www.kolotv.com Open in urlscan Pro
2a02:26f0:6c00::210:ba91 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/?fbclid=IwAR1_wADxU...
Submission Tags: falconsandbox
Submission: On August 01 via api (August 1st 2021, 1:47:12 am UTC) from US

Summary HTTP 199 Redirects Links 36 Behaviour Indicators

Summary

This website contacted 41 IPs in 3 countries across 25 domains to perform 199 HTTP transactions. The main IP is 2a02:26f0:6c00::210:ba91, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is www.kolotv.com.
TLS certificate: Issued by R3 on June 10th 2021. Valid for: 3 months.

This is the only time www.kolotv.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba91	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	151.101.129.26 151.101.129.26	54113 (FASTLY) (FASTLY)
15	2a02:26f0:6c0... 2a02:26f0:6c00::210:bb11	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2600:9000:219... 2600:9000:2190:fc00:b:5584:2800:93a1	16509 (AMAZON-02) (AMAZON-02)
10	2.18.234.190 2.18.234.190	16625 (AKAMAI-AS) (AKAMAI-AS)
5	35.201.98.64 35.201.98.64	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
1 3	151.101.14.137 151.101.14.137	54113 (FASTLY) (FASTLY)
2	2a02:26f0:6c0... 2a02:26f0:6c00:2b9::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
20	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
29	2.18.232.28 2.18.232.28	16625 (AKAMAI-AS) (AKAMAI-AS)
1 5	13.224.96.92 13.224.96.92	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:6c0... 2a02:26f0:6c00:1bb::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	64.202.112.95 64.202.112.95	23352 (SERVERCEN...) (SERVERCENTRAL)
3	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	13.225.87.112 13.225.87.112	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c06::9c	15169 (GOOGLE) (GOOGLE)
1	3.22.136.188 3.22.136.188	16509 (AMAZON-02) (AMAZON-02)
3	151.101.14.132 151.101.14.132	54113 (FASTLY) (FASTLY)
2	2.16.186.170 2.16.186.170	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2600:9000:21f... 2600:9000:21f3:c000:1b:7b40:7bc0:21	16509 (AMAZON-02) (AMAZON-02)
1	13.224.96.100 13.224.96.100	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:21f... 2600:9000:21f3:e000:16:e423:f180:21	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:20e... 2600:9000:20eb:7000:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
8	50.31.142.63 50.31.142.63	23352 (SERVERCEN...) (SERVERCENTRAL)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
1 2	95.101.27.37 95.101.27.37	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba19	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
35	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
2 7	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2006	15169 (GOOGLE) (GOOGLE)
199	41

5 2a02:26f0:6c00::210:ba91 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

www.kolotv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.129.26 (United States)

ASN54113 (FASTLY, US)

polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a02:26f0:6c00::210:bb11 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

gray-kolo-prod.cdn.arcpublishing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2190:fc00:b:5584:2800:93a1 (United States)

ASN16509 (AMAZON-02, US)

d3agakyjgjv5i8.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2.18.234.190 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-190.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widget-pixels.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.201.98.64 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 64.98.201.35.bc.googleusercontent.com

reconditerespect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.14.137 (Frankfurt am Main, Germany) 1 redirects

ASN54113 (FASTLY, US)

cd.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cds.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00:2b9::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
364bf52c.akstat.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2.18.232.28 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-28.deploy.static.akamaitechnologies.com

tcheck.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.224.96.92 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-92.zrh50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:1bb::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

c.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.202.112.95 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com

log.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.87.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-112.fra2.r.cloudfront.net

gray-prod-cdn.video-api.arcpublishing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.22.136.188 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-22-136-188.us-east-2.compute.amazonaws.com

capi.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.14.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

odb.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mv.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.16.186.170 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-170.deploy.static.akamaitechnologies.com

gray-config-prod.api.cdn.arcpublishing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:c000:1b:7b40:7bc0:21 (United States)

ASN16509 (AMAZON-02, US)

d1d3jupgwm7m5r.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.96.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-96-100.zrh50.r.cloudfront.net

gray.video-player.arcpublishing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:e000:16:e423:f180:21 (United States)

ASN16509 (AMAZON-02, US)

do0bihdskp9dy.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:7000:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 50.31.142.63 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: chi.outbrain.com

mcdp-chidc2.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.be	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

328768522572c50ec1e7680a4578297a.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.101.27.37 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-27-37.deploy.static.akamaitechnologies.com

trial-eum-clientnsv4-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
kjtbhcc7munskyif7ugq-pljeb6-d6475f27f-clientnsv4-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:6c00::210:ba19 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

trial-eum-clienttons-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fiaqj6absjkbikqce3ygyaaaabqql7in-pljeb6-f1f9ae1d2-clienttons-s.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
44	googlesyndication.com 328768522572c50ec1e7680a4578297a.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	315 KB
30	outbrainimg.com tcheck.outbrainimg.com log.outbrainimg.com images.outbrainimg.com	908 KB
24	doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net	216 KB
21	outbrain.com widgets.outbrain.com widget-pixels.outbrain.com odb.outbrain.com mcdp-chidc2.outbrain.com mv.outbrain.com	175 KB
19	arcpublishing.com gray-kolo-prod.cdn.arcpublishing.com gray-prod-cdn.video-api.arcpublishing.com gray-config-prod.api.cdn.arcpublishing.com gray.video-player.arcpublishing.com	567 KB
8	google.com 2 redirects adservice.google.com www.google.com	1 KB
6	googletagservices.com www.googletagservices.com	214 KB
6	cloudfront.net d3agakyjgjv5i8.cloudfront.net d1d3jupgwm7m5r.cloudfront.net do0bihdskp9dy.cloudfront.net	290 KB
5	ampproject.org cdn.ampproject.org	101 KB
5	scorecardresearch.com 1 redirects sb.scorecardresearch.com	5 KB
5	reconditerespect.com reconditerespect.com	36 KB
5	kolotv.com www.kolotv.com	388 KB
4	akamaihd.net 2 redirects trial-eum-clientnsv4-s.akamaihd.net kjtbhcc7munskyif7ugq-pljeb6-d6475f27f-clientnsv4-s.akamaihd.net trial-eum-clienttons-s.akamaihd.net fiaqj6absjkbikqce3ygyaaaabqql7in-pljeb6-f1f9ae1d2-clienttons-s.akamaihd.net	1 KB
4	connatix.com 1 redirects cd.connatix.com cds.connatix.com capi.connatix.com	245 KB
3	gstatic.com www.gstatic.com fonts.gstatic.com	54 KB
3	google-analytics.com www.google-analytics.com	19 KB
3	cloudflare.com cdnjs.cloudflare.com	99 KB
2	go-mpulse.net s.go-mpulse.net c.go-mpulse.net	52 KB
2	googletagmanager.com www.googletagmanager.com	78 KB
1	2mdn.net s0.2mdn.net	23 KB
1	googleapis.com fonts.googleapis.com	1 KB
1	akstat.io 364bf52c.akstat.io	202 B
1	google.be adservice.google.be	853 B
1	adsafeprotected.com static.adsafeprotected.com	480 B
1	polyfill.io polyfill.io	588 B
199	25

	Domain	Requested by
35	tpc.googlesyndication.com	328768522572c50ec1e7680a4578297a.safeframe.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com www.kolotv.com
28	images.outbrainimg.com	www.kolotv.com
20	securepubads.g.doubleclick.net	www.kolotv.com securepubads.g.doubleclick.net www.googletagservices.com
15	gray-kolo-prod.cdn.arcpublishing.com	www.kolotv.com gray-kolo-prod.cdn.arcpublishing.com
9	widgets.outbrain.com	www.kolotv.com widgets.outbrain.com
8	mcdp-chidc2.outbrain.com	widgets.outbrain.com
7	www.google.com	2 redirects 328768522572c50ec1e7680a4578297a.safeframe.googlesyndication.com tpc.googlesyndication.com securepubads.g.doubleclick.net
6	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
6	www.googletagservices.com	securepubads.g.doubleclick.net 328768522572c50ec1e7680a4578297a.safeframe.googlesyndication.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	sb.scorecardresearch.com	1 redirects www.kolotv.com widgets.outbrain.com
5	reconditerespect.com	www.kolotv.com reconditerespect.com
5	www.kolotv.com	www.kolotv.com
4	d3agakyjgjv5i8.cloudfront.net	www.kolotv.com d3agakyjgjv5i8.cloudfront.net
3	googleads.g.doubleclick.net	www.kolotv.com 328768522572c50ec1e7680a4578297a.safeframe.googlesyndication.com
3	328768522572c50ec1e7680a4578297a.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	cdnjs.cloudflare.com	www.kolotv.com cdnjs.cloudflare.com
2	fonts.gstatic.com	fonts.googleapis.com
2	gray-config-prod.api.cdn.arcpublishing.com	d3agakyjgjv5i8.cloudfront.net
2	odb.outbrain.com	widgets.outbrain.com
2	cds.connatix.com	www.kolotv.com cd.connatix.com
2	www.googletagmanager.com	www.kolotv.com www.googletagmanager.com
1	s0.2mdn.net	tpc.googlesyndication.com
1	www.gstatic.com	328768522572c50ec1e7680a4578297a.safeframe.googlesyndication.com
1	fonts.googleapis.com	328768522572c50ec1e7680a4578297a.safeframe.googlesyndication.com
1	fiaqj6absjkbikqce3ygyaaaabqql7in-pljeb6-f1f9ae1d2-clienttons-s.akamaihd.net
1	trial-eum-clienttons-s.akamaihd.net	1 redirects
1	kjtbhcc7munskyif7ugq-pljeb6-d6475f27f-clientnsv4-s.akamaihd.net
1	trial-eum-clientnsv4-s.akamaihd.net	1 redirects
1	364bf52c.akstat.io	s.go-mpulse.net
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.be	securepubads.g.doubleclick.net
1	mv.outbrain.com	widgets.outbrain.com
1	static.adsafeprotected.com	www.kolotv.com
1	do0bihdskp9dy.cloudfront.net	www.kolotv.com
1	gray.video-player.arcpublishing.com	d3agakyjgjv5i8.cloudfront.net
1	d1d3jupgwm7m5r.cloudfront.net	www.kolotv.com
1	capi.connatix.com	cd.connatix.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	gray-prod-cdn.video-api.arcpublishing.com	d3agakyjgjv5i8.cloudfront.net
1	log.outbrainimg.com	widgets.outbrain.com
1	c.go-mpulse.net	s.go-mpulse.net
1	widget-pixels.outbrain.com	www.kolotv.com
1	tcheck.outbrainimg.com	widgets.outbrain.com
1	s.go-mpulse.net	www.kolotv.com
1	cd.connatix.com	1 redirects
1	polyfill.io	www.kolotv.com
199	48

This site contains links to these domains. Also see Links.

Domain
gray.tv
www.graytvlocal.com
www.fullcourtgreta.com
www.circleallaccess.com
www.graydc.com
www.investigatetv.com
www.vuit.com
www.facebook.com
www.instagram.com
www.twitter.com
washoesheriff.com
www.washoesheriff.com
ag.nv.gov
detr.nv.gov
www.happy-landing.net
6f2dd3.llsdzktnxwnnr.com
track.netofclicks.nl
veration-cellyric.com
www.tipsenweetjes.nl
code41watches.com
boiteascoop.com
trytech.me
www.outbrain.com
wearesearch.site
guard.io
c04a87.llsdzktnxwnnr.com
rfvtgb.history10.com
constative.com
www.dailybreak.co
wistjijdit.nl
publicfiles.fcc.gov
webpubcontent.gray.tv

Subject Issuer	Validity	Valid
gray.cdn.arcpublishing.com R3	`2021-06-10` - `2021-09-08`	3 months	crt.sh
polyfill.io GlobalSign Atlas R3 DV TLS CA 2020	`2021-06-04` - `2022-07-06`	a year	crt.sh
*.cdn.arcpublishing.com Entrust Certification Authority - L1K	`2020-11-27` - `2021-12-20`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-21` - `2021-10-20`	a year	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
*.outbrain.com DigiCert SHA2 Secure Server CA	`2021-05-25` - `2022-06-01`	a year	crt.sh
reconditerespect.com R3	`2021-07-17` - `2021-10-15`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.connatix.com Go Daddy Secure Certificate Authority - G2	`2020-09-29` - `2021-10-19`	a year	crt.sh
akstat.io DigiCert SHA2 Secure Server CA	`2021-06-08` - `2022-06-13`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-07-05` - `2021-09-27`	3 months	crt.sh
*.outbrainimg.com DigiCert SHA2 Secure Server CA	`2021-05-04` - `2022-05-09`	a year	crt.sh
*.scorecardresearch.com Amazon	`2021-02-28` - `2022-03-29`	a year	crt.sh
*.video-api.arcpublishing.com Amazon	`2020-09-01` - `2021-10-01`	a year	crt.sh
*.api.cdn.arcpublishing.com Entrust Certification Authority - L1K	`2020-01-17` - `2022-04-16`	2 years	crt.sh
*.video-player.arcpublishing.com Amazon	`2021-02-13` - `2022-03-14`	a year	crt.sh
static.adsafeprotected.com Amazon	`2020-10-03` - `2021-11-03`	a year	crt.sh
*.google.be GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-07-05` - `2021-09-27`	3 months	crt.sh
a248.e.akamai.net DigiCert Secure Site ECC CA-1	`2020-07-15` - `2021-09-13`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-07-05` - `2021-09-27`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-07-05` - `2021-09-27`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-07-05` - `2021-09-27`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-06-28` - `2021-09-20`	3 months	crt.sh

This page contains 16 frames:

Primary Page: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/?fbclid=IwAR1_wADxU4i9aghqmr-rUVcEHcOjDvYFGJK3qUze_pKeOWXCG8ugoV3p8w8
Frame ID: 8AA64EAA8F0AC3C69179944367203BDE
Requests: 113 HTTP requests in this frame

Frame: https://cds.connatix.com/p/125229/connatix.playspace.dc.js
Frame ID: D2F43B5858A4479B427413C59F512895
Requests: 2 HTTP requests in this frame

Frame: https://s.go-mpulse.net/boomerang/2E2M7-67B4A-DL5Z6-QJNZK-YUVYQ
Frame ID: 6C65EE6BF3A1EB22F03083934E3FE395
Requests: 4 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/cookie/test.html
Frame ID: 07DBAC291D0C95B6724B4C0442D4583A
Requests: 2 HTTP requests in this frame

Frame: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Frame ID: 1A527B75DF96A2B88A840F86952F8CB7
Requests: 3 HTTP requests in this frame

Frame: https://328768522572c50ec1e7680a4578297a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: DD29A50227FE47FD1A410993563B7522
Requests: 1 HTTP requests in this frame

Frame: https://328768522572c50ec1e7680a4578297a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: F5671942B4A01FB2E5B3F9336AA4FE56
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 993CF54C05D6DADF1F50EE6E1C380E46
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4C76B35549C9431EB186B5DA94F98136
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/022107200040000/amp4ads-v0.mjs
Frame ID: F40BBE115C5A0B488E386D1BE1FE2649
Requests: 13 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu5sDeVJgq3hCcsvNSGrFKr5JX1xdRrfyGdJsNyiGYraKKX4FNiGETHlMQW7Bwvch2KZUbr9TceS8Q4E0-vJfLFzF7wwgvzVLYEnawNNeLp3Pk3wupEko-9JrNjJnbg5Z8kXCwsTSS3h-mT7B4NwhjJVXWPp-_dSokqSNg0FtC4SZTlXecseSmiusyCaVrwYkMu9eewnF-bvr47ycSBRpQUKp3buW8aCVeJ1HFKNyj0ON4QZsWrZSr1t2W7-xMyQpjKPbupCDP6LS2wMdGMS8olZhp1iTANVIFjEnt3DwKHRwUE5wm8gHTQKfbx4qPFvVwc3lJD41_JlA&sai=AMfl-YRlE4oEb_pD-IqxbkCb6khxjaMh2dMrnz3AnKmGfdYqFULT-S8xB35OVs_pgpSVuyw3ff1cxI49etQKMpswUs6ao-cgvTKi-VNN4BcHc0TujeUD9B6uZxIuI9WsZk4&sig=Cg0ArKJSzL-bprmBca4NEAE&adurl=
Frame ID: 07DC939528D44F47C0C4DC9A1CE054B1
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv3CNnbrm9BOlt0zGbQ-WGtI3ik178mndT0Mk4_iJXzYFW4qOVAzaaCUhedBKfrZJbkr-0n1_86MAWyaTl5whh59fxnPm0jZ4iC2TlftMN-Ymbhxqx9KEkeO1zReX5F6K_ZCiT88UXt-nhGGy00VZMAjiLGjooPTOg0qVXwZiIQjoeSIIdCxZHdH1RtjqWEAjofRphPSKsT0pVKciMqYWFOFuLV_k5E34-Y6HlYIWweNhNqd7Bx7ji_Mt630CKcltXjBTljQ9274gznciR_3a19CBHwdCE_gXoof7x8L0actI22UjZ7w2saF8GxQOY_kTaxDu8dkbC9Uw&sai=AMfl-YS_Ffjq5ukc8iYpA1d4Z2nAQnPHGI135aduShCpSzsCiXRkjcJetXsXZ2BRhjbFoFo7tIfOcd7QfhutH8-BkJqc4kfrHSOgYI1k0u3T8Y_FLYMoZig4Q-Ayt1DRnj8&sig=Cg0ArKJSzFArizOlwCSVEAE&adurl=
Frame ID: 69DE1010E5A0BBAA96283C6DA2BEC67C
Requests: 7 HTTP requests in this frame

Frame: https://328768522572c50ec1e7680a4578297a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 34B64AD43CCE06EB7372C6D436CAA8CE
Requests: 8 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4974159998619265864/index.html
Frame ID: 5A81CD6A67C71F165BD70AEBD8F5DCE2
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 04A56684F9C51FF688AE4489AB789756
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstdNAE2rGmSSAdIw-vWwiWA9HE6mdItNtKGK1n3Dg5jOKs7eED-YPxQQNKPs4_M_WLzvzT3oFzx9p_XA0_kJ_saL-rxRcv3jdAn0hogQvlakHDdTjAY3DtScYGZafTqPPuH6JRNbOhMtVNxK4YlXZ9ZptRHzfUJLeil6mIBAbidHnUg7U-Fh5CFdHZzeHxjCj_vghQRfdhaR4PAJ7M6MAWkaqj597HHjVw4T_7WG1QoGUCGK_tdwJvqHtjdxpr7JPOAeMx2sIUN6xANo3NsxzhBgenovoHRaNItpef_Z9s5J7cojg86wAcc&sai=AMfl-YSnMgbYl20OV3RmPQF1WHRbig0opbymeKKeYZ0HFQNY0AyOSgYOddW8uND8IV0oOP_f2ba2GECwtDKs1DzpT5m2sgYF9yy7IUO3QNfD-kSbpxeuhQIV2Sp4a5mwcfw&sig=Cg0ArKJSzF_NTaGqnGd3EAE&adurl=
Frame ID: 60D5544D634BED7CD478C9BAB79B3F93
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Lua (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

OpenResty (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /openresty(?:\/([\d.]+))?/i

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

script /react.*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Polyfill (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/polyfill\.min\.js/i

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

Page Statistics

199
Requests

100 %
HTTPS

63 %
IPv6

25
Domains

48
Subdomains

41
IPs

3
Countries

3790 kB
Transfer

8856 kB
Size

6
Cookies

36 Outgoing links

These are links going to different origins than the main page.

