/6k9zV47a2c5dTSPmi1YVw9nDZEXcQZjTFlUGLcLLhRWeNa0=
expires: Tue, 22 Mar 2022 22:37:07 GMT

GET
H2 200 arcads.js Show response
gray-kolo-prod.cdn.arcpublishing.com/pf/resources/js/ads/ 30 KB
7 KB 418ms
384ms Script
application/javascript 2a02:26f0:64::214:84a9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://gray-kolo-prod.cdn.arcpublishing.com/pf/resources/js/ads/arcads.js?d=139

Requested by

Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:64::214:84a9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

59b34be2082879fdc13198c72038a8ca3e417c8439444376ec3febab5879c4e1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, upgrade-insecure-requests

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests, upgrade-insecure-requests
content-encoding: gzip
etag: W/"59a5907498d48ef5d1f257361ea42c24"
x-amz-request-id: T6CY663RWM4WEHYK
date: Mon, 22 Mar 2021 22:37:07 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=365
content-length: 6188
x-amz-id-2: 7fkPpAc0cDWgUoyBEYczhJVmoBsRl9+54REUywUuceydwaopftPkN5DBN2eg/291M9sW3Xy//b0=
last-modified: Thu, 11 Mar 2021 15:36:37 GMT
server: openresty
x-edgeconnect-cache-status: 1
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, private, max-age=31536000
expires: Tue, 22 Mar 2022 22:37:07 GMT

GET
H2 200 powaBoot.js Show response
d3agakyjgjv5i8.cloudfront.net/prod/ 38 KB
14 KB 52ms
24ms Script
application/javascript 2600:9000:2182:a00:b:5584:2800:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3agakyjgjv5i8.cloudfront.net/prod/powaBoot.js?org=gray
Requested by: Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:a00:b:5584:2800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7a3c4abb6ca8f9761c4b20b07d62ae84a89839db82a9a94e0b774f062c7838d8

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 22:37:08 GMT
content-encoding: gzip
last-modified: Tue, 15 Dec 2020 20:03:31 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-C1
etag: W/"a8ac1e5d429cca870ea67d1c5fd2ac74"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 cddd3e95f67291463f7a95d065c7fcff.cloudfront.net (CloudFront)
cache-control: max-age=300
x-amz-cf-id: PO9-W9GX0ugp-8UokrZ96P5gU5J9c0P8PyKnATeve-szdO__MzPNxQ==

GET
H2 200 powa.js Show response
d3agakyjgjv5i8.cloudfront.net/prod/ 248 KB
64 KB 40ms
33ms Script
application/javascript 2600:9000:2182:a00:b:5584:2800:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3agakyjgjv5i8.cloudfront.net/prod/powa.js?org=gray
Requested by: Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:a00:b:5584:2800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 486f7b497bdbcd1b0db9bc5999c5c69b74990f09da36e1f11c8696b620057e91

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 22:37:08 GMT
content-encoding: gzip
last-modified: Mon, 22 Mar 2021 20:59:29 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-C1
etag: W/"9e24fbc43a706d75a5d41069c0a3bd9e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 cddd3e95f67291463f7a95d065c7fcff.cloudfront.net (CloudFront)
cache-control: max-age=300
x-amz-cf-id: E5rqBlzEy6NCxbaQlemB2Zggs5_LG25iMe4fBkGhO7k5Mt9JKawC3w==

GET
H2 200 outbrain.js Show response
widgets.outbrain.com/ 169 KB
57 KB 74ms
23ms Script
application/x-javascript 23.218.209.87
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/outbrain.js
Requested by: Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.209.87 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-209-87.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4c75866b96d0beb84da129fec2f73daa3584d6ec3a1a84bd34c55762be48b1c7

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 22:37:08 GMT
content-encoding: gzip
edge-cache-tag: widget-cheetah
cookie: CheetahStaging=true
x-traceid: 2821c04d15a9b33bdd6386a3691f37cf
content-length: 57577
last-modified: Sun, 21 Mar 2021 15:31:40 GMT
etag: W/"2a555-7zDHuWtCwd0ElO/z07olBcATG9E"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
timing-allow-origin: *, *
expires: Tue, 23 Mar 2021 02:37:08 GMT

GET
H2 200 4KRWR5IQMRBDZHQLYXOGVEPU4M.jpg
gray-kolo-prod.cdn.arcpublishing.com/resizer/5kHzpAhA9dgbhGWq6DUy-hJYcTA=/800x450/smart/cloudfront-us-east-1.images.arcpublishing.com/gray/ 40 KB
41 KB 534ms
528ms Image
image/jpeg 2a02:26f0:64::214:84a9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gray-kolo-prod.cdn.arcpublishing.com/resizer/5kHzpAhA9dgbhGWq6DUy-hJYcTA=/800x450/smart/cloudfront-us-east-1.images.arcpublishing.com/gray/4KRWR5IQMRBDZHQLYXOGVEPU4M.jpg

Requested by

Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:64::214:84a9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Server /

Resource Hash

0b5601957022db053540ca29a4ca522a11ce749594b9a23a7975db6484a63f4e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, upgrade-insecure-requests

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests, upgrade-insecure-requests
last-modified: Thu, 01 Jan 1970 00:00:01 GMT
server: Akamai Image Server
etag: "192c9b5c08668fa9578525b17a60b01b4dff561e"
content-type: image/jpeg
cache-control: private, max-age=31446898
date: Mon, 22 Mar 2021 22:37:08 GMT
server-timing: cdn-cache; desc=MISS, edge; dur=-302, origin; dur=820
x-akamai-note: original-image
content-length: 40996
x-akamai-im-skip-dlr: 1
expires: Mon, 21 Mar 2022 21:52:06 GMT

GET
H2 200 VBMHJY5DO5BPRCXT746662OT2M.jpg
gray-kolo-prod.cdn.arcpublishing.com/resizer/8Ep6QFkWWj4HGs35GL01Hf2Un0U=/800x450/smart/cloudfront-us-east-1.images.arcpublishing.com/gray/ 76 KB
77 KB 302ms
296ms Image
image/jpeg 2a02:26f0:64::214:84a9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gray-kolo-prod.cdn.arcpublishing.com/resizer/8Ep6QFkWWj4HGs35GL01Hf2Un0U=/800x450/smart/cloudfront-us-east-1.images.arcpublishing.com/gray/VBMHJY5DO5BPRCXT746662OT2M.jpg

Requested by

Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:64::214:84a9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Server /

Resource Hash

f9c98d151390e22cba4f16ad7c43255528c887efd3a6bdc4783ed1538c7c786d

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, upgrade-insecure-requests

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests, upgrade-insecure-requests
last-modified: Thu, 01 Jan 1970 00:00:01 GMT
server: Akamai Image Server
etag: "2010f0c591a9dffc36d8f73bf812f0b40c5cf6a9"
content-type: image/jpeg
cache-control: private, max-age=31449299
date: Mon, 22 Mar 2021 22:37:08 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=282
x-akamai-note: original-image
content-length: 78335
x-akamai-im-skip-dlr: 1
expires: Mon, 21 Mar 2022 22:32:07 GMT

GET
H2 200 PSWDSM3SPND2ZBQEHGA54EKWMA.jpg
gray-kolo-prod.cdn.arcpublishing.com/resizer/f-VrbJU719wGaPuKNhtLuC6PcfY=/800x450/smart/cloudfront-us-east-1.images.arcpublishing.com/gray/ 57 KB
58 KB 940ms
935ms Image
image/jpeg 2a02:26f0:64::214:84a9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gray-kolo-prod.cdn.arcpublishing.com/resizer/f-VrbJU719wGaPuKNhtLuC6PcfY=/800x450/smart/cloudfront-us-east-1.images.arcpublishing.com/gray/PSWDSM3SPND2ZBQEHGA54EKWMA.jpg

Requested by

Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:64::214:84a9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Server /

Resource Hash

674ae7d204e318f016258b8c404cf4ef376a7753980a3011bf838711f0f5a6f9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, upgrade-insecure-requests

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests, upgrade-insecure-requests
last-modified: Thu, 01 Jan 1970 00:00:01 GMT
server: Akamai Image Server
etag: "bca88b3a354df6fc0e983739bd752cc59a9ad9b7"
content-type: image/jpeg
cache-control: private, max-age=31428930
date: Mon, 22 Mar 2021 22:37:09 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=917
x-akamai-note: original-image
content-length: 58875
x-akamai-im-skip-dlr: 1
expires: Mon, 21 Mar 2022 16:52:39 GMT

GET
H2 200 OLR72OKVVJFGLBAGNXSQE65YI4.PNG
gray-kolo-prod.cdn.arcpublishing.com/resizer/e476ZVzA-Pr_ikC2SilbBqrnqoA=/800x450/smart/cloudfront-us-east-1.images.arcpublishing.com/gray/ 80 KB
81 KB 579ms
574ms Image
image/jpeg 2a02:26f0:64::214:84a9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gray-kolo-prod.cdn.arcpublishing.com/resizer/e476ZVzA-Pr_ikC2SilbBqrnqoA=/800x450/smart/cloudfront-us-east-1.images.arcpublishing.com/gray/OLR72OKVVJFGLBAGNXSQE65YI4.PNG

Requested by

Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:64::214:84a9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Server /

Resource Hash

7cf137bc0a01ea2210b72d7e9efcfde79caa8ca65f7b9596a67af7f6bb332db6

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, upgrade-insecure-requests

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests, upgrade-insecure-requests
last-modified: Thu, 01 Jan 1970 00:00:01 GMT
server: Akamai Image Server
etag: "78bf801871d72811a1deb5c9ebe712103e7638c9"
content-type: image/jpeg
cache-control: private, max-age=31303385
date: Mon, 22 Mar 2021 22:37:08 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=552
content-length: 82065
x-akamai-im-skip-dlr: 1
expires: Sun, 20 Mar 2022 06:00:13 GMT

GET
H2 200 6GUMQOWFTJH2POZ4YJ2Z5F2C3I.jpg
gray-kolo-prod.cdn.arcpublishing.com/resizer/-ZkHu_AN2ykR-BvlpKEwbLPpe4s=/800x450/smart/cloudfront-us-east-1.images.arcpublishing.com/gray/ 70 KB
70 KB 614ms
609ms Image
image/jpeg 2a02:26f0:64::214:84a9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gray-kolo-prod.cdn.arcpublishing.com/resizer/-ZkHu_AN2ykR-BvlpKEwbLPpe4s=/800x450/smart/cloudfront-us-east-1.images.arcpublishing.com/gray/6GUMQOWFTJH2POZ4YJ2Z5F2C3I.jpg

Requested by

Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:64::214:84a9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Server /

Resource Hash

97f9137857e290ec298ca60c6cb654399d487e76c7af56ffa250e642083df989

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, upgrade-insecure-requests

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests, upgrade-insecure-requests
last-modified: Thu, 01 Jan 1970 00:00:01 GMT
server: Akamai Image Server
etag: "fc41816695d722b89c004438b818beb38b8a0116"
content-type: image/jpeg
cache-control: private, max-age=31362142
date: Mon, 22 Mar 2021 22:37:08 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=582
x-akamai-note: original-image
content-length: 71438
x-akamai-im-skip-dlr: 1
expires: Sun, 20 Mar 2022 22:19:30 GMT

GET
H2 200 SYKAU6IN3ZFHNFXVAHFSV5N2WQ.jpg
gray-kolo-prod.cdn.arcpublishing.com/resizer/gJib6R9PuNKU9TP13wCeJ75zK5k=/800x450/smart/cloudfront-us-east-1.images.arcpublishing.com/gray/ 54 KB
54 KB 463ms
458ms Image
image/jpeg 2a02:26f0:64::214:84a9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gray-kolo-prod.cdn.arcpublishing.com/resizer/gJib6R9PuNKU9TP13wCeJ75zK5k=/800x450/smart/cloudfront-us-east-1.images.arcpublishing.com/gray/SYKAU6IN3ZFHNFXVAHFSV5N2WQ.jpg

Requested by

Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:64::214:84a9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Server /

Resource Hash

95e9fa918827d35322e669ab7af0fba6733453d05c2c1ebf25eb87fe840c6326

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, upgrade-insecure-requests

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests, upgrade-insecure-requests
last-modified: Thu, 01 Jan 1970 00:00:01 GMT
server: Akamai Image Server
etag: "b6b1337b305e0261afceb852a5b0a9b0f67c6e11"
content-type: image/jpeg
cache-control: private, max-age=31530520
date: Mon, 22 Mar 2021 22:37:08 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=426
x-akamai-note: original-image
content-length: 55122
x-akamai-im-skip-dlr: 1
expires: Tue, 22 Mar 2022 21:05:48 GMT

GET
H2 200 5IHSUN72HBDAXAP4AKWZCFHJLU.jpg
gray-kolo-prod.cdn.arcpublishing.com/resizer/on08nKAHzSgR-UIyzdFD6MGez5M=/800x450/smart/cloudfront-us-east-1.images.arcpublishing.com/gray/ 36 KB
37 KB 324ms
319ms Image
image/jpeg 2a02:26f0:64::214:84a9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gray-kolo-prod.cdn.arcpublishing.com/resizer/on08nKAHzSgR-UIyzdFD6MGez5M=/800x450/smart/cloudfront-us-east-1.images.arcpublishing.com/gray/5IHSUN72HBDAXAP4AKWZCFHJLU.jpg

Requested by

Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:64::214:84a9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Server /

Resource Hash

db34afa538a9eb308d02f25445d57821df12f0176a7b20717781f759ce367bdd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, upgrade-insecure-requests

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests, upgrade-insecure-requests
last-modified: Thu, 01 Jan 1970 00:00:01 GMT
server: Akamai Image Server
etag: "570657de7b6b686d22f6beb52f2d7007f9333217"
content-type: image/jpeg
cache-control: private, max-age=31529779
date: Mon, 22 Mar 2021 22:37:08 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=282
x-akamai-note: original-image
content-length: 37355
x-akamai-im-skip-dlr: 1
expires: Tue, 22 Mar 2022 20:53:27 GMT

GET
H2 200 6Q4W5KFT4ZDWTAGS3RHZ4FP3SI.jpg
gray-kolo-prod.cdn.arcpublishing.com/resizer/viYFXUgqrXWsTINWz7gxrRpezOQ=/800x450/smart/cloudfront-us-east-1.images.arcpublishing.com/gray/ 20 KB
21 KB 500ms
495ms Image
image/jpeg 2a02:26f0:64::214:84a9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gray-kolo-prod.cdn.arcpublishing.com/resizer/viYFXUgqrXWsTINWz7gxrRpezOQ=/800x450/smart/cloudfront-us-east-1.images.arcpublishing.com/gray/6Q4W5KFT4ZDWTAGS3RHZ4FP3SI.jpg

Requested by

Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:64::214:84a9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Server /

Resource Hash

d5fdcbb882901e1b4ca23af26fb2ef5452f0ad584032a721acacbe50318aab7a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, upgrade-insecure-requests

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests, upgrade-insecure-requests
last-modified: Thu, 01 Jan 1970 00:00:01 GMT
server: Akamai Image Server
etag: "7becf1d459276bef4adbf4e0fa87e5992dd7e423"
content-type: image/jpeg
cache-control: private, max-age=31528437
date: Mon, 22 Mar 2021 22:37:08 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=455
x-akamai-note: original-image
content-length: 20670
x-akamai-im-skip-dlr: 1
expires: Tue, 22 Mar 2022 20:31:05 GMT

GET
H2 200 Y46O3VAODFCPTHQ2PYRC2VMWVM.jpg
gray-kolo-prod.cdn.arcpublishing.com/resizer/J5FpVVu8YkrQ0V9KUX-ZMaRyDO8=/800x450/smart/cloudfront-us-east-1.images.arcpublishing.com/gray/ 27 KB
27 KB 589ms
585ms Image
image/jpeg 2a02:26f0:64::214:84a9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gray-kolo-prod.cdn.arcpublishing.com/resizer/J5FpVVu8YkrQ0V9KUX-ZMaRyDO8=/800x450/smart/cloudfront-us-east-1.images.arcpublishing.com/gray/Y46O3VAODFCPTHQ2PYRC2VMWVM.jpg

Requested by

Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:64::214:84a9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Server /

Resource Hash

089e903e6ef6ae1c3f6a79165ab3fe71da2a94559c9e61b8f665f1754fe906c3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, upgrade-insecure-requests

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests, upgrade-insecure-requests
last-modified: Thu, 01 Jan 1970 00:00:01 GMT
server: Akamai Image Server
etag: "5cca42402f524461bc72651a83076c5909c52063"
content-type: image/jpeg
cache-control: private, max-age=31526753
date: Mon, 22 Mar 2021 22:37:08 GMT
server-timing: cdn-cache; desc=MISS, edge; dur=136, origin; dur=404
x-akamai-note: original-image
content-length: 27503
x-akamai-im-skip-dlr: 1
expires: Tue, 22 Mar 2022 20:03:01 GMT

GET
H2 200 4RPB36BO3NCFDAHI77NHOHJGJA.jpg
gray-kolo-prod.cdn.arcpublishing.com/resizer/DqZ2VFo9o28s2-f1uoKzpZ-t4wg=/800x450/smart/cloudfront-us-east-1.images.arcpublishing.com/gray/ 34 KB
35 KB 549ms
545ms Image
image/jpeg 2a02:26f0:64::214:84a9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gray-kolo-prod.cdn.arcpublishing.com/resizer/DqZ2VFo9o28s2-f1uoKzpZ-t4wg=/800x450/smart/cloudfront-us-east-1.images.arcpublishing.com/gray/4RPB36BO3NCFDAHI77NHOHJGJA.jpg

Requested by

Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:64::214:84a9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Server /

Resource Hash

4615f21d85afcb1c72ac9f1c22539a5e5a333f8a6ed0311f3375df2143f7b403

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, upgrade-insecure-requests

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests, upgrade-insecure-requests
last-modified: Thu, 01 Jan 1970 00:00:01 GMT
server: Akamai Image Server
etag: "dfb5f81ef27680750f3cc37b664b9bded90a64ba"
content-type: image/jpeg
cache-control: private, max-age=31521726
date: Mon, 22 Mar 2021 22:37:08 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=496
x-akamai-note: original-image
content-length: 35165
x-akamai-im-skip-dlr: 1
expires: Tue, 22 Mar 2022 18:39:14 GMT

GET
H2 200 default.js Show response
www.kolotv.com/pf/dist/template/article-default-template/ 13 KB
2 KB 299ms
294ms Script
application/javascript 72.247.179.120
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kolotv.com/pf/dist/template/article-default-template/default.js?d=139

Requested by

Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

72.247.179.120 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a72-247-179-120.deploy.static.akamaitechnologies.com

Software

openresty /

Resource Hash

02969cced801a7b0a69bbbe7cbb11405447ecf8c0093b195d2ee8a2d339831f2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, upgrade-insecure-requests

Request headers

Referer: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests, upgrade-insecure-requests
content-encoding: gzip
last-modified: Mon, 22 Mar 2021 12:31:45 GMT
server: openresty
x-amz-request-id: S2GQYYC9BAPNWZQ1
etag: W/"b85f78c90905c748dc8db0987b59c5c0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=49
date: Mon, 22 Mar 2021 22:37:08 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=263
content-length: 2110
x-amz-id-2: NzBsk49hE0sKg5I7KeCgiJSesX9Aky5houOGJB9Mrpn73yMEXvTkkeW7X8DZR98qT95Vifg7Jvw=
expires: Mon, 22 Mar 2021 22:37:57 GMT

GET
H2 200 v2ifvwqPXE9BFrH8cuq6EjcK57ICvp7Rg1NTbeoWDvSiagk8PzI4p2yLt Show response
reconditerespect.com/ 103 KB
30 KB 281ms
218ms Script
text/javascript 35.201.98.64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://reconditerespect.com/v2ifvwqPXE9BFrH8cuq6EjcK57ICvp7Rg1NTbeoWDvSiagk8PzI4p2yLt

Requested by

Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.98.64 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

64.98.201.35.bc.googleusercontent.com

Software

Resource Hash

996e982d5f64acc9e257a781247bdaa5f41827045d62b25998b59632d1c5f544

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: br
x-datacenter: gce-europe-west1
etag: "86f90a15447d4b4c25b3f3e72ac0ca82c67bb98c56114cb27b39399ac4497177"
vary: Accept-Encoding, Accept-Language
x-hostname: 670b36ad
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
date: Mon, 22 Mar 2021 22:37:08 GMT
timing-allow-origin: *

GET
H2 200 v2mja6-J53OCay_8K8iMS2Q7wSZgF28qhyXVzJIAyWanoqXMG2u01MtjGo7uJ_XGzwQYL-zXgDg Show response
reconditerespect.com/ 16 KB
6 KB 276ms
212ms Script
text/javascript 35.201.98.64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://reconditerespect.com/v2mja6-J53OCay_8K8iMS2Q7wSZgF28qhyXVzJIAyWanoqXMG2u01MtjGo7uJ_XGzwQYL-zXgDg

Requested by

Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.98.64 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

64.98.201.35.bc.googleusercontent.com

Software

Resource Hash

e1f95544a3ad11db58289d96489506e6573af63f5cd3ef81582072d100bdb69b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: gzip
x-datacenter: gce-europe-west1
etag: "4a27f0be7f0e32c33b426e8cce2447bc7e304e34dedcb12b5ee23b4da38e17ff"
vary: Accept-Encoding, Accept-Language
x-hostname: 670b36ad
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
date: Mon, 22 Mar 2021 22:37:08 GMT
timing-allow-origin: *

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 126 KB
35 KB 35ms
31ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M5QQ3JP&l=RCdataLayer

Requested by

Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bd27a6044b88e8b876e8eb6df6f9c38a19ed1418207e029ce902cb89b7c32a0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 22:37:08 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35702
x-xss-protection: 0
last-modified: Mon, 22 Mar 2021 21:58:37 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 22 Mar 2021 22:37:08 GMT