URL: https://gray.tv/careers#currentopenings
Title: Jobs

Search URL Search Domain Scan URL

URL: https://www.graytvlocal.com/market/reno-nv
Title: Open for Business

Search URL Search Domain Scan URL

URL: https://www.fullcourtgreta.com/
Title: Full Court Press with Greta Van Susteren

Search URL Search Domain Scan URL

URL: http://www.circleallaccess.com/
Title: Circle - Country Music & Lifestyle

Search URL Search Domain Scan URL

URL: https://www.graydc.com/
Title: Gray DC Bureau

Search URL Search Domain Scan URL

URL: https://www.investigatetv.com/
Title: Investigate TV

Search URL Search Domain Scan URL

URL: https://www.vuit.com/live/12761/kolo/vod
Title: Latest Newscasts

Search URL Search Domain Scan URL

URL: https://www.facebook.com/kolotv

Search URL Search Domain Scan URL

URL: https://www.instagram.com/kolo8newsnow

Search URL Search Domain Scan URL

URL: https://www.twitter.com/KOLO8

Search URL Search Domain Scan URL

URL: https://washoesheriff.com/sub.php?page=begin-report
Title: WCSO is taking identity theft reports online

Search URL Search Domain Scan URL

URL: https://www.washoesheriff.com/resources/files/pr_files/2000087_XTYC.pdf
Title: in English

Search URL Search Domain Scan URL

URL: https://www.washoesheriff.com/resources/files/pr_files/2000087_jIyj.pdf
Title: in Spanish

Search URL Search Domain Scan URL

URL: http://ag.nv.gov/uploadedFiles/agnvgov/Content/Complaints/2019-06-05_AG_COMPLAINT_FORM2.pdf
Title: encouraged to file a complaint online

Search URL Search Domain Scan URL

URL: https://detr.nv.gov/Page/DETR_Unemployment_Insurance_Fraud_Reporting_Form
Title: a Fraud Reporting Form on DETR’s website

Search URL Search Domain Scan URL

URL: https://www.happy-landing.net/fr/hygiene-far-west-31097?utm_source=outbrain&utm_medium=cpc&utm_campaign=002706e5399b3fe1c4d2560978ca85b781&utm_term=$publisher_name$-$section_name$&utm_content=%5BPhotos%5D+Ces+pratiques+r%C3%A9pandues+au+Far+West+d%C3%A9montrent+%C3%A0+quel+point+l&obOrigUrl=true
Title: [Photos] Ces pratiques répandues au Far West démontrent à quel point… Happy Landing

Search URL Search Domain Scan URL

URL: https://6f2dd3.llsdzktnxwnnr.com/?subid1=$section_name$&adtitle=Hoeveel+kost+het+om+een+badkamer+te+verbouwen+in+2021%3F+De+prijzen+kunn&subid3=$section_id$&site=$publisher_name$_$section_name$&network=outbrain&OutbrainClickId=$ob_click_id$&subid4=ar-be-d-bath6nl-33154-b0907-ob-sm&kw1=Badkamer+Renovatie+{City}&kw2=Totale+Renovatie+Badkamer&kw3=Renovatie+Badkamer+Prijs&kw4=Hoeveel+Kost+Een+Inloopdouche&kw5=Kosten+Badkamer+Verbouwen&kw6=Help+5000+Euro+Badkamer&backfill=0&obOrigUrl=true
Title: Hoeveel kost het om een badkamer te verbouwen in 2021? De prijzen kunnen u… Badkamer verbouwen | Zoek advertenties

Search URL Search Domain Scan URL

URL: https://track.netofclicks.nl/1315369c-c721-47c9-9975-2db67d01fe7f?sbtag=SB000000001356305&utm_source=outbrain&ad_title=Steeds+meer+senioren+laten+een+traplift+plaatsen+om+niet+te+hoeven+ver&ad_id=0015ce764126b53fc448f56aff5841e36e&section_name=$section_name$&publisher_name=$publisher_name$&publisher_id=$publisher_id$&obclid=$ob_click_id$&obOrigUrl=true
Title: Steeds meer senioren laten een traplift plaatsen om niet te hoeven verhuizen Beter Huis Beter Leven

Search URL Search Domain Scan URL

URL: https://veration-cellyric.com/a620cb43-d7c2-4789-aef2-2fc48bce87a7?campaign_id=00b33b56db28a49b903bc1c5e8913b8d59&publisher_id=$publisher_id$&publisher_name=$publisher_name$&ad_id=008d0e9d79426740eb812d837ace9cff26&ad_title=Vous+pouvez+faire+tout+ce+que+vous+voulez+dans+ce+jeu&section_id=$section_id$&section_name=$section_name$&req_id=$req_id$&promoted_link_id=008d0e9d79426740eb812d837ace9cff26&clickid=$ob_click_id$&cpc=$cpc$&ob_click_id=$ob_click_id$&obOrigUrl=true
Title: Vous pouvez faire tout ce que vous voulez dans ce jeu Raid : Shadow Legends

Search URL Search Domain Scan URL

URL: https://www.tipsenweetjes.nl/lifehacks/vingers-kunnen-zoveel-persoonlijkheid-vertellen-welke-vingers/?utm_campaign=l3uezrch&utm_medium=native&utm_source=outbrain&utm_term=p$publisher_id$|$publisher_name$|$section_name$&utm_content=00a2bd0621b65f77481be2af8a33ad0361&obOrigUrl=true
Title: Welke vingers heb jij? Dit betekent het! Tips en Weetjes

Search URL Search Domain Scan URL

URL: https://code41watches.com/nl/mechanical-watch-fraction-usual-price-swiss-start-taken-challenge/?utm_campaign=outbrain&utm_source=nl_be_dtp_broad_halfprice_native_outbrain_2021_07&utm_medium=3762&utm_content=$section_id$_$section_name$&obOrigUrl=true
Title: Eindelijk, een Zwitsers mechanisch horloge tegen een onverslaanbare prijs CODE41 Watches

Search URL Search Domain Scan URL

URL: https://boiteascoop.com/trending/waar-wonen-deze-bners-en-hoe-ziet-hun-woonsituatie-er-van-dichtbij-uit-outbrain-linda-de-mol?utm_source=outbrain&utm_campaign=008e212d337db2475a4486eb073c06845b&utm_medium=$section_name$__$section_id$&utm_term=%5BFotos%5D+Op+56-jarige+leeftijd+woont+Linda+de+Mol+%E2%80%8B%E2%80%8Bin+dit+huis&ts=$time_stamp$&tbv=$cpc$&pcl=1&obOrigUrl=true
Title: [Fotos] Op 56-jarige leeftijd woont Linda de Mol in dit huis Boite A Scoop

Search URL Search Domain Scan URL

URL: https://trytech.me/view/3nXCsULpyfnawr9QdFw8czSCtX2G8k1sOlqD1u4WmXhSalSDQs?c=36944&pid=4443&tid=$ob_click_id$&ob_marketer=Fresquito_ES&ob_publisher_id=$publisher_id$&ob_section_id=$section_id$&ob_ad_id=007412b7bb68d92e9ca075a6a24322e107&ob_timestamp=$time_stamp$&ob_platform=WAP&ob_campaign_id=00a27347652f21f0564aa59550ce7c09b3&ob_doc_title=Les+meilleurs+m%C3%A9decins+recommandent+maintenant+une+nouvelle+merveille+&site=Web30_$publisher_name$_$section_name$_007412b7bb68d92e9ca075a6a24322e107&ob_marketer_id=00348118074191a02fde62adb9a63c55b1&obOrigUrl=true
Title: Comment réduire les douleurs articulaires et l'arthrose en un geste quotidien ! healthyday.online

Search URL Search Domain Scan URL

URL: https://www.outbrain.com/what-is/default/en

Search URL Search Domain Scan URL

URL: https://wearesearch.site/view/gRbeCcNoS2kmors9AgfMcjxscypzMgU0VkEg8Y30VAk?c=37248&pid=4443&tid=$ob_click_id$&ob_marketer=BP_Web&ob_publisher_id=$publisher_id$&ob_section_id=$section_id$&ob_ad_id=0086dd20f0d84b7ac649b48dc57dc89645&ob_timestamp=$time_stamp$&ob_platform=WEB&ob_campaign_id=00a7ff260801c6cb33eeb5d9462321c2da&ob_doc_title=Next+Generation+CBD+Gummies&site=GumTier1WebCPA_$publisher_name$_$section_name$_0086dd20f0d84b7ac649b48dc57dc89645&mavcid=MANAGERCAMPAIGNID&ob_marketer_id=00f5d457b2d6ad1e8084e2e65f4e55c1f1&obOrigUrl=true
Title: Doctors Baffled: Simple Tip Relieves Years of Joint Pain (Try Tonight)

Search URL Search Domain Scan URL

URL: https://guard.io/lp?utm_source=outbrain&utm_campaign=eu_platforms&utm_term=$publisher_name$_$section_name$&utm_content=00c8a8fd557cac496e5471e8611c501def&obclid=$ob_click_id$&obOrigUrl=true
Title: Chrome Users? Try this Free New Security Tool

Search URL Search Domain Scan URL

URL: https://veration-cellyric.com/f05d4c92-b7d9-44b2-905a-59bc1f875134?campaign_id=00b33b56db28a49b903bc1c5e8913b8d59&publisher_id=$publisher_id$&publisher_name=$publisher_name$&ad_id=00f07b6ac47dd42b01720b2d0247bea6e1&ad_title=Si+vous+avez+plus+de+30+ans+et+poss%C3%A9dez+un+ordinateur%2C+ce+jeu+est+pour&section_id=$section_id$&section_name=$section_name$&req_id=$req_id$&promoted_link_id=00f07b6ac47dd42b01720b2d0247bea6e1&clickid=$ob_click_id$&cpc=$cpc$&ob_click_id=$ob_click_id$&obOrigUrl=true
Title: Si vous avez plus de 30 ans et possédez un ordinateur, ce jeu est pour vous

Search URL Search Domain Scan URL

URL: https://c04a87.llsdzktnxwnnr.com/?subid1=$section_name$&adtitle=Elektrische+auto%27s+van+2020+beschikbaar+in+2021+-+de+prijzen+zullen+u+&subid3=$section_id$&site=$publisher_name$_$section_name$&network=outbrain&OutbrainClickId=$ob_click_id$&subid4=ar-be-d-elca8nl-36480-b0907-ob-sm&kw1=Beste+Electrische+Autos&kw2=Volledig+Elektrische+Autos&kw3=20+Elektrische+Autos+Die+U+Zich+Kunt+Veroorloven&kw4=Onverkochte+Elektrische+Autos+Uit+2020+Die+Voor+Een+Fractie+Van+Hun+Waarde+Worden+Verkocht&kw5=Prijzen+Elektrische+Autos+2021&kw6=Hybride+En+Elektrische+Auto+Aanbiedingen&backfill=0&obOrigUrl=true
Title: Elektrische auto's van 2020 beschikbaar in 2021 - de prijzen zullen u verbazen

Search URL Search Domain Scan URL

URL: https://track.netofclicks.nl/7ad5accf-277c-49a9-a28e-e366ee875835?sbtag=SB000000001353967&utm_source=outbrain&ad_title=Inwoners+van+Vlaanderen+mogen+bijna+kosteloos+zonnepanelen+installeren&ad_id=0049151e05d1d6323da200f752e88d2192&section_name=$section_name$&publisher_name=$publisher_name$&publisher_id=$publisher_id$&obclid=$ob_click_id$&obOrigUrl=true
Title: Inwoners van Vlaanderen mogen bijna kosteloos zonnepanelen installeren

Search URL Search Domain Scan URL

URL: https://rfvtgb.history10.com/worldwide/canal-a-paris-kilo-fr?utm_medium=outbrain&utm_source=outbrainjk&utm_campaign=hy-canal-des-4b-yy-05031d&utm_term=$section_name$&obOrigUrl=true
Title: [Gallerie] Lorsqu'ils vident un canal après 200 ans, un lourd silence s'installe History10

Search URL Search Domain Scan URL

URL: https://constative.com/lifestyle/the-most-outrageous-wedding-dresses-ob-is/?utm_source=outbrain&utm_term=$publisher_name$&utm_medium=00d6898712a7aebb74c1a7789f524f6700&utm_content=$section_id$&utm_campaign=con-ob-eur-d-funweddress_is-cpc_int20_exp_dup3_04.06.20&obOrigUrl=true
Title: [Pics] We Bet These Grooms Were Surprised To See Their Bride's Wedding Dress Constative

Search URL Search Domain Scan URL

URL: https://www.dailybreak.co/158815?utm_source=obr&utm_campaign=00dff6c9049dc98100841c6b43f206cfb6&utm_medium=referral&utm_term=$publisher_name$_$section_name$&utm_content=00acc094d4703847fb504bc4d391cabb1e&s_id=$section_id$&cl=$ob_click_id$&obOrigUrl=true
Title: [Galerie] Des plongeurs trouvent un vieil appareil photo - quand ils voient les clichés, ils sont choqués DailyBreak

Search URL Search Domain Scan URL

URL: https://wistjijdit.nl/schoonmaken/doekje-azijn-toilet/?utm_campaign=NLOdoekjeazijnBECPAfully&utm_medium=native&utm_source=outbrain&utm_term=$section_id$|$publisher_name$|$section_name$&utm_content=00ebdfc9f6798507ed38144d829561e55a&tf=true&obOrigUrl=true
Title: Leg eens een doekje met azijn in je toilet en kijk wat er gebeurt! Wist jij dit?

Search URL Search Domain Scan URL

URL: https://publicfiles.fcc.gov/tv-profile/kolo-tv
Title: Public Inspection File

Search URL Search Domain Scan URL

URL: https://webpubcontent.gray.tv/gdm/fcc/kolo-fcc_applications.pdf
Title: FCC Applications

Search URL Search Domain Scan URL

URL: https://publicfiles.fcc.gov/tv-profile/kolo-tv/equal-employment-opportunity-records/additional-documents/eeo-public-file-reports/1626f10a-1a81-4928-8243-b4ba52a849c6/
Title: EEO Statement

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24

https://cd.connatix.com/connatix.playspace.js HTTP 302
https://cds.connatix.com/p/125229/connatix.playspace.dc.js

Request Chain 46

https://sb.scorecardresearch.com/b?c1=2&c2=10477191&cs_ucfr=1&ns__t=1627782408281&ns_c=UTF-8&cv=3.5&c8=Increase%20in%20identity%20theft%20tied%20to%20fraudulent%20unemployment%20claims&c7=https%3A%2F%2Fwww.kolotv.com%2F2020%2F07%2F11%2Fincrease-in-identity-theft-tied-to-fraudulent-unemployment-claims%2F%3Ffbclid%3DIwAR1_wADxU4i9aghqmr-rUVcEHcOjDvYFGJK3qUze_pKeOWXCG8ugoV3p8w8&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=10477191&cs_ucfr=1&ns__t=1627782408281&ns_c=UTF-8&cv=3.5&c8=Increase%20in%20identity%20theft%20tied%20to%20fraudulent%20unemployment%20claims&c7=https%3A%2F%2Fwww.kolotv.com%2F2020%2F07%2F11%2Fincrease-in-identity-theft-tied-to-fraudulent-unemployment-claims%2F%3Ffbclid%3DIwAR1_wADxU4i9aghqmr-rUVcEHcOjDvYFGJK3qUze_pKeOWXCG8ugoV3p8w8&c9=

Request Chain 117

https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=pljeb6qyy HTTP 302
https://kjtbhcc7munskyif7ugq-pljeb6-d6475f27f-clientnsv4-s.akamaihd.net/eum/results.txt

Request Chain 118

https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=pljeb6qyy HTTP 302
https://fiaqj6absjkbikqce3ygyaaaabqql7in-pljeb6-f1f9ae1d2-clienttons-s.akamaihd.net/eum/results.txt

Request Chain 150

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 194

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

199 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/ 229 KB
43 KB 933ms
775ms Document
text/html 2a02:26f0:6c00::210:ba91
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/?fbclid=IwAR1_wADxU4i9aghqmr-rUVcEHcOjDvYFGJK3qUze_pKeOWXCG8ugoV3p8w8

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba91 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

4073b04164cb9a10531daa3169ea0819ccb5045921c1dbb44e4dd427eaf27616

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

:method: GET
:authority: www.kolotv.com
:scheme: https
:path: /2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/?fbclid=IwAR1_wADxU4i9aghqmr-rUVcEHcOjDvYFGJK3qUze_pKeOWXCG8ugoV3p8w8
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
server: openresty
content-encoding: gzip
etag: W/"3850a-+Z+TJcSM+qbO7/9/bb6rckagVd0"
last-modified: Sun, 01 Aug 2021 01:46:47 GMT
vary: Accept-Encoding
x-akamai-transformed: 9 41087 0 pmb=mRUM,2
cache-control: private, max-age=60
expires: Sun, 01 Aug 2021 01:47:47 GMT
date: Sun, 01 Aug 2021 01:46:47 GMT
set-cookie: AKA_A2=A; expires=Sun, 01-Aug-2021 02:46:47 GMT; path=/; domain=kolotv.com; secure; HttpOnly
server-timing: cdn-cache; desc=REVALIDATE edge; dur=434 origin; dur=330
link: <https://polyfill.io>;rel="preconnect",<https://gray-kolo-prod.cdn.arcpublishing.com>;rel="preconnect",<https://www.googletagmanager.com>;rel="preconnect",<https://static.adsafeprotected.com>;rel="preconnect"
content-security-policy: upgrade-insecure-requests

GET
H2 200 polyfill.min.js Show response
polyfill.io/v3/ 101 B
588 B 311ms
20ms Script
text/javascript 151.101.129.26
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://polyfill.io/v3/polyfill.min.js?features=NodeList.prototype.forEach%2CArray.prototype.forEach%2CSymbol.hasInstance%2Ces6%2CIntl%2ClocalStorage%2CDate.prototype.toISOString%2CDate.now%2Cdefault%2CObject.entries%2CArray.prototype.entries

Requested by

Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/?fbclid=IwAR1_wADxU4i9aghqmr-rUVcEHcOjDvYFGJK3qUze_pKeOWXCG8ugoV3p8w8

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.129.26 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

069a660398be8db8f9b6d8dad3f052d9a061b697b5354c24784c62d3df0a82f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.kolotv.com
Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
content-type: text/javascript; charset=utf-8
age: 248728
detected-user-agent: Chrome Mobile/89.0.4389
server-timing: MISS-CLUSTER, fastly;desc="Edge time";dur=30, HIT-CLUSTER, fastly;desc="Edge time";dur=1
content-length: 89
referrer-policy: origin-when-cross-origin
last-modified: Wed, 28 Jul 2021 17:22:41 GMT
date: Sun, 01 Aug 2021 01:46:47 GMT
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
normalized-user-agent: chrome/89.0.0
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 react.js Show response
www.kolotv.com/pf/dist/engine/ 610 KB
142 KB 13ms
11ms Script
application/javascript 2a02:26f0:6c00::210:ba91
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kolotv.com/pf/dist/engine/react.js?d=183

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba91 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

9cbabd2665634e98958e83026d79f365ba93df9876c50f2f197388bc13a15d25

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

:path: /pf/dist/engine/react.js?d=183
pragma: no-cache
cookie: AKA_A2=A
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.kolotv.com
referer: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/?fbclid=IwAR1_wADxU4i9aghqmr-rUVcEHcOjDvYFGJK3qUze_pKeOWXCG8ugoV3p8w8
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/?fbclid=IwAR1_wADxU4i9aghqmr-rUVcEHcOjDvYFGJK3qUze_pKeOWXCG8ugoV3p8w8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 01:46:47 GMT
content-encoding: gzip
last-modified: Fri, 30 Jul 2021 20:42:58 GMT
server: openresty
x-amz-request-id: DMVQD1ZRJW6PJY6V
etag: W/"9958eb5b6cb5ff0e2bb38298bfee8329"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=HIT edge; dur=1
content-length: 144523
x-amz-id-2: Pg1C9vs09Fl4yDfRIG+L7zPyScrWeXTZx88rkhm/Z1vtWBCeE5Xo0BFrLDyH3/7ZRHMZKeyeld8=
expires: Mon, 01 Aug 2022 01:46:47 GMT

GET
H2 200 default.js Show response
www.kolotv.com/pf/dist/components/combinations/ 661 KB
164 KB 11ms
10ms Script
application/javascript 2a02:26f0:6c00::210:ba91
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.kolotv.com/pf/dist/components/combinations/default.js?d=183

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba91 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

13c3ad86a8c876e675435eff9b0a747fbf099ad965e46bc2f13fd5e165c307d5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

:path: /pf/dist/components/combinations/default.js?d=183
pragma: no-cache
cookie: AKA_A2=A
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.kolotv.com
referer: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/?fbclid=IwAR1_wADxU4i9aghqmr-rUVcEHcOjDvYFGJK3qUze_pKeOWXCG8ugoV3p8w8
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/?fbclid=IwAR1_wADxU4i9aghqmr-rUVcEHcOjDvYFGJK3qUze_pKeOWXCG8ugoV3p8w8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 01:46:47 GMT
content-encoding: gzip
last-modified: Fri, 30 Jul 2021 20:42:58 GMT
server: openresty
x-amz-request-id: DMVQPB1AR4AHZRGB
etag: W/"749fc2d973bc44672c1f353f4ef514da"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=HIT edge; dur=1
content-length: 166822
x-amz-id-2: BxqpHQgeKxHIjZcAAnrucbocCuPjNBRJMyAVSiRYy4GmtjrmbLM8OuMr7D4HM1te2SyrmEsoAc4=
expires: Mon, 01 Aug 2022 01:46:47 GMT

GET
H2 200 main.css
gray-kolo-prod.cdn.arcpublishing.com/pf/resources/dist/__global/css/ 83 KB
14 KB 57ms
16ms Stylesheet
text/css 2a02:26f0:6c00::210:bb11
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://gray-kolo-prod.cdn.arcpublishing.com/pf/resources/dist/__global/css/main.css?d=183

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

351e6a349eebf6f4990b1a896ecd7e119708c8f7992d79287a914cc3c6987a6b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 01:46:47 GMT
content-encoding: gzip
last-modified: Fri, 30 Jul 2021 20:42:58 GMT
server: openresty
x-amz-request-id: 37YGKABAV66DWKCA
etag: W/"3940933f0d18a0179fdb3364fc674961"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=HIT, edge; dur=6
content-length: 14202
x-amz-id-2: U8cfH1BKrh87sy8v4YXOl8cMd304WdFfLCwybZYy2oZJgG9rB2DsLQVRzR0Xfw5tKDmbl92e0gQ=
expires: Mon, 01 Aug 2022 01:46:47 GMT

GET
H2 200 main.css
gray-kolo-prod.cdn.arcpublishing.com/pf/resources/dist/kolo/css/ 94 KB
15 KB 56ms
15ms Stylesheet
text/css 2a02:26f0:6c00::210:bb11
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://gray-kolo-prod.cdn.arcpublishing.com/pf/resources/dist/kolo/css/main.css?d=183

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

39063b28697e2d943a54a1639ecb4f9c237eef65830f4944a4eb6b79bda69a47

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 01:46:47 GMT
content-encoding: gzip
last-modified: Fri, 30 Jul 2021 20:42:58 GMT
server: openresty
x-amz-request-id: 37YXTE2PN1STX618
etag: W/"4b0de91a0f442181d9304bee5603e1d8"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 15119
x-amz-id-2: Jo9V/5KMwtbmgPQnfF3+x0U9+AOXrNweSjQ9cpFo8+c3P6bQ6m0LQzAiQVlXCdgIpytuLKHpSRI=
expires: Mon, 01 Aug 2022 01:46:47 GMT

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.10.2/css/ 55 KB
11 KB 26ms
12ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.10.2/css/all.min.css?d=183

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce67cd6665e835604c7a650ea355d41857dcd2284618b61d82d252dca0abfe5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 01:46:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 760221
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 9974
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:08 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e60-dcc5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mtd8SX1wDGCQvPrDcXLU3JePfYgYSLaJ9uQ%2FL7uMnGgWZuGPWKJgqlUa3f69Cq1AdMxDHg5qPGqlEmUmrAn4w8%2F8HE9uY4C5gQSd6FcCCD1ichEDrutR%2FocwBOSlb0mJS7%2BnskSQyDBOFZDv%2FRLrj%2Bsj"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 677b650ebbd9433f-FRA
expires: Fri, 22 Jul 2022 01:46:47 GMT

GET
H2 200 gtm.js Show response
gray-kolo-prod.cdn.arcpublishing.com/pf/resources/js/analytics/ 584 B
718 B 69ms
29ms Script
application/javascript 2a02:26f0:6c00::210:bb11
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://gray-kolo-prod.cdn.arcpublishing.com/pf/resources/js/analytics/gtm.js?d=183

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

a47715e7a74a758bf33f6b1547b2eb7b4724d17ad6c13651c0945ac9c6187ff7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 01:46:47 GMT
content-encoding: gzip
last-modified: Fri, 30 Jul 2021 20:42:57 GMT
server: openresty
x-amz-request-id: BKG3AFQCYH3BKQHP
etag: W/"d95f5027a66e33b82dc537faa5603017"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=HIT, edge; dur=4
content-length: 305
x-amz-id-2: UlGOKAEfjwk/2uovnuGjHkL9bTSm9N9pIfpRnHwcLDa3nrmpeZgsCM7baTpQ0VrBhl9Oj2qQMxs=
expires: Mon, 01 Aug 2022 01:46:47 GMT

GET
H2 200 arcads.js Show response
gray-kolo-prod.cdn.arcpublishing.com/pf/resources/js/ads/ 35 KB
8 KB 70ms
30ms Script
application/javascript 2a02:26f0:6c00::210:bb11
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://gray-kolo-prod.cdn.arcpublishing.com/pf/resources/js/ads/arcads.js?d=183

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

09e4f0b788966ce2b1bf0a3c5af62dd6179e29662299e37e64f6a05c2af6b5f4

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 01:46:47 GMT
content-encoding: gzip
last-modified: Fri, 30 Jul 2021 20:42:58 GMT
server: openresty
x-amz-request-id: BKG357E1NN7G4E8B
etag: W/"4aa36db740c369c50d6c8e873ebe4d3f"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 7258
x-amz-id-2: gH1j1roxSl+0kqt8gKs9egkn38pn8h/uat9B2Nitsg2lQtiqklT9nOR2yWdtedp2LwKgf/gQVSM=
expires: Mon, 01 Aug 2022 01:46:47 GMT

GET
H2 200 powaBoot.js Show response
d3agakyjgjv5i8.cloudfront.net/prod/ 37 KB
13 KB 93ms
51ms Script
application/javascript 2600:9000:2190:fc00:b:5584:2800:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3agakyjgjv5i8.cloudfront.net/prod/powaBoot.js?org=gray
Requested by: Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/?fbclid=IwAR1_wADxU4i9aghqmr-rUVcEHcOjDvYFGJK3qUze_pKeOWXCG8ugoV3p8w8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:fc00:b:5584:2800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 217a3bd4ea0e5ff7d80fc60002bd213fc41d416b562d70b5a93fcec2745fb2a1

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 01:46:47 GMT
content-encoding: gzip
last-modified: Wed, 28 Jul 2021 21:01:59 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: W/"14105d060aca9e0af630742805983f08"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 cd66c5a89ae3376f15c155e3b52a758d.cloudfront.net (CloudFront)
cache-control: max-age=300
x-amz-cf-id: h0pnz3W5ZYFRQBF2z9ZBoG6clrtWAx3cfDnkwUypUFJ7ibPotEoSWw==

GET
H2 200 powa.js Show response
d3agakyjgjv5i8.cloudfront.net/prod/ 251 KB
65 KB 26ms
26ms Script
application/javascript 2600:9000:2190:fc00:b:5584:2800:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3agakyjgjv5i8.cloudfront.net/prod/powa.js?org=gray
Requested by: Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/?fbclid=IwAR1_wADxU4i9aghqmr-rUVcEHcOjDvYFGJK3qUze_pKeOWXCG8ugoV3p8w8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:fc00:b:5584:2800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: eb38b7be9192ae70b8caa74b5e98c64e5a8ffdda9bb35b638dccc46a33d3493b

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 01:46:47 GMT
content-encoding: gzip
last-modified: Wed, 28 Jul 2021 21:01:59 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: W/"da9313cd34d2edc3d713a148fc02098a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 cd66c5a89ae3376f15c155e3b52a758d.cloudfront.net (CloudFront)
cache-control: max-age=300
x-amz-cf-id: 5shM38dwBjjphrZZ-CIPsCuH-CBvF5I1cODnFfDPOLS4rFZLFDrNtQ==

GET
H2 200 outbrain.js Show response
widgets.outbrain.com/ 182 KB
61 KB 87ms
28ms Script
application/x-javascript 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/outbrain.js
Requested by: Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/?fbclid=IwAR1_wADxU4i9aghqmr-rUVcEHcOjDvYFGJK3qUze_pKeOWXCG8ugoV3p8w8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 9b039009cf1a681fa5d076d7f5944b177936b64d6ecf2e0c13625e8197bfa6cb

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 01:46:47 GMT
content-encoding: gzip
last-modified: Thu, 29 Jul 2021 11:54:18 GMT
etag: W/"2d878-iFUiJQRk7k4LVhYIwrN1uDqvlHU"
vary: Accept-Encoding
edge-cache-tag: widget-cheetah
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
x-traceid: 1d56cba7584263b7a429f53e99a03c5f
timing-allow-origin: *, *
content-length: 61833
expires: Sun, 01 Aug 2021 05:46:47 GMT

GET
H2 200 VVKEML4BLZGPPKQIYBHFBRV5IQ.jpg
gray-kolo-prod.cdn.arcpublishing.com/resizer/XTc8CDiOQ1SvndLNllWgz6PKZBA=/800x450/smart/filters:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/gray/ 27 KB
27 KB 128ms
127ms Image
image/jpeg 2a02:26f0:6c00::210:bb11
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gray-kolo-prod.cdn.arcpublishing.com/resizer/XTc8CDiOQ1SvndLNllWgz6PKZBA=/800x450/smart/filters:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/gray/VVKEML4BLZGPPKQIYBHFBRV5IQ.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

5d87a790df2f8526923b52b40390d1aeaf02b46171a6d9f785bf3383b98c87dd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 01:46:47 GMT
x-check-cacheable: YES
x-serial: 1974
etag: "5b6f78e60eb3c7fb94ac4cb68625548aea25e812"
content-type: image/jpeg
cache-control: private, no-transform, max-age=31370011
last-modified: Fri, 30 Jul 2021 03:41:06 GMT
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=MISS, edge; dur=38, origin; dur=77
content-length: 27583
server: Akamai Image Manager
expires: Sat, 30 Jul 2022 03:40:18 GMT

GET
H2 200 KLHP6SP4WJBY7KUJUV2KZJPV3I.jpg
gray-kolo-prod.cdn.arcpublishing.com/resizer/K_dzE_dcPNocx13j9Df4Dm5HI-w=/800x450/smart/filters:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/gray/ 18 KB
18 KB 114ms
112ms Image
image/webp 2a02:26f0:6c00::210:bb11
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gray-kolo-prod.cdn.arcpublishing.com/resizer/K_dzE_dcPNocx13j9Df4Dm5HI-w=/800x450/smart/filters:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/gray/KLHP6SP4WJBY7KUJUV2KZJPV3I.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

98ed35488f1a723c9d22378853e9ca715a7702e800a861b2a2aa29d253f71c17

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 01:46:47 GMT
x-check-cacheable: YES
x-serial: 1248
etag: "23235a702b1e65414f095c019d0d5e3fa69c705a"
content-type: image/webp
cache-control: private, no-transform, max-age=31437246
last-modified: Fri, 30 Jul 2021 22:20:57 GMT
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=MISS, edge; dur=1, origin; dur=408
content-length: 18334
server: Akamai Image Manager
expires: Sat, 30 Jul 2022 22:20:53 GMT

GET
H2 200 OW64HNAYZVF6FAB565UH7RZREY.jpg
gray-kolo-prod.cdn.arcpublishing.com/resizer/WFLfMm3KKDe9Hn36J6Uux22wJVw=/800x450/smart/filters:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/gray/ 47 KB
47 KB 95ms
93ms Image
image/jpeg 2a02:26f0:6c00::210:bb11
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gray-kolo-prod.cdn.arcpublishing.com/resizer/WFLfMm3KKDe9Hn36J6Uux22wJVw=/800x450/smart/filters:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/gray/OW64HNAYZVF6FAB565UH7RZREY.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

8a9426e0df38c451e484670521dd394920bfb707c25e70c4af7fdcbb6ed1f218

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 01:46:47 GMT
last-modified: Fri, 30 Jul 2021 03:48:57 GMT
server: Akamai Image Manager
etag: "1fd34231507359c2e2d29b4ed311ef5835b071ec"
content-type: image/jpeg
cache-control: private, no-transform, max-age=31370545
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=HIT, edge; dur=74
content-length: 48206
expires: Sat, 30 Jul 2022 03:49:12 GMT

GET
H2 200 722FKQO2ABD4BMLWIZY6BUPTIM.jpg
gray-kolo-prod.cdn.arcpublishing.com/resizer/Q6Qjk6f4P1WlLbD071_lGKwNiJ8=/800x450/smart/filters:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/gray/ 43 KB
43 KB 62ms
60ms Image
image/jpeg 2a02:26f0:6c00::210:bb11
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gray-kolo-prod.cdn.arcpublishing.com/resizer/Q6Qjk6f4P1WlLbD071_lGKwNiJ8=/800x450/smart/filters:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/gray/722FKQO2ABD4BMLWIZY6BUPTIM.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

4421847b8ec4eb23f1eb9c56e5f3b30faa7894432144eed5107d3ab20a6eb375

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 01:46:47 GMT
last-modified: Sat, 31 Jul 2021 02:59:59 GMT
server: Akamai Image Manager
etag: "d0aac9a9e86bbad23a42641924e63ac65c053f8d"
content-type: image/jpeg
cache-control: private, no-transform, max-age=31454050
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=HIT, edge; dur=35
content-length: 43795
expires: Sun, 31 Jul 2022 03:00:57 GMT