GET
H2

200

connatix.playspace.dc.js Show response
cds.connatix.com/p/109019/ Frame 3681
Redirect Chain

https://cd.connatix.com/connatix.playspace.js
https://cds.connatix.com/p/109019/connatix.playspace.dc.js

1 MB
222 KB

19ms
17ms

Script
application/javascript

151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/109019/connatix.playspace.dc.js
Requested by: Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d007b4cae61e031eed68ead89aa8fc5eb4edc2adf8c97870b1e7f587f25f5806

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 22:37:08 GMT
content-encoding: br
last-modified: Fri, 19 Mar 2021 13:20:19 GMT
age: 44421
etag: "fb520f1b5c03910200644d0dbbc5f9be"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 226969

Redirect headers

location: https://cds.connatix.com/p/109019/connatix.playspace.dc.js
date: Mon, 22 Mar 2021 22:37:08 GMT
cache-control: no-cache, no-store, must-revalidate, max-age=0
age: 0
accept-ranges: bytes
content-length: 0
retry-after: 0

GET
H2 200 2E2M7-67B4A-DL5Z6-QJNZK-YUVYQ Show response
s.go-mpulse.net/boomerang/ Frame D47C 202 KB
51 KB 39ms
21ms Script
application/javascript 2a02:26f0:7100:1b8::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.go-mpulse.net/boomerang/2E2M7-67B4A-DL5Z6-QJNZK-YUVYQ
Requested by: Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:7100:1b8::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 95a439c4e11ace2484e8d42c30ff56cf7db5ea7c6463df9ce2fdafa7f6ccbf54

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 22:37:08 GMT
content-encoding: br
last-modified: Tue, 09 Mar 2021 00:07:37 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
timing-allow-origin: *
content-length: 51580

GET
H2 200 kolo.jpg
www.kolotv.com/pf/resources/images/mastheads/backgrounds/ 26 KB
27 KB 47ms
44ms Image
image/jpeg 72.247.179.120
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.kolotv.com/pf/resources/images/mastheads/backgrounds/kolo.jpg?d=139

Requested by

Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

72.247.179.120 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a72-247-179-120.deploy.static.akamaitechnologies.com

Software

Akamai Image Server /

Resource Hash

bb7cf55d26c62c6d184ec840dd13ddd5c8d05fd54cb1631a8bf27483119df47e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests, upgrade-insecure-requests

Request headers

Referer: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests, upgrade-insecure-requests
last-modified: Thu, 11 Mar 2021 15:36:37 GMT
server: Akamai Image Server
etag: W/"c49a88acc53a1e6483da0f851a035881"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, private, max-age=30561223
date: Mon, 22 Mar 2021 22:37:08 GMT
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 26878
x-akamai-im-skip-dlr: 1
expires: Fri, 11 Mar 2022 15:50:51 GMT

GET
H2 200 kolo.svg
www.kolotv.com/pf/resources/images/mastheads/logos/ 66 KB
20 KB 39ms
36ms Image
image/svg+xml 72.247.179.120
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.kolotv.com/pf/resources/images/mastheads/logos/kolo.svg?d=139

Requested by

Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

72.247.179.120 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a72-247-179-120.deploy.static.akamaitechnologies.com

Software

openresty /

Resource Hash

c87156f914b7b19017ebaf0679a2522f94207e6af259843a8e9bb15a514ef8ce

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 22:37:08 GMT
content-encoding: gzip
last-modified: Thu, 11 Mar 2021 15:36:37 GMT
server: openresty
x-amz-request-id: 3CR1XY3QWVWJ1HMR
etag: W/"fba5d686d6cfd8564359b745c07ceb6e"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, private, max-age=31536000
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 19625
x-amz-id-2: HGsiXKLwWadpxmgJjkSJnrFkuqaRAq0Z/Ofp21EWt2/MfVpRWgPBO0767zvpYEoHByWLkdxxpQ4=
expires: Tue, 22 Mar 2022 22:37:08 GMT

GET
H2 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.10.2/webfonts/ 74 KB
74 KB 25ms
12ms Font
application/octet-stream 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.10.2/webfonts/fa-solid-900.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.10.2/css/all.min.css?d=139

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e5cc0e72c3b89f5345e3e04ae5db4fbcb91daff763a05f6fbc1d0783f90918d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.kolotv.com
Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.10.2/css/all.min.css?d=139
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 22:37:08 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1640520
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 75408
cf-request-id: 08fdaec74900002bcee596a000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:08 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e60-12690"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=v6ekcYRm85VvYxXDy0aePrjAMhZie9sjTcgw1GO8%2BxsrB3lu9jKu%2FGut1k9Ow454vzo8wC0z9XbRT7EwrhFMXamLRI1HnuIyUln4xBt2uAReh9MssP5gnvemJlhk83hrog%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6342e71edc992bce-FRA
expires: Sat, 12 Mar 2022 22:37:08 GMT

GET
H2 200 grayLogoHorizontal.svg
gray-kolo-prod.cdn.arcpublishing.com/pf/resources/dist/images/ 14 KB
5 KB 10ms
9ms Image
image/svg+xml 2a02:26f0:64::214:84a9
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gray-kolo-prod.cdn.arcpublishing.com/pf/resources/dist/images/grayLogoHorizontal.svg?d=139

Requested by

Host: gray-kolo-prod.cdn.arcpublishing.com
URL: https://gray-kolo-prod.cdn.arcpublishing.com/pf/resources/dist/kolo/css/main.css?d=139

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:64::214:84a9 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

cc8b84ad84585cf2ee61f8f2f7ce48b578872bd753e6c0495f79a16ac27bb0b8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://gray-kolo-prod.cdn.arcpublishing.com/pf/resources/dist/kolo/css/main.css?d=139
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 22:37:08 GMT
content-encoding: gzip
last-modified: Thu, 11 Mar 2021 15:36:36 GMT
server: openresty
x-amz-request-id: T6CGF7ARAFR8VWT3
etag: W/"4228f26a863969873e28bcee1a6a4ded"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, private, max-age=31536000
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 5010
x-amz-id-2: Tl9VetMNlOKFNPMtsFXeRKCxTMZ1m3XJ5zw4tkkn9VGTl9fyGxEkGdcxv9+JI+5PBq4bK2fBkJw=
expires: Tue, 22 Mar 2022 22:37:08 GMT

GET
H2 200 fa-regular-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.10.2/webfonts/ 13 KB
14 KB 14ms
14ms Font
application/octet-stream 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.10.2/webfonts/fa-regular-400.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.10.2/css/all.min.css?d=139

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9b401a5d10a1817be22708d87eebd91c68691c4845ea85d7131e0989cff57ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.kolotv.com
Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.10.2/css/all.min.css?d=139
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 22:37:08 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 713
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13584
cf-request-id: 08fdaec79e00002bcebf8ea000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:08 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e60-3510"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bECzZDkbKu07WPeDkhdV8pj23mpMogx771t6HP3qxlAri604JqNy%2BsiLzXv%2BPoHl3uiwV95SvMMSm6JGNtXMNp%2Bq%2F2Bd7AZD%2BUkAVRnqgESNnCk82VIsfjiVfpF1tL4XWQ%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6342e71f6d4d2bce-FRA
expires: Sat, 12 Mar 2022 22:37:08 GMT

GET
H2 200 gray.js Show response
d3agakyjgjv5i8.cloudfront.net/prod/org/ 71 KB
21 KB 423ms
423ms Script
application/javascript 2600:9000:2182:a00:b:5584:2800:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3agakyjgjv5i8.cloudfront.net/prod/org/gray.js?org=gray
Requested by: Host: d3agakyjgjv5i8.cloudfront.net
URL: https://d3agakyjgjv5i8.cloudfront.net/prod/powaBoot.js?org=gray
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:a00:b:5584:2800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3a33e5c564fc0457dfd381a147e5a3af7030082b09b532624ecadf9c3ea0c9a2

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 22:37:09 GMT
content-encoding: gzip
last-modified: Mon, 22 Mar 2021 20:59:29 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-C1
etag: W/"227105fcc6043beb89fd768f40edd6df"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
via: 1.1 cddd3e95f67291463f7a95d065c7fcff.cloudfront.net (CloudFront)
cache-control: max-age=300
x-amz-cf-id: cQtE6FMtCGUGNGiytYOVbP86m8z6OzcBD-Tq6w4sqZPYf83QN7Crrw==

GET
H2 200 put.html Show response
widgets.outbrain.com/nanoWidget/externals/cookie/ Frame 09A8 416 B
816 B 24ms
23ms Document
text/html 23.218.209.87
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.209.87 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-209-87.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 4f3b933077b738b503f7543ffc82fa0a061f0fe7d0ff1470865fde561a324bcc

Request headers

:method: GET
:authority: widgets.outbrain.com
:scheme: https
:path: /nanoWidget/externals/cookie/put.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.kolotv.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.kolotv.com/

Response headers

accept-ranges: bytes
content-type: text/html
etag: "c0311cf15c21ddda054005e92fad3f9e:1616342831.377797"
last-modified: Sun, 21 Mar 2021 15:30:54 GMT
server: AkamaiNetStorage
content-length: 416
cache-control: max-age=345600
date: Mon, 22 Mar 2021 22:37:08 GMT
timing-allow-origin: * *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
cookie: CheetahStaging=true
set-cookie: akacd_widgets_routing=1616452628~rv=72~id=f7660f2ff1a4ae7f71b498e97ab78250; path=/; Expires=Mon, 22 Mar 2021 22:37:08 GMT; Secure; SameSite=None

GET
H/1.1 200
OK d3d3LmtvbG90di5jb20= Show response
tcheck.outbrainimg.com/tcheck/check/ 16 B
464 B 70ms
22ms XHR
application/json 184.30.25.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tcheck.outbrainimg.com/tcheck/check/d3d3LmtvbG90di5jb20=
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.25.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-25-193.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 22 Mar 2021 22:37:08 GMT
ETag: W/"10-us8lSJutAxKqLzf8c1+n5XstcwY"
Access-Control-Max-Age: 43200
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=13803
Access-Control-Allow-Credentials: false
Connection: keep-alive
X-TraceId: 4e5e186c9131e5036fffa884e9685556
Content-Length: 16
Expires: Tue, 23 Mar 2021 02:27:11 GMT

GET
H2 200 px.gif
widget-pixels.outbrain.com/widget/detect/ 43 B
467 B 23ms
22ms Image
image/gif 23.218.209.87
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1&rn=5.419979835083348
Requested by: Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.209.87 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-209-87.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 22:37:08 GMT
last-modified: Wed, 30 Sep 2020 14:22:29 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
cookie: CheetahStaging=true
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 43
expires: Wed, 21 Apr 2021 22:37:08 GMT

GET
H3-Q050 200 gtm.js Show response
www.googletagmanager.com/ 99 KB
34 KB 55ms
41ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K98NJ4V&l=RCdataLayer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M5QQ3JP&l=RCdataLayer

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f818dc0afe64983fd716eba86b7a850160f895c5ee3a6a03538325830f93e7ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 22:37:08 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34245
x-xss-protection: 0
last-modified: Mon, 22 Mar 2021 21:58:37 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 22 Mar 2021 22:37:08 GMT

GET
H/1.1 200
OK beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 69ms
23ms Script
application/x-javascript 184.25.115.49
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.25.115.49 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-25-115-49.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 22 Mar 2021 22:37:08 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 884
Expires: Tue, 23 Mar 2021 22:37:08 GMT

GET
H2 200 connatix.playspace.css
cds.connatix.com/p/109019/ 102 KB
14 KB 16ms
16ms Stylesheet
text/css 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/109019/connatix.playspace.css
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4e1d09387f62774dbb03e6b7c8404f8ccadb06a747b60571f8f080213820cab9

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 22:37:08 GMT
content-encoding: br
last-modified: Fri, 19 Mar 2021 13:20:19 GMT
age: 44420
etag: "a2e4815b59a14d0ee11b3bde797ef7e0"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 14290

GET
H/1.1 200
OK dwce_cheq_events Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 358ms
87ms XHR
application/json 70.42.32.31
INTERNAP-BLK3

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1616452628652&sessionId=8e15a4aa-54ad-132a-efcc-edfe7eff6548&url=www.kolotv.com&cheqSource=1&cheqEvent=0&exitReason=2
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.31 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Mar 2021 22:37:08 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: ff9283bdb8adbd3eb76d532ea33198aa
Content-Length: 4
Expires: 0

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 57 KB
19 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.kolotv.com
URL: https://www.kolotv.com/pf/dist/components/combinations/default.js?d=139

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d660da8b95850d124ee0837d7b29b2ae5a5faa9b154c57c9e080b464e8d2b266

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 22:37:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "820 / 575 of 1000 / last-modified: 1616450900"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19749
x-xss-protection: 0
expires: Mon, 22 Mar 2021 22:37:08 GMT

GET
H/1.1

204
No Content

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=10477191&cs_ucfr=1&ns__t=1616452628861&ns_c=UTF-8&cv=3.5&c8=Increase%20in%20identity%20theft%20tied%20to%20fraudulent%20unemployment%20claims&c7=https%3A%...
https://sb.scorecardresearch.com/b2?c1=2&c2=10477191&cs_ucfr=1&ns__t=1616452628861&ns_c=UTF-8&cv=3.5&c8=Increase%20in%20identity%20theft%20tied%20to%20fraudulent%20unemployment%20claims&c7=https%3A...

0
528 B

23ms
23ms

Image
text/plain

184.25.115.49
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=10477191&cs_ucfr=1&ns__t=1616452628861&ns_c=UTF-8&cv=3.5&c8=Increase%20in%20identity%20theft%20tied%20to%20fraudulent%20unemployment%20claims&c7=https%3A%2F%2Fwww.kolotv.com%2F2020%2F07%2F11%2Fincrease-in-identity-theft-tied-to-fraudulent-unemployment-claims%2F%23%253A~%253Atext%253D%2528KOLO%2529%2520-%2520The%2520Washoe%2520County%252Ctied%2520to%2520fraudulent%2520unemployment%2520claims.%2526text%253DThe%2520Nevada%2520Attorney%2520General%2520also%252Cat%2520888-434-9989.&c9=&cs_ak_ss=1
Requested by: Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.25.115.49 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-25-115-49.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Mar 2021 22:37:08 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/b2?c1=2&c2=10477191&cs_ucfr=1&ns__t=1616452628861&ns_c=UTF-8&cv=3.5&c8=Increase%20in%20identity%20theft%20tied%20to%20fraudulent%20unemployment%20claims&c7=https%3A%2F%2Fwww.kolotv.com%2F2020%2F07%2F11%2Fincrease-in-identity-theft-tied-to-fraudulent-unemployment-claims%2F%23%253A~%253Atext%253D%2528KOLO%2529%2520-%2520The%2520Washoe%2520County%252Ctied%2520to%2520fraudulent%2520unemployment%2520claims.%2526text%253DThe%2520Nevada%2520Attorney%2520General%2520also%252Cat%2520888-434-9989.&c9=&cs_ak_ss=1
Pragma: no-cache
Date: Mon, 22 Mar 2021 22:37:08 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 test.html Show response
widgets.outbrain.com/nanoWidget/externals/cookie/ Frame 09A8 610 B
1008 B 23ms
22ms Document
text/html 23.218.209.87
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/cookie/test.html
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.209.87 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-209-87.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6139e1fc0d3709eebbe2b18510cf24361b9f8a538c3529a73c282bafe6c78474

Request headers

:method: GET
:authority: widgets.outbrain.com
:scheme: https
:path: /nanoWidget/externals/cookie/test.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: thirdparty=yes
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html

Response headers

accept-ranges: bytes
content-type: text/html
etag: "48053d50141031b1511dbd30f9a31288:1616342832.127557"
last-modified: Sun, 21 Mar 2021 15:30:54 GMT
server: AkamaiNetStorage
content-length: 610
cache-control: max-age=345600
date: Mon, 22 Mar 2021 22:37:08 GMT
timing-allow-origin: * *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
cookie: CheetahStaging=true
set-cookie: akacd_widgets_routing=1616452628~rv=27~id=e4f917a7c113a28d26c715e3e5b80dfa; path=/; Expires=Mon, 22 Mar 2021 22:37:08 GMT; Secure; SameSite=None

POST
H/1.1 200
OK story Show response
capi.connatix.com/core/ Frame 3681 127 B
453 B 447ms
111ms XHR
multipart/form-data 18.218.162.22
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/core/story?v=109019
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.218.162.22 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-218-162-22.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: e178c522f552e673201e70b7f7b45116b6bc4bd0128ab3cbe957c4ef02274b99

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Mon, 22 Mar 2021 22:37:09 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://www.kolotv.com
transfer-encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K98NJ4V&l=RCdataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 4123
date: Mon, 22 Mar 2021 21:28:25 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Mon, 22 Mar 2021 23:28:25 GMT

GET
H2 200 pubads_impl_2021031601.js Show response
securepubads.g.doubleclick.net/gpt/ 285 KB
101 KB 110ms
58ms Script
text/javascript 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

sffe /

Resource Hash

eea4a3705b3e19174b9f0f127702bfc02cda65dff1f5b25e65f48a9c65ce9a7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 22:37:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Mar 2021 08:39:28 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 102421
x-xss-protection: 0
expires: Mon, 22 Mar 2021 22:37:08 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
188 B 13ms
13ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=488407080&t=pageview&_s=1&dl=https%3A%2F%2Fwww.kolotv.com%2F2020%2F07%2F11%2Fincrease-in-identity-theft-tied-to-fraudulent-unemployment-claims%2F&ul=en-us&de=UTF-8&dt=Increase%20in%20identity%20theft%20tied%20to%20fraudulent%20unemployment%20claims&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1793816814&gjid=1222078846&cid=119404222.1616452629&tid=UA-3637494-7&_gid=238891549.1616452629&_r=1&gtm=2wg3a0K98NJ4V&cg1=%2Fnews&cg2=story&cg3=kolo&cg4=VTGDV3GYGVDUNNVGUPMMTO4HDE&cd1=07%2F10%2F2020&cd2=10&cd3=07&cd4=2020&cd5=story&cd6=1&cd7=News&cd8=kolo&cd9=kolo&cd10=VTGDV3GYGVDUNNVGUPMMTO4HDE&cd11=%2Fnews&cd12=PageBuilder%20Fusion%20-%20Arc%20Publishing&cd13=Staff&cd14=In%20the%20last%20three%20weeks%20there%20are%2037%20cases%20where%20people%27s%20Social%20Security%20numbers%20were%20used%20to%20file%20for%20unemployment%20benefits%20through%20DETR.&cd16=Mon%20Mar%2022%202021%2023%3A37%3A08%20GMT%2B0100%20(Central%20European%20Standard%20Time)&cd17=%2B01%3A00&cd18=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&cd19=Increase%20in%20identity%20theft%20tied%20to%20fraudulent%20unemployment%20claims&cd35=gray&cd36=staff&z=797639465

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 22 Mar 2021 22:37:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.kolotv.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 powaDrive.js Show response
d3agakyjgjv5i8.cloudfront.net/prod/ 268 KB
69 KB 37ms
37ms Script
application/javascript 2600:9000:2182:a00:b:5584:2800:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3agakyjgjv5i8.cloudfront.net/prod/powaDrive.js?org=gray
Requested by: Host: d3agakyjgjv5i8.cloudfront.net
URL: https://d3agakyjgjv5i8.cloudfront.net/prod/powaBoot.js?org=gray
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2182:a00:b:5584:2800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9d8248f5b03bd6f8594b1bae2c31a007e0d53c110159cda2c912e1274846a649

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 22:37:08 GMT
content-encoding: gzip
last-modified: Mon, 22 Mar 2021 20:59:29 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-C1
etag: W/"503e2905b9e74ff5a3b6bdcbb6ad7240"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 cddd3e95f67291463f7a95d065c7fcff.cloudfront.net (CloudFront)
cache-control: max-age=300
x-amz-cf-id: zvOihO1Jic-5PjOMBa8Kxdfk2Dp870vNF3u3LWwCR1eIVnNSkVEkkg==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
85 B 37ms
37ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-3637494-7&cid=119404222.1616452629&jid=1793816814&gjid=1222078846&_gid=238891549.1616452629&_u=YEBAAEAAAAAAAC~&z=308459361

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 22 Mar 2021 22:37:08 GMT
content-type: text/plain
access-control-allow-origin: https://www.kolotv.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK config.json Show response
c.go-mpulse.net/api/ Frame D47C 607 B
880 B 48ms
34ms XHR
application/json 2a02:26f0:64:699::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=2E2M7-67B4A-DL5Z6-QJNZK-YUVYQ&d=www.kolotv.com&t=5388175&v=1.632.0&if=&sl=0&si=sneylmzkvh-qqe6tw&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,Angular,Backbone,Ember,History,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,LOGN&acao=&ak.ai=584709
Requested by: Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/2E2M7-67B4A-DL5Z6-QJNZK-YUVYQ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:64:699::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 39c6822e0ea92ff513bd4f05bca0d0dc8cda31b40b0e241f0606ee35920f532b

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 22 Mar 2021 22:37:08 GMT
Cache-Control: private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 607
Content-Type: application/json

GET
H2 200 Bdfs Show response
ad.doubleclick.net/ddm/adj/Bkne/ 11 B
645 B 82ms
30ms Script
text/javascript 142.250.185.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/Bkne/Bdfs

Requested by

Host: reconditerespect.com
URL: https://reconditerespect.com/v2ifvwqPXE9BFrH8cuq6EjcK57ICvp7Rg1NTbeoWDvSiagk8PzI4p2yLt

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f6.1e100.net

Software

cafe /

Resource Hash

f1e945400c04241ef089d71de3b0cf7e202431ac4685ada318714fe07ee9dcb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Mar 2021 22:37:09 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 findByUuid Show response
gray-prod-cdn.video-api.arcpublishing.com/api/v1/ansvideos/ 8 KB
8 KB 431ms
351ms Script
application/javascript 13.226.155.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gray-prod-cdn.video-api.arcpublishing.com/api/v1/ansvideos/findByUuid?uuid=6d050016-d89a-4df0-8121-1490634743bb&cb=powaCallback6d050016d89a4df081211490634743bb
Requested by: Host: d3agakyjgjv5i8.cloudfront.net
URL: https://d3agakyjgjv5i8.cloudfront.net/prod/org/gray.js?org=gray
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.155.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-155-3.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: 226498f13c068bc17f822cbceeb9a8eab0a8b6b851265cb15049d2c911ea967e