GET
H2 200 6V6UKSDESNC7VPMLWP3FLCQD2A.jpg
gray-kolo-prod.cdn.arcpublishing.com/resizer/vkZO35dSY4pOzoIC6vSF8e7CztU=/800x450/smart/filters:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/gray/ 70 KB
70 KB 49ms
47ms Image
image/jpeg 2a02:26f0:6c00::210:bb11
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gray-kolo-prod.cdn.arcpublishing.com/resizer/vkZO35dSY4pOzoIC6vSF8e7CztU=/800x450/smart/filters:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/gray/6V6UKSDESNC7VPMLWP3FLCQD2A.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

956222f0963e82c570c88ce9314d73686af701b83d4e0ddc7534f9cc2d004e49

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 01:46:47 GMT
last-modified: Fri, 30 Jul 2021 06:32:01 GMT
server: Akamai Image Manager
etag: "923b81d2c37ee2731eacf40df5154c32a8220800"
content-type: image/jpeg
cache-control: private, no-transform, max-age=31380237
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=HIT, edge; dur=10
content-length: 71197
expires: Sat, 30 Jul 2022 06:30:44 GMT

GET
H2 200 V2DCUCQB5VC55FULCZASEL7RIM.jpg
gray-kolo-prod.cdn.arcpublishing.com/resizer/s8V8e8MF1cAYtoTuhQjFBVGlazU=/800x450/smart/filters:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/gray/ 76 KB
77 KB 157ms
155ms Image
image/jpeg 2a02:26f0:6c00::210:bb11
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gray-kolo-prod.cdn.arcpublishing.com/resizer/s8V8e8MF1cAYtoTuhQjFBVGlazU=/800x450/smart/filters:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/gray/V2DCUCQB5VC55FULCZASEL7RIM.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

3824b32a56951681500ae1f81a755f4dff630ee3117fab288af32fe83b3dece0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 01:46:47 GMT
x-check-cacheable: YES
x-serial: 1745
etag: "2483f33eb7cd357ef5b76613f3d158c10a71d689"
content-type: image/jpeg
cache-control: private, no-transform, max-age=31529384
last-modified: Sat, 31 Jul 2021 23:57:21 GMT
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=MISS, edge; dur=1, origin; dur=144
content-length: 77948
server: Akamai Image Manager
expires: Sun, 31 Jul 2022 23:56:31 GMT

GET
H2 200 43MRLZVMZJFWJCQYC4PLIRBR4Y.jpg
gray-kolo-prod.cdn.arcpublishing.com/resizer/bsTvT0wgsFlHH49YLMmGvqfhSnE=/800x450/smart/filters:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/gray/ 36 KB
36 KB 204ms
202ms Image
image/jpeg 2a02:26f0:6c00::210:bb11
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gray-kolo-prod.cdn.arcpublishing.com/resizer/bsTvT0wgsFlHH49YLMmGvqfhSnE=/800x450/smart/filters:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/gray/43MRLZVMZJFWJCQYC4PLIRBR4Y.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

1c24874277416ebbff07fe854cf053e98762f91b2603439b4e26b93fefe2abd3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 01:46:48 GMT
last-modified: Tue, 29 Jun 2021 00:49:44 GMT
server: Akamai Image Manager
etag: "0a14e9f3a221fdf706dbc2a45e65b4d95db962be"
content-type: image/jpeg
cache-control: private, no-transform, max-age=28681343
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=HIT, edge; dur=143
content-length: 36495
expires: Wed, 29 Jun 2022 00:49:11 GMT

GET
H2 200 N25BVTHVXBCP7CAVAOA43K2J3I.jpg
gray-kolo-prod.cdn.arcpublishing.com/resizer/u4562txBYl3gpctApH3Llyur9-M=/800x450/smart/filters:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/gray/ 44 KB
44 KB 124ms
122ms Image
image/jpeg 2a02:26f0:6c00::210:bb11
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gray-kolo-prod.cdn.arcpublishing.com/resizer/u4562txBYl3gpctApH3Llyur9-M=/800x450/smart/filters:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/gray/N25BVTHVXBCP7CAVAOA43K2J3I.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

528409a194fa83ec0b1ec00f76d54b986238ed2fbd072b11e28223070ea795b0

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 01:46:47 GMT
last-modified: Sat, 31 Jul 2021 21:11:46 GMT
server: Akamai Image Manager
etag: "64f5de22097c76c8df6776d2dfce4ffefee3c2a4"
content-type: image/jpeg
cache-control: private, no-transform, max-age=31519440
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=HIT, edge; dur=52
content-length: 44986
expires: Sun, 31 Jul 2022 21:10:47 GMT

GET
H2 200 7WJWNRE4IVCYNASMPE3TWV377A.jpg
gray-kolo-prod.cdn.arcpublishing.com/resizer/kjN382CokHuecC7J8kjLNLU_PSk=/800x450/smart/filters:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/gray/ 32 KB
32 KB 84ms
82ms Image
image/jpeg 2a02:26f0:6c00::210:bb11
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gray-kolo-prod.cdn.arcpublishing.com/resizer/kjN382CokHuecC7J8kjLNLU_PSk=/800x450/smart/filters:quality(70)/cloudfront-us-east-1.images.arcpublishing.com/gray/7WJWNRE4IVCYNASMPE3TWV377A.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

de8557a6f98165fcfded870d1e4d1c2dce814993aa4fda052afb9b9cddc5aed5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 01:46:47 GMT
x-check-cacheable: YES
x-serial: 1386
etag: "6f52442610cdda1a69e4e324770c74cdfe115aea"
content-type: image/jpeg
cache-control: private, no-transform, max-age=31517391
last-modified: Sat, 31 Jul 2021 20:35:50 GMT
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=HIT, edge; dur=3
content-length: 32551
server: Akamai Image Manager
expires: Sun, 31 Jul 2022 20:36:38 GMT

GET
H2 200 t_6917b1ba293d4501ba2882191d4d418b_name_file_1280x720_2000_v3_1_.jpg
gray-kolo-prod.cdn.arcpublishing.com/resizer/rtcCDtkcMakJ5qnBrYHPezYiJVk=/800x450/smart/filters:quality(70)/do0bihdskp9dy.cloudfront.net/07-31-2021/ 49 KB
49 KB 258ms
257ms Image
image/jpeg 2a02:26f0:6c00::210:bb11
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gray-kolo-prod.cdn.arcpublishing.com/resizer/rtcCDtkcMakJ5qnBrYHPezYiJVk=/800x450/smart/filters:quality(70)/do0bihdskp9dy.cloudfront.net/07-31-2021/t_6917b1ba293d4501ba2882191d4d418b_name_file_1280x720_2000_v3_1_.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

3c887f0515601c3f1efe961e70129a49873522e94a9051e345d21a50d01ca789

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 01:46:48 GMT
last-modified: Sat, 31 Jul 2021 21:36:15 GMT
server: Akamai Image Manager
etag: "7e16a86013bb92bda054e8436183b063f4c4ec4b"
content-type: image/jpeg
cache-control: private, no-transform, max-age=31521010
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=HIT, edge; dur=167
content-length: 49869
expires: Sun, 31 Jul 2022 21:36:58 GMT

GET
H2 200 v2ifvwqPXE9BFrH8cuq6EjcK57ICvp7Rg1NTbeoWDvSiagk8PzI4p2yLt Show response
reconditerespect.com/ 103 KB
30 KB 1513ms
234ms Script
text/javascript 35.201.98.64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://reconditerespect.com/v2ifvwqPXE9BFrH8cuq6EjcK57ICvp7Rg1NTbeoWDvSiagk8PzI4p2yLt

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.98.64 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

64.98.201.35.bc.googleusercontent.com

Software

Resource Hash

1020d4ced502ebdf4a119dc151225157786d44d4a651686ad2bbdeb95d892a86

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: br
x-datacenter: gce-europe-west1
etag: "d0ca7cab496e8fd22a54feddb246c8a509d8a5dac643d620565aea82ac895ab6"
vary: Accept-Encoding, Accept-Language
x-hostname: 0586a9fb
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
date: Sun, 01 Aug 2021 01:46:49 GMT
timing-allow-origin: *

GET
H2 200 v2mja6-J53OCay_8K8iMS2Q7wSZgF28qhyXVzJIAyWanoqXMG2u01MtjGo7uJ_XGzwQYL-zXgDg Show response
reconditerespect.com/ 16 KB
6 KB 1511ms
232ms Script
text/javascript 35.201.98.64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://reconditerespect.com/v2mja6-J53OCay_8K8iMS2Q7wSZgF28qhyXVzJIAyWanoqXMG2u01MtjGo7uJ_XGzwQYL-zXgDg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.98.64 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

64.98.201.35.bc.googleusercontent.com

Software

Resource Hash

5ab1b0acbaa31e89bdb4e7610fae25ad219a8354559a53662d4cd7b2cf9fd7e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; preload
content-encoding: gzip
x-datacenter: gce-europe-west1
etag: "2f72259f0e9d0cbed6c774517cb94df09d0f5c52751989c5398bc74f45a4e9d2"
vary: Accept-Encoding, Accept-Language
x-hostname: 0586a9fb
content-type: text/javascript; charset=utf-8
cache-control: private, must-revalidate, max-age=21600
date: Sun, 01 Aug 2021 01:46:49 GMT
timing-allow-origin: *

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 131 KB
40 KB 29ms
28ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M5QQ3JP&l=RCdataLayer

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fbc00fbdbc571b840ecea374e1e4156f1ef0b53bd6bc5916fd94809a1f7ce318

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 01:46:47 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40599
x-xss-protection: 0
last-modified: Sun, 01 Aug 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 01 Aug 2021 01:46:47 GMT

GET
H2

200

connatix.playspace.dc.js Show response
cds.connatix.com/p/125229/ Frame D2F4
Redirect Chain

https://cd.connatix.com/connatix.playspace.js
https://cds.connatix.com/p/125229/connatix.playspace.dc.js

1 MB
232 KB

40ms
39ms

Script
application/javascript

151.101.14.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/125229/connatix.playspace.dc.js
Requested by: Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/?fbclid=IwAR1_wADxU4i9aghqmr-rUVcEHcOjDvYFGJK3qUze_pKeOWXCG8ugoV3p8w8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: bff17a5baab7ede5f5753a39e36045ddaad9ad4a9072f4cf59c927c3c8b161e6

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 01:46:48 GMT
content-encoding: br
last-modified: Sat, 31 Jul 2021 21:34:25 GMT
age: 15022
etag: "0f7a999beafe5d894cf2029d5bab39e3"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate= 31557600, immutable,max-age=31557600
accept-ranges: bytes
content-length: 236737

Redirect headers

location: https://cds.connatix.com/p/125229/connatix.playspace.dc.js
date: Sun, 01 Aug 2021 01:46:47 GMT
cache-control: no-cache, no-store, must-revalidate, max-age=0
age: 0
accept-ranges: bytes
content-length: 0
retry-after: 0

GET
H2 200 2E2M7-67B4A-DL5Z6-QJNZK-YUVYQ Show response
s.go-mpulse.net/boomerang/ Frame 6C65 202 KB
51 KB 40ms
25ms Script
application/javascript 2a02:26f0:6c00:2b9::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.go-mpulse.net/boomerang/2E2M7-67B4A-DL5Z6-QJNZK-YUVYQ
Requested by: Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/?fbclid=IwAR1_wADxU4i9aghqmr-rUVcEHcOjDvYFGJK3qUze_pKeOWXCG8ugoV3p8w8
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:2b9::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 95a439c4e11ace2484e8d42c30ff56cf7db5ea7c6463df9ce2fdafa7f6ccbf54

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 01:46:47 GMT
content-encoding: br
last-modified: Sat, 24 Jul 2021 00:07:18 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
timing-allow-origin: *
content-length: 51580

GET
H2 200 kolo.jpg
www.kolotv.com/pf/resources/images/mastheads/backgrounds/ 20 KB
20 KB 21ms
21ms Image
image/webp 2a02:26f0:6c00::210:ba91
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.kolotv.com/pf/resources/images/mastheads/backgrounds/kolo.jpg?d=183

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba91 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Akamai Image Manager /

Resource Hash

00758f40607bc5d56f029f03409eb1bc7e85faa067ad418ac1ad409aee6c50a5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

:path: /pf/resources/images/mastheads/backgrounds/kolo.jpg?d=183
pragma: no-cache
cookie: AKA_A2=A
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.kolotv.com
referer: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/?fbclid=IwAR1_wADxU4i9aghqmr-rUVcEHcOjDvYFGJK3qUze_pKeOWXCG8ugoV3p8w8
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/?fbclid=IwAR1_wADxU4i9aghqmr-rUVcEHcOjDvYFGJK3qUze_pKeOWXCG8ugoV3p8w8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 01:46:47 GMT
x-check-cacheable: YES
server: Akamai Image Manager
etag: W/"c49a88acc53a1e6483da0f851a035881"
x-serial: 1806
content-type: image/webp
access-control-allow-origin: *
cache-control: private, no-transform, max-age=31431918
last-modified: Fri, 30 Jul 2021 20:52:49 GMT
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=MISS edge; dur=1 origin; dur=433
content-length: 20274
expires: Sat, 30 Jul 2022 20:52:05 GMT

GET
H2 200 kolo.svg
www.kolotv.com/pf/resources/images/mastheads/logos/ 66 KB
20 KB 17ms
17ms Image
image/svg+xml 2a02:26f0:6c00::210:ba91
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.kolotv.com/pf/resources/images/mastheads/logos/kolo.svg?d=183

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba91 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

c87156f914b7b19017ebaf0679a2522f94207e6af259843a8e9bb15a514ef8ce

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

:path: /pf/resources/images/mastheads/logos/kolo.svg?d=183
pragma: no-cache
cookie: AKA_A2=A
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.kolotv.com
referer: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/?fbclid=IwAR1_wADxU4i9aghqmr-rUVcEHcOjDvYFGJK3qUze_pKeOWXCG8ugoV3p8w8
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/?fbclid=IwAR1_wADxU4i9aghqmr-rUVcEHcOjDvYFGJK3qUze_pKeOWXCG8ugoV3p8w8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 01:46:47 GMT
content-encoding: gzip
last-modified: Fri, 30 Jul 2021 20:42:58 GMT
server: openresty
x-amz-request-id: 37YRTNC55X40PCRJ
etag: W/"fba5d686d6cfd8564359b745c07ceb6e"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=HIT edge; dur=1
content-length: 19625
x-amz-id-2: noFAG66juQ/VqpHKIkeQi6uyIzr7sE4FvfxidE+4lETLtndjivSG5wje8bXudeDillbzOj6QPNE=
expires: Mon, 01 Aug 2022 01:46:47 GMT

GET
H3-29 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.10.2/webfonts/ 74 KB
74 KB 21ms
12ms Font
application/octet-stream 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.10.2/webfonts/fa-solid-900.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.10.2/css/all.min.css?d=183

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0e5cc0e72c3b89f5345e3e04ae5db4fbcb91daff763a05f6fbc1d0783f90918d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.kolotv.com
Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.10.2/css/all.min.css?d=183
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 01:46:47 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 273169
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 75408
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:08 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e60-12690"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bDYj3t%2BVYosxchNVv%2B69eDiFPxy0uQI5g7riJH179mx5o%2B4Ua8GclXdCs8mW2H4%2Fpmo9sDxN53QjmfZ7PZGgMUsQxqwxggC38pXzKp8p3TXU%2F5W%2FdANR015y2fsdn4rEbB3vObPmZ0bn%2B0pkCoNEWFUZ"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 677b6510dd082b1e-FRA
expires: Fri, 22 Jul 2022 01:46:47 GMT

GET
H2 200 grayLogoHorizontal.svg
gray-kolo-prod.cdn.arcpublishing.com/pf/resources/dist/images/ 14 KB
5 KB 16ms
15ms Image
image/svg+xml 2a02:26f0:6c00::210:bb11
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://gray-kolo-prod.cdn.arcpublishing.com/pf/resources/dist/images/grayLogoHorizontal.svg?d=183

Requested by

Host: gray-kolo-prod.cdn.arcpublishing.com
URL: https://gray-kolo-prod.cdn.arcpublishing.com/pf/resources/dist/kolo/css/main.css?d=183

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:bb11 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

openresty /

Resource Hash

cc8b84ad84585cf2ee61f8f2f7ce48b578872bd753e6c0495f79a16ac27bb0b8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Referer: https://gray-kolo-prod.cdn.arcpublishing.com/pf/resources/dist/kolo/css/main.css?d=183
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 01:46:47 GMT
content-encoding: gzip
last-modified: Fri, 30 Jul 2021 20:42:58 GMT
server: openresty
x-amz-request-id: 37YV100KTMR0NVZQ
etag: W/"4228f26a863969873e28bcee1a6a4ded"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
content-security-policy: upgrade-insecure-requests
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 5010
x-amz-id-2: mujQFkQzfnigX+qmxXnhxnqQZTSfxbGhfAwISK1y4XLcmT8SPL2cApe86d66lrs60jl3l1yqm1U=
expires: Mon, 01 Aug 2022 01:46:47 GMT

GET
H3-29 200 fa-regular-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.10.2/webfonts/ 13 KB
14 KB 17ms
16ms Font
application/octet-stream 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.10.2/webfonts/fa-regular-400.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.10.2/css/all.min.css?d=183

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9b401a5d10a1817be22708d87eebd91c68691c4845ea85d7131e0989cff57ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.kolotv.com
Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.10.2/css/all.min.css?d=183
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 01:46:47 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3818185
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 13584
cf-request-id: 0abd689bfa0000644f2c389000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:08 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e60-3510"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iTN%2BR1XjVT98dWaflEYHHuAreGfRKaptD%2BE0gUTkY2IKiqx5mOSNh%2FDMM382mHq3Ix%2B8D5IZBICPEK80D4y5sN9s9Xj8z%2B9KLsftQmjcHROTnTRTsYZjQpStg0v3cFOd76PoaoMAAnko7UGkDZEmzRaP"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 677b65115d742b1e-FRA
expires: Fri, 22 Jul 2022 01:46:47 GMT

GET
H2 200 gray.js Show response
d3agakyjgjv5i8.cloudfront.net/prod/org/ 72 KB
21 KB 21ms
21ms Script
application/javascript 2600:9000:2190:fc00:b:5584:2800:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3agakyjgjv5i8.cloudfront.net/prod/org/gray.js?org=gray
Requested by: Host: d3agakyjgjv5i8.cloudfront.net
URL: https://d3agakyjgjv5i8.cloudfront.net/prod/powaBoot.js?org=gray
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:fc00:b:5584:2800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0c447973530d4fadf98caaabf0919752f0ccb658f486fd29a473e060b74edd1a

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 01:46:47 GMT
content-encoding: gzip
last-modified: Wed, 28 Jul 2021 21:02:01 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: W/"d1300acbc062fad68262d677636104fc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 cd66c5a89ae3376f15c155e3b52a758d.cloudfront.net (CloudFront)
cache-control: max-age=300
x-amz-cf-id: dfm6Kx4nZaGEajE2DGQeAZzjRK109_hH4WbcJXeRcJRVQEDODtPYjQ==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 70 KB
25 KB 3669ms
32ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.kolotv.com
URL: https://www.kolotv.com/pf/dist/components/combinations/default.js?d=183

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

fdb0368cac8214ffc79b22e95e33e398a023a67c689030431b60d91f02815e0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 01:46:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "945 / 227 of 1000 / last-modified: 1627683143"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24684
x-xss-protection: 0
expires: Sun, 01 Aug 2021 01:46:51 GMT

GET
H2 200 put.html Show response
widgets.outbrain.com/nanoWidget/externals/cookie/ Frame 07DB 416 B
798 B 50ms
50ms Document
text/html 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 4f3b933077b738b503f7543ffc82fa0a061f0fe7d0ff1470865fde561a324bcc

Request headers

:method: GET
:authority: widgets.outbrain.com
:scheme: https
:path: /nanoWidget/externals/cookie/put.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.kolotv.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.kolotv.com/

Response headers

accept-ranges: bytes
content-type: text/html
etag: "c0311cf15c21ddda054005e92fad3f9e:1627564002.61632"
last-modified: Thu, 29 Jul 2021 11:53:58 GMT
server: AkamaiNetStorage
content-length: 416
cache-control: max-age=345600
date: Sun, 01 Aug 2021 01:46:48 GMT
timing-allow-origin: * *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
set-cookie: akacd_widgets_routing=1627782408~rv=77~id=03df5f0fc9dd559395ff3a9e29a1fc8b; path=/; Expires=Sun, 01 Aug 2021 01:46:48 GMT; Secure; SameSite=None

GET
H/1.1 200
OK d3d3LmtvbG90di5jb20= Show response
tcheck.outbrainimg.com/tcheck/check/ 16 B
464 B 87ms
30ms XHR
application/json 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tcheck.outbrainimg.com/tcheck/check/d3d3LmtvbG90di5jb20=
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 01 Aug 2021 01:46:48 GMT
ETag: W/"10-us8lSJutAxKqLzf8c1+n5XstcwY"
Access-Control-Max-Age: 43200
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=10297
Access-Control-Allow-Credentials: false
Connection: keep-alive
X-TraceId: 675ef8865c8707127c5b57b0deab6587
Content-Length: 16
Expires: Sun, 01 Aug 2021 04:38:25 GMT

GET
H2 200 px.gif
widget-pixels.outbrain.com/widget/detect/ 43 B
451 B 44ms
42ms Image
image/gif 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1&rn=10.50228861009422
Requested by: Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/?fbclid=IwAR1_wADxU4i9aghqmr-rUVcEHcOjDvYFGJK3qUze_pKeOWXCG8ugoV3p8w8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 01:46:48 GMT
last-modified: Wed, 30 Sep 2020 14:22:29 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 43
expires: Tue, 31 Aug 2021 01:46:48 GMT

GET
H3-29 200 gtm.js Show response
www.googletagmanager.com/ 108 KB
38 KB 35ms
22ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K98NJ4V&l=RCdataLayer

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M5QQ3JP&l=RCdataLayer

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

71a0cdbc52030fca8c48452d84ecc917bf6c2d86d1948aaa78f5883964e5d65f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 01:46:48 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39234
x-xss-protection: 0
last-modified: Sun, 01 Aug 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 01 Aug 2021 01:46:48 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
2 KB 123ms
49ms Script
application/javascript 13.224.96.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/?fbclid=IwAR1_wADxU4i9aghqmr-rUVcEHcOjDvYFGJK3qUze_pKeOWXCG8ugoV3p8w8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-92.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 01:34:10 GMT
via: 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
etag: "1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 759
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 1469
x-amz-cf-id: zGhcVjsZeGuXvx2QDV4M426ImClJK0nPrB0KSicO1bzolTWSQZ8JIw==

GET
H2 200 powaDrive.js Show response
d3agakyjgjv5i8.cloudfront.net/prod/ 270 KB
70 KB 50ms
49ms Script
application/javascript 2600:9000:2190:fc00:b:5584:2800:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3agakyjgjv5i8.cloudfront.net/prod/powaDrive.js?org=gray
Requested by: Host: d3agakyjgjv5i8.cloudfront.net
URL: https://d3agakyjgjv5i8.cloudfront.net/prod/powaBoot.js?org=gray
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:fc00:b:5584:2800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4f7a77f6f467ede2e489e81a7c866a3434c7a2433849018ce7bd2a8cfd073a2e

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 01:46:48 GMT
content-encoding: gzip
last-modified: Wed, 28 Jul 2021 21:01:59 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: W/"25d18de6e4a647f8fb38b4c0d44d1671"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 cd66c5a89ae3376f15c155e3b52a758d.cloudfront.net (CloudFront)
cache-control: max-age=300
x-amz-cf-id: k1fqkHL1i0Uo3zRLrwQGGILIKJx92sODXLOdeY5Cvierum8vPVexdw==

GET
H2 200 test.html Show response
widgets.outbrain.com/nanoWidget/externals/cookie/ Frame 07DB 610 B
992 B 28ms
28ms Document
text/html 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/cookie/test.html
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6139e1fc0d3709eebbe2b18510cf24361b9f8a538c3529a73c282bafe6c78474

Request headers

:method: GET
:authority: widgets.outbrain.com
:scheme: https
:path: /nanoWidget/externals/cookie/test.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: thirdparty=yes
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html

Response headers

accept-ranges: bytes
content-type: text/html
etag: "48053d50141031b1511dbd30f9a31288:1627564003.559893"
last-modified: Thu, 29 Jul 2021 11:53:58 GMT
server: AkamaiNetStorage
content-length: 610
cache-control: max-age=345600
date: Sun, 01 Aug 2021 01:46:48 GMT
timing-allow-origin: * *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
set-cookie: akacd_widgets_routing=1627782408~rv=7~id=8c453a96553b77f3498b976dc317497b; path=/; Expires=Sun, 01 Aug 2021 01:46:48 GMT; Secure; SameSite=None

GET
H/1.1 200
OK config.json Show response
c.go-mpulse.net/api/ Frame 6C65 764 B
1 KB 49ms
35ms XHR
application/json 2a02:26f0:6c00:1bb::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=2E2M7-67B4A-DL5Z6-QJNZK-YUVYQ&d=www.kolotv.com&t=5425941&v=1.632.0&if=&sl=0&si=1uy9q9hp3jo-qx50y0&plugins=AK,ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,Angular,Backbone,Ember,History,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,LOGN&acao=&ak.ai=584709
Requested by: Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/2E2M7-67B4A-DL5Z6-QJNZK-YUVYQ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:1bb::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 107c64079e2c420ea5e5d5beb00ecf61f478c3c760c6b45bcc926491721accf3

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sun, 01 Aug 2021 01:46:48 GMT
Cache-Control: private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 764
Content-Type: application/json

GET
H/1.1 200
OK dwce_cheq_events Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 871ms
93ms XHR
application/json 64.202.112.95
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1627782408198&sessionId=da031eb6-0518-6a8a-4a9e-66bc9c0b9f36&url=www.kolotv.com&cheqSource=1&cheqEvent=0&exitReason=2
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.95 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 01 Aug 2021 01:46:49 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: f7912b4cf2494a07d6fb18b42206f2f0
Content-Length: 4
Expires: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 5ms
5ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K98NJ4V&l=RCdataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 13 Jul 2021 18:24:06 GMT
server: Golfe2
age: 614
date: Sun, 01 Aug 2021 01:36:34 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19672
expires: Sun, 01 Aug 2021 03:36:34 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 13ms
13ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j92&a=1719115966&t=pageview&_s=1&dl=https%3A%2F%2Fwww.kolotv.com%2F2020%2F07%2F11%2Fincrease-in-identity-theft-tied-to-fraudulent-unemployment-claims%2F%3Ffbclid%3DIwAR1_wADxU4i9aghqmr-rUVcEHcOjDvYFGJK3qUze_pKeOWXCG8ugoV3p8w8&ul=en-us&de=UTF-8&dt=Increase%20in%20identity%20theft%20tied%20to%20fraudulent%20unemployment%20claims&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1905077029&gjid=2088287190&cid=926350045.1627782408&tid=UA-3637494-7&_gid=248249013.1627782408&_r=1&gtm=2wg7s0K98NJ4V&cg1=%2Fnews&cg2=story&cg3=kolo&cg4=VTGDV3GYGVDUNNVGUPMMTO4HDE&cd1=07%2F10%2F2020&cd2=10&cd3=07&cd4=2020&cd5=story&cd6=1&cd7=News&cd8=kolo&cd9=kolo&cd10=VTGDV3GYGVDUNNVGUPMMTO4HDE&cd11=%2Fnews&cd12=PageBuilder%20Fusion%20-%20Arc%20Publishing&cd13=Staff&cd14=In%20the%20last%20three%20weeks%20there%20are%2037%20cases%20where%20people%27s%20Social%20Security%20numbers%20were%20used%20to%20file%20for%20unemployment%20benefits%20through%20DETR.&cd16=Sun%20Aug%2001%202021%2003%3A46%3A47%20GMT%2B0200%20(Central%20European%20Summer%20Time)&cd17=%2B02%3A00&cd18=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&cd19=Increase%20in%20identity%20theft%20tied%20to%20fraudulent%20unemployment%20claims&cd35=gray&cd36=staff&cd40=default&z=1871493818

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 01 Aug 2021 01:46:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.kolotv.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 findByUuid Show response
gray-prod-cdn.video-api.arcpublishing.com/api/v1/ansvideos/ 8 KB
8 KB 871ms
573ms Script
application/javascript 13.225.87.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gray-prod-cdn.video-api.arcpublishing.com/api/v1/ansvideos/findByUuid?uuid=6d050016-d89a-4df0-8121-1490634743bb&cb=powaCallback6d050016d89a4df081211490634743bb
Requested by: Host: d3agakyjgjv5i8.cloudfront.net
URL: https://d3agakyjgjv5i8.cloudfront.net/prod/org/gray.js?org=gray
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.87.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-87-112.fra2.r.cloudfront.net
Software: nginx /
Resource Hash: 226498f13c068bc17f822cbceeb9a8eab0a8b6b851265cb15049d2c911ea967e

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 01:46:48 GMT
via: 1.1 57d93b321db68494cc6755a0d3fb29cd.cloudfront.net (CloudFront)
last-modified: Sun, 12 Jul 2020 17:19:26 GMT
server: nginx
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
content-type: application/javascript;charset=UTF-8
access-control-allow-origin: *
x-org-rate-limit: 1200
content-length: 8303
x-org-rate-limit-interval: 5 minutes
x-org-rate-limit-remaining: 1199
x-amz-cf-id: StU9Vo_jDQ07oWPtQcl6DsC2TJrGSPBmGVfXHHdVuMZqFmzecAJBYA==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
460 B 42ms
15ms XHR
text/plain 2a00:1450:400c:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-3637494-7&cid=926350045.1627782408&jid=1905077029&gjid=2088287190&_gid=248249013.1627782408&_u=YEBAAEAAAAAAAC~&z=7324443

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 01 Aug 2021 01:46:48 GMT
content-type: text/plain
access-control-allow-origin: https://www.kolotv.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=10477191&cs_ucfr=1&ns__t=1627782408281&ns_c=UTF-8&cv=3.5&c8=Increase%20in%20identity%20theft%20tied%20to%20fraudulent%20unemployment%20claims&c7=https%3A%...
https://sb.scorecardresearch.com/b2?c1=2&c2=10477191&cs_ucfr=1&ns__t=1627782408281&ns_c=UTF-8&cv=3.5&c8=Increase%20in%20identity%20theft%20tied%20to%20fraudulent%20unemployment%20claims&c7=https%3A...

64 B
329 B

271ms
270ms

Image
image/gif

13.224.96.92
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=10477191&cs_ucfr=1&ns__t=1627782408281&ns_c=UTF-8&cv=3.5&c8=Increase%20in%20identity%20theft%20tied%20to%20fraudulent%20unemployment%20claims&c7=https%3A%2F%2Fwww.kolotv.com%2F2020%2F07%2F11%2Fincrease-in-identity-theft-tied-to-fraudulent-unemployment-claims%2F%3Ffbclid%3DIwAR1_wADxU4i9aghqmr-rUVcEHcOjDvYFGJK3qUze_pKeOWXCG8ugoV3p8w8&c9=
Requested by: Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/?fbclid=IwAR1_wADxU4i9aghqmr-rUVcEHcOjDvYFGJK3qUze_pKeOWXCG8ugoV3p8w8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-92.zrh50.r.cloudfront.net
Software: /
Resource Hash: 831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 01:46:49 GMT
via: 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
etag: W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache: Miss from cloudfront
content-type: image/gif; charset=utf-8
content-length: 64
x-amz-cf-id: 4Yl9-z7jI7a1TTpzlNYG4A7UlweJsV0JgXglqaLFeIPuo1Zq2KgpsA==

Redirect headers

date: Sun, 01 Aug 2021 01:46:48 GMT
via: 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
vary: Accept
x-cache: Miss from cloudfront
content-type: text/plain; charset=utf-8
location: https://sb.scorecardresearch.com/b2?c1=2&c2=10477191&cs_ucfr=1&ns__t=1627782408281&ns_c=UTF-8&cv=3.5&c8=Increase%20in%20identity%20theft%20tied%20to%20fraudulent%20unemployment%20claims&c7=https%3A%2F%2Fwww.kolotv.com%2F2020%2F07%2F11%2Fincrease-in-identity-theft-tied-to-fraudulent-unemployment-claims%2F%3Ffbclid%3DIwAR1_wADxU4i9aghqmr-rUVcEHcOjDvYFGJK3qUze_pKeOWXCG8ugoV3p8w8&c9=
content-length: 404
x-amz-cf-id: RorMt58aYkiOzlfmugq621TGL93IC7BLO_miRyfc3GFRTDGd-v7zAQ==

GET
H2 200 connatix.playspace.css
cds.connatix.com/p/125229/ 95 KB
13 KB 254ms
254ms Stylesheet
text/css 151.101.14.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/125229/connatix.playspace.css
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 60748fdd53c96d1eca2671628730f0a745d86d8223bc86f1d77d9b691920d8f9

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 01:46:48 GMT
content-encoding: br
last-modified: Sat, 31 Jul 2021 21:34:25 GMT
age: 15022
etag: "2d5d1c3d89cc4965db765c1c8754e68e"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public,max-stale=31557600,stale-while-revalidate= 31557600, immutable,max-age=31557600
accept-ranges: bytes
content-length: 13297

POST
H/1.1 200
OK story Show response
capi.connatix.com/core/ Frame D2F4 123 B
422 B 720ms
127ms XHR
multipart/form-data 3.22.136.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/core/story?v=125229
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.22.136.188 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-22-136-188.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: 272313e898ae80acc3982cdd3eeb44bccaf10b718cdbcfff866333c091187437

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Sun, 01 Aug 2021 01:46:49 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://www.kolotv.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 146

GET
H2 200 get Show response
odb.outbrain.com/utils/ 46 KB
18 KB 1009ms
959ms Script
text/javascript 151.101.14.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.kolotv.com%2F2020%2F07%2F11%2Fincrease-in-identity-theft-tied-to-fraudulent-unemployment-claims%2F&idx=0&rand=69855&key=NANOWDGT01&widgetJSId=AR_4&va=true&et=true&format=html&pdobuid=-1&adblck=false&abwl=false&px=165&py=1488&vpd=288&cw=938&settings=true&recs=true&version=2000395&sig=EItAtrx5&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=1&wdr-natlaz=true
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 6f2e2de73e61591963b33aba348a25716104ddfb10f4481162d868bd5161937f

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 01:46:49 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: CHIDC2, MDW, FRA, Europe2
x-cache: MISS, MISS
p3p: policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
backend-ip: 157.52.75.67
x-cache-hits: 0, 0
x-traceid: 88f8a1af79e6f188455acd5ffd4bb887
content-encoding: gzip
content-length: 17757
x-served-by: cache-mdw17367-MDW, cache-fra19124-FRA
x-timer: S1627782409.445973,VS0,VE256
vary: Accept-Encoding, User-Agent
content-type: text/javascript; charset=UTF-8
accept-ranges: bytes
expires: Thu, 01 Jan 1970 00:00:00 GMT

OPTIONS
H2 204 flight-time
gray-config-prod.api.cdn.arcpublishing.com/content/v4/geo-restrictions/ Frame 0
0 948ms
403ms Preflight 2.16.186.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://gray-config-prod.api.cdn.arcpublishing.com/content/v4/geo-restrictions/flight-time?_id=6d050016-d89a-4df0-8121-1490634743bb

Protocol

Server

2.16.186.170 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-170.deploy.static.akamaitechnologies.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; preload