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 22:37:09 GMT
via: 1.1 bfd667b9fb826986b85315f856bf5885.cloudfront.net (CloudFront)
last-modified: Sun, 12 Jul 2020 17:19:26 GMT
server: nginx
x-amz-cf-pop: DUS51-C1
x-cache: Miss from cloudfront
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
x-org-rate-limit: 1200
content-length: 8303
x-org-rate-limit-interval: 5 minutes
x-org-rate-limit-remaining: 1199
x-amz-cf-id: 9rGdGBWgJljL6feoPuCxF6rvPociog19G1uTZAnod2f1pq0viNlgZg==

GET
H2 200 container.html Show response
tpc.googlesyndication.com/safeframe/1-0-23/html/ Frame 84BF 3 KB
2 KB 6ms
6ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-23/html/container.html

Requested by

Host: reconditerespect.com
URL: https://reconditerespect.com/v2ifvwqPXE9BFrH8cuq6EjcK57ICvp7Rg1NTbeoWDvSiagk8PzI4p2yLt

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ced5c873136c4fab4584c0c6d26dcd530c748303d7ed9b7a7966b2fe1d6f5915

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-23/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.kolotv.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.kolotv.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1479
date: Thu, 18 Mar 2021 06:52:51 GMT
expires: Fri, 18 Mar 2022 06:52:51 GMT
last-modified: Tue, 10 Apr 2018 14:51:09 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 402258
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 15ms
14ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.kolotv.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Mar 2021 22:37:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 17ms
16ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.kolotv.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Mar 2021 22:37:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 13 KB
6 KB 846ms
817ms XHR
text/plain 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1339641517972427&correlator=1234407188905629&output=ldjh&impl=fifs&eid=31060473%2C31060297%2C31060367%2C44739387&vrg=2021031601&ptt=17&us_privacy=1---&sc=1&sfv=1-0-37&ecs=20210322&iu_parts=63316753%2Ckolo%2Cweb%2Cnews&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=970x250%7C970x90%7C728x90&prev_scp=pt%3Dstory%26cid%3DVTGDV3GYGVDUNNVGUPMMTO4HDE%26position%3D1&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1616452627&dt=1616452629107&dlt=1616452627513&idt=1563&frm=20&biw=1600&bih=1200&oid=3&adxs=315&adys=99&adks=2081050578&ucis=1&ifi=1&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.kolotv.com%2F2020%2F07%2F11%2Fincrease-in-identity-theft-tied-to-fraudulent-unemployment-claims%2F%23%253A~%253Atext%253D%2528KOLO%2529%2520-%2520The%2520Washoe%2520County%252Ctied%2520to%2520fraudulent%2520unemployment%2520claims.%2526text%253DThe%2520Nevada%2520Attorney%2520General%2520also%252Cat%2520888-434-9989.&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x269&msz=970x250&ga_vid=119404222.1616452629&ga_sid=1616452629&ga_hid=488407080&ga_fc=false&fws=0&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

dcffb88edeff33f2bc55c4d935275c2e7b762a7b4d987369671db79b41fe62b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 22:37:09 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6080
x-xss-protection: 0
google-lineitem-id: 5646738932
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138343866943
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.kolotv.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
10e5f6d1aa91f9324c0db1844ea17d41.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 46ms
13ms Other
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://10e5f6d1aa91f9324c0db1844ea17d41.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 6ms
5ms Other
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 47 KB
12 KB 309ms
281ms XHR
text/plain 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1339641517972427&correlator=1234407188905629&output=ldjh&impl=fifs&eid=31060473%2C31060297%2C31060367%2C44739387&vrg=2021031601&ptt=17&us_privacy=1---&sc=1&sfv=1-0-37&ecs=20210322&iu_parts=63316753%2Ckolo%2Cweb%2Cnews&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1024x90&prev_scp=position%3D101%26pt%3Dstory%26cid%3DVTGDV3GYGVDUNNVGUPMMTO4HDE&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1616452627&dt=1616452629112&dlt=1616452627513&idt=1563&frm=20&biw=1600&bih=1200&oid=3&adxs=288&adys=1110&adks=221821518&ucis=2&ifi=2&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.kolotv.com%2F2020%2F07%2F11%2Fincrease-in-identity-theft-tied-to-fraudulent-unemployment-claims%2F%23%253A~%253Atext%253D%2528KOLO%2529%2520-%2520The%2520Washoe%2520County%252Ctied%2520to%2520fraudulent%2520unemployment%2520claims.%2526text%253DThe%2520Nevada%2520Attorney%2520General%2520also%252Cat%2520888-434-9989.&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x-1&msz=1024x-1&ga_vid=119404222.1616452629&ga_sid=1616452629&ga_hid=488407080&ga_fc=false&fws=512&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

20839b9461acfafb17ff24fee266d3d68a0980a352a6e6547c98f4d7c601a6aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 22:37:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11334
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.kolotv.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 13 KB
6 KB 1864ms
1836ms XHR
text/plain 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1339641517972427&correlator=1234407188905629&output=ldjh&impl=fifs&eid=31060473%2C31060297%2C31060367%2C44739387&vrg=2021031601&ptt=17&us_privacy=1---&sc=1&sfv=1-0-37&ecs=20210322&iu_parts=63316753%2Ckolo%2Cweb%2Cnews&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=970x250%7C970x90%7C728x90&prev_scp=pt%3Dstory%26cid%3DVTGDV3GYGVDUNNVGUPMMTO4HDE%26position%3D2&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1616452627&dt=1616452629115&dlt=1616452627513&idt=1563&frm=20&biw=1600&bih=1200&oid=3&adxs=315&adys=3007&adks=2146771704&ucis=3&ifi=3&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.kolotv.com%2F2020%2F07%2F11%2Fincrease-in-identity-theft-tied-to-fraudulent-unemployment-claims%2F%23%253A~%253Atext%253D%2528KOLO%2529%2520-%2520The%2520Washoe%2520County%252Ctied%2520to%2520fraudulent%2520unemployment%2520claims.%2526text%253DThe%2520Nevada%2520Attorney%2520General%2520also%252Cat%2520888-434-9989.&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1270x269&msz=970x250&ga_vid=119404222.1616452629&ga_sid=1616452629&ga_hid=488407080&ga_fc=false&fws=0&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

3e6f5ed6f606b1977b5cfbc27cb93692d5add71bfbdeeb65ef44568478f9d802

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 22:37:10 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6060
x-xss-protection: 0
google-lineitem-id: 5523836071
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138329061283
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.kolotv.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 13 KB
6 KB 1619ms
1591ms XHR
text/plain 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1339641517972427&correlator=1234407188905629&output=ldjh&impl=fifs&eid=31060473%2C31060297%2C31060367%2C44739387&vrg=2021031601&ptt=17&us_privacy=1---&sc=1&sfv=1-0-37&ecs=20210322&iu_parts=63316753%2Ckolo%2Cweb%2Cnews&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90&prev_scp=pt%3Dstory%26cid%3DVTGDV3GYGVDUNNVGUPMMTO4HDE%26position%3D3&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1616452627&dt=1616452629117&dlt=1616452627513&idt=1563&frm=20&biw=1600&bih=1200&oid=3&adxs=270&adys=1378&adks=3443918024&ucis=4&ifi=4&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.kolotv.com%2F2020%2F07%2F11%2Fincrease-in-identity-theft-tied-to-fraudulent-unemployment-claims%2F%23%253A~%253Atext%253D%2528KOLO%2529%2520-%2520The%2520Washoe%2520County%252Ctied%2520to%2520fraudulent%2520unemployment%2520claims.%2526text%253DThe%2520Nevada%2520Attorney%2520General%2520also%252Cat%2520888-434-9989.&vis=1&dmc=8&scr_x=0&scr_y=0&psz=938x109&msz=728x90&ga_vid=119404222.1616452629&ga_sid=1616452629&ga_hid=488407080&ga_fc=false&fws=4&ohw=938

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

2f6343345c3dda6edcfd5f4f6cb55455684ab7ed3ac4d918685f5d31e5698e92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 22:37:10 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5960
x-xss-protection: 0
google-lineitem-id: 5537400417
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138330596582
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.kolotv.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 80 KB
27 KB 670ms
643ms XHR
text/plain 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1339641517972427&correlator=1234407188905629&output=ldjh&impl=fifs&eid=31060473%2C31060297%2C31060367%2C44739387&vrg=2021031601&ptt=17&us_privacy=1---&sc=1&sfv=1-0-37&ecs=20210322&iu_parts=63316753%2Ckolo%2Cweb%2Cnews&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x600%7C300x250&prev_scp=pt%3Dstory%26cid%3DVTGDV3GYGVDUNNVGUPMMTO4HDE%26position%3D1&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1616452627&dt=1616452629119&dlt=1616452627513&idt=1563&frm=20&biw=1600&bih=1200&oid=3&adxs=1135&adys=400&adks=272910160&ucis=5&ifi=5&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.kolotv.com%2F2020%2F07%2F11%2Fincrease-in-identity-theft-tied-to-fraudulent-unemployment-claims%2F%23%253A~%253Atext%253D%2528KOLO%2529%2520-%2520The%2520Washoe%2520County%252Ctied%2520to%2520fraudulent%2520unemployment%2520claims.%2526text%253DThe%2520Nevada%2520Attorney%2520General%2520also%252Cat%2520888-434-9989.&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x619&msz=300x600&ga_vid=119404222.1616452629&ga_sid=1616452629&ga_hid=488407080&ga_fc=false&fws=512&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

54538bd5952904b0e0f4ed69cdec1ee9027c56da1e1752765f00b9997324d2b1

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7329966907555823337/300x250/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7329966907555823337/300x250/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COXFlqb7xO8CFRL5dwodZEACSg&gqi=&layout=/sadbundle/%24csp%253Der3%24/7329966907555823337/300x250/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7329966907555823337/300x250/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7329966907555823337/300x250/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COXFlqb7xO8CFRL5dwodZEACSg&gqi=&layout=/sadbundle/%24csp%253Der3%24/7329966907555823337/300x250/index.html
content-encoding: br
x-content-type-options: nosniff
google-creative-id: -1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26449
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
date: Mon, 22 Mar 2021 22:37:09 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.kolotv.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 50 KB
12 KB 1075ms
1048ms XHR
text/plain 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1339641517972427&correlator=1234407188905629&output=ldjh&impl=fifs&eid=31060473%2C31060297%2C31060367%2C44739387&vrg=2021031601&ptt=17&us_privacy=1---&sc=1&sfv=1-0-37&ecs=20210322&iu_parts=63316753%2Ckolo%2Cweb%2Cnews&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x600%7C300x250&prev_scp=pt%3Dstory%26cid%3DVTGDV3GYGVDUNNVGUPMMTO4HDE%26position%3D2&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1616452627&dt=1616452629124&dlt=1616452627513&idt=1563&frm=20&biw=1600&bih=1200&oid=3&adxs=1135&adys=1549&adks=742345300&ucis=6&ifi=6&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.kolotv.com%2F2020%2F07%2F11%2Fincrease-in-identity-theft-tied-to-fraudulent-unemployment-claims%2F%23%253A~%253Atext%253D%2528KOLO%2529%2520-%2520The%2520Washoe%2520County%252Ctied%2520to%2520fraudulent%2520unemployment%2520claims.%2526text%253DThe%2520Nevada%2520Attorney%2520General%2520also%252Cat%2520888-434-9989.&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x619&msz=300x600&ga_vid=119404222.1616452629&ga_sid=1616452629&ga_hid=488407080&ga_fc=false&fws=512&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

a82a748db3c7baaedc4831de101dcd9e5da728eb4530cdef244dc7f5b6744f2b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 22:37:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11866
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.kolotv.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 50 KB
12 KB 1436ms
1410ms XHR
text/plain 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1339641517972427&correlator=1234407188905629&output=ldjh&impl=fifs&eid=31060473%2C31060297%2C31060367%2C44739387&vrg=2021031601&ptt=17&us_privacy=1---&sc=1&sfv=1-0-37&ecs=20210322&iu_parts=63316753%2Ckolo%2Cweb%2Cnews&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250&prev_scp=pt%3Dstory%26cid%3DVTGDV3GYGVDUNNVGUPMMTO4HDE%26position%3D3&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1616452627&dt=1616452629126&dlt=1616452627513&idt=1563&frm=20&biw=1600&bih=1200&oid=3&adxs=1135&adys=2690&adks=460991363&ucis=7&ifi=7&u_tz=60&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.kolotv.com%2F2020%2F07%2F11%2Fincrease-in-identity-theft-tied-to-fraudulent-unemployment-claims%2F%23%253A~%253Atext%253D%2528KOLO%2529%2520-%2520The%2520Washoe%2520County%252Ctied%2520to%2520fraudulent%2520unemployment%2520claims.%2526text%253DThe%2520Nevada%2520Attorney%2520General%2520also%252Cat%2520888-434-9989.&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x269&msz=300x250&ga_vid=119404222.1616452629&ga_sid=1616452629&ga_hid=488407080&ga_fc=false&fws=512&ohw=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

a7ca38e989906ae1a2fe347bfc54cf9c16b17389cfb876b70c6eee5796b4d25d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 22:37:10 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11723
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.kolotv.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 get Show response
odb.outbrain.com/utils/ 38 KB
14 KB 396ms
349ms Script
text/javascript 151.101.14.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.kolotv.com%2F2020%2F07%2F11%2Fincrease-in-identity-theft-tied-to-fraudulent-unemployment-claims%2F&idx=0&rand=97145&key=NANOWDGT01&widgetJSId=AR_4&va=true&et=true&format=html&pdobuid=-1&adblck=false&abwl=false&px=165&py=1828&vpd=628&cw=938&settings=true&recs=true&version=2000257&sig=WFz5Fc31&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=1&wdr-natlaz=true
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3df30ec7b52dc2e3686970df24e7dffadebf11626562c10e5541292aa76e6925

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 22:37:09 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: CHIDC2, MDW, FRA, Europe2
x-cache: MISS, MISS
p3p: policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
backend-ip: 157.52.75.56
x-cache-hits: 0, 0
x-traceid: 37f61f44098f36369412f2880e902119
content-encoding: gzip
content-length: 14053
x-served-by: cache-mdw17356-MDW, cache-fra19129-FRA
x-timer: S1616452629.220176,VS0,VE326
vary: Accept-Encoding, User-Agent
content-type: text/javascript; charset=UTF-8
accept-ranges: bytes
expires: Thu, 01 Jan 1970 00:00:00 GMT

OPTIONS
H/1.1 400
Bad Request flight-time
api-gray-config-prod.cdn.arcpublishing.com/content/v4/geo-restrictions/ Frame 0
0 33ms
6ms Preflight
text/html 2a02:26f0:64::214:84bc
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://api-gray-config-prod.cdn.arcpublishing.com/content/v4/geo-restrictions/flight-time?_id=6d050016-d89a-4df0-8121-1490634743bb
Protocol: HTTP/1.1
Server: 2a02:26f0:64::214:84bc Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-requested-with
Origin: https://www.kolotv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

GET flight-time
api-gray-config-prod.cdn.arcpublishing.com/content/v4/geo-restrictions/ 0
0

GET
H2 200 hls.min.js Show response
d1bl11pgu3tw3h.cloudfront.net/vendor/hls.js/0.12.4/ 247 KB
71 KB 31ms
9ms Script
application/javascript 2600:9000:214f:7600:7:26e8:af40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1bl11pgu3tw3h.cloudfront.net/vendor/hls.js/0.12.4/hls.min.js?org=gray
Requested by: Host: d3agakyjgjv5i8.cloudfront.net
URL: https://d3agakyjgjv5i8.cloudfront.net/prod/powaDrive.js?org=gray
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:7600:7:26e8:af40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0290f0d61a6b94aca37bd874640ee172d86ec3743f3c0a611063036261074f92

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 22:34:40 GMT
content-encoding: gzip
last-modified: Fri, 12 Apr 2019 20:55:25 GMT
server: AmazonS3
age: 324
etag: W/"4a3e249823c65d6c3cf865cf9d30188d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-storage-class: INTELLIGENT_TIERING
cache-control: max-age=31536000,immutable
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: mARRXLVXDOdamR70mmAmURkmnlrOzVF4C567-Nu-uKydCLfjET8-eA==
via: 1.1 f8895de4463e8d120a0f4b4a1f7703e4.cloudfront.net (CloudFront)

GET
H2 200 t_c96811d0afd0435f938a080ff4ee4907_name_file_1920x1080_5400_v4_.jpg
do0bihdskp9dy.cloudfront.net/07-12-2020/ 119 KB
120 KB 479ms
443ms Image
image/jpeg 2600:9000:214f:b000:16:e423:f180:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://do0bihdskp9dy.cloudfront.net/07-12-2020/t_c96811d0afd0435f938a080ff4ee4907_name_file_1920x1080_5400_v4_.jpg
Requested by: Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:b000:16:e423:f180:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 37a31babfe828a9d98de47ba0d59947c5c4261755c5aa2684c3c4816f642ce0c

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 22:37:10 GMT
via: 1.1 c714e4f593454d65f62cf3fecf756a4c.cloudfront.net (CloudFront)
last-modified: Sun, 12 Jul 2020 17:16:21 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
etag: "a0198c418849fa57c3f6a036b7de9281"
x-cache: Miss from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 122242
x-amz-cf-id: WHVm52Z2fT9hFSwKEzt3-5mKA9t79NL0Gwe-kDfy2bAa6ngB5Jz9hg==

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012101070013000/ Frame 9E51 185 KB
53 KB 29ms
7ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0812a00aee80133b732c5cb2e0362ee2a52ae9f50c126d43e73f98163db9711f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 33628
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53820
x-xss-protection: 0
server: sffe
date: Mon, 22 Mar 2021 13:16:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "ee5348f2de7cdf64"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Mar 2022 13:16:41 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012101070013000/v0/ Frame 9E51 12 KB
5 KB 41ms
19ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012101070013000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

981f6ac4a0eed80f6a40eef39d86ce7876f6e360d8b3a2f57f2617bb12895dc3

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 33628
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4559
x-xss-protection: 0
server: sffe
date: Mon, 22 Mar 2021 13:16:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "c3a321a15743f406"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Mar 2022 13:16:41 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012101070013000/v0/ Frame 9E51 87 KB
27 KB 39ms
17ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012101070013000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4024d5169b2506f3421052b45f5d66154de796baf2443d9326ac40107ce5cfb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 33628
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27206
x-xss-protection: 0
server: sffe
date: Mon, 22 Mar 2021 13:16:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1f991b6a8daa2b14"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Mar 2022 13:16:41 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012101070013000/v0/ Frame 9E51 3 KB
1 KB 42ms
21ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012101070013000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7fa743da4cd37829cd0e7c02e877f094400036be87c8e1fd9d2c3f5f68a8fa5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 33628
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1376
x-xss-protection: 0
server: sffe
date: Mon, 22 Mar 2021 13:16:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "512b909f94eb26fb"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Mar 2022 13:16:41 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012101070013000/v0/ Frame 9E51 40 KB
13 KB 41ms
20ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012101070013000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

194a2819816bb760d4c5ba2ba825cf1926b853c821842697c3024ec74a36f66c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 33628
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12793
x-xss-protection: 0
server: sffe
date: Mon, 22 Mar 2021 13:16:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1e3ef417618f7e28"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Mar 2022 13:16:41 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 9E51 4 KB
713 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d344632c01d1ca55dc380216de660c9b8a5a3174e7d7afa6784aff50c945e1cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 22 Mar 2021 21:46:51 GMT
server: ESF
date: Mon, 22 Mar 2021 22:37:09 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 22 Mar 2021 22:37:09 GMT

GET
DATA 200
OK truncated
/ Frame 9E51 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4cb39a10960e1d1b144e566c45c45fcf5a0bca3c8bbc63dd7531a12c252b26e7

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 9E51 2 KB
3 KB 6ms
5ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Mar 2021 21:00:48 GMT
x-content-type-options: nosniff
server: cafe
age: 5781
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Tue, 23 Mar 2021 21:00:48 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 9E51 295 B
388 B 7ms
6ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Mar 2021 22:17:05 GMT
x-content-type-options: nosniff
server: cafe
age: 1204
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 23 Mar 2021 22:17:05 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 9E51 0
0 15ms
14ms Image
text/html 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSxJTqt9gUI1ccin-QD2U0hVYm9wqNbrR_cNrcOWCqC8yDTlwcF1c2J3kzOvl65IHNECTDH1zMXnxP3DilfTMzrCqrzeA
Requested by: Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 9E51 0
0 58ms
57ms Image
text/html 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CABL8FRxZYJjQDMKtrATYybPwBb6svdRhqq-l0J0N3dkeEAEg-b_DI2CRhJOF_BegAa_OgqQDyAEBqQKSYiPtyQa0PuACAKgDAcgDCqoEnAJP0EJhli8VhqgKnrUJzL24tob94vMhRWvMj5l1gtP682Ri1MBIrgwYpVtJbKX2zcgLlEAr1718KWFEc2DWFUP3TWIeGnEpTt0l5QOWe25caYY53-oHgMpFyScuf_iLKz2V4e2g1yOJwq1Q72q--_2r68c9ARgvmcWfkEK5g0qpQc7PoE-siHoRFmutfuPlsLmaWm1B0SPotAIOcSNUdKP1wk_bIBW5rFbCb-u60XsqKdtUe0weCRqoK6NjQ8-3Rd5m5TN1vuvG_5pCteFrYUlg0fgBPqZ7nqULW5D6dk_1Kofja41ULdyq3dPKGTi4zx9z7ma4oQphMEpj1GiqfQF6rb7xdUFqBHCyYaasw4gdK_sTuen1JnbS6DPHTsAElKLG1r8C4AQBkgUECAQYAZIFBAgFGASAB7mx_VuoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQl6MO0ggJCIDhgBAQARgdgAoDyAsB2BMNiBQBshcaChgIABIUcHViLTA4ODMxMjY3MjU3NzMwMjY&sigh=cSN8VJu9RF8&tpd=AGWhJmv0i97nqS9f2VyWf4eWFk_KEAPuWHMd11_rJlxtOUyMbQ
Requested by: Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: mil04s23-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 9E51 16 KB
16 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24369e1b2461af9dcefecaf9cc93d64cf22a4c5bac32506100b9e21014507bcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.kolotv.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 18:27:39 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:37 GMT
server: sffe
age: 14970
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15872
x-xss-protection: 0
expires: Tue, 22 Mar 2022 18:27:39 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v20/ Frame 9E51 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.kolotv.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 18:51:47 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:36 GMT
server: sffe
age: 13522
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15736
x-xss-protection: 0
expires: Tue, 22 Mar 2022 18:51:47 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 9E51
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