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-requested-with
Origin: https://www.kolotv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-length: 0
access-control-allow-origin: *
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-headers: x-requested-with
cache-control: max-age=30
expires: Sun, 01 Aug 2021 01:47:20 GMT
date: Sun, 01 Aug 2021 01:46:50 GMT
strict-transport-security: max-age=31536000 ; preload

GET
H2 200 flight-time Show response
gray-config-prod.api.cdn.arcpublishing.com/content/v4/geo-restrictions/ 123 B
497 B 136ms
136ms XHR
application/json 2.16.186.170
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://gray-config-prod.api.cdn.arcpublishing.com/content/v4/geo-restrictions/flight-time?_id=6d050016-d89a-4df0-8121-1490634743bb

Requested by

Host: d3agakyjgjv5i8.cloudfront.net
URL: https://d3agakyjgjv5i8.cloudfront.net/prod/org/gray.js?org=gray

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.16.186.170 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a2-16-186-170.deploy.static.akamaitechnologies.com

Software

/ Express

Resource Hash

71c3f1487f9c95430f3d5ada83a454cec5966f5c875f069e12abd4d7854ca741

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; preload

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
X-Requested-With: XMLHttpRequest

Response headers

arc-organization: gray
date: Sun, 01 Aug 2021 01:46:50 GMT
content-encoding: gzip
arc-service: api
x-powered-by: Express
arc-context: index
arc-deployment: gray
arc-environment: index
arc-route: /content
arc-servername: api.gray.arcpublishing.com
arc-org-name: gray
content-length: 104
etag: W/"7b-2MwHCsLPc4I+TzIFqQP4oV18EM4"
strict-transport-security: max-age=31536000 ; preload
content-type: application/json; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: max-age=30
arc-application: Content
arc-org-env: gray
expires: Sun, 01 Aug 2021 01:47:20 GMT

GET
H2 200 cloudfrontVideoTracker.png
d1d3jupgwm7m5r.cloudfront.net/prod/ 95 B
409 B 55ms
14ms Image
image/png 2600:9000:21f3:c000:1b:7b40:7bc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d1d3jupgwm7m5r.cloudfront.net/prod/cloudfrontVideoTracker.png?org=gray&event=powaRender&uuid=6d050016-d89a-4df0-8121-1490634743bb&timestamp=1627782409135
Requested by: Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/?fbclid=IwAR1_wADxU4i9aghqmr-rUVcEHcOjDvYFGJK3qUze_pKeOWXCG8ugoV3p8w8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:c000:1b:7b40:7bc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 18c327afa903633f86c3efcf12b77f098077eacaa8be101bb007846fd74f8b93

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 31 Jul 2021 03:32:07 GMT
via: 1.1 882f747f39885162595630c95dd0012d.cloudfront.net (CloudFront)
last-modified: Mon, 06 Aug 2018 14:48:43 GMT
server: AmazonS3
age: 80083
etag: "60cf42b4d05caf10cf8bb15c0817a7b4"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 95
x-amz-cf-id: qKKMNONCuVtWNRG1DXg813up3yRfW46Fy01ik1QWpSMuqDWek4mI7A==

GET
H2 200 hls.min.js Show response
gray.video-player.arcpublishing.com/vendor/hls.js/0.14.5/ 233 KB
71 KB 1404ms
76ms Script
application/javascript 13.224.96.100
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gray.video-player.arcpublishing.com/vendor/hls.js/0.14.5/hls.min.js?org=gray
Requested by: Host: d3agakyjgjv5i8.cloudfront.net
URL: https://d3agakyjgjv5i8.cloudfront.net/prod/powaDrive.js?org=gray
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-100.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d73268c706a2ca22a13a545d39aba12557112cdc90fc14db69c4b28d487e552e

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 01:46:50 GMT
content-encoding: gzip
last-modified: Fri, 24 Jul 2020 14:02:42 GMT
server: AmazonS3
x-amz-cf-pop: ZRH50-C1
etag: W/"8160976fb63964ec8b320b36b2f355fb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-storage-class: INTELLIGENT_TIERING
cache-control: max-age=31536000,immutable
x-amz-cf-id: AumDTOu4rWqYU9lXtI1bhg0b9HEEYilMXz_45M25N8Gx4SC_3rCu6Q==
via: 1.1 aa001e3127bb5bd7bbc48bc4fef44b79.cloudfront.net (CloudFront)

GET
H2 200 t_c96811d0afd0435f938a080ff4ee4907_name_file_1920x1080_5400_v4_.jpg
do0bihdskp9dy.cloudfront.net/07-12-2020/ 119 KB
120 KB 467ms
429ms Image
image/jpeg 2600:9000:21f3:e000:16:e423:f180:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://do0bihdskp9dy.cloudfront.net/07-12-2020/t_c96811d0afd0435f938a080ff4ee4907_name_file_1920x1080_5400_v4_.jpg
Requested by: Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/?fbclid=IwAR1_wADxU4i9aghqmr-rUVcEHcOjDvYFGJK3qUze_pKeOWXCG8ugoV3p8w8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:e000:16:e423:f180:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 37a31babfe828a9d98de47ba0d59947c5c4261755c5aa2684c3c4816f642ce0c

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 01:46:50 GMT
via: 1.1 c7015d60d4f8f2170aaaa75e69e40618.cloudfront.net (CloudFront)
last-modified: Sun, 12 Jul 2020 17:16:21 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
etag: "a0198c418849fa57c3f6a036b7de9281"
x-cache: RefreshHit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 122242
x-amz-cf-id: nwfcTYOLC8Yrbe26vPXJCy42SQdXO1E6eb5Z22GnISAxXdbaHwhbJQ==

GET
H2 200 skeleton.gif
static.adsafeprotected.com/ 43 B
480 B 51ms
13ms Image
image/gif 2600:9000:20eb:7000:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.gif
Requested by: Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/?fbclid=IwAR1_wADxU4i9aghqmr-rUVcEHcOjDvYFGJK3qUze_pKeOWXCG8ugoV3p8w8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:7000:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 04 Jun 2021 14:26:28 GMT
via: 1.1 f797fc0ae68a3abc35e081e46174c9f2.cloudfront.net (CloudFront)
age: 4965622
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 43
last-modified: Mon, 17 Aug 2020 23:55:15 GMT
server: AmazonS3
etag: "45cf913e5d9d3c9b2058033056d3dd23"
x-amz-version-id: iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
cache-control: max-age=315360000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: image/gif
x-amz-cf-id: ARxV7_VxX7uIJw6g8Pv-szLhfGWrAtUGAZBG1n90kwugiWc8efp4GA==

GET
H2 200 ob_smartFeedLogo.min.svg
widgets.outbrain.com/images/widgetIcons/ 7 KB
7 KB 99ms
99ms Image
image/svg+xml 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/ob_smartFeedLogo.min.svg
Requested by: Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/?fbclid=IwAR1_wADxU4i9aghqmr-rUVcEHcOjDvYFGJK3qUze_pKeOWXCG8ugoV3p8w8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 8050f05c230d74be333b63cef230e786094e9100f55fa19c6c0831e95870768d

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 01:46:49 GMT
last-modified: Thu, 24 Jun 2021 14:35:21 GMT
server: AkamaiNetStorage
etag: "f370d19306add072a726e7f4ade8dc57:1624546051.286567"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 7090
expires: Tue, 31 Aug 2021 01:46:49 GMT

GET
H2 200 achoice.svg
widgets.outbrain.com/images/widgetIcons/ 3 KB
3 KB 100ms
99ms Image
image/svg+xml 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by: Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/?fbclid=IwAR1_wADxU4i9aghqmr-rUVcEHcOjDvYFGJK3qUze_pKeOWXCG8ugoV3p8w8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 01:46:49 GMT
last-modified: Thu, 24 Jun 2021 14:35:21 GMT
server: AkamaiNetStorage
etag: "9d26fa4e7238ed94f1d0d92afb453b3e:1624546014.914244"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 2735
expires: Tue, 31 Aug 2021 01:46:49 GMT

GET
H/1.1 200
OK l Show response
mcdp-chidc2.outbrain.com/ 2 B
292 B 1202ms
555ms Fetch
text/plain 50.31.142.63
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-chidc2.outbrain.com/l?token=3b7b93f065ba9af2aa65a6925561329b_1436_1627782409633&tm=1646&eT=0&widgetWidth=938&widgetHeight=674&widgetX=165&widgetY=1508&tpcs=0&wRV=2000395&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&cheq=0&rtt=1043&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 50.31.142.63 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: chi.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Sun, 01 Aug 2021 01:46:50 GMT
content-encoding: gzip
X-TraceId: 7ec369151e6447141eb2ed950a5d7945
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H2 200 obUserSync.html Show response
widgets.outbrain.com/widgetOBUserSync/ Frame 1A52 16 KB
6 KB 59ms
58ms Document
text/html 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: f24f74f3a3b8e4a926d156cb5186b0b2c113682f62914aaf512ef136bccbd718

Request headers

:method: GET
:authority: widgets.outbrain.com
:scheme: https
:path: /widgetOBUserSync/obUserSync.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.kolotv.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.kolotv.com/

Response headers

accept-ranges: bytes
content-type: text/html
etag: "f2d02f64694723308116a0c9dd6e49f8:1626850971.311278"
last-modified: Wed, 21 Jul 2021 07:02:38 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=86400
expires: Mon, 02 Aug 2021 01:46:49 GMT
date: Sun, 01 Aug 2021 01:46:49 GMT
content-length: 5561
timing-allow-origin: * *
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
set-cookie: akacd_widgets_routing=1627782409~rv=21~id=34b179698d27f46885c8337083d50862; path=/; Expires=Sun, 01 Aug 2021 01:46:49 GMT; Secure; SameSite=None

GET
H2 200 streamFeed.js Show response
widgets.outbrain.com/nanoWidget/2000395/module/ 56 KB
18 KB 75ms
75ms Script
application/x-javascript 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/2000395/module/streamFeed.js?e=1
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 5aa16b69c64458398393a7b10d26bd6ed05b5775082b261a7d2ef8cd11800e26

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 01:46:49 GMT
content-encoding: gzip
last-modified: Thu, 29 Jul 2021 11:53:58 GMT
server: AkamaiNetStorage
etag: "39cbe12dacd688bf564d67c9c91108a2:1627563905.819572"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=345600
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 18417

GET
H2 200 get Show response
odb.outbrain.com/utils/ 41 KB
15 KB 455ms
454ms Script
text/javascript 151.101.14.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.kolotv.com%2F2020%2F07%2F11%2Fincrease-in-identity-theft-tied-to-fraudulent-unemployment-claims%2F&idx=1&rand=83619&key=NANOWDGT01&widgetJSId=AR_2&va=true&et=true&format=html&pdobuid=-1&t=M2I3YjkzZjA2NWJhOWFmMmFhNjVhNjkyNTU2MTMyOWI=&adblck=false&abwl=false&px=165&py=2197&vpd=997&cw=938&settings=true&recs=true&version=2000395&sig=EItAtrx5&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=1&wdr-natlaz=true
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 6e5b1e1b9b4274ca4dcd0892ab40dba4c94d7513e388b129412e1917942c4c96

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 01:46:50 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: CHIDC2, MDW, FRA, Europe2
x-cache: MISS, MISS
p3p: policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
backend-ip: 157.52.75.72
x-cache-hits: 0, 0
x-traceid: 470e69ab12daa2967c6fee6474929c96
content-encoding: gzip
content-length: 14714
x-served-by: cache-mdw17372-MDW, cache-fra19124-FRA
x-timer: S1627782410.941639,VS0,VE265
vary: Accept-Encoding, User-Agent
content-type: text/javascript; charset=UTF-8
accept-ranges: bytes
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 eyJpdSI6IjlkOWE1MDU3ZjMwN2EzN2U4N2U4Y2QzZjBiNmFhY2U1ZGY0YTBhZjVjZGQwYzhkZDdiZDM2ZDUyOWI0ZDgwODYiLCJ3IjozMDAsImgiOjMwMCwiZCI6Mi4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 36 KB
36 KB 269ms
210ms Image
image/webp 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjlkOWE1MDU3ZjMwN2EzN2U4N2U4Y2QzZjBiNmFhY2U1ZGY0YTBhZjVjZGQwYzhkZDdiZDM2ZDUyOWI0ZDgwODYiLCJ3IjozMDAsImgiOjMwMCwiZCI6Mi4wLCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/?fbclid=IwAR1_wADxU4i9aghqmr-rUVcEHcOjDvYFGJK3qUze_pKeOWXCG8ugoV3p8w8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: abb5cb643d499c00a815f7c7a9f1bdd72d112545dfd3c1e8bf3047069b907521

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 01:46:50 GMT
cache-control: max-age=2462400
last-modified: Mon, 12 Jul 2021 22:21:45 GMT
x-traceid: c0f0a90a72f10067f9be71a599517106
timing-allow-origin: *
content-length: 37035
content-type: image/webp

GET
H2 200 eyJpdSI6ImFjY2U1NmEwNDRkMmRjNjE5NmM3MzRiMTcyZTQxZGFmNDNmOWQ0ZGE1ZmRiNDJlMDFmMjMyNmU0ODQ3M2Q5NzciLCJ3IjozMDAsImgiOjMwMCwiZCI6Mi4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 54 KB
54 KB 396ms
337ms Image
image/webp 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImFjY2U1NmEwNDRkMmRjNjE5NmM3MzRiMTcyZTQxZGFmNDNmOWQ0ZGE1ZmRiNDJlMDFmMjMyNmU0ODQ3M2Q5NzciLCJ3IjozMDAsImgiOjMwMCwiZCI6Mi4wLCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/?fbclid=IwAR1_wADxU4i9aghqmr-rUVcEHcOjDvYFGJK3qUze_pKeOWXCG8ugoV3p8w8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7358848cf7362bfde5fd980cb9626b411809ff024bb1e6703de1f112aaf615b5

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 01:46:50 GMT
cache-control: max-age=2462400
last-modified: Thu, 22 Jul 2021 09:08:36 GMT
x-traceid: fc5b9aba0e7b034ccb3c334191ca7089
timing-allow-origin: *
content-length: 55378
content-type: image/webp

GET
H2 200 eyJpdSI6IjljYTMwMzg4ZGE0NDg1ZGFkOTMyOWEwYTY1MTkyYzY4ZDllMDdmMGM5M2I2ZTZhMDdmZTZlOGI3YzM1Mzc4MTUiLCJ3IjozMDAsImgiOjMwMCwiZCI6Mi4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 37 KB
38 KB 425ms
366ms Image
image/webp 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjljYTMwMzg4ZGE0NDg1ZGFkOTMyOWEwYTY1MTkyYzY4ZDllMDdmMGM5M2I2ZTZhMDdmZTZlOGI3YzM1Mzc4MTUiLCJ3IjozMDAsImgiOjMwMCwiZCI6Mi4wLCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/?fbclid=IwAR1_wADxU4i9aghqmr-rUVcEHcOjDvYFGJK3qUze_pKeOWXCG8ugoV3p8w8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 9e3e6f587b0661ef86c9494599687788366be90aad0b066dc689fc79825d018d

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 01:46:50 GMT
cache-control: max-age=2462400
last-modified: Tue, 13 Jul 2021 09:01:27 GMT
x-traceid: 797aaf9c99cef430a75bbcbbc60e50f
timing-allow-origin: *
content-length: 38368
content-type: image/webp

GET
H2 200 eyJpdSI6ImQyOWMwNmRmZTg5YzkxNTI1MWZmY2IwNDJiZjE4NjI4NDMzZTlmMjcwYjY0ZWU5M2YxMmUyMWE4MzNkZGYzMjUiLCJ3IjozMDAsImgiOjMwMCwiZCI6Mi4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 53 KB
54 KB 90ms
31ms Image
image/webp 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImQyOWMwNmRmZTg5YzkxNTI1MWZmY2IwNDJiZjE4NjI4NDMzZTlmMjcwYjY0ZWU5M2YxMmUyMWE4MzNkZGYzMjUiLCJ3IjozMDAsImgiOjMwMCwiZCI6Mi4wLCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/?fbclid=IwAR1_wADxU4i9aghqmr-rUVcEHcOjDvYFGJK3qUze_pKeOWXCG8ugoV3p8w8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d8fc1ef044fdde973136545250f6ed542b28b21418227244d0592d62ff84c7a8

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 01:46:49 GMT
cache-control: max-age=2085663
last-modified: Tue, 13 Jul 2021 14:02:01 GMT
x-traceid: d31d737cbaf15b040d043f050fc4e91
timing-allow-origin: *
content-length: 54580
content-type: image/webp

GET
H2 200 eyJpdSI6IjlmYThlMGI2YmQ5Y2UyYmExMzk1ZWJhNzU2MjU3YjE1ZWUyZWM4Yzg0NGNlMGI5MmJhMzk3YzNlZDg2Y2QzNTUiLCJ3IjozMDAsImgiOjMwMCwiZCI6Mi4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 17 KB
18 KB 424ms
366ms Image
image/webp 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjlmYThlMGI2YmQ5Y2UyYmExMzk1ZWJhNzU2MjU3YjE1ZWUyZWM4Yzg0NGNlMGI5MmJhMzk3YzNlZDg2Y2QzNTUiLCJ3IjozMDAsImgiOjMwMCwiZCI6Mi4wLCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/?fbclid=IwAR1_wADxU4i9aghqmr-rUVcEHcOjDvYFGJK3qUze_pKeOWXCG8ugoV3p8w8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0b451292d6bd71211242ba4f97851d5adbba5c8aba4de8a4ea7c635711104249

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 01:46:50 GMT
cache-control: max-age=2462400
last-modified: Mon, 12 Jul 2021 08:02:44 GMT
x-traceid: 3a0f40e70b08c2f72a75dd9524059887
timing-allow-origin: *
content-length: 17800
content-type: image/webp

GET
H2 200 eyJpdSI6ImExMDAxODNjNmMyNzk2ZmQyMzEyZWY4MDNjODQ5NGVhYTA1ZjRhN2MzNjI0MzAzODhiMzM1ZDgxMTlhNGJjZDYiLCJ3IjozMDAsImgiOjMwMCwiZCI6Mi4wLCJjaCI6LTQ4ODg3NjQzNCwiY3MiOjAsImYiOjR9.webp
images.outbrainimg.com/transform/v3/ 102 KB
103 KB 394ms
336ms Image
image/webp 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImExMDAxODNjNmMyNzk2ZmQyMzEyZWY4MDNjODQ5NGVhYTA1ZjRhN2MzNjI0MzAzODhiMzM1ZDgxMTlhNGJjZDYiLCJ3IjozMDAsImgiOjMwMCwiZCI6Mi4wLCJjaCI6LTQ4ODg3NjQzNCwiY3MiOjAsImYiOjR9.webp
Requested by: Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/?fbclid=IwAR1_wADxU4i9aghqmr-rUVcEHcOjDvYFGJK3qUze_pKeOWXCG8ugoV3p8w8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 3dca31fae05b39652695af2c73807e58d09525d61b38fee199703d223933ff56

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 01:46:50 GMT
cache-control: max-age=2462400
last-modified: Fri, 30 Jul 2021 10:32:24 GMT
x-traceid: a176bbe1a2a4d626394c4957488c85e3
timing-allow-origin: *
content-length: 104564
content-type: image/webp

GET
H2 200 eyJpdSI6ImZmYjVkMmFlZDhkMDI4NDhkOTAxODcyMGI5Y2IxZDdhMGZkMWRmNTRiOWMyMGNmYzNjZmY1MjhjNmJhNjNmOTkiLCJ3IjozMDAsImgiOjMwMCwiZCI6Mi4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 62 KB
62 KB 572ms
572ms Image
image/webp 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImZmYjVkMmFlZDhkMDI4NDhkOTAxODcyMGI5Y2IxZDdhMGZkMWRmNTRiOWMyMGNmYzNjZmY1MjhjNmJhNjNmOTkiLCJ3IjozMDAsImgiOjMwMCwiZCI6Mi4wLCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/?fbclid=IwAR1_wADxU4i9aghqmr-rUVcEHcOjDvYFGJK3qUze_pKeOWXCG8ugoV3p8w8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 8579ca474b3a82f66a23f4a0653c62f82a02b349a2daecedb9e57d822e36524d

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 01:46:50 GMT
cache-control: max-age=2462400
last-modified: Wed, 14 Jul 2021 09:54:22 GMT
x-traceid: 2103c0217e9c2e5990570a1358b8a4c9
timing-allow-origin: *
content-length: 63282
content-type: image/webp

GET
H2 200 eyJpdSI6ImI2MzUwM2NjYjAyNGVhMTZkNWU0NTBmYWQ3NGI0MTRkMjYxZTNlM2JmMTMxZGM1YTYwMmM5OTE1NTc1MDYxMWMiLCJ3IjozMDAsImgiOjMwMCwiZCI6Mi4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 161 KB
161 KB 88ms
88ms Image
image/webp 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImI2MzUwM2NjYjAyNGVhMTZkNWU0NTBmYWQ3NGI0MTRkMjYxZTNlM2JmMTMxZGM1YTYwMmM5OTE1NTc1MDYxMWMiLCJ3IjozMDAsImgiOjMwMCwiZCI6Mi4wLCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/?fbclid=IwAR1_wADxU4i9aghqmr-rUVcEHcOjDvYFGJK3qUze_pKeOWXCG8ugoV3p8w8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 7156d948cec0e396395a9d4fa5cb7e1e9a126dfdacc0cb304f1559c6f527e41c

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 01:46:49 GMT
cache-control: max-age=2088853
last-modified: Tue, 11 May 2021 08:48:31 GMT
x-traceid: aa855a7e1977ed95dce6f3709225d1c3
timing-allow-origin: *
content-length: 164682
content-type: image/webp

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ Frame 1A52 1 KB
2 KB 36ms
35ms Script
application/javascript 13.224.96.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-92.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 01:34:10 GMT
via: 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
etag: "1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 760
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
content-length: 1469
x-amz-cf-id: nMA1f6OGOmX1zs2rR6BD-WKreueakonSvOca7YgeVXcD1eMCTS626w==

GET
H2 204 b
sb.scorecardresearch.com/ Frame 1A52 0
338 B 51ms
51ms Image
text/plain 13.224.96.92
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=7&c2=14320224&c3=1436&cs_ucfr=1&ns__t=1627782409903&ns_c=UTF-8&ns_if=1&cv=3.5&c8=OB%20user%20sync&c7=https%3A%2F%2Fwidgets.outbrain.com%2FwidgetOBUserSync%2FobUserSync.html%23pid%3D1436%26dmpenabled%3Dfalse%26filterDMP%3D%26csenabled%3Dtrue%26d%3D%26obcnsnt%3Dfalse%26gdpr%3D1%26cmpNeeded%3Dfalse%26gdprVer%3Dnull%26ccpa%3D1---%26country%3DBE&c9=https%3A%2F%2Fwww.kolotv.com%2F
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-96-92.zrh50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 01:46:49 GMT
via: 1.1 f32eaf3bf899320e0c43dee8baec79fa.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id: 6140RkSiyI8s-rgJ1JczBQg5OApKGC3sOCDaM1LwzHizoLg7wZ_UuQ==
x-cache: Miss from cloudfront

GET
H2 200 get Show response
mv.outbrain.com/Multivac/api/ 147 KB
32 KB 710ms
708ms Script
text/javascript 151.101.14.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mv.outbrain.com/Multivac/api/get?url=https%3A%2F%2Fwww.kolotv.com%2F2020%2F07%2F11%2Fincrease-in-identity-theft-tied-to-fraudulent-unemployment-claims%2F&settings=true&recs=true&widgetJSId=AR_4&key=NANOWDGT01&version=2000395&apv=true&sig=EItAtrx5&format=html&rand=95780&pdobuid=-1&osLang=en-US&va=true&et=true&cmpStat=0&ccpaStat=1&scrW=1600&scrH=1200&t=M2I3YjkzZjA2NWJhOWFmMmFhNjVhNjkyNTU2MTMyOWI=&winW=1600&winH=1200&adblck=false&abwl=false&secured=true&feedIdx=0&lastIdx=1&lastCardIdx=0&fAB=11523-0&layeredTestInfo=11523-0-&pcer=p%3D1sIBUfIsFjoLa2ZMrQlNQ9XxrppYLNC8ClIU2gXfPHw%26c%3D775d0b81%26v%3D3&dpr=1&cw=938&wdr-natlaz=true
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/2000395/module/streamFeed.js?e=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: bdb74443ddbaf04619a101b5b46662121be486859b7ce034db669847fd622c49

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 01:46:50 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: CHIDC2, MDW, FRA, Europe2
x-cache: MISS, MISS
p3p: policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
backend-ip: 157.52.75.27
x-cache-hits: 0, 0
x-traceid: 5746705dd55386dab350e066a0dd786f
content-encoding: gzip
content-length: 32753
x-served-by: cache-mdw17327-MDW, cache-fra19124-FRA
x-timer: S1627782410.941622,VS0,VE676
vary: Accept-Encoding, User-Agent
content-type: text/javascript; charset=UTF-8
accept-ranges: bytes
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 ob_logo_67x12.png
widgets.outbrain.com/images/widgetIcons/ 2 KB
3 KB 977ms
977ms Image
image/png 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/ob_logo_67x12.png
Requested by: Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/?fbclid=IwAR1_wADxU4i9aghqmr-rUVcEHcOjDvYFGJK3qUze_pKeOWXCG8ugoV3p8w8
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 01:46:50 GMT
last-modified: Thu, 24 Jun 2021 14:35:21 GMT
server: AkamaiNetStorage
etag: "c52b07e749f7a09fa7b97b7e195e06ce:1624546045.043304"
access-control-allow-methods: GET,POST
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 2326
expires: Tue, 31 Aug 2021 01:46:50 GMT

GET
H/1.1 200
OK l Show response
mcdp-chidc2.outbrain.com/ 2 B
292 B 835ms
112ms Fetch
text/plain 50.31.142.63
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-chidc2.outbrain.com/l?token=4dcca45ef29596ff6f4f46ce10b1a36d_1436_1627782410135&tm=2161&eT=0&widgetWidth=938&widgetHeight=411&widgetX=165&widgetY=2252&wRV=2000395&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=343&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 50.31.142.63 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: chi.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Sun, 01 Aug 2021 01:46:51 GMT
content-encoding: gzip
X-TraceId: d6eb63423798a549c2e6b1e058950e04
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H2 200 eyJpdSI6Ijk0OGIxZDA2M2ZhMGFhYmY3NDhiYzMzMTJiNzVjZTNlNjBmODNlMGEyMGQwNjNmM2MzZGRjMWY4YjhkZDQ0MGQiLCJ3IjoxMjAsImgiOjgwLCJkIjoxLjUsImNzIjowLCJmIjo0fQ.webp
images.outbrainimg.com/transform/v3/ 7 KB
8 KB 30ms
28ms Image
image/webp 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6Ijk0OGIxZDA2M2ZhMGFhYmY3NDhiYzMzMTJiNzVjZTNlNjBmODNlMGEyMGQwNjNmM2MzZGRjMWY4YjhkZDQ0MGQiLCJ3IjoxMjAsImgiOjgwLCJkIjoxLjUsImNzIjowLCJmIjo0fQ.webp
Requested by: Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/?fbclid=IwAR1_wADxU4i9aghqmr-rUVcEHcOjDvYFGJK3qUze_pKeOWXCG8ugoV3p8w8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a2949f9a9e08a2ff119bcc873dc672bb6c18714b7e9d5d6452bad2a1dfe0b4f6

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 01:46:50 GMT
cache-control: max-age=1847092
last-modified: Mon, 21 Jun 2021 06:32:01 GMT
x-traceid: 80a12c494f948aefb34b068fc9ab06c7
timing-allow-origin: *
content-length: 7672
content-type: image/webp

GET
H2 200 eyJpdSI6IjlkOWE1MDU3ZjMwN2EzN2U4N2U4Y2QzZjBiNmFhY2U1ZGY0YTBhZjVjZGQwYzhkZDdiZDM2ZDUyOWI0ZDgwODYiLCJ3IjoxMjAsImgiOjgwLCJkIjoxLjUsImNzIjowLCJmIjo0fQ.webp
images.outbrainimg.com/transform/v3/ 6 KB
7 KB 30ms
29ms Image
image/webp 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjlkOWE1MDU3ZjMwN2EzN2U4N2U4Y2QzZjBiNmFhY2U1ZGY0YTBhZjVjZGQwYzhkZDdiZDM2ZDUyOWI0ZDgwODYiLCJ3IjoxMjAsImgiOjgwLCJkIjoxLjUsImNzIjowLCJmIjo0fQ.webp
Requested by: Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/?fbclid=IwAR1_wADxU4i9aghqmr-rUVcEHcOjDvYFGJK3qUze_pKeOWXCG8ugoV3p8w8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 159dcd54082c2061a80aacfd427a6d6e66d33efe68a861d8858b0021f83e79ab

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 01:46:50 GMT
cache-control: max-age=1556145
last-modified: Wed, 26 May 2021 16:59:41 GMT
x-traceid: b33a832e58a5f3c886922c5490a2e1f5
timing-allow-origin: *
content-length: 6513
content-type: image/webp

GET
H2 200 eyJpdSI6IjljYTMwMzg4ZGE0NDg1ZGFkOTMyOWEwYTY1MTkyYzY4ZDllMDdmMGM5M2I2ZTZhMDdmZTZlOGI3YzM1Mzc4MTUiLCJ3IjoxMjAsImgiOjgwLCJkIjoxLjUsImNzIjowLCJmIjo0fQ.webp
images.outbrainimg.com/transform/v3/ 3 KB
3 KB 129ms
128ms Image
image/webp 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjljYTMwMzg4ZGE0NDg1ZGFkOTMyOWEwYTY1MTkyYzY4ZDllMDdmMGM5M2I2ZTZhMDdmZTZlOGI3YzM1Mzc4MTUiLCJ3IjoxMjAsImgiOjgwLCJkIjoxLjUsImNzIjowLCJmIjo0fQ.webp
Requested by: Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/?fbclid=IwAR1_wADxU4i9aghqmr-rUVcEHcOjDvYFGJK3qUze_pKeOWXCG8ugoV3p8w8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 901722ff9cf85c265833c36cd1124078eebcef1fab7bb287dd131d66ef396957

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 01:46:50 GMT
cache-control: max-age=2462400
last-modified: Mon, 26 Jul 2021 20:30:15 GMT
x-traceid: eecadacdfa88f23cf98a17353f45a0ea
timing-allow-origin: *
content-length: 3138
content-type: image/webp

GET
H2 200 eyJpdSI6IjM0ZWYxMzJlZDk5MDQwN2IxZDRhYzMwMjc5ZDU1MDIxZmJlMTFjYzVkZWQ0ZTg0ZTE0M2RhMWFiZDMzMDkyNjMiLCJ3IjoxMjAsImgiOjgwLCJkIjoxLjUsImNoIjoxNDEzMDAxNzQyLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 9 KB
9 KB 32ms
31ms Image
image/webp 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjM0ZWYxMzJlZDk5MDQwN2IxZDRhYzMwMjc5ZDU1MDIxZmJlMTFjYzVkZWQ0ZTg0ZTE0M2RhMWFiZDMzMDkyNjMiLCJ3IjoxMjAsImgiOjgwLCJkIjoxLjUsImNoIjoxNDEzMDAxNzQyLCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/?fbclid=IwAR1_wADxU4i9aghqmr-rUVcEHcOjDvYFGJK3qUze_pKeOWXCG8ugoV3p8w8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e1a3194bd62d03308849352ddcd3bade31cc7564672097758ee755c9c8cb39c5

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 01:46:50 GMT
cache-control: max-age=1624521
last-modified: Fri, 16 Jul 2021 10:55:24 GMT
x-traceid: 5ad7f7491c144960fe884aea34e62c33
timing-allow-origin: *
content-length: 9000
content-type: image/webp

GET
H2 200 eyJpdSI6IjkwZTE4ODQ3MTM5ZjMzMzc4OTFiNWU1MmUxNTNkZGIyNjU3OWY0MTc4YzNkMTJlOGM2YzUzNDgxMWEyMGNhNTgiLCJ3IjoxMjAsImgiOjgwLCJkIjoxLjUsImNzIjowLCJmIjo0fQ.webp
images.outbrainimg.com/transform/v3/ 7 KB
7 KB 31ms
30ms Image
image/webp 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjkwZTE4ODQ3MTM5ZjMzMzc4OTFiNWU1MmUxNTNkZGIyNjU3OWY0MTc4YzNkMTJlOGM2YzUzNDgxMWEyMGNhNTgiLCJ3IjoxMjAsImgiOjgwLCJkIjoxLjUsImNzIjowLCJmIjo0fQ.webp
Requested by: Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/?fbclid=IwAR1_wADxU4i9aghqmr-rUVcEHcOjDvYFGJK3qUze_pKeOWXCG8ugoV3p8w8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f3b43c677c700f1dc7a0d7a5c241662cc702886857ec68b8a6b7e888b5055054

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 01:46:50 GMT
cache-control: max-age=2365393
last-modified: Fri, 30 Jul 2021 19:01:23 GMT
x-traceid: 798b2bf3cbb5dd066728d2e6d30d2a71
timing-allow-origin: *
content-length: 7096
content-type: image/webp

GET
H2 200 eyJpdSI6IjE2N2RlZDkwYTExNTYwNDU1MzZiNjY0NTMyYTBiNjQ4ZDY3YWY3MGE1ZWQxZDY4ZTFmZWYxMmIwYzI2YmVkMDUiLCJ3IjoxMjAsImgiOjgwLCJkIjoxLjUsImNzIjowLCJmIjo0fQ.webp
images.outbrainimg.com/transform/v3/ 3 KB
3 KB 32ms
31ms Image
image/webp 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjE2N2RlZDkwYTExNTYwNDU1MzZiNjY0NTMyYTBiNjQ4ZDY3YWY3MGE1ZWQxZDY4ZTFmZWYxMmIwYzI2YmVkMDUiLCJ3IjoxMjAsImgiOjgwLCJkIjoxLjUsImNzIjowLCJmIjo0fQ.webp
Requested by: Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/?fbclid=IwAR1_wADxU4i9aghqmr-rUVcEHcOjDvYFGJK3qUze_pKeOWXCG8ugoV3p8w8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 8fd5123e028a49c31f4aa2b491ab44f9569906f2f88ed637bc2dd00a3904f431

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 01:46:50 GMT
cache-control: max-age=2340030
last-modified: Fri, 30 Jul 2021 12:34:18 GMT
x-traceid: d6a2187d5c3a9ab29c1e4e26d3eec886
timing-allow-origin: *
content-length: 3386
content-type: image/webp

GET
H2 200 eyJpdSI6IjE4N2Y5YzEyZTJkMmY5MGYwOTE2NmQyNjhjODM0NWQzYmQ5ZDc4ZjUxOWVlYjdkNGQwYmI2NmU3MTlhOWEwN2IiLCJ3IjoxMjAsImgiOjgwLCJkIjoxLjUsImNzIjowLCJmIjo0fQ.webp
images.outbrainimg.com/transform/v3/ 3 KB
3 KB 33ms
32ms Image
image/webp 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjE4N2Y5YzEyZTJkMmY5MGYwOTE2NmQyNjhjODM0NWQzYmQ5ZDc4ZjUxOWVlYjdkNGQwYmI2NmU3MTlhOWEwN2IiLCJ3IjoxMjAsImgiOjgwLCJkIjoxLjUsImNzIjowLCJmIjo0fQ.webp
Requested by: Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/?fbclid=IwAR1_wADxU4i9aghqmr-rUVcEHcOjDvYFGJK3qUze_pKeOWXCG8ugoV3p8w8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 9891f884ba5cc7246dfba48bffa6baa3c2f7d086c71c966bed7edaebdb4d1a8c