15ms
15ms

Image
text/html

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date: Mon, 22 Mar 2021 22:37:09 GMT
x-content-type-options: nosniff
server: safe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H2 200 ob_smartFeedLogo.min.svg
widgets.outbrain.com/images/widgetIcons/ 7 KB
7 KB 24ms
24ms Image
image/svg+xml 23.218.209.87
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/ob_smartFeedLogo.min.svg
Requested by: Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.209.87 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-209-87.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 8050f05c230d74be333b63cef230e786094e9100f55fa19c6c0831e95870768d

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 22:37:09 GMT
last-modified: Wed, 17 Feb 2021 13:51:00 GMT
server: AkamaiNetStorage
etag: "f370d19306add072a726e7f4ade8dc57:1613570903.586246"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
cookie: CheetahStaging=true
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 7090
expires: Wed, 21 Apr 2021 22:37:09 GMT

GET
H2 200 achoice.svg
widgets.outbrain.com/images/widgetIcons/ 3 KB
3 KB 25ms
24ms Image
image/svg+xml 23.218.209.87
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by: Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.209.87 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-209-87.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 22:37:09 GMT
last-modified: Wed, 17 Feb 2021 13:51:00 GMT
server: AkamaiNetStorage
etag: "9d26fa4e7238ed94f1d0d92afb453b3e:1613570879.822144"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
cookie: CheetahStaging=true
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 2735
expires: Wed, 21 Apr 2021 22:37:09 GMT

GET
H/1.1 200
OK l Show response
mcdp-chidc2.outbrain.com/ 2 B
292 B 463ms
120ms Fetch
text/plain 50.31.142.95
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-chidc2.outbrain.com/l?token=35ef2bfdb78bc9c4cae0d3887a52a8f1_1436_1616452629480&tm=1072&eT=0&widgetWidth=938&widgetHeight=1679&widgetX=165&widgetY=1848&tpcs=0&wRV=2000257&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&cheq=0&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 50.31.142.95 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: chi.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Mon, 22 Mar 2021 22:37:10 GMT
content-encoding: gzip
X-TraceId: 65118eb1624c6aaaec4cc6589752b62c
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H2 200 obUserSync.html Show response
widgets.outbrain.com/widgetOBUserSync/ Frame 2588 16 KB
6 KB 24ms
23ms Document
text/html 23.218.209.87
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.209.87 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-209-87.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: eda9563427b71d832ec7d31384d848af0901f05ae3081378ce631e214dcbc741

Request headers

:method: GET
:authority: widgets.outbrain.com
:scheme: https
:path: /widgetOBUserSync/obUserSync.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.kolotv.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.kolotv.com/

Response headers

accept-ranges: bytes
content-type: text/html
etag: "a82cbc46b6585fe14a0956075277e4ed:1616316937.839619"
last-modified: Sun, 21 Mar 2021 08:48:51 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=86400
expires: Tue, 23 Mar 2021 22:37:09 GMT
date: Mon, 22 Mar 2021 22:37:09 GMT
content-length: 5338
timing-allow-origin: * *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
cookie: CheetahStaging=true
set-cookie: akacd_widgets_routing=1616452629~rv=98~id=ecfa6e9d3af3461f310602bb3727a1b5; path=/; Expires=Mon, 22 Mar 2021 22:37:09 GMT; Secure; SameSite=None

GET
H2 200 streamFeed.js Show response
widgets.outbrain.com/nanoWidget/2000257/module/ 48 KB
16 KB 26ms
26ms Script
application/x-javascript 23.218.209.87
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/2000257/module/streamFeed.js?e=1
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.209.87 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-209-87.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 8aaf11dc8b70002bdc056dd380885c041b9eb176e359eefcef80aede65173c3d

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 22:37:09 GMT
content-encoding: gzip
last-modified: Sun, 21 Mar 2021 15:30:54 GMT
server: AkamaiNetStorage
etag: "891bde1cc8f237b7c56b3c9c661545a5:1616342756.648862"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=345600
access-control-allow-credentials: false
cookie: CheetahStaging=true
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 15833

GET
H2 200 get Show response
odb.outbrain.com/utils/ 38 KB
14 KB 305ms
305ms Script
text/javascript 151.101.14.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.kolotv.com%2F2020%2F07%2F11%2Fincrease-in-identity-theft-tied-to-fraudulent-unemployment-claims%2F&idx=1&rand=94363&key=NANOWDGT01&widgetJSId=AR_2&va=true&et=true&format=html&pdobuid=-1&t=MzVlZjJiZmRiNzhiYzljNGNhZTBkMzg4N2E1MmE4ZjE=&adblck=false&abwl=false&px=165&py=3542&vpd=2342&cw=938&settings=true&recs=true&version=2000257&sig=WFz5Fc31&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=1&wdr-natlaz=true
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 28d7903c676c4a89d9db46b2858e37e143823977b622a6a33c1a9caddff857d6

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 22:37:09 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: CHIDC2, MDW, FRA, Europe2
x-cache: MISS, MISS
p3p: policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
backend-ip: 157.52.75.46
x-cache-hits: 0, 0
x-traceid: 14192e94a3436fee163bd52c2ce029d5
content-encoding: gzip
content-length: 13946
x-served-by: cache-mdw17346-MDW, cache-fra19129-FRA
x-timer: S1616452630.646522,VS0,VE283
vary: Accept-Encoding, User-Agent
content-type: text/javascript; charset=UTF-8
accept-ranges: bytes
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 eyJpdSI6ImVjNTAwOTFhNzBhN2I5YzBjNmQ2YzI3NWVmZGEzZDJjMmFkZTVkZDBjMWRiZDJkNWQ4ZDU4OTM2NzY1NTcyMWMiLCJ3Ijo0NTgsImgiOjQ1OCwiZCI6Mi4wLCJjcyI6MCwiZiI6NX0.mp4
images.outbrainimg.com/transform/v3/ 11 KB
11 KB 70ms
23ms Image
video/mp4 184.30.25.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImVjNTAwOTFhNzBhN2I5YzBjNmQ2YzI3NWVmZGEzZDJjMmFkZTVkZDBjMWRiZDJkNWQ4ZDU4OTM2NzY1NTcyMWMiLCJ3Ijo0NTgsImgiOjQ1OCwiZCI6Mi4wLCJjcyI6MCwiZiI6NX0.mp4
Requested by: Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.25.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-25-193.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 22:37:09 GMT
cache-control: max-age=1571676
last-modified: Mon, 08 Mar 2021 12:15:04 GMT
x-traceid: 7c640aa6f6a12fc065602ceff7e22856
timing-allow-origin: *
content-length: 5944975
content-type: video/mp4

GET
H2 200 eyJpdSI6ImRjYjdmMzE4NzQxM2Y1MTNhZGM3YTQ5OTA1ODY2YjY2MjYzYjRjYTlhOTY0ZGUxNTQ2ZWRkOGQ5NDI0NTEzYTUiLCJ3Ijo0NTgsImgiOjQ1OCwiZCI6Mi4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 105 KB
106 KB 115ms
73ms Image
image/webp 184.30.25.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImRjYjdmMzE4NzQxM2Y1MTNhZGM3YTQ5OTA1ODY2YjY2MjYzYjRjYTlhOTY0ZGUxNTQ2ZWRkOGQ5NDI0NTEzYTUiLCJ3Ijo0NTgsImgiOjQ1OCwiZCI6Mi4wLCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.25.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-25-193.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 8319f7e7415f29df55f4ce8ca2bc6abd16a208437621f4a9fe2abe3e627d3d5c

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 22:37:09 GMT
cache-control: max-age=2411391
last-modified: Thu, 11 Mar 2021 16:35:22 GMT
x-traceid: 93b6260324a3964cfaa2bdc5072116d1
timing-allow-origin: *
content-length: 107932
content-type: image/webp

GET
H2 200 eyJpdSI6ImNmOTUwNmNmMGFmODNhNmZjYTZiYTU4MDY0MTc2YjYxYTUwOWE1YjFhNGNjYjFkNGE5ZmIwMjIxMmJiNTM2ODciLCJ3Ijo0NTgsImgiOjQ1OCwiZCI6Mi4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 116 KB
116 KB 115ms
74ms Image
image/webp 184.30.25.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImNmOTUwNmNmMGFmODNhNmZjYTZiYTU4MDY0MTc2YjYxYTUwOWE1YjFhNGNjYjFkNGE5ZmIwMjIxMmJiNTM2ODciLCJ3Ijo0NTgsImgiOjQ1OCwiZCI6Mi4wLCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.25.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-25-193.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 5c253d12e15e1282c22891fb9efc9c3e385ca5c94a3da50dbd1ea10f9f8bb48d

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 22:37:09 GMT
cache-control: max-age=2044548
last-modified: Wed, 10 Mar 2021 04:45:07 GMT
x-traceid: dcd9029eeab0271a4b620748f5d65eab
timing-allow-origin: *
content-length: 118784
content-type: image/webp

GET
H2 200 eyJpdSI6ImJmM2VlZWY0NTEwYTc3OGY2ZTI3Zjg3NGE0NWE0ZmZlNjg1Mjk0NjBiYzM1MWQ1ZWUwYTJjNDZkMWQ0ODU3ZjEiLCJ3Ijo0NTgsImgiOjQ1OCwiZCI6Mi4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 176 KB
176 KB 115ms
74ms Image
image/webp 184.30.25.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImJmM2VlZWY0NTEwYTc3OGY2ZTI3Zjg3NGE0NWE0ZmZlNjg1Mjk0NjBiYzM1MWQ1ZWUwYTJjNDZkMWQ0ODU3ZjEiLCJ3Ijo0NTgsImgiOjQ1OCwiZCI6Mi4wLCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.25.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-25-193.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7a4f7634d51ea436198da77bfa71b2b22e42f120d37bce01ed829f391949cd28

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 22:37:09 GMT
cache-control: max-age=2302775
last-modified: Mon, 15 Mar 2021 11:00:51 GMT
x-traceid: d32441892fb4130e5ed1caebfdf206f3
timing-allow-origin: *
content-length: 180018
content-type: image/webp

GET
H2 200 eyJpdSI6ImNhOGZmNDU5OTUxNTYwZjRkNTQ3Y2M3ZTI1NTM3ZmU3MzE4MmUxMGU3NDY0MTA2MDZhYjU3MmE0YTYwMmM4NmYiLCJ3Ijo0NTgsImgiOjQ1OCwiZCI6Mi4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 131 KB
132 KB 118ms
77ms Image
image/webp 184.30.25.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImNhOGZmNDU5OTUxNTYwZjRkNTQ3Y2M3ZTI1NTM3ZmU3MzE4MmUxMGU3NDY0MTA2MDZhYjU3MmE0YTYwMmM4NmYiLCJ3Ijo0NTgsImgiOjQ1OCwiZCI6Mi4wLCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.25.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-25-193.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c8c9960bdc0c3e43d51b515f03f2fe9f653ce05c5ab17d36ad3d934427c95bab

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 22:37:09 GMT
cache-control: max-age=1757168
last-modified: Mon, 08 Mar 2021 14:59:56 GMT
x-traceid: 1c87ac15a7f743442ec328bf9c63729
timing-allow-origin: *
content-length: 134330
content-type: image/webp

GET
H2 200 eyJpdSI6IjVlNmVmN2I3NTQ5ZWJiZjVmNTViOTYwYzQwMTNmNWY3Yjk4MDMzMGIwMDlkOTgwMTU0OWNjYmRkZmZhOTkwYjMiLCJ3Ijo0NTgsImgiOjQ1OCwiZCI6Mi4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 54 KB
54 KB 114ms
73ms Image
image/webp 184.30.25.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjVlNmVmN2I3NTQ5ZWJiZjVmNTViOTYwYzQwMTNmNWY3Yjk4MDMzMGIwMDlkOTgwMTU0OWNjYmRkZmZhOTkwYjMiLCJ3Ijo0NTgsImgiOjQ1OCwiZCI6Mi4wLCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.25.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-25-193.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e939c32005bd639882241efd2acf84cd00b2920bd2e7f1b8d8d3305810b10770

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 22:37:09 GMT
cache-control: max-age=2142782
last-modified: Thu, 04 Mar 2021 06:41:53 GMT
x-traceid: d12d7fd5b641fee153d0e55e1f56fa9e
timing-allow-origin: *
content-length: 55430
content-type: image/webp

GET
H2 206 eyJpdSI6ImVjNTAwOTFhNzBhN2I5YzBjNmQ2YzI3NWVmZGEzZDJjMmFkZTVkZDBjMWRiZDJkNWQ4ZDU4OTM2NzY1NTcyMWMiLCJ3Ijo0NTgsImgiOjQ1OCwiZCI6Mi4wLCJjcyI6MCwiZiI6NX0.mp4
images.outbrainimg.com/transform/v3/ 0
0 58ms
58ms Media
video/mp4 184.30.25.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImVjNTAwOTFhNzBhN2I5YzBjNmQ2YzI3NWVmZGEzZDJjMmFkZTVkZDBjMWRiZDJkNWQ4ZDU4OTM2NzY1NTcyMWMiLCJ3Ijo0NTgsImgiOjQ1OCwiZCI6Mi4wLCJjcyI6MCwiZiI6NX0.mp4
Requested by: Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.25.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-25-193.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Referer: https://www.kolotv.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

date: Mon, 22 Mar 2021 22:37:09 GMT
last-modified: Mon, 08 Mar 2021 12:15:04 GMT
content-type: video/mp4
Content-Range: bytes 0-5944974/5944975
cache-control: max-age=1571676
x-traceid: 7c640aa6f6a12fc065602ceff7e22856
timing-allow-origin: *
Content-Length: 5944975

GET
H2 206 eyJpdSI6ImVjNTAwOTFhNzBhN2I5YzBjNmQ2YzI3NWVmZGEzZDJjMmFkZTVkZDBjMWRiZDJkNWQ4ZDU4OTM2NzY1NTcyMWMiLCJ3Ijo0NTgsImgiOjQ1OCwiZCI6Mi4wLCJjcyI6MCwiZiI6NX0.mp4
images.outbrainimg.com/transform/v3/ 34 KB
0 59ms
58ms Media
video/mp4 184.30.25.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImVjNTAwOTFhNzBhN2I5YzBjNmQ2YzI3NWVmZGEzZDJjMmFkZTVkZDBjMWRiZDJkNWQ4ZDU4OTM2NzY1NTcyMWMiLCJ3Ijo0NTgsImgiOjQ1OCwiZCI6Mi4wLCJjcyI6MCwiZiI6NX0.mp4
Requested by: Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.25.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-25-193.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Referer: https://www.kolotv.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

date: Mon, 22 Mar 2021 22:37:09 GMT
last-modified: Mon, 08 Mar 2021 12:15:04 GMT
content-type: video/mp4
Content-Range: bytes 0-5944974/5944975
cache-control: max-age=1571676
x-traceid: 7c640aa6f6a12fc065602ceff7e22856
timing-allow-origin: *
Content-Length: 5944975

GET
H/1.1 200
OK beacon.js Show response
sb.scorecardresearch.com/ Frame 2588 1 KB
1 KB 56ms
55ms Script
application/x-javascript 184.25.115.49
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.25.115.49 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-25-115-49.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 22 Mar 2021 22:37:09 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 884
Expires: Tue, 23 Mar 2021 22:37:09 GMT

GET
H2 200 clip.js Show response
widgets.outbrain.com/nanoWidget/2000257/module/ 1 KB
1 KB 23ms
22ms Script
application/x-javascript 23.218.209.87
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/2000257/module/clip.js?e=1
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.209.87 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-209-87.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 9a4408286fb2ee1cc99f58d6bec9830b77402e57b98296c429794fe019757b15

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 22:37:09 GMT
content-encoding: gzip
last-modified: Sun, 21 Mar 2021 15:30:54 GMT
server: AkamaiNetStorage
etag: "f1364d939bcf041cdc9b377aa8c6f0ce:1616342734.76013"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=345600
access-control-allow-credentials: false
cookie: CheetahStaging=true
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 610

GET
H2 200 get Show response
mv.outbrain.com/Multivac/api/ 145 KB
31 KB 852ms
851ms Script
application/json 151.101.14.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mv.outbrain.com/Multivac/api/get?url=https%3A%2F%2Fwww.kolotv.com%2F2020%2F07%2F11%2Fincrease-in-identity-theft-tied-to-fraudulent-unemployment-claims%2F&settings=true&recs=true&widgetJSId=AR_4&key=NANOWDGT01&version=2000257&apv=true&sig=WFz5Fc31&format=html&rand=1386&pdobuid=-1&osLang=en-US&va=true&et=true&cmpStat=0&ccpaStat=1&scrW=1600&scrH=1200&t=MzVlZjJiZmRiNzhiYzljNGNhZTBkMzg4N2E1MmE4ZjE=&winW=1600&winH=1200&adblck=false&abwl=false&secured=true&feedIdx=0&lastIdx=1&lastCardIdx=0&fAB=8728-59448&pcer=p%3D3YZOz8lQb7c45FUdVUKu6QHz6HFV88CMkN4w8uyBFWI%26c%3Debcec4d1%26v%3D3&dpr=1&cw=938&wdr-natlaz=true
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/2000257/module/streamFeed.js?e=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d0af19e526a90212493d232d2c7898eb258c0cdd3f165da5808f1d6c8c8116a6

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 22:37:10 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: CHIDC2, MDW, FRA, Europe2
x-cache: MISS, MISS
p3p: policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
backend-ip: 157.52.75.50
x-cache-hits: 0, 0
x-traceid: 1aef40ec3bdb2a98f3a3e2e7c248995b
content-encoding: gzip
content-length: 31115
x-served-by: cache-mdw17350-MDW, cache-fra19129-FRA
x-timer: S1616452630.686642,VS0,VE829
vary: Accept-Encoding, User-Agent
content-type: application/json; charset=UTF-8
accept-ranges: bytes
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content b
sb.scorecardresearch.com/ Frame 2588 0
528 B 29ms
28ms Image
text/plain 184.25.115.49
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=7&c2=14320224&c3=1436&cs_ucfr=1&ns__t=1616452629727&ns_c=UTF-8&ns_if=1&cv=3.5&c8=OB%20user%20sync&c7=https%3A%2F%2Fwidgets.outbrain.com%2FwidgetOBUserSync%2FobUserSync.html%23pid%3D1436%26dmpenabled%3Dfalse%26filterDMP%3D%26csenabled%3Dtrue%26d%3D%26obcnsnt%3Dfalse%26gdpr%3D1%26cmpNeeded%3Dfalse%26gdprVer%3Dnull%26ccpa%3D1---%26country%3DNL&c9=https%3A%2F%2Fwww.kolotv.com%2F
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.25.115.49 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-25-115-49.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 22 Mar 2021 22:37:09 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 206 eyJpdSI6ImVjNTAwOTFhNzBhN2I5YzBjNmQ2YzI3NWVmZGEzZDJjMmFkZTVkZDBjMWRiZDJkNWQ4ZDU4OTM2NzY1NTcyMWMiLCJ3Ijo0NTgsImgiOjQ1OCwiZCI6Mi4wLCJjcyI6MCwiZiI6NX0.mp4
images.outbrainimg.com/transform/v3/ 14 KB
14 KB 232ms
232ms Media
video/mp4 184.30.25.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImVjNTAwOTFhNzBhN2I5YzBjNmQ2YzI3NWVmZGEzZDJjMmFkZTVkZDBjMWRiZDJkNWQ4ZDU4OTM2NzY1NTcyMWMiLCJ3Ijo0NTgsImgiOjQ1OCwiZCI6Mi4wLCJjcyI6MCwiZiI6NX0.mp4
Requested by: Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.25.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-25-193.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e409cf43ad402fc1ec1d7103883c9b5da4b44df457fb140586949263b134577a

Request headers

Referer: https://www.kolotv.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=5931008-

Response headers

date: Mon, 22 Mar 2021 22:37:09 GMT
last-modified: Mon, 08 Mar 2021 12:15:04 GMT
content-type: video/mp4
Content-Range: bytes 5931008-5944974/5944975
cache-control: max-age=1571676
x-traceid: 7c640aa6f6a12fc065602ceff7e22856
timing-allow-origin: *
Content-Length: 13967

GET
H3-Q050 200 container.html Show response
10e5f6d1aa91f9324c0db1844ea17d41.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame A5FA 6 KB
3 KB 34ms
20ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10e5f6d1aa91f9324c0db1844ea17d41.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 10e5f6d1aa91f9324c0db1844ea17d41.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-37/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.kolotv.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.kolotv.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 2973
date: Mon, 22 Mar 2021 22:37:09 GMT
expires: Tue, 22 Mar 2022 22:37:09 GMT
last-modified: Thu, 21 Nov 2019 16:01:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a1bd0c2f4f5db718b4ffad5433658d98981fbb3479ce8c7a2789406d81d15dd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 22:37:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616176152632151"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28237
x-xss-protection: 0
expires: Mon, 22 Mar 2021 22:37:09 GMT

GET
H3-Q050 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7329966907555823337/300x250/ Frame A949 3 KB
2 KB 7ms
6ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7329966907555823337/300x250/index.html

Requested by

Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

090d644d33110a4e266b3285cc82c98dc82aaf541d2ba96b3ea103983851e190

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/7329966907555823337/300x250/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://10e5f6d1aa91f9324c0db1844ea17d41.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://10e5f6d1aa91f9324c0db1844ea17d41.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 954
date: Mon, 22 Mar 2021 05:48:28 GMT
expires: Tue, 22 Mar 2022 05:48:28 GMT
last-modified: Thu, 24 Sep 2020 12:18:11 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
age: 60521
cache-control: public, max-age=31536000
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame A5FA 0
0 57ms
56ms Fetch
text/html 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CQO63FRxZYKXnGJLy3wPkgInQBL7L1_pb3rrA0pwMzPKl8PIMEAEg-b_DI2CRhJOF_BegAczyu5oDyAEJqQKSYiPtyQa0PuACAKgDAcgDCKoEqwJP0Bbf_gHJKsTn7CbsG9cld1LptLA5pI4ahTRyVFrSI6BWRxk17HEwX1-O40uCbZICGHRvmV5mkrEOnGHnt5XeZluXwubGLs2J0lLdziRdhAZ3jwtu6hW5NpWyqG-nQKX2FxwUzfAmbARCLNW1yBzDcTZfbWK0HqU9TYEZpEW2WZr-E1N19YqbFI_fZKBDK7xHwuqN8pD_4-CpsKjo3cTgboXl2nkSjeigF1JwhIfJoWlymXpgSH-HbA4JZA4Fg8Q1Jd7SnB-EFL-BUQkE466jtVAZSdlPgDDkgGN4PKDT4c_uR3cgUsa4mIPAn3v3_L24zYR1gjON7dlRc6q_WkvA7OrME64PjHnlAwKmK3YWfXi_IdaDrRuRBsyGeLchli9uYdmttdJQNiu5-MAExfGHusoB4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBi6AB5yNxGWoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQzNMS0ggJCIDhgBAQARgdgAoDyAsB2BMMshcaChgIABIUcHViLTA4ODMxMjY3MjU3NzMwMjY&sigh=sWBbPerd-ZU&template_id=419&tpd=AGWhJmt_yX6i9sKGO6IKNih9rg3UbQa17LqbaePEq4s2gx-xRw
Requested by: Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: mil04s23-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://10e5f6d1aa91f9324c0db1844ea17d41.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210318/r20110914/ Frame A5FA 17 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210318/r20110914/abg_lite_fy2019.js

Requested by

Host: 10e5f6d1aa91f9324c0db1844ea17d41.safeframe.googlesyndication.com
URL: https://10e5f6d1aa91f9324c0db1844ea17d41.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6493ea407d79518f1a23cd56abf3877cc95cfef289aa2193e09414befa93915b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://10e5f6d1aa91f9324c0db1844ea17d41.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 22:28:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 523
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7120
x-xss-protection: 0
server: cafe
etag: 10528220335026403715
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Apr 2021 22:28:26 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/ Frame A5FA 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/window_focus_fy2019.js

Requested by

Host: 10e5f6d1aa91f9324c0db1844ea17d41.safeframe.googlesyndication.com
URL: https://10e5f6d1aa91f9324c0db1844ea17d41.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://10e5f6d1aa91f9324c0db1844ea17d41.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 22:34:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 131
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Apr 2021 22:34:58 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A5FA 117 KB
36 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 10e5f6d1aa91f9324c0db1844ea17d41.safeframe.googlesyndication.com
URL: https://10e5f6d1aa91f9324c0db1844ea17d41.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

911deead0c0ec5c76af07f381c8e918567120df0488208f50b0579afa0b61376

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://10e5f6d1aa91f9324c0db1844ea17d41.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 22:37:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616176146673399"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36391
x-xss-protection: 0
expires: Mon, 22 Mar 2021 22:37:09 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/ Frame A5FA 12 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 10e5f6d1aa91f9324c0db1844ea17d41.safeframe.googlesyndication.com
URL: https://10e5f6d1aa91f9324c0db1844ea17d41.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bafc346d790cb95214543b3f99b58a29e9c020492c68e7121d4dc176463ab9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://10e5f6d1aa91f9324c0db1844ea17d41.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 22:32:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 266
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5518
x-xss-protection: 0
server: cafe
etag: 4273098417856770931
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Apr 2021 22:32:43 GMT

GET
H3-Q050 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1DD3 143 B
169 B 7ms
6ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: 10e5f6d1aa91f9324c0db1844ea17d41.safeframe.googlesyndication.com
URL: https://10e5f6d1aa91f9324c0db1844ea17d41.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://10e5f6d1aa91f9324c0db1844ea17d41.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: DSID=NO_DATA; IDE=AHWqTUmniuAybDVJseyFr1_Vrg8W7w3VUdCMdbwRNnuGqtmh4eI_Hh-ncHztSodJY_M
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://10e5f6d1aa91f9324c0db1844ea17d41.safeframe.googlesyndication.com/

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 22 Mar 2021 22:23:20 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 829
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame A949 9 KB
3 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7329966907555823337/300x250/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 12:33:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36224
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 23 Mar 2021 12:33:25 GMT

GET
H3-Q050 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame A949 22 KB
9 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7329966907555823337/300x250/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 12:41:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35715
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8867
x-xss-protection: 0
server: cafe
etag: 18043545750443934562
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Tue, 23 Mar 2021 12:41:54 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame A949 5 KB
1 KB 42ms
28ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:500,600,700&display=swap

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7329966907555823337/300x250/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

08e58705c837ab1dfcc72bbcc799e9869c552b74ec9014e92c6030d46547120f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 22 Mar 2021 21:46:15 GMT
server: ESF
date: Mon, 22 Mar 2021 22:37:09 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 22 Mar 2021 22:37:09 GMT

GET
H3-Q050 200 style.css
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7329966907555823337/300x250/ Frame A949 3 KB
2 KB 8ms
7ms Stylesheet
text/css 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7329966907555823337/300x250/style.css

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7329966907555823337/300x250/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44ae76c378b6d5a0c20e4b555135d7ac006464a06f25768ed1bf3aedc4771b85

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 119105
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 886
x-xss-protection: 0
last-modified: Thu, 24 Sep 2020 12:18:11 GMT
server: sffe
date: Sun, 21 Mar 2021 13:32:04 GMT
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 21 Mar 2022 13:32:04 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.4.1/ Frame A949 86 KB
30 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.4.1/jquery.min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7329966907555823337/300x250/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 11:06:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41445
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30774
x-xss-protection: 0
last-modified: Mon, 13 May 2019 14:37:17 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Mar 2022 11:06:24 GMT

GET
H2 200 tweenmax_2.1.2_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame A949 113 KB
39 KB 60ms
39ms Script
text/javascript 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_2.1.2_min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7329966907555823337/300x250/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a863a77e9ee263a0ec9c1e792bb33ed0f663582b7369f472261df7b6040990c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 22:37:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39910
x-xss-protection: 0
last-modified: Mon, 11 Mar 2019 14:29:26 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 22 Mar 2021 22:37:09 GMT

GET
H3-Q050 200 animate.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7329966907555823337/300x250/ Frame A949 2 KB
813 B 8ms
8ms Script
application/x-javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7329966907555823337/300x250/animate.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7329966907555823337/300x250/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

506efbbee8f80be9d838832828af391ab50779b77e6b7563ebc3fbab6232c28e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 119105
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 746
x-xss-protection: 0
last-modified: Thu, 24 Sep 2020 12:18:11 GMT
server: sffe
date: Sun, 21 Mar 2021 13:32:04 GMT
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 21 Mar 2022 13:32:04 GMT

GET
H3-Q050 200 bg-300x250.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7329966907555823337/300x250/ Frame A949 28 KB
28 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7329966907555823337/300x250/bg-300x250.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7329966907555823337/300x250/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba04baca4cacb8477c8a3f70fe72730b3c924ef953f832532a123c55d0f637ee

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 119106
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28777
x-xss-protection: 0
last-modified: Thu, 24 Sep 2020 12:18:11 GMT
server: sffe
date: Sun, 21 Mar 2021 13:32:04 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 21 Mar 2022 13:32:04 GMT

GET
H3-Q050 200 sample1.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7329966907555823337/300x250/ Frame A949 14 KB
14 KB 8ms
7ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7329966907555823337/300x250/sample1.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7329966907555823337/300x250/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6ae5d6605213e536035e890569996a75899140fa0d8fb07baa403f89ddff4ab

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 119106
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14302
x-xss-protection: 0
last-modified: Thu, 24 Sep 2020 12:18:11 GMT
server: sffe
date: Sun, 21 Mar 2021 13:32:04 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 21 Mar 2022 13:32:04 GMT

GET
H3-Q050 200 sample2.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7329966907555823337/300x250/ Frame A949 14 KB
15 KB 8ms
7ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7329966907555823337/300x250/sample2.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7329966907555823337/300x250/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

778a531475defadb43f6a50b34b7262f7ef015168fa37e2f246bd136c46435ec

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 119106
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14817
x-xss-protection: 0
last-modified: Thu, 24 Sep 2020 12:18:11 GMT
server: sffe
date: Sun, 21 Mar 2021 13:32:04 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 21 Mar 2022 13:32:04 GMT

GET
H3-Q050 200 sample3.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7329966907555823337/300x250/ Frame A949 15 KB
15 KB 11ms
10ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7329966907555823337/300x250/sample3.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7329966907555823337/300x250/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab267ee80894a9dbd9f5a0220b0cb0b64f8326404aeb2630c706ab1fba9d8732

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 119106
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15725
x-xss-protection: 0
last-modified: Thu, 24 Sep 2020 12:18:11 GMT
server: sffe
date: Sun, 21 Mar 2021 13:32:04 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 21 Mar 2022 13:32:04 GMT

GET
H3-Q050 200 spray.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7329966907555823337/300x250/ Frame A949 9 KB
10 KB 10ms
9ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7329966907555823337/300x250/spray.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7329966907555823337/300x250/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c2a608dc999e9e68667dc7a28aa7a1fc85e580301cddf95329957276d7878a9

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 119106
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9109
x-xss-protection: 0
last-modified: Thu, 24 Sep 2020 12:18:11 GMT
server: sffe
date: Sun, 21 Mar 2021 13:32:04 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 21 Mar 2022 13:32:04 GMT

GET
H3-Q050 200 logo.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7329966907555823337/300x250/ Frame A949 4 KB
4 KB 10ms
9ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7329966907555823337/300x250/logo.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7329966907555823337/300x250/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c93e8295e26120291c2e4126e665799e13bc3b3ea850294e3b98507879344beb

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 119106
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3612
x-xss-protection: 0
last-modified: Thu, 24 Sep 2020 12:18:11 GMT
server: sffe
date: Sun, 21 Mar 2021 13:32:04 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 21 Mar 2022 13:32:04 GMT

GET
H3-Q050 200 sense.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7329966907555823337/300x250/ Frame A949 2 KB
2 KB 9ms
8ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7329966907555823337/300x250/sense.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7329966907555823337/300x250/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e0e585d954e63c15be9039879e6dd17752a67ebb1c55cdda56c2bcdd3f2bb310

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 119106
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1828
x-xss-protection: 0
last-modified: Thu, 24 Sep 2020 12:18:11 GMT
server: sffe
date: Sun, 21 Mar 2021 13:32:04 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 21 Mar 2022 13:32:04 GMT

GET
H3-Q050 200 arrow.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7329966907555823337/300x250/ Frame A949 252 B
282 B 8ms
7ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7329966907555823337/300x250/arrow.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/7329966907555823337/300x250/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

497ea1b8549a749142f96505c5d20b82c62fa5dd51aba06f87c06d0181a52079

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 119106
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 252
x-xss-protection: 0
last-modified: Thu, 24 Sep 2020 12:18:11 GMT
server: sffe
date: Sun, 21 Mar 2021 13:32:04 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 21 Mar 2022 13:32:04 GMT

GET
DATA 200
OK truncated
/ Frame A5FA 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f1461b5c49aea93ae05fd14a4d84c75ac47dd7a0a5c0c407875083ea4bc6596

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame AC90 0
0 225ms
224ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvyA-eIz3HSrpdTwKa5ULEFWCnX_UtMpp66Gvpv6xzr5By4t57R6zQ_1DlsJ4Kpi5A_64gVYB2itNM-ZMdRK5bOyq_fggdPdk6CEO3qHJs7sRr836iVBNDJ45WMcFizpUAVJ2TjWtXcV1tqq_IzHSfi0iaEjpGl_DLvG_ql91QkGLnEvbe4oT6KH-r5BWMOs7gm313ZDnm6RDxFxGyO306tr69RNzYBXoVp3Q0iYufSTvRyMqXJSTkjmPkRc-2a1SLq5mXzYmv64TXmke8Wb84zwzZ5rcL0aJPm5WUkJQG_15-48x46TNKn_yQyFORuy2c&sig=Cg0ArKJSzLv8iujgUHwLEAE&adurl=

Requested by

Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Mar 2021 22:37:10 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/ Frame AC90 2 KB
1 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 22:34:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 131
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Apr 2021 22:34:58 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AC90 117 KB
36 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

911deead0c0ec5c76af07f381c8e918567120df0488208f50b0579afa0b61376

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 22:37:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616176146673399"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36391
x-xss-protection: 0
expires: Mon, 22 Mar 2021 22:37:10 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame AC90 0
0 14ms
14ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQwivCf2A2iiXM2VZaJyvfIkmiOBpNtWC0KLJ9_0Rcl6oxfZEQCLa7eAsHMLFk7WfHOOT4X-48V4mbyTv-zFSu2mQoqJA
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 13951206201273681460
tpc.googlesyndication.com/simgad/ Frame AC90 23 KB
23 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13951206201273681460

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82aa36db963fde3c77d1408d76d2886b8282e5060bd3664b3808a8276e4e6685

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 18:43:50 GMT
x-content-type-options: nosniff
age: 445999
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23173
x-xss-protection: 0
last-modified: Wed, 17 Mar 2021 18:25:42 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 17 Mar 2022 18:43:50 GMT

GET
H3-Q050 200 JTURjIg1_i6t8kCHKm45_bZF3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v15/ Frame A949 19 KB
19 KB 35ms
21ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_bZF3gnD_g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:500,600,700&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d10e701c44ab739c7d711b6483def0c6cd47e5a3d04eda1df2c5cbb08f21d81a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: null
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 03:11:49 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:13:07 GMT
server: sffe
age: 329121
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19264
x-xss-protection: 0
expires: Sat, 19 Mar 2022 03:11:49 GMT

GET
H3-Q050 200 JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2
fonts.gstatic.com/s/montserrat/v15/ Frame A949 19 KB
19 KB 34ms
20ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v15/JTURjIg1_i6t8kCHKm45_ZpC3gnD_g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Montserrat:500,600,700&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

965574e97c29813feaa62a0a149731306ee4725e027603b937905375d3121c89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: null
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 22:38:09 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:11:03 GMT
server: sffe
age: 431941
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19272
x-xss-protection: 0
expires: Thu, 17 Mar 2022 22:38:09 GMT

GET
H2 200 ob_logo_67x12.png
widgets.outbrain.com/images/widgetIcons/ 2 KB
3 KB 25ms
24ms Image
image/png 23.218.209.87
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/ob_logo_67x12.png
Requested by: Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.209.87 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-209-87.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 22:37:10 GMT
last-modified: Wed, 17 Feb 2021 13:51:00 GMT
server: AkamaiNetStorage
etag: "c52b07e749f7a09fa7b97b7e195e06ce:1613570897.992119"
access-control-allow-methods: GET,POST
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
cookie: CheetahStaging=true
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 2326
expires: Wed, 21 Apr 2021 22:37:10 GMT

GET
H/1.1 200
OK l Show response
mcdp-chidc2.outbrain.com/ 2 B
292 B 141ms
117ms Fetch
text/plain 50.31.142.95
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-chidc2.outbrain.com/l?token=d99439a199b383e2a6ec6b72e0b73965_1436_1616452629853&tm=1528&eT=0&widgetWidth=938&widgetHeight=411&widgetX=165&widgetY=3437&wRV=2000257&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 50.31.142.95 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: chi.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Mon, 22 Mar 2021 22:37:10 GMT
content-encoding: gzip
X-TraceId: 311ce879b2dcd3cd6f104175e19c7888
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H2 200 eyJpdSI6ImNhZTQ2ZWJlZDUyZjEzNzQ1NWUxY2JkMjFhZDVlZWMyMDg2NTE4OWI3ZTRmYjBkODM3YjhkYTM0Mjg4NzJlODQiLCJ3IjoxMjAsImgiOjgwLCJkIjoxLjUsImNzIjowLCJmIjo0fQ.webp
images.outbrainimg.com/transform/v3/ 7 KB
8 KB 124ms
122ms Image
image/webp 184.30.25.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImNhZTQ2ZWJlZDUyZjEzNzQ1NWUxY2JkMjFhZDVlZWMyMDg2NTE4OWI3ZTRmYjBkODM3YjhkYTM0Mjg4NzJlODQiLCJ3IjoxMjAsImgiOjgwLCJkIjoxLjUsImNzIjowLCJmIjo0fQ.webp
Requested by: Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.25.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-25-193.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: dffadad2ae4b3da15d5531d6c4b70739ed28b27d5502081ffd26a5872709b5f9

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 22:37:10 GMT
cache-control: max-age=1809968
last-modified: Wed, 10 Mar 2021 09:52:43 GMT
x-traceid: eadef3df736dc1eb68576410e08fa5a
timing-allow-origin: *
content-length: 7586
content-type: image/webp

GET
H2 200 eyJpdSI6ImJmM2VlZWY0NTEwYTc3OGY2ZTI3Zjg3NGE0NWE0ZmZlNjg1Mjk0NjBiYzM1MWQ1ZWUwYTJjNDZkMWQ0ODU3ZjEiLCJ3IjoxMjAsImgiOjgwLCJkIjoxLjUsImNzIjowLCJmIjo0fQ.webp
images.outbrainimg.com/transform/v3/ 8 KB
8 KB 40ms
38ms Image
image/webp 184.30.25.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImJmM2VlZWY0NTEwYTc3OGY2ZTI3Zjg3NGE0NWE0ZmZlNjg1Mjk0NjBiYzM1MWQ1ZWUwYTJjNDZkMWQ0ODU3ZjEiLCJ3IjoxMjAsImgiOjgwLCJkIjoxLjUsImNzIjowLCJmIjo0fQ.webp
Requested by: Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.25.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-25-193.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6467f0d2a8df19e41b709fc8b15d1f87fa2fd9a29178c8df1e350ef25b101236

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 22:37:10 GMT
cache-control: max-age=1918684
last-modified: Mon, 15 Mar 2021 11:00:51 GMT
x-traceid: 64898ebaec9977a3b57fd537223cf618
timing-allow-origin: *
content-length: 8440
content-type: image/webp

GET
H2 200 eyJpdSI6ImNmOTUwNmNmMGFmODNhNmZjYTZiYTU4MDY0MTc2YjYxYTUwOWE1YjFhNGNjYjFkNGE5ZmIwMjIxMmJiNTM2ODciLCJ3IjoxMjAsImgiOjgwLCJkIjoxLjUsImNzIjowLCJmIjo0fQ.webp
images.outbrainimg.com/transform/v3/ 10 KB
11 KB 40ms
38ms Image
image/webp 184.30.25.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImNmOTUwNmNmMGFmODNhNmZjYTZiYTU4MDY0MTc2YjYxYTUwOWE1YjFhNGNjYjFkNGE5ZmIwMjIxMmJiNTM2ODciLCJ3IjoxMjAsImgiOjgwLCJkIjoxLjUsImNzIjowLCJmIjo0fQ.webp
Requested by: Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.25.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-25-193.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6b10c8ffab6e28fc2399b772a0098cd8112700d7bb742436103da04c41206e18

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 22:37:10 GMT
cache-control: max-age=1584911
last-modified: Tue, 09 Feb 2021 22:47:41 GMT
x-traceid: 64459abbf17c77e8326878649c70d02c
timing-allow-origin: *
content-length: 10748
content-type: image/webp

GET
H2 200 eyJpdSI6IjVlNmVmN2I3NTQ5ZWJiZjVmNTViOTYwYzQwMTNmNWY3Yjk4MDMzMGIwMDlkOTgwMTU0OWNjYmRkZmZhOTkwYjMiLCJ3IjoxMjAsImgiOjgwLCJkIjoxLjUsImNzIjowLCJmIjo0fQ.webp
images.outbrainimg.com/transform/v3/ 7 KB
7 KB 188ms
187ms Image
image/webp 184.30.25.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjVlNmVmN2I3NTQ5ZWJiZjVmNTViOTYwYzQwMTNmNWY3Yjk4MDMzMGIwMDlkOTgwMTU0OWNjYmRkZmZhOTkwYjMiLCJ3IjoxMjAsImgiOjgwLCJkIjoxLjUsImNzIjowLCJmIjo0fQ.webp
Requested by: Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.25.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-25-193.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a8c3dfd82abe71bfaeb68198665498c448a290b1caec42085d2c51377cea728e

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 22:37:10 GMT
cache-control: max-age=2462378
last-modified: Thu, 04 Mar 2021 06:41:53 GMT
x-traceid: 94060a0ad9bdf7601a2b8cf979545fd5
timing-allow-origin: *
content-length: 7370
content-type: image/webp

GET
H2 200 eyJpdSI6IjM4ZGYxYmFmNTcxYjllZjI1ZWY4MjQ4YzFlNjMzNWU2MGIwZDU5MWJlODgwM2ZhZTRmZTNjNmQzYjAyMGJjYzQiLCJ3IjoxMjAsImgiOjgwLCJkIjoxLjUsImNzIjowLCJmIjo0fQ.webp
images.outbrainimg.com/transform/v3/ 8 KB
8 KB 125ms
124ms Image
image/webp 184.30.25.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjM4ZGYxYmFmNTcxYjllZjI1ZWY4MjQ4YzFlNjMzNWU2MGIwZDU5MWJlODgwM2ZhZTRmZTNjNmQzYjAyMGJjYzQiLCJ3IjoxMjAsImgiOjgwLCJkIjoxLjUsImNzIjowLCJmIjo0fQ.webp
Requested by: Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.25.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-25-193.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: bac9e1234aedd314413d116b69f9d184ad8d07919011755ff33aef3ebd309598

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 22:37:10 GMT
cache-control: max-age=2353968
last-modified: Sat, 20 Mar 2021 07:09:20 GMT
x-traceid: f3f8c96ca31177a32167ffc5172c3ef9
timing-allow-origin: *
content-length: 8098
content-type: image/webp

GET
H2 200 eyJpdSI6ImZkNWE4NTIyYTNmOTY5ZGNlYjM0M2RiMjhmNzUwZGM1NjFjMmRhYmVlYmI0MGYwOGQ4YmY3M2YyNzc5MjljN2YiLCJ3IjoxMjAsImgiOjgwLCJkIjoxLjUsImNzIjowLCJmIjo0fQ.webp
images.outbrainimg.com/transform/v3/ 8 KB
8 KB 95ms
94ms Image
image/webp 184.30.25.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImZkNWE4NTIyYTNmOTY5ZGNlYjM0M2RiMjhmNzUwZGM1NjFjMmRhYmVlYmI0MGYwOGQ4YmY3M2YyNzc5MjljN2YiLCJ3IjoxMjAsImgiOjgwLCJkIjoxLjUsImNzIjowLCJmIjo0fQ.webp
Requested by: Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.25.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-25-193.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fdc9792994fcd0d7ac763eface7b33c658a201bc8d3194f78dc255a80021a003

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 22:37:10 GMT
cache-control: max-age=2169331
last-modified: Wed, 10 Mar 2021 12:41:07 GMT
x-traceid: 1a57bfca67c8efb68fca485110b0a46a
timing-allow-origin: *
content-length: 8360
content-type: image/webp

GET
H2 200 eyJpdSI6IjFkMjIzYTk4ZWIyMGQ3Yzg5M2FiZjZlZmU1Yzc1NjhmZmMwZmY5ZmU3OGYxM2YyMDYwNWI3YzE4OThiOWU4OGUiLCJ3IjoxMjAsImgiOjgwLCJkIjoxLjUsImNzIjowLCJmIjo0fQ.webp
images.outbrainimg.com/transform/v3/ 3 KB
4 KB 126ms
126ms Image
image/webp 184.30.25.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjFkMjIzYTk4ZWIyMGQ3Yzg5M2FiZjZlZmU1Yzc1NjhmZmMwZmY5ZmU3OGYxM2YyMDYwNWI3YzE4OThiOWU4OGUiLCJ3IjoxMjAsImgiOjgwLCJkIjoxLjUsImNzIjowLCJmIjo0fQ.webp
Requested by: Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.25.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-25-193.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: b607f51e80933feb76ce2b0a7223dedebf4d1114f9369dd6f5db37803f3c1950

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 22:37:10 GMT
cache-control: max-age=2461427
last-modified: Thu, 18 Mar 2021 11:07:31 GMT
x-traceid: 15f3b057e632d02e040923f905d2fa61
timing-allow-origin: *
content-length: 3462
content-type: image/webp

GET
H2 200 eyJpdSI6ImExZjJlNmY2NTFjMDQ5NWUwMDVlMDgwMjM1M2VhMTNlMmExYWM4NDRiZmI3YTcwOGU2OWJiZGM4NjcxMGY0MTciLCJ3IjoxMjAsImgiOjgwLCJkIjoxLjUsImNzIjowLCJmIjo0fQ.webp
images.outbrainimg.com/transform/v3/ 6 KB
6 KB 102ms
101ms Image
image/webp 184.30.25.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImExZjJlNmY2NTFjMDQ5NWUwMDVlMDgwMjM1M2VhMTNlMmExYWM4NDRiZmI3YTcwOGU2OWJiZGM4NjcxMGY0MTciLCJ3IjoxMjAsImgiOjgwLCJkIjoxLjUsImNzIjowLCJmIjo0fQ.webp
Requested by: Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.25.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-25-193.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: dd1e39dbd30c41bc7198863928a763cf6cb9903c2e2272657ebcde90202b104c

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 22:37:10 GMT
cache-control: max-age=2435021
last-modified: Mon, 22 Mar 2021 13:06:05 GMT
x-traceid: 292c99e97cee207b05c0e68ca71da956
timing-allow-origin: *
content-length: 5726
content-type: image/webp

GET
H2 206 eyJpdSI6ImVjNTAwOTFhNzBhN2I5YzBjNmQ2YzI3NWVmZGEzZDJjMmFkZTVkZDBjMWRiZDJkNWQ4ZDU4OTM2NzY1NTcyMWMiLCJ3Ijo0NTgsImgiOjQ1OCwiZCI6Mi4wLCJjcyI6MCwiZiI6NX0.mp4
images.outbrainimg.com/transform/v3/ 6 MB
6 MB 42ms
42ms Media
video/mp4 184.30.25.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImVjNTAwOTFhNzBhN2I5YzBjNmQ2YzI3NWVmZGEzZDJjMmFkZTVkZDBjMWRiZDJkNWQ4ZDU4OTM2NzY1NTcyMWMiLCJ3Ijo0NTgsImgiOjQ1OCwiZCI6Mi4wLCJjcyI6MCwiZiI6NX0.mp4
Requested by: Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.25.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-25-193.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 23019b6b698d3ce4b77ad89c7ca396c65349efa127aacb8094c81aa2ea2fad4a

Request headers

Referer: https://www.kolotv.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=32768-

Response headers

date: Mon, 22 Mar 2021 22:37:10 GMT
last-modified: Mon, 08 Mar 2021 12:15:04 GMT
content-type: video/mp4
Content-Range: bytes 32768-5944974/5944975
cache-control: max-age=1571675
x-traceid: 7c640aa6f6a12fc065602ceff7e22856
timing-allow-origin: *
Content-Length: 5912207

GET
DATA 200
OK truncated
/ Frame AC90 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0337f7f92da8c42ebd32e91b62fe9e7aec514948943810082c415f45086f0341

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame AC90 0
0 127ms
71ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuyrGz4EykGJPB5MpL1tHc6pOE-j0HfLdfxk7-6oMbnUPBNpVOasjQ5w_KU4izufsfogPTzEiTWRCXu3eer3NuJ5nOUIYpZ-7-mAO0Ni3wI0JpflIk_dUgZLEeM_zGXtvx6_egsq5fpp8JG7jdXIthtkRwRLyZzNjuEoeIDjuP4sjCKTBB-eAuxXhV3ml2mBz0H4iYhAhudiUbPfEOfLU_atCRm3f0Lw7NbUUoXYpJeBAIn79oxcbec7fg6E_ZPBDBuhHTX7G_NUxQWzGzMvwhsSnNV74VIdTFOcr8XCQeC-c3aZBA&sig=Cg0ArKJSzFOBqPFi_4wbEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Mar 2021 22:37:10 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 22 Mar 2021 22:37:10 GMT

GET
H3-Q050

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 1DD3
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
156 B

15ms
14ms

Document
text/html

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: 10e5f6d1aa91f9324c0db1844ea17d41.safeframe.googlesyndication.com
URL: https://10e5f6d1aa91f9324c0db1844ea17d41.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: DSID=NO_DATA; IDE=AHWqTUlwWn4afFaErfc6lpK6daET4yfl3t_YWNC_sYePn6xLC5dECEEtoySsFvP_gyw
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 22 Mar 2021 22:37:10 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Mon, 22-Mar-2021 23:37:10 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 22 Mar 2021 22:37:10 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Mon, 22 Mar 2021 22:37:10 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012101070013000/ Frame C7B1 185 KB
53 KB 28ms
14ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0812a00aee80133b732c5cb2e0362ee2a52ae9f50c126d43e73f98163db9711f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 33629
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53820
x-xss-protection: 0
server: sffe
date: Mon, 22 Mar 2021 13:16:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "ee5348f2de7cdf64"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Mar 2022 13:16:41 GMT

GET
H3-Q050 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012101070013000/v0/ Frame C7B1 12 KB
4 KB 30ms
16ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012101070013000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

981f6ac4a0eed80f6a40eef39d86ce7876f6e360d8b3a2f57f2617bb12895dc3

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 33629
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4559
x-xss-protection: 0
server: sffe
date: Mon, 22 Mar 2021 13:16:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "c3a321a15743f406"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Mar 2022 13:16:41 GMT

GET
H3-Q050 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012101070013000/v0/ Frame C7B1 87 KB
27 KB 30ms
16ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012101070013000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4024d5169b2506f3421052b45f5d66154de796baf2443d9326ac40107ce5cfb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 33629
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27206
x-xss-protection: 0
server: sffe
date: Mon, 22 Mar 2021 13:16:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1f991b6a8daa2b14"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Mar 2022 13:16:41 GMT

GET
H3-Q050 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012101070013000/v0/ Frame C7B1 3 KB
1 KB 29ms
16ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012101070013000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7fa743da4cd37829cd0e7c02e877f094400036be87c8e1fd9d2c3f5f68a8fa5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 33629
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1376
x-xss-protection: 0
server: sffe
date: Mon, 22 Mar 2021 13:16:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "512b909f94eb26fb"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Mar 2022 13:16:41 GMT

GET
H3-Q050 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012101070013000/v0/ Frame C7B1 40 KB
13 KB 26ms
13ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012101070013000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

194a2819816bb760d4c5ba2ba825cf1926b853c821842697c3024ec74a36f66c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 33629
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12793
x-xss-protection: 0
server: sffe
date: Mon, 22 Mar 2021 13:16:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1e3ef417618f7e28"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Mar 2022 13:16:41 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame C7B1 4 KB
685 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d344632c01d1ca55dc380216de660c9b8a5a3174e7d7afa6784aff50c945e1cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 22 Mar 2021 21:40:17 GMT
server: ESF
date: Mon, 22 Mar 2021 22:37:10 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 22 Mar 2021 22:37:10 GMT

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame C7B1 2 KB
3 KB 6ms
6ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Mar 2021 21:00:48 GMT
x-content-type-options: nosniff
server: cafe
age: 5782
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Tue, 23 Mar 2021 21:00:48 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame C7B1 295 B
388 B 7ms
6ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Mar 2021 22:17:05 GMT
x-content-type-options: nosniff
server: cafe
age: 1205
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 23 Mar 2021 22:17:05 GMT

GET
H3-Q050 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/15051748022443081378/ Frame C7B1 17 KB
17 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15051748022443081378/downsize_200k_v1?w=400&h=209

Requested by

Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

827886ecf4a189825b8885b151db34a664ed2a91d24bf57d12c3f3adf073ca69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 03:43:22 GMT
x-content-type-options: nosniff
age: 586428
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17281
x-xss-protection: 0
last-modified: Fri, 28 Aug 2020 13:22:37 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Mar 2022 03:43:22 GMT

GET
DATA 200
OK truncated
/ Frame C7B1 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame C7B1 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dbbb1ca9f534d707a0447a75d86048b8e56c4266bed826502b771241101c21a8

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame C7B1 0
0 14ms
13ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaR6j6-eD8h3r_jiUClSVqKgRDYUWWfd21BjZpbtdoavmzYnzM7lHl3YCOLxyD7VyIp18YmIsxs7qLcRP5_H_PNZLaGMoQ
Requested by: Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame C7B1 0
0 58ms
57ms Image
text/html 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CKLM9FRxZYM22OqeNjuwPuoSOuAyX3pDxYPyygOj1C76K_4DUAhABIPm_wyNgkYSThfwXoAGp7s33AsgBCakCkmIj7ckGtD7gAgCoAwHIAwqqBKkCT9CTLlCLtCNQ7I8dDSHXaTVdfG3KqeExpFnCFV7RTluJUD02zC5thYb7-mI6uuG1MtkTPcUqwl7GAUaAcdKdB0O4tGGa9qxh2iidGTyd4sCcDBxHvVHrkFBCFIbaqRKkcC_6Tgcn-OPV0XfVesyc5cIcs4UqGHb9-0-YCQpwA_daSDXkpAVOkFdu-Cwiq88V9uU-lMKMRS_DJqXyJEEHd3iFR6R5Zv6dO7h9bB0Ue_aDQB5jyHj_AoiVm7e5U418BdzvTBrRg-F3Xw86CW-5g_r39AhBh1926KfDfh08AvgnVgYZas_h83nvACHy70zkJnUmOVvJGDAGUYp6pqGLMOxU_neLJzjdoJBcEvU3z9gOpMzpdaxxpGBlFafHvJ7k5mZWfc8c9zBlwATh7bGNjwPgBAGSBQQIBBgBkgUECAUYBKAGLoAHv5GyiAGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQ5uwI0ggJCIDhgBAQARgdgAoDyAsB2BMNiBQHshcaChgIABIUcHViLTA4ODMxMjY3MjU3NzMwMjY&sigh=o-Nv8GPmfkc&template_id=5000&tpd=AGWhJmtj6T-JvhEVd5kuwpvIzT0YNtBP1qK2hbtiuleKDb6Q9A
Requested by: Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: mil04s23-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v20/ Frame C7B1 16 KB
16 KB 9ms
6ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24369e1b2461af9dcefecaf9cc93d64cf22a4c5bac32506100b9e21014507bcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.kolotv.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 18:27:39 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:37 GMT
server: sffe
age: 14971
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15872
x-xss-protection: 0
expires: Tue, 22 Mar 2022 18:27:39 GMT

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v20/ Frame C7B1 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.kolotv.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 18:51:47 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:36 GMT
server: sffe
age: 13523
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15736
x-xss-protection: 0
expires: Tue, 22 Mar 2022 18:51:47 GMT

GET
H2 200 reel.js Show response
widgets.outbrain.com/nanoWidget/2000257/module/ 23 KB
7 KB 24ms
24ms Script
application/x-javascript 23.218.209.87
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/2000257/module/reel.js?e=1
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.209.87 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-209-87.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 567e59224859cbf7b8fd84f7bff0b718114ec0f36bdb00046781bf255938e227

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 22:37:10 GMT
content-encoding: gzip
last-modified: Sun, 21 Mar 2021 15:30:54 GMT
server: AkamaiNetStorage
etag: "f0a59c3f77848cde962c0e2a8b3cb9c4:1616342750.259161"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=345600
access-control-allow-credentials: false
cookie: CheetahStaging=true
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 7214

GET
H/1.1 200
OK l Show response
mcdp-chidc2.outbrain.com/ 2 B
292 B 118ms
117ms Fetch
text/plain 50.31.142.95
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-chidc2.outbrain.com/l?token=a3c7aeda74ce985774c1a8fc40d9543f_1436_1616452629954&tm=2017&eT=0&widgetWidth=938&widgetHeight=553&widgetX=165&widgetY=3387&wRV=2000257&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 50.31.142.95 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: chi.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Mon, 22 Mar 2021 22:37:10 GMT
content-encoding: gzip
X-TraceId: 5e568fab855e3aac08c81ede503fd2a2
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H/1.1 200
OK l Show response
mcdp-chidc2.outbrain.com/ 2 B
292 B 116ms
116ms Fetch
text/plain 50.31.142.95
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-chidc2.outbrain.com/l?token=a0b77ef32664213bdf51b4a5c295380a_1436_1616452629990&tm=2036&eT=0&widgetWidth=938&widgetHeight=353&widgetX=165&widgetY=3959&wRV=2000257&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 50.31.142.95 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: chi.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Mon, 22 Mar 2021 22:37:10 GMT
content-encoding: gzip
X-TraceId: de679bcdbade4e049cb86d487bdbec05
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H/1.1 200
OK l Show response
mcdp-chidc2.outbrain.com/ 2 B
292 B 234ms
118ms Fetch
text/plain 50.31.142.95
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-chidc2.outbrain.com/l?token=0426f9ef80a093d49d5a2e0b1796e33b_1436_1616452630192&tm=2036&eT=0&widgetWidth=938&widgetHeight=399&widgetX=165&widgetY=4332&wRV=2000257&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 50.31.142.95 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: chi.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Mon, 22 Mar 2021 22:37:10 GMT
content-encoding: gzip
X-TraceId: a063050ea24c73788cfb5580a058d0c9
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H/1.1 200
OK l Show response
mcdp-chidc2.outbrain.com/ 2 B
292 B 233ms
117ms Fetch
text/plain 50.31.142.95
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-chidc2.outbrain.com/l?token=d72175e62a35545d7e08bfbcc4123859_1436_1616452630228&tm=2037&eT=0&widgetWidth=938&widgetHeight=353&widgetX=165&widgetY=4751&wRV=2000257&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 50.31.142.95 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: chi.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Mon, 22 Mar 2021 22:37:10 GMT
content-encoding: gzip
X-TraceId: 2a01a200c5f78739bd00ef62d7f6ba77
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H/1.1 200
OK l Show response
mcdp-chidc2.outbrain.com/ 2 B
292 B 350ms
116ms Fetch
text/plain 50.31.142.95
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-chidc2.outbrain.com/l?token=4ef039a39a4dabe135ca71b52fd74399_1436_1616452630398&tm=2037&eT=0&widgetWidth=938&widgetHeight=420&widgetX=165&widgetY=5124&wRV=2000257&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 50.31.142.95 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: chi.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Mon, 22 Mar 2021 22:37:10 GMT
content-encoding: gzip
X-TraceId: bcb81b9b84f6106b3bd29ae1c80eae3e
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H/1.1 200
OK l Show response
mcdp-chidc2.outbrain.com/ 2 B
291 B 350ms
116ms Fetch
text/plain 50.31.142.95
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-chidc2.outbrain.com/l?token=218071cba055e343467915a1f0e46d75_1436_1616452630442&tm=2038&eT=0&widgetWidth=938&widgetHeight=353&widgetX=165&widgetY=5564&wRV=2000257&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 50.31.142.95 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: chi.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Mon, 22 Mar 2021 22:37:10 GMT
content-encoding: gzip
X-TraceId: aaef10b09abbd0bddb753b574fb7c4b
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H2 200 eyJpdSI6ImJlZDI1ZWY4NWU0OThmZjEyOTlmY2M5MzJmZGU2NzQzOWEyMTBmMDMwZWVhYTEwNGQ3NGQ1OGIzZmIzZTRhOTEiLCJ3Ijo0MCwiaCI6NDAsImQiOjIuMCwiY3MiOjAsImYiOjR9.webp
images.outbrainimg.com/transform/v3/ 1 KB
1 KB 34ms
34ms Image
image/webp 184.30.25.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImJlZDI1ZWY4NWU0OThmZjEyOTlmY2M5MzJmZGU2NzQzOWEyMTBmMDMwZWVhYTEwNGQ3NGQ1OGIzZmIzZTRhOTEiLCJ3Ijo0MCwiaCI6NDAsImQiOjIuMCwiY3MiOjAsImYiOjR9.webp
Requested by: Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.25.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-25-193.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1c3f4a047c5ddcce8a03d02d2d271a2edefa6b3fb8996991c4c54e1727b30f92

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 22:37:10 GMT
cache-control: max-age=1037525
last-modified: Mon, 30 Nov 2020 15:03:51 GMT
x-traceid: f97eb7219f3e68193f80d32a9c527bd7
timing-allow-origin: *
content-length: 1186
content-type: image/webp

GET
H2 200 eyJpdSI6IjhhODg3OWRiNGM2ZDUzZDJiNjIzNzYxMTBmZTNjYjU4ZGRhNzcyMDU0MTljY2Y4OWI1NWMzODZiNzhiZTkwM2UiLCJ3Ijo0MDAsImgiOjIyNSwiZCI6MS41LCJjaCI6MTMyMjk3Mjc5MCwiY3MiOjAsImYiOjR9.webp
images.outbrainimg.com/transform/v3/ 20 KB
21 KB 25ms
24ms Image
image/webp 184.30.25.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjhhODg3OWRiNGM2ZDUzZDJiNjIzNzYxMTBmZTNjYjU4ZGRhNzcyMDU0MTljY2Y4OWI1NWMzODZiNzhiZTkwM2UiLCJ3Ijo0MDAsImgiOjIyNSwiZCI6MS41LCJjaCI6MTMyMjk3Mjc5MCwiY3MiOjAsImYiOjR9.webp
Requested by: Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.25.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-25-193.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c3fd709407b7bbecac1dcf79a310be8dccc53520c08267b34ffae5180e21d0dd

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 22:37:10 GMT
cache-control: max-age=796129
last-modified: Wed, 03 Mar 2021 12:31:38 GMT
x-traceid: 868b622279a628d47376266282ddcfcc
timing-allow-origin: *
content-length: 20902
content-type: image/webp

GET
H2 200 eyJpdSI6IjhmNzE1Y2U4MmVlZGYyNGE4NWYxMjI0N2I5NDU1YjY1M2IxNzVmYjU4MTkzYjI0N2JlMWUzN2JhMGEwMGExZGQiLCJ3Ijo0MDAsImgiOjIyNSwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 29 KB
30 KB 25ms
24ms Image
image/webp 184.30.25.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjhmNzE1Y2U4MmVlZGYyNGE4NWYxMjI0N2I5NDU1YjY1M2IxNzVmYjU4MTkzYjI0N2JlMWUzN2JhMGEwMGExZGQiLCJ3Ijo0MDAsImgiOjIyNSwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.25.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-25-193.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 067f2c4051177dcb5d0ce0f23483f908696df4266107d662ade53dad5ff099ed

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 22:37:10 GMT
cache-control: max-age=364625
last-modified: Thu, 25 Feb 2021 11:38:42 GMT
x-traceid: 5ca3a385e9b73bf09e7c89ab9ab0b479
timing-allow-origin: *
content-length: 30080
content-type: image/webp

GET
H2 200 eyJpdSI6IjM0NzQxNjdiZDE2NWM4YzFmYmVjZWFiY2I0YzJlNDcyOTQ4NWI0NWYzZTIzZWIxYTgzYTJmYzQzM2EwZjJkODkiLCJ3IjozNjAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 21 KB
22 KB 29ms
28ms Image
image/webp 184.30.25.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjM0NzQxNjdiZDE2NWM4YzFmYmVjZWFiY2I0YzJlNDcyOTQ4NWI0NWYzZTIzZWIxYTgzYTJmYzQzM2EwZjJkODkiLCJ3IjozNjAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.25.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-25-193.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 19f1166092ba49b09246add6f10cceb1d10a82a25833e725b84b61a2bb573591

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 22:37:10 GMT
cache-control: max-age=2427721
last-modified: Wed, 03 Mar 2021 14:34:09 GMT
x-traceid: 86907b9ba728524a5840bd0b6a728c59
timing-allow-origin: *
content-length: 21810
content-type: image/webp

GET
H2 200 eyJpdSI6IjdiZTlhOTMyNWQ5M2NiYzU5OWViN2E3YWI4MWRiYjEyYzIwZWZiZGVmMGRhYjc2MDMzMTY3M2MxNzA0ZWE3ZWEiLCJ3IjozNjAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 23 KB
23 KB 26ms
25ms Image
image/webp 184.30.25.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjdiZTlhOTMyNWQ5M2NiYzU5OWViN2E3YWI4MWRiYjEyYzIwZWZiZGVmMGRhYjc2MDMzMTY3M2MxNzA0ZWE3ZWEiLCJ3IjozNjAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.25.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-25-193.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d11ace69ae46faa358aec111b112cfe20d3da29086219ddd7116deae5191ad7d

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 22:37:10 GMT
cache-control: max-age=2223754
last-modified: Sat, 20 Mar 2021 03:42:10 GMT
x-traceid: 980bab53e08ad1eab516b77036800d74
timing-allow-origin: *
content-length: 23786
content-type: image/webp

GET
H3-Q050 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012101070013000/ Frame E292 185 KB
53 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0812a00aee80133b732c5cb2e0362ee2a52ae9f50c126d43e73f98163db9711f

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 33629
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53820
x-xss-protection: 0
server: sffe
date: Mon, 22 Mar 2021 13:16:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "ee5348f2de7cdf64"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Mar 2022 13:16:41 GMT

GET
H3-Q050 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012101070013000/v0/ Frame E292 12 KB
4 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012101070013000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

981f6ac4a0eed80f6a40eef39d86ce7876f6e360d8b3a2f57f2617bb12895dc3

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 33629
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4559
x-xss-protection: 0
server: sffe
date: Mon, 22 Mar 2021 13:16:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "c3a321a15743f406"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Mar 2022 13:16:41 GMT

GET
H3-Q050 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012101070013000/v0/ Frame E292 87 KB
27 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012101070013000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4024d5169b2506f3421052b45f5d66154de796baf2443d9326ac40107ce5cfb

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 33629
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27206
x-xss-protection: 0
server: sffe
date: Mon, 22 Mar 2021 13:16:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1f991b6a8daa2b14"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Mar 2022 13:16:41 GMT

GET
H3-Q050 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012101070013000/v0/ Frame E292 3 KB
1 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012101070013000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7fa743da4cd37829cd0e7c02e877f094400036be87c8e1fd9d2c3f5f68a8fa5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 33629
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1376
x-xss-protection: 0
server: sffe
date: Mon, 22 Mar 2021 13:16:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "512b909f94eb26fb"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Mar 2022 13:16:41 GMT

GET
H3-Q050 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012101070013000/v0/ Frame E292 40 KB
13 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012101070013000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

194a2819816bb760d4c5ba2ba825cf1926b853c821842697c3024ec74a36f66c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 33629
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12793
x-xss-protection: 0
server: sffe
date: Mon, 22 Mar 2021 13:16:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "1e3ef417618f7e28"
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Mar 2022 13:16:41 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame E292 4 KB
639 B 14ms
14ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d344632c01d1ca55dc380216de660c9b8a5a3174e7d7afa6784aff50c945e1cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 22 Mar 2021 21:47:38 GMT
server: ESF
date: Mon, 22 Mar 2021 22:37:10 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 22 Mar 2021 22:37:10 GMT

GET
H3-Q050 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E292 2 KB
2 KB 6ms
6ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Mar 2021 21:00:48 GMT
x-content-type-options: nosniff
server: cafe
age: 5782
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Tue, 23 Mar 2021 21:00:48 GMT

GET
H3-Q050 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame E292 295 B
320 B 7ms
6ms Image
image/png 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Mar 2021 22:17:05 GMT
x-content-type-options: nosniff
server: cafe
age: 1205
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 23 Mar 2021 22:17:05 GMT

GET
H3-Q050 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/15051748022443081378/ Frame E292 17 KB
17 KB 8ms
8ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15051748022443081378/downsize_200k_v1?w=400&h=209

Requested by

Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

827886ecf4a189825b8885b151db34a664ed2a91d24bf57d12c3f3adf073ca69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 03:43:22 GMT
x-content-type-options: nosniff
age: 586428
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17281
x-xss-protection: 0
last-modified: Fri, 28 Aug 2020 13:22:37 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 16 Mar 2022 03:43:22 GMT

GET
DATA 200
OK truncated
/ Frame E292 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame E292 207 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5d73a8e020a2d7c0c263aa525f792eae75ce5c01bbec439dc02f174c1ded3c64

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 adview
securepubads.g.doubleclick.net/pagead/ Frame E292 0
0 58ms
58ms Image
text/html 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CJq9OFhxZYJPjCpux3gON_J74CpfekPFg_LKA6PULvor_gNQCEAEg-b_DI2CRhJOF_BegAanuzfcCyAEJqQKSYiPtyQa0PuACAKgDAcgDCqoEqQJP0KaVnT-sjvqsfsXNR2p0h2IRBq4OTk8ngM_3492Mmo8IZ4VZpgLfBfeTHs4pWsRAEOl1GBl93O2XQ8oT6FaVFljsyL9dgDqphvAnWfIZIFrDtfA83y3QbV7fx791cmkEx56bfai47A--_ysGPxl08uKfMRCzdO7C6Apt-vLk1c3Yyil97vQ_w6izPUTfNqHbAGBh-phN9lXaAW2SAfcZuBi8ggneqwPWvru7TU2dfMzvyOucXBo0aQAQ6UqOC2zdwN0cisELTSqTXzzTnrkdasOeOw9CGX2BCgCfYibLzkJOws4EnNms1y6WD18fO8CnqVvpP6TeYg9SR2LR2lZ3xtoHzCNWMvzb_JqOgx_Phd9dbrw1-1FBG4UFskSz9sW2fPVb-jvPi2HABOHtsY2PA-AEAZIFBAgEGAGSBQQIBRgEoAYugAe_kbKIAagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBCy9QjSCAkIgOGAEBABGB2ACgPICwHYEw2IFAeyFxoKGAgAEhRwdWItMDg4MzEyNjcyNTc3MzAyNg&sigh=e-q6bKhsn2k&template_id=5000&tpd=AGWhJmsaJpYH6ogwwZILMG6JGaLgVT3dhG8zXk_QVKbK1L653w
Requested by: Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 172.217.23.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: mil04s23-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v20/ Frame E292 16 KB
16 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24369e1b2461af9dcefecaf9cc93d64cf22a4c5bac32506100b9e21014507bcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.kolotv.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 18:27:39 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:37 GMT
server: sffe
age: 14971
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15872
x-xss-protection: 0
expires: Tue, 22 Mar 2022 18:27:39 GMT

GET
H3-Q050 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v20/ Frame E292 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:809::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.kolotv.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 18:51:47 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:36 GMT
server: sffe
age: 13523
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15736
x-xss-protection: 0
expires: Tue, 22 Mar 2022 18:51:47 GMT

GET
H2 200 eyJpdSI6IjJlYWIzZWFlMzU5M2FmMDMyMjA1YmY5ODA5MGE1NWRhYTgwNzdlNmRjMTQzN2NiMWJmNWVkMDhhNjQ0OWIyNDMiLCJ3Ijo0MDAsImgiOjIyNSwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 11 KB
11 KB 24ms
24ms Image
image/webp 184.30.25.193
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjJlYWIzZWFlMzU5M2FmMDMyMjA1YmY5ODA5MGE1NWRhYTgwNzdlNmRjMTQzN2NiMWJmNWVkMDhhNjQ0OWIyNDMiLCJ3Ijo0MDAsImgiOjIyNSwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.30.25.193 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-30-25-193.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: c3a6ec5d3f075cd0b2aba277d2f833ec14dcf5d497c02ff0078b8f3a37da9c01

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 22:37:10 GMT
cache-control: max-age=2437084
last-modified: Wed, 10 Mar 2021 22:08:32 GMT
x-traceid: 38e5945c64a2b8d3ce4debb0740c756f
timing-allow-origin: *
content-length: 10858
content-type: image/webp

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 9E51 42 B
176 B 45ms
45ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvFMn2Ju2HViavjSMKy0yCr3s4YJz95J5kn4YHcWwqrjCnS_21q8lMNZbdaDmXb2vsqp4MnlNzG0wekprm_0BOF_j8CqtXjBl3O2Lf5JkkL9l4pUDHHHm5hutejTA&sai=AMfl-YSfOhPQDYJsyGkcJQUyxPzygv6euvRKUXoAcUUJHc_ZnkpNxBnXVTpMBWmOQzRwINdUMg3VZy6i96P4JQ0r-PKVeI8HLc85ayhbdqXKW4rWXqY5K9jq40U86YTx&sig=Cg0ArKJSzDydHJDmNJxiEAE&cid=CAASF-RoKGHL1BvQpKBvCLJi9wweW-9rbLel&id=ampim&o=288,1110&d=1024,90&ss=1600,1200&bs=1600,1200&mcvt=1013&mtos=0,0,1013,1013,1013&tos=0,0,1013,0,0&tfs=139&tls=1152&g=100&h=100&tt=1152&r=v&avms=ampa&adk=221821518

Requested by

Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Mar 2021 22:37:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 v2wttoDSgqk-WcIdo6pxcsGrONkuv-rlHyEnpl3i29xuM-jAkCjYCES6Lio40cmOWa9VGjTun Show response
reconditerespect.com/ 216 B
613 B 62ms
23ms Fetch
application/json 35.201.98.64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://reconditerespect.com/v2wttoDSgqk-WcIdo6pxcsGrONkuv-rlHyEnpl3i29xuM-jAkCjYCES6Lio40cmOWa9VGjTun

Requested by

Host: reconditerespect.com
URL: https://reconditerespect.com/v2ifvwqPXE9BFrH8cuq6EjcK57ICvp7Rg1NTbeoWDvSiagk8PzI4p2yLt

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.98.64 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

64.98.201.35.bc.googleusercontent.com

Software

Resource Hash

0966f550b700e001df3cc8c7fe9d0459f5bf08e37fad77ec7c58b357b4c911c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
x-datacenter: gce-europe-west1
date: Mon, 22 Mar 2021 22:37:10 GMT
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.kolotv.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-hostname: 670b36ad
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length: 216
expires: Mon, 22 Mar 2021 22:37:09 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
6 KB 20ms
20ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021031601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4fe79059885c416326a0d985697f81cd6ca1b430270f183f3ddb69351482a38f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Mar 2021 22:37:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6511
x-xss-protection: 0

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9642 0
0 56ms
56ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst7x8dihr6gZr3LEya4sa6srkq6nZiumzihhBIjw_fQY8iX7-i57H5vxDWgh3FGBDRIk0gvvxAi_6I4IBoihf3HjEEpD28374kuBPYw4F_pOfLqtiJogkleFCJTm4CxTrNfO4h_-cKdETRewcfGhblmji8E-_3baCRfKULKfw4Udtd5oS_pXWZ5n_y1M0mfY0M7SH0qGbtBr1VfTQO6FP88Cb1pz0bB6oecQy6hP1UA_CZ4igjkfbPFv51HLCHCQWe-e3Sh1RuvQiyA70x3z9y6DqHmTLGZfjRI4kh_PEtBX25ffg&sig=Cg0ArKJSzLP5GHQU_lThEAE&adurl=

Requested by

Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Mar 2021 22:37:10 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/ Frame 9642 2 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 22:34:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 132
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Apr 2021 22:34:58 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9642 117 KB
36 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

911deead0c0ec5c76af07f381c8e918567120df0488208f50b0579afa0b61376

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 22:37:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616176146673399"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36391
x-xss-protection: 0
expires: Mon, 22 Mar 2021 22:37:10 GMT

GET
H3-Q050 200 3941755428487291976
tpc.googlesyndication.com/simgad/ Frame 9642 36 KB
36 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3941755428487291976

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e02b0e2b065184b9f920b0aec11e29b48e6ca5765c81c339474f2b3e09317df4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 11:34:27 GMT
x-content-type-options: nosniff
age: 39763
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37230
x-xss-protection: 0
last-modified: Mon, 16 Nov 2020 13:14:20 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 22 Mar 2022 11:34:27 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 22:37:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Mon, 22 Mar 2021 22:37:10 GMT

GET
DATA 200
OK truncated
/ Frame 9642 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4dc404f188b7751985401957890adc7df46b814bbd877c4489146aeb1fa92abb

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 v2bvq8OmB0Id63qS2OhEVnQoAqBiEMBGoD9051AAqwAoBioibSmMC0xsmH1fZq6zsQouccelP Show response
reconditerespect.com/ 3 B
36 B 37ms
37ms Fetch
application/json 35.201.98.64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://reconditerespect.com/v2bvq8OmB0Id63qS2OhEVnQoAqBiEMBGoD9051AAqwAoBioibSmMC0xsmH1fZq6zsQouccelP

Requested by

Host: reconditerespect.com
URL: https://reconditerespect.com/v2ifvwqPXE9BFrH8cuq6EjcK57ICvp7Rg1NTbeoWDvSiagk8PzI4p2yLt

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.98.64 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

64.98.201.35.bc.googleusercontent.com

Software

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
x-datacenter: gce-europe-west1
date: Mon, 22 Mar 2021 22:37:10 GMT
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.kolotv.com
access-control-allow-credentials: true
x-hostname: 670b36ad
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length: 3

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 1A4A 12 KB
5 KB 6ms
5ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.kolotv.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.kolotv.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Mon, 22 Mar 2021 22:23:54 GMT
expires: Tue, 22 Mar 2022 22:23:54 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 796
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9642 0
0 56ms
55ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvdut73zxelYsogFZTp_9qxOJh9oIfaiHyuI3SW2j66rEpGDy9P0F8rey8tH3H0gRZGOZB-Z2m-RhXxXrWNw6D6TPH1fvn-tOZ0qYDgCG-CF7yTtgZOFGHYwul_KFYaLRuga1qux9FLFI1auusrj51bvtnlLYjh8HYy2s-0RhX2UGqSNurPSkfmKUvrhAs8XXLzC4EJyIodfPyEMevwBPf8flNxNJWxK7FF9nd075liQE8dFybJ4azVydwTCQ5c-gdisyldxpMm0Pq8xpcAaX61XjCdeLKKySji6I9hIcE82H837GyI&sig=Cg0ArKJSzLYRGSS0Kx-VEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Mar 2021 22:37:10 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 22 Mar 2021 22:37:10 GMT

POST
H2 204 /
684dd30a.akstat.io/ 0
202 B 56ms
54ms Other
image/gif 2a02:26f0:7100:1b8::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://684dd30a.akstat.io/

Requested by

Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/2E2M7-67B4A-DL5Z6-QJNZK-YUVYQ

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

2a02:26f0:7100:1b8::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Mon, 22 Mar 2021 22:37:10 GMT
content-type: image/gif
access-control-allow-origin: https://www.kolotv.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 0
expires: Mon, 22 Mar 2021 22:37:10 GMT

GET
H3-Q050 200 Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js Show response
pagead2.googlesyndication.com/bg/ Frame 1A4A 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ttnmja7GWy_egJOPMyxoEySbUmHRsVi1cDV04sNKFMM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ed9e68daec65b2fde80938f332c6813249b5261d1b158b5703574e2c34a14c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 21 Mar 2021 19:13:29 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 15 Mar 2021 13:45:00 GMT
server: sffe
age: 98621
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5785
x-xss-protection: 0
expires: Mon, 21 Mar 2022 19:13:29 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A5FA 42 B
155 B 47ms
47ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssb2wM-gquoKVdfCTbij1OEXIvlqRAuz5vOjxvM6rWKZS1Mc_iO3YH0-gxG7Kt-Fx8tdUm6w8CGcaFX8VHMG-696newXDKX8uqY-h5FY0FU1PejkjLF8gHt0CHKWSDKxWPKK0fVUayfu-O4G1gALxU7&sai=AMfl-YTOIXXUMHcdcnpsvrbeTX2VuMUlHcpcW3kMTUUXCwzQmvnJhcw8QKUS1b0QjubM_WZsFbfbc2Q5D0W7uFeuYesFsJIsSG0sOSA4aeWN4xWKrCsUwNMuf13G2J0&sig=Cg0ArKJSzIGiD-RwPCXPEAE&cid=CAASF-RoWzUfAHrQKqLehGLFDK5SGZzqjXCj&id=osdim&mcvt=1001&p=400,1135,650,1435&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20210319&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=272910160&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1616452629821&dlt=48&rpt=41&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://10e5f6d1aa91f9324c0db1844ea17d41.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Mar 2021 22:37:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9B33 0
0 58ms
56ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssP0kTguMRzGkqf-uSZ3xCJRguMudz99N1pjt5Neg3MB9rRrzedBMHXUPigVopT3tSwtfuH1KOoDcSqUWhq8HQNKLD8GihgCAZArrBv1qLIOJ49mldit-Xksj4Vqfd0y4u4ZSs-iXzP23Mm5nCvXfsyOSNd_W4MerVoBc7sSzTWFan4DBYUOdYv2CYUAZgvuWCrCkvS62CeiUGJkbtxHI-LznPqAsv7fWuoCm7iRnAc9LcM5akin3R0o4szNRTb2afojaqm4JkGKreLgXujld6uaKv6dcvLjvkcK3ugTCTrhAMcGg&sig=Cg0ArKJSzKUVtWR8LzmIEAE&adurl=

Requested by

Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Mar 2021 22:37:11 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/ Frame 9B33 2 KB
1 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210318/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 22:34:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 133
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 05 Apr 2021 22:34:58 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9B33 118 KB
36 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b06d2b65d77197005c4e207dabe446800292578db1e36a4cdb8b519bbe79da79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 22 Mar 2021 22:37:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616429061647350"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36559
x-xss-protection: 0
expires: Mon, 22 Mar 2021 22:37:11 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame 9B33 0
0 15ms
14ms Image
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSSGMgyYKxGhx7rO11i-9ItJnVgaZzyeOhKE5LKBD92zesshogf7A2KjnHEpYll5vyeKeFJ00MGpmxSoujyAhOkEzROGQ
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 873422282404632379
tpc.googlesyndication.com/simgad/ Frame 9B33 37 KB
37 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/873422282404632379

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021031601.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c336b3f966507ec40bbb15ba0c2b734f27536dadbe32a5d2617685c31b18f310

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 19 Mar 2021 15:27:11 GMT
x-content-type-options: nosniff
age: 285000
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37749
x-xss-protection: 0
last-modified: Fri, 30 Oct 2020 16:58:51 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Mar 2022 15:27:11 GMT

GET
DATA 200
OK truncated
/ Frame 9B33 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0c3fd94ab257235167854674b6c120cf7346cd81209fb0b9f4e0367e3f3c6bc5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9B33 0
0 62ms
61ms Fetch
image/gif 172.217.23.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvP5cwZr2Qjl8plSwGUJGaRuF1opJufYK81vYcpVTfof70TFvjYJ_1jtWqQihe9XL0o-rHyedWHlerItBFw6hji-_tnNpwRg4QUH-FU3NDbl2vf4mHHWMPvg8IGvlBUdjKcQYyyCI-qSF3h2mphQdoJ7bTuh0tzxS404CLTh5SmnnwWJZBxTQ3kaL1QaPq0Y4KRwJrogGglRAqraAm9Qfg-7o0QdkXCxYXlzBpRUMB51xUa-oTdQOmzUM-FjRrwoL8Sh9d0IjzPZCxY8nZdxVxkfc9AvHDFq50dzAUECwoe6wEbGDOg&sig=Cg0ArKJSzBUNkppszyamEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.23.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil04s23-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 22 Mar 2021 22:37:11 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 22 Mar 2021 22:37:11 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame AC90 42 B
66 B 40ms
39ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu2MOphYOZYfjNnjwgB_Y32HQL3bt15JJLGy2K9Eqq6_scqXNXc7UsUtyru_4a-S6AWTljKU_jfHohc6ncLf9q-nemC5XWi4KZL8U44BjA&sig=Cg0ArKJSzPGb2zeSGKOTEAE&id=osdim&mcvt=1008&p=99,436,189,1164&mtos=1008,1008,1008,1008,1008&tos=1008,0,0,0,0&v=20210319&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=2081050578&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1616452629994&dlt=0&rpt=127&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Mar 2021 22:37:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
46 B 40ms
40ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021031601&jk=1339641517972427&bg=!h4SlhMDNAAbUo7L91KM7ACkAdvg8WmPnhnPkAWL7eU1ufZ2dyQfp_7fEr_5ZqM4xgE6Yrmt87U3wLgIAAADIUgAAAAxoAQcKAWvvuQhFkDGmUqOy8U-_NqBxJeUIClZkGw6C4BH001XZPftV_X5d_gPFfmUtgvKfg2-QtOuyUDvRbiKR4a1OuzAaX7bQcyU4vrSaSDMx3xrLT2RXWhQ9j_VNpZMBwzIGojtc1iIP9uJ5jMAg960tSxiq6hpJFsCdMcTULVrPbV13RIYljZYc6-33879frt-blfugSGU6dzq27_SrQhBF2gBEIfDn2XsMRDjxYCI8tHh49IrMAiTLyq2b8X_6pddi8BEd2XyOKdwDs_kGyH_j1I3D2VeW6OqHjk1JEhoDlPamuTNk8BE7qy3r5tLwD-m5FHN9HV7ZFST3jPYSAVRlbd9t3n-RE7qJLknNLz5eLrVp-eJHionBaSI5fWK9uinvDewYl-EYfAva7hravHTiAr6J-b4duQJHuRuQuszLyJ9zfvecW2u5gQL40-Wx5yzZH8_iA9TMguBVTxL3b5ls4Rc3UWbzZRWPTKhyI5OZAeQ3y0tTW9exrtDjS-ipWk03LiIMENqKLthb9QCC7aIakOEy8UMxkxxdvgmuBs9cGRRpMcykarh7WyTAFejCaKF7eb1NbtMc1Dca1JttIDs71R_0L15wTeGDJJlx--Oc6AGkykOcqtQZS79rSNZx5FbyKbFROn2wrTrWMdcKI9nA5czmGmrWF26t3Iv7GJlwMpbDPx6vy-XEx_2fgDFpbpmqWRKfqswL75ibbwPdzazX-XqS-rtgRJr7p-81cWXPBVGFFnbQ-RW4WUY6mHqvMWSfrAmNbGKExuT3Vh8BLjQ226aVfI0BTxbQROhSBThaD-ZdzPILf3qFsAXdYir_L6V3EfRKb3rxehQ6hz47uGMeuOQMDCZiXU2g00RcnrSOG5HGjyC3Vn3yc1T9NcJPambezsHEts4lDHQUuBhm72PgsAqTP5UjTTYBIxEGsBqkypMJFR09ftfOtFGbD69rmA0QA7Mrz3oHyBN6vRhcwnOnF4xSlNfaMm8sQ9gvItjvamum-cY1IcJ54AmOPfnlebxYe5h_-xAauaacHWdFmAKndPm8uNGaZ2NyiL8V23cDopsi8mBhnB2ui9S6d6vIwV4uL3DekgElmDOJ_-fLC4-r7h6-UnB_eGtAam-OazggORbsJCLB

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 22 Mar 2021 22:37:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 v2wttoDSgqk-WcIdo6pxcsGrONkuv-rlHyEnpl3i29xuM-jAkCjYCES6Lio40cmOWa9VGjTun Show response
reconditerespect.com/ 197 B
280 B 31ms
31ms Fetch
application/json 35.201.98.64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://reconditerespect.com/v2wttoDSgqk-WcIdo6pxcsGrONkuv-rlHyEnpl3i29xuM-jAkCjYCES6Lio40cmOWa9VGjTun

Requested by

Host: reconditerespect.com
URL: https://reconditerespect.com/v2ifvwqPXE9BFrH8cuq6EjcK57ICvp7Rg1NTbeoWDvSiagk8PzI4p2yLt

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.98.64 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

64.98.201.35.bc.googleusercontent.com

Software

Resource Hash

3e3a12c0f213f57154740756960fafb1197b7bfd76c98f85845fd490add43f15

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
x-datacenter: gce-europe-west1
date: Mon, 22 Mar 2021 22:37:15 GMT
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.kolotv.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-hostname: 670b36ad
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length: 197
expires: Mon, 22 Mar 2021 22:37:14 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: api-gray-config-prod.cdn.arcpublishing.com
URL: https://api-gray-config-prod.cdn.arcpublishing.com/content/v4/geo-restrictions/flight-time?_id=6d050016-d89a-4df0-8121-1490634743bb

Verdicts & Comments Add Verdict or Comment

95 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 17:00:56	Name: DSID Value: NO_DATA
.kolotv.com/	1970-01-19 17:00:52	Name: _gat_RMD Value: 1
.kolotv.com/	1970-01-20 10:32:04	Name: _ga Value: GA1.2.119404222.1616452629
www.kolotv.com/	1970-01-20 01:46:28	Name: usprivacy Value: 1---
.kolotv.com/	1970-01-19 17:02:19	Name: _gid Value: GA1.2.238891549.1616452629
.kolotv.com/	1970-01-20 02:22:28	Name: __gads Value: ID=07a7562d76c17342:T=1616452629:S=ALNI_MZDCNZD9Zqvf8o4d_ALS9MESZJsmQ
.kolotv.com/	1970-01-19 17:10:57	Name: RT Value: "z=1&dm=kolotv.com&si=sneylmzkvh&ss=kml65qgj&sl=0&tt=0"
.doubleclick.net/	1970-01-20 02:22:28	Name: IDE Value: AHWqTUkFlhs6GvXOGn-aNBIAY7QhXhHmOZvirmfnBNk0A_QIA5W6L2NgAzc5VQml3yQ
.kolotv.com/	1970-01-19 17:00:56	Name: AKA_A2 Value: A

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	error	URL: https://www.kolotv.com/pf/dist/engine/react.js?d=139(Line 22) Message: TypeError: Cannot read property 'gdmHiddenWeather AlertsAlert' of null
console-api	error	URL: https://www.kolotv.com/pf/dist/engine/react.js?d=139(Line 38) Message: TypeError: Cannot read property 'gdmHiddenWeather AlertsAlert' of null [object Object]
console-api	error	URL: https://www.kolotv.com/pf/dist/engine/react.js?d=139(Line 22) Message: TypeError: Cannot read property 'RCTempPreference' of null
console-api	error	URL: https://www.kolotv.com/pf/dist/engine/react.js?d=139(Line 38) Message: TypeError: Cannot read property 'RCTempPreference' of null [object Object]
console-api	error	URL: https://d3agakyjgjv5i8.cloudfront.net/prod/powaDrive.js?org=gray(Line 1) Message: [object XMLHttpRequest]
console-api	info	URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs(Line 10) Message: Powered by AMP ⚡ HTML – Version 2101070013000 https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/
console-api	info	URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs(Line 10) Message: Powered by AMP ⚡ HTML – Version 2101070013000 https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/
console-api	info	URL: https://cdn.ampproject.org/rtv/012101070013000/amp4ads-v0.mjs(Line 10) Message: Powered by AMP ⚡ HTML – Version 2101070013000 https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10e5f6d1aa91f9324c0db1844ea17d41.safeframe.googlesyndication.com
684dd30a.akstat.io
ad.doubleclick.net
adservice.google.com
adservice.google.de
ajax.googleapis.com
api-gray-config-prod.cdn.arcpublishing.com
c.go-mpulse.net
capi.connatix.com
cd.connatix.com
cdn.ampproject.org
cdnjs.cloudflare.com
cds.connatix.com
d1bl11pgu3tw3h.cloudfront.net
d3agakyjgjv5i8.cloudfront.net
do0bihdskp9dy.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gray-kolo-prod.cdn.arcpublishing.com
gray-prod-cdn.video-api.arcpublishing.com
images.outbrainimg.com
log.outbrainimg.com
mcdp-chidc2.outbrain.com
mv.outbrain.com
odb.outbrain.com
pagead2.googlesyndication.com
polyfill.io
reconditerespect.com
s.go-mpulse.net
s0.2mdn.net
sb.scorecardresearch.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tcheck.outbrainimg.com
tpc.googlesyndication.com
widget-pixels.outbrain.com
widgets.outbrain.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.kolotv.com
api-gray-config-prod.cdn.arcpublishing.com
13.226.155.3
142.250.185.230
151.101.14.132
151.101.2.137
172.217.23.98
18.218.162.22
184.25.115.49
184.30.25.193
23.218.209.87
2600:9000:214f:7600:7:26e8:af40:21
2600:9000:214f:b000:16:e423:f180:21
2600:9000:2182:a00:b:5584:2800:93a1
2606:4700::6810:125e
2a00:1450:4001:801::2001
2a00:1450:4001:802::2006
2a00:1450:4001:808::2004
2a00:1450:4001:809::2002
2a00:1450:4001:809::2003
2a00:1450:4001:80e::2002
2a00:1450:4001:811::2001
2a00:1450:4001:811::2004
2a00:1450:4001:812::2008
2a00:1450:4001:812::200a
2a00:1450:4001:827::2008
2a00:1450:4001:827::200e
2a00:1450:4001:828::2002
2a00:1450:4001:829::2001
2a00:1450:4001:829::2002
2a00:1450:400c:c00::9b
2a02:26f0:64:699::11a6
2a02:26f0:64::214:84a9
2a02:26f0:64::214:84bc
2a02:26f0:7100:1b8::11a6
2a04:4e42::621
35.201.98.64
50.31.142.95
70.42.32.31
72.247.179.120
0290f0d61a6b94aca37bd874640ee172d86ec3743f3c0a611063036261074f92
02969cced801a7b0a69bbbe7cbb11405447ecf8c0093b195d2ee8a2d339831f2
0337f7f92da8c42ebd32e91b62fe9e7aec514948943810082c415f45086f0341
067f2c4051177dcb5d0ce0f23483f908696df4266107d662ade53dad5ff099ed
0812a00aee80133b732c5cb2e0362ee2a52ae9f50c126d43e73f98163db9711f
089e903e6ef6ae1c3f6a79165ab3fe71da2a94559c9e61b8f665f1754fe906c3
08e58705c837ab1dfcc72bbcc799e9869c552b74ec9014e92c6030d46547120f
090d644d33110a4e266b3285cc82c98dc82aaf541d2ba96b3ea103983851e190
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
0966f550b700e001df3cc8c7fe9d0459f5bf08e37fad77ec7c58b357b4c911c7
0b5601957022db053540ca29a4ca522a11ce749594b9a23a7975db6484a63f4e
0c3fd94ab257235167854674b6c120cf7346cd81209fb0b9f4e0367e3f3c6bc5
0e5cc0e72c3b89f5345e3e04ae5db4fbcb91daff763a05f6fbc1d0783f90918d
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
194a2819816bb760d4c5ba2ba825cf1926b853c821842697c3024ec74a36f66c
19f1166092ba49b09246add6f10cceb1d10a82a25833e725b84b61a2bb573591
1c3f4a047c5ddcce8a03d02d2d271a2edefa6b3fb8996991c4c54e1727b30f92
1f1461b5c49aea93ae05fd14a4d84c75ac47dd7a0a5c0c407875083ea4bc6596
20839b9461acfafb17ff24fee266d3d68a0980a352a6e6547c98f4d7c601a6aa
226498f13c068bc17f822cbceeb9a8eab0a8b6b851265cb15049d2c911ea967e
23019b6b698d3ce4b77ad89c7ca396c65349efa127aacb8094c81aa2ea2fad4a
24369e1b2461af9dcefecaf9cc93d64cf22a4c5bac32506100b9e21014507bcf
251c4a697ab0a65ce127726a15bd7e36a00f192818f051caa33a312c3ac4cc53
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
28d7903c676c4a89d9db46b2858e37e143823977b622a6a33c1a9caddff857d6
2bafc346d790cb95214543b3f99b58a29e9c020492c68e7121d4dc176463ab9c
2c2a608dc999e9e68667dc7a28aa7a1fc85e580301cddf95329957276d7878a9
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
2f6343345c3dda6edcfd5f4f6cb55455684ab7ed3ac4d918685f5d31e5698e92
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
37a31babfe828a9d98de47ba0d59947c5c4261755c5aa2684c3c4816f642ce0c
39c6822e0ea92ff513bd4f05bca0d0dc8cda31b40b0e241f0606ee35920f532b
3a33e5c564fc0457dfd381a147e5a3af7030082b09b532624ecadf9c3ea0c9a2
3df30ec7b52dc2e3686970df24e7dffadebf11626562c10e5541292aa76e6925
3e3a12c0f213f57154740756960fafb1197b7bfd76c98f85845fd490add43f15
3e6f5ed6f606b1977b5cfbc27cb93692d5add71bfbdeeb65ef44568478f9d802
44ae76c378b6d5a0c20e4b555135d7ac006464a06f25768ed1bf3aedc4771b85
4615f21d85afcb1c72ac9f1c22539a5e5a333f8a6ed0311f3375df2143f7b403
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
486f7b497bdbcd1b0db9bc5999c5c69b74990f09da36e1f11c8696b620057e91
487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb
48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3
497ea1b8549a749142f96505c5d20b82c62fa5dd51aba06f87c06d0181a52079
4c75866b96d0beb84da129fec2f73daa3584d6ec3a1a84bd34c55762be48b1c7
4cb39a10960e1d1b144e566c45c45fcf5a0bca3c8bbc63dd7531a12c252b26e7
4dc404f188b7751985401957890adc7df46b814bbd877c4489146aeb1fa92abb
4e1d09387f62774dbb03e6b7c8404f8ccadb06a747b60571f8f080213820cab9
4ed9e68daec65b2fde80938f332c6813249b5261d1b158b5703574e2c34a14c3
4f3b933077b738b503f7543ffc82fa0a061f0fe7d0ff1470865fde561a324bcc
4fe79059885c416326a0d985697f81cd6ca1b430270f183f3ddb69351482a38f
506efbbee8f80be9d838832828af391ab50779b77e6b7563ebc3fbab6232c28e
54538bd5952904b0e0f4ed69cdec1ee9027c56da1e1752765f00b9997324d2b1
567e59224859cbf7b8fd84f7bff0b718114ec0f36bdb00046781bf255938e227
59b34be2082879fdc13198c72038a8ca3e417c8439444376ec3febab5879c4e1
5c253d12e15e1282c22891fb9efc9c3e385ca5c94a3da50dbd1ea10f9f8bb48d
5cfc2d0c3c6747d61f916efd19ed1ea1e236e65251ab20997729daae478b3e71
5d73a8e020a2d7c0c263aa525f792eae75ce5c01bbec439dc02f174c1ded3c64
6139e1fc0d3709eebbe2b18510cf24361b9f8a538c3529a73c282bafe6c78474
6467f0d2a8df19e41b709fc8b15d1f87fa2fd9a29178c8df1e350ef25b101236
6493ea407d79518f1a23cd56abf3877cc95cfef289aa2193e09414befa93915b
674ae7d204e318f016258b8c404cf4ef376a7753980a3011bf838711f0f5a6f9
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
6b10c8ffab6e28fc2399b772a0098cd8112700d7bb742436103da04c41206e18
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
778a531475defadb43f6a50b34b7262f7ef015168fa37e2f246bd136c46435ec
7a3c4abb6ca8f9761c4b20b07d62ae84a89839db82a9a94e0b774f062c7838d8
7a4f7634d51ea436198da77bfa71b2b22e42f120d37bce01ed829f391949cd28
7cf137bc0a01ea2210b72d7e9efcfde79caa8ca65f7b9596a67af7f6bb332db6
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8050f05c230d74be333b63cef230e786094e9100f55fa19c6c0831e95870768d
827886ecf4a189825b8885b151db34a664ed2a91d24bf57d12c3f3adf073ca69
82aa36db963fde3c77d1408d76d2886b8282e5060bd3664b3808a8276e4e6685
8319f7e7415f29df55f4ce8ca2bc6abd16a208437621f4a9fe2abe3e627d3d5c
8aaf11dc8b70002bdc056dd380885c041b9eb176e359eefcef80aede65173c3d
911deead0c0ec5c76af07f381c8e918567120df0488208f50b0579afa0b61376
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f
95a439c4e11ace2484e8d42c30ff56cf7db5ea7c6463df9ce2fdafa7f6ccbf54
95e9fa918827d35322e669ab7af0fba6733453d05c2c1ebf25eb87fe840c6326
965574e97c29813feaa62a0a149731306ee4725e027603b937905375d3121c89
97f9137857e290ec298ca60c6cb654399d487e76c7af56ffa250e642083df989
981f6ac4a0eed80f6a40eef39d86ce7876f6e360d8b3a2f57f2617bb12895dc3
996e982d5f64acc9e257a781247bdaa5f41827045d62b25998b59632d1c5f544
9a4408286fb2ee1cc99f58d6bec9830b77402e57b98296c429794fe019757b15
9d8248f5b03bd6f8594b1bae2c31a007e0d53c110159cda2c912e1274846a649
a1bd0c2f4f5db718b4ffad5433658d98981fbb3479ce8c7a2789406d81d15dd5
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a47715e7a74a758bf33f6b1547b2eb7b4724d17ad6c13651c0945ac9c6187ff7
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a7ca38e989906ae1a2fe347bfc54cf9c16b17389cfb876b70c6eee5796b4d25d
a82a748db3c7baaedc4831de101dcd9e5da728eb4530cdef244dc7f5b6744f2b
a863a77e9ee263a0ec9c1e792bb33ed0f663582b7369f472261df7b6040990c4
a8c3dfd82abe71bfaeb68198665498c448a290b1caec42085d2c51377cea728e
aaecd144d2b8763b2fa5c91f09778294363cef363c10504205f4203922644d11
ab267ee80894a9dbd9f5a0220b0cb0b64f8326404aeb2630c706ab1fba9d8732
b06d2b65d77197005c4e207dabe446800292578db1e36a4cdb8b519bbe79da79
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b607f51e80933feb76ce2b0a7223dedebf4d1114f9369dd6f5db37803f3c1950
b9b401a5d10a1817be22708d87eebd91c68691c4845ea85d7131e0989cff57ad
ba04baca4cacb8477c8a3f70fe72730b3c924ef953f832532a123c55d0f637ee
bac9e1234aedd314413d116b69f9d184ad8d07919011755ff33aef3ebd309598
bb7cf55d26c62c6d184ec840dd13ddd5c8d05fd54cb1631a8bf27483119df47e
bd27a6044b88e8b876e8eb6df6f9c38a19ed1418207e029ce902cb89b7c32a0b
c336b3f966507ec40bbb15ba0c2b734f27536dadbe32a5d2617685c31b18f310
c3a6ec5d3f075cd0b2aba277d2f833ec14dcf5d497c02ff0078b8f3a37da9c01
c3fd709407b7bbecac1dcf79a310be8dccc53520c08267b34ffae5180e21d0dd
c4024d5169b2506f3421052b45f5d66154de796baf2443d9326ac40107ce5cfb
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c7fa743da4cd37829cd0e7c02e877f094400036be87c8e1fd9d2c3f5f68a8fa5
c87156f914b7b19017ebaf0679a2522f94207e6af259843a8e9bb15a514ef8ce
c8c9960bdc0c3e43d51b515f03f2fe9f653ce05c5ab17d36ad3d934427c95bab
c93e8295e26120291c2e4126e665799e13bc3b3ea850294e3b98507879344beb
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cc8b84ad84585cf2ee61f8f2f7ce48b578872bd753e6c0495f79a16ac27bb0b8
ce67cd6665e835604c7a650ea355d41857dcd2284618b61d82d252dca0abfe5d
ced5c873136c4fab4584c0c6d26dcd530c748303d7ed9b7a7966b2fe1d6f5915
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d007b4cae61e031eed68ead89aa8fc5eb4edc2adf8c97870b1e7f587f25f5806
d0af19e526a90212493d232d2c7898eb258c0cdd3f165da5808f1d6c8c8116a6
d10e701c44ab739c7d711b6483def0c6cd47e5a3d04eda1df2c5cbb08f21d81a
d11ace69ae46faa358aec111b112cfe20d3da29086219ddd7116deae5191ad7d
d344632c01d1ca55dc380216de660c9b8a5a3174e7d7afa6784aff50c945e1cc
d5fdcbb882901e1b4ca23af26fb2ef5452f0ad584032a721acacbe50318aab7a
d660da8b95850d124ee0837d7b29b2ae5a5faa9b154c57c9e080b464e8d2b266
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
db34afa538a9eb308d02f25445d57821df12f0176a7b20717781f759ce367bdd
dbbb1ca9f534d707a0447a75d86048b8e56c4266bed826502b771241101c21a8
dcffb88edeff33f2bc55c4d935275c2e7b762a7b4d987369671db79b41fe62b6
dd1e39dbd30c41bc7198863928a763cf6cb9903c2e2272657ebcde90202b104c
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dffadad2ae4b3da15d5531d6c4b70739ed28b27d5502081ffd26a5872709b5f9
e02b0e2b065184b9f920b0aec11e29b48e6ca5765c81c339474f2b3e09317df4
e0e585d954e63c15be9039879e6dd17752a67ebb1c55cdda56c2bcdd3f2bb310
e178c522f552e673201e70b7f7b45116b6bc4bd0128ab3cbe957c4ef02274b99
e1f95544a3ad11db58289d96489506e6573af63f5cd3ef81582072d100bdb69b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e409cf43ad402fc1ec1d7103883c9b5da4b44df457fb140586949263b134577a
e4ccfffa23ce5cd68fdf4c82f3b114cd983c2a07ed3a453d68a2da0bb4b78725
e86479d6e54449d1085c2149e190a615c6bead407b20bacbcf5852b5d65f1fee
e939c32005bd639882241efd2acf84cd00b2920bd2e7f1b8d8d3305810b10770
eda9563427b71d832ec7d31384d848af0901f05ae3081378ce631e214dcbc741
eea4a3705b3e19174b9f0f127702bfc02cda65dff1f5b25e65f48a9c65ce9a7e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f04784905cbe4e4b4d86d9ebaa7f7180a0ce1b6ae1e6436fc2a6877e309e0f3d
f1e945400c04241ef089d71de3b0cf7e202431ac4685ada318714fe07ee9dcb0
f6ae5d6605213e536035e890569996a75899140fa0d8fb07baa403f89ddff4ab
f818dc0afe64983fd716eba86b7a850160f895c5ee3a6a03538325830f93e7ef
f9c98d151390e22cba4f16ad7c43255528c887efd3a6bdc4783ed1538c7c786d
fc6a361dd5d4a26ab8db109dd02bf6cf256eb13b31993f0da85e33e898bf410c
fdc9792994fcd0d7ac763eface7b33c658a201bc8d3194f78dc255a80021a003

www.kolotv.com Open in urlscan Pro 72.247.179.120 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

207 Requests

100 %HTTPS

66 %IPv6

23 Domains

43 Subdomains

39 IPs

3 Countries

9696 kBTransfer

15081 kBSize

9 Cookies

35 Outgoing links

Redirected requests

207 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.kolotv.com Open in urlscan Pro
72.247.179.120 Public Scan

Screenshot
Live screenshot

Full Image

207
Requests

100 %
HTTPS

66 %
IPv6

23
Domains

43
Subdomains

39
IPs

3
Countries

9696 kB
Transfer

15081 kB
Size

9
Cookies

207 HTTP transactions
9 data transactions