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 01:46:50 GMT
cache-control: max-age=1640160
last-modified: Wed, 21 Jul 2021 19:44:26 GMT
x-traceid: 85beb8c7b3058ed7b0d4a7855878a0c4
timing-allow-origin: *
content-length: 3104
content-type: image/webp

GET
H2 200 eyJpdSI6ImM4NmZlM2RmNzA5YjBmNGM5NjIzNjAzNGJiMTA2ZDRhNDYzMWQ4MDQyYmJjMTM4ZjA3N2YzNDkwYTllZjhjMWQiLCJ3IjoxMjAsImgiOjgwLCJkIjoxLjUsImNzIjowLCJmIjo0fQ.webp
images.outbrainimg.com/transform/v3/ 10 KB
10 KB 181ms
180ms Image
image/webp 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImM4NmZlM2RmNzA5YjBmNGM5NjIzNjAzNGJiMTA2ZDRhNDYzMWQ4MDQyYmJjMTM4ZjA3N2YzNDkwYTllZjhjMWQiLCJ3IjoxMjAsImgiOjgwLCJkIjoxLjUsImNzIjowLCJmIjo0fQ.webp
Requested by: Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/?fbclid=IwAR1_wADxU4i9aghqmr-rUVcEHcOjDvYFGJK3qUze_pKeOWXCG8ugoV3p8w8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: cfa42a5ba462e4f6cf354f865601b1f5a1a45225262b4ec62e3e1b7b0c6ac291

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 01:46:50 GMT
cache-control: max-age=2462400
last-modified: Sat, 24 Jul 2021 04:13:34 GMT
x-traceid: 75e35cc87bf6a828a6b3f1d840eb17a0
timing-allow-origin: *
content-length: 10560
content-type: image/webp

GET
H2 200 reel.js Show response
widgets.outbrain.com/nanoWidget/2000395/module/ 23 KB
8 KB 563ms
563ms Script
application/x-javascript 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/2000395/module/reel.js?e=1
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 71601234f74f6e47b6d08b4264e423ab49f7b59767a4abaab51eccd7416d45e8

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 01:46:50 GMT
content-encoding: gzip
last-modified: Thu, 29 Jul 2021 11:53:58 GMT
server: AkamaiNetStorage
etag: "2179de7f2ddd48dda1e398c1df1ac88e:1627563895.291082"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=345600
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 7408

GET
H/1.1 200
OK l Show response
mcdp-chidc2.outbrain.com/ 2 B
292 B 426ms
108ms Fetch
text/plain 50.31.142.63
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-chidc2.outbrain.com/l?token=1f28c94b708bd116560c84b9ac1cec45_1436_1627782410141&tm=2609&eT=0&widgetWidth=938&widgetHeight=573&widgetX=165&widgetY=2202&wRV=2000395&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=788&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 50.31.142.63 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: chi.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Sun, 01 Aug 2021 01:46:51 GMT
content-encoding: gzip
X-TraceId: af6280b3f8eb0e38a289a0e8583c1282
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H/1.1 200
OK l Show response
mcdp-chidc2.outbrain.com/ 2 B
292 B 472ms
112ms Fetch
text/plain 50.31.142.63
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-chidc2.outbrain.com/l?token=02e7da51dead132d7e86f623bad705ba_1436_1627782410199&tm=2640&eT=0&widgetWidth=938&widgetHeight=363&widgetX=165&widgetY=2794&wRV=2000395&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&rtt=788&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 50.31.142.63 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: chi.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Sun, 01 Aug 2021 01:46:51 GMT
content-encoding: gzip
X-TraceId: 76812470218b579491dddadc8911a4b2
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H/1.1 200
OK l Show response
mcdp-chidc2.outbrain.com/ 2 B
292 B 983ms
558ms Fetch
text/plain 50.31.142.63
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-chidc2.outbrain.com/l?token=0a3ac4e0de9f6f1777b705e1ca069124_1436_1627782410333&tm=2641&eT=0&widgetWidth=938&widgetHeight=336&widgetX=165&widgetY=3177&wRV=2000395&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=788&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 50.31.142.63 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: chi.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Sun, 01 Aug 2021 01:46:51 GMT
content-encoding: gzip
X-TraceId: 26d5c51136fd13aa723e2f7149a4ed30
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H/1.1 200
OK l Show response
mcdp-chidc2.outbrain.com/ 2 B
292 B 879ms
407ms Fetch
text/plain 50.31.142.63
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-chidc2.outbrain.com/l?token=72ee5a10131a1f057b4937fee0964ca7_1436_1627782410373&tm=2642&eT=0&widgetWidth=938&widgetHeight=363&widgetX=165&widgetY=3533&wRV=2000395&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&rtt=788&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 50.31.142.63 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: chi.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Sun, 01 Aug 2021 01:46:51 GMT
content-encoding: gzip
X-TraceId: 77be997d4d7631a583815940e57bbc33
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H/1.1 200
OK l Show response
mcdp-chidc2.outbrain.com/ 2 B
292 B 701ms
111ms Fetch
text/plain 50.31.142.63
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-chidc2.outbrain.com/l?token=c94e6ac9b8cff40ea5cd145750989a1c_1436_1627782410495&tm=2642&eT=0&widgetWidth=938&widgetHeight=580&widgetX=165&widgetY=3915&wRV=2000395&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=788&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 50.31.142.63 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: chi.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Sun, 01 Aug 2021 01:46:51 GMT
content-encoding: gzip
X-TraceId: 8410ece52f2332f6b993f78d9cfe87ee
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H/1.1 200
OK l Show response
mcdp-chidc2.outbrain.com/ 2 B
291 B 810ms
109ms Fetch
text/plain 50.31.142.63
SERVERCENTRAL

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-chidc2.outbrain.com/l?token=63e6944a0c7e14cfd33f4c74868b3cdb_1436_1627782410538&tm=2643&eT=0&widgetWidth=938&widgetHeight=363&widgetX=165&widgetY=4515&wRV=2000395&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&rtt=788&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 50.31.142.63 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS: chi.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Sun, 01 Aug 2021 01:46:51 GMT
content-encoding: gzip
X-TraceId: f984ca31cd09f3ca053c3d8a396491b
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H2 200 eyJpdSI6ImJlZDI1ZWY4NWU0OThmZjEyOTlmY2M5MzJmZGU2NzQzOWEyMTBmMDMwZWVhYTEwNGQ3NGQ1OGIzZmIzZTRhOTEiLCJ3Ijo0MCwiaCI6NDAsImQiOjIuMCwiY3MiOjAsImYiOjR9.webp
images.outbrainimg.com/transform/v3/ 1 KB
1 KB 29ms
29ms Image
image/webp 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImJlZDI1ZWY4NWU0OThmZjEyOTlmY2M5MzJmZGU2NzQzOWEyMTBmMDMwZWVhYTEwNGQ3NGQ1OGIzZmIzZTRhOTEiLCJ3Ijo0MCwiaCI6NDAsImQiOjIuMCwiY3MiOjAsImYiOjR9.webp
Requested by: Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/?fbclid=IwAR1_wADxU4i9aghqmr-rUVcEHcOjDvYFGJK3qUze_pKeOWXCG8ugoV3p8w8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1c3f4a047c5ddcce8a03d02d2d271a2edefa6b3fb8996991c4c54e1727b30f92

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 01:46:50 GMT
cache-control: max-age=607266
last-modified: Fri, 19 Feb 2021 01:17:08 GMT
x-traceid: 22d8823e12ebc818e46a00a8f10e0fb0
timing-allow-origin: *
content-length: 1186
content-type: image/webp

GET
H2 200 eyJpdSI6IjI2MDE4MTIwYzY2NTEwYTIxMzZmZjc4ZDI1NzYwYjk3M2U2MmQyYmU5YTlmNzc3NGI4MGZmZTk4NDM4NWJiMTciLCJ3Ijo0MDAsImgiOjIyNSwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 9 KB
9 KB 30ms
29ms Image
image/webp 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjI2MDE4MTIwYzY2NTEwYTIxMzZmZjc4ZDI1NzYwYjk3M2U2MmQyYmU5YTlmNzc3NGI4MGZmZTk4NDM4NWJiMTciLCJ3Ijo0MDAsImgiOjIyNSwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/?fbclid=IwAR1_wADxU4i9aghqmr-rUVcEHcOjDvYFGJK3qUze_pKeOWXCG8ugoV3p8w8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 913a86344adc640cc94792bbea4000cac0288d920388a4b6a83b534a2b4da550

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 01:46:50 GMT
cache-control: max-age=1969878
last-modified: Mon, 12 Jul 2021 12:41:23 GMT
x-traceid: c947ae5e134ecb5ae0c5278a79d6371c
timing-allow-origin: *
content-length: 9118
content-type: image/webp

GET
H2 200 eyJpdSI6IjhlNzU5ZDVkZGY3ZTA1NDFlOWIzMDdhMTc2ZWY1ZmQ5MWFiMjA1YjQyM2Q2MzEwYmJjNjQ2YzhjYThiNzRjYjYiLCJ3Ijo0MDAsImgiOjIyNSwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 23 KB
23 KB 47ms
46ms Image
image/webp 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjhlNzU5ZDVkZGY3ZTA1NDFlOWIzMDdhMTc2ZWY1ZmQ5MWFiMjA1YjQyM2Q2MzEwYmJjNjQ2YzhjYThiNzRjYjYiLCJ3Ijo0MDAsImgiOjIyNSwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/?fbclid=IwAR1_wADxU4i9aghqmr-rUVcEHcOjDvYFGJK3qUze_pKeOWXCG8ugoV3p8w8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 09b8a233a8d0129804836aaa57d401962ab8026d520507ccd3470ced33d75b1a

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 01:46:50 GMT
cache-control: max-age=1031840
last-modified: Tue, 13 Jul 2021 14:02:01 GMT
x-traceid: 1fbcfa2e0c0b76f15b7d904a06cd8812
timing-allow-origin: *
content-length: 23392
content-type: image/webp

GET
H2 200 eyJpdSI6IjQzMDJlMmY5ODJkODU2ZmM2ZTFjMjYzY2RiNDY1YjM5OWMwZDMxZTI0YjAyYjk0ZTExYjBmMTExYTczYjc3ZGMiLCJ3IjozNjAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 9 KB
9 KB 214ms
213ms Image
image/webp 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjQzMDJlMmY5ODJkODU2ZmM2ZTFjMjYzY2RiNDY1YjM5OWMwZDMxZTI0YjAyYjk0ZTExYjBmMTExYTczYjc3ZGMiLCJ3IjozNjAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/?fbclid=IwAR1_wADxU4i9aghqmr-rUVcEHcOjDvYFGJK3qUze_pKeOWXCG8ugoV3p8w8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e5174588266fb7aeb5cad9715d2e6f74abc853d0f5b313f2fe1734560e269d0a

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 01:46:50 GMT
cache-control: max-age=2462400
last-modified: Wed, 21 Jul 2021 22:44:24 GMT
x-traceid: 37de78f3d42fa8082175cf567350bf9e
timing-allow-origin: *
content-length: 8742
content-type: image/webp

GET
H2 200 eyJpdSI6IjlkNDc2ODk5YjEyMTVhN2MxMzFjODg1YTdiMWNlOTI4MTZjOWFjYjdlZTY0NjUxNjY0YzAyOWIwNWJhNWEzYTkiLCJ3IjozNjAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 13 KB
13 KB 48ms
46ms Image
image/webp 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjlkNDc2ODk5YjEyMTVhN2MxMzFjODg1YTdiMWNlOTI4MTZjOWFjYjdlZTY0NjUxNjY0YzAyOWIwNWJhNWEzYTkiLCJ3IjozNjAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/?fbclid=IwAR1_wADxU4i9aghqmr-rUVcEHcOjDvYFGJK3qUze_pKeOWXCG8ugoV3p8w8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: fcdb431bf000b9a2fe0fda9b63eb08e7d9ff54081ed257fd7d406328d50313ba

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 01:46:50 GMT
cache-control: max-age=2160794
last-modified: Tue, 27 Jul 2021 21:04:03 GMT
x-traceid: 329a6199b9ea63b5c0d5f985627e4af1
timing-allow-origin: *
content-length: 12940
content-type: image/webp

GET
H2 200 eyJpdSI6IjFmZjU3ZGMyMGVlMzYzOWE4N2ZlYjQxNTZmNTZiMzg2NzQzMWY0M2VkMjJiMzc5ZmRkOTJjYTU0NzMzMGFiNzkiLCJ3IjozNjAsImgiOjI0MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 69 KB
69 KB 63ms
62ms Image
image/webp 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjFmZjU3ZGMyMGVlMzYzOWE4N2ZlYjQxNTZmNTZiMzg2NzQzMWY0M2VkMjJiMzc5ZmRkOTJjYTU0NzMzMGFiNzkiLCJ3IjozNjAsImgiOjI0MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/?fbclid=IwAR1_wADxU4i9aghqmr-rUVcEHcOjDvYFGJK3qUze_pKeOWXCG8ugoV3p8w8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: bfab61aaa5ed192e3737cf414d53a431d2110c1980d7ede99484111d4b8138c1

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 01:46:50 GMT
cache-control: max-age=555106
last-modified: Thu, 25 Mar 2021 14:24:42 GMT
x-traceid: a29a6b1c357ffb4e05a38ba7dc6137c3
timing-allow-origin: *
content-length: 70742
content-type: image/webp

GET
H2 200 eyJpdSI6ImI0MGU4ZWFlOGI4ZTMxMDg3MjFmMDg4Y2NiYWYzYjYyNTFjZTQ1NjJkYTEwZDY3ZjI4NjcwNGU0NzQ4MGM5ZmYiLCJ3IjozNjAsImgiOjI0MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 41 KB
41 KB 212ms
211ms Image
image/webp 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImI0MGU4ZWFlOGI4ZTMxMDg3MjFmMDg4Y2NiYWYzYjYyNTFjZTQ1NjJkYTEwZDY3ZjI4NjcwNGU0NzQ4MGM5ZmYiLCJ3IjozNjAsImgiOjI0MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/?fbclid=IwAR1_wADxU4i9aghqmr-rUVcEHcOjDvYFGJK3qUze_pKeOWXCG8ugoV3p8w8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1265259bb7e9869d0669aff14986f17d012a835a7974f0b2e6a522221487c785

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 01:46:50 GMT
cache-control: max-age=519413
last-modified: Tue, 30 Mar 2021 10:18:31 GMT
x-traceid: 2b605b5f720774783532d4c541f7d80a
timing-allow-origin: *
content-length: 42210
content-type: image/webp

GET
H2 200 eyJpdSI6ImNjMTg2MDIwODVmN2U0Y2IxNzM0OWE3MjZmYzQ4N2I4NTRhNTI0NzY5NGM2YjAxYjJiMzJhZWY5MzViNWM3OWQiLCJ3IjozNjAsImgiOjI0MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 35 KB
35 KB 212ms
212ms Image
image/webp 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImNjMTg2MDIwODVmN2U0Y2IxNzM0OWE3MjZmYzQ4N2I4NTRhNTI0NzY5NGM2YjAxYjJiMzJhZWY5MzViNWM3OWQiLCJ3IjozNjAsImgiOjI0MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/?fbclid=IwAR1_wADxU4i9aghqmr-rUVcEHcOjDvYFGJK3qUze_pKeOWXCG8ugoV3p8w8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 3c724210b1d423e31f77b25b6411a64e2f83b45190fe37b7e5a59126a9c87242

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 01:46:50 GMT
cache-control: max-age=1819405
last-modified: Fri, 23 Apr 2021 00:26:59 GMT
x-traceid: 542db6837fee93daf6a620ac54871fa8
timing-allow-origin: *
content-length: 35602
content-type: image/webp

GET
H2 200 eyJpdSI6ImRmYzhjNWVmZjM4ZmEwY2E0OGUzMDdiZGJlYWE0NzBhODE3ODA1YjkwMWI3ZWY4YTZhZGViOWQ3ODY3YTM4MTgiLCJ3IjozNjAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 17 KB
17 KB 212ms
212ms Image
image/webp 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImRmYzhjNWVmZjM4ZmEwY2E0OGUzMDdiZGJlYWE0NzBhODE3ODA1YjkwMWI3ZWY4YTZhZGViOWQ3ODY3YTM4MTgiLCJ3IjozNjAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/?fbclid=IwAR1_wADxU4i9aghqmr-rUVcEHcOjDvYFGJK3qUze_pKeOWXCG8ugoV3p8w8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e93ab9edb3e0f65747d72c4d260adb9dc89549e06e447c93674b4142e5f29113

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 01:46:50 GMT
cache-control: max-age=2299834
last-modified: Thu, 29 Jul 2021 19:10:36 GMT
x-traceid: c76a901ffaa1be7e1eb261d79cf3746b
timing-allow-origin: *
content-length: 17184
content-type: image/webp

GET
H2 200 eyJpdSI6ImFiN2E2ZDZlOTUwZDAxY2FiMTc5NzZlNDNkZjE2YTFjNTc1NTljNTJhZjZlM2EyN2IzNWRhMjJhNTRkM2M5ZDciLCJ3IjozNjAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 15 KB
16 KB 212ms
212ms Image
image/webp 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImFiN2E2ZDZlOTUwZDAxY2FiMTc5NzZlNDNkZjE2YTFjNTc1NTljNTJhZjZlM2EyN2IzNWRhMjJhNTRkM2M5ZDciLCJ3IjozNjAsImgiOjIwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/?fbclid=IwAR1_wADxU4i9aghqmr-rUVcEHcOjDvYFGJK3qUze_pKeOWXCG8ugoV3p8w8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 15171b9c56b8ad36dcdb47fd61fef088477c6db266862c0a77cbaca1bc8fbf44

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 01:46:50 GMT
cache-control: max-age=1809163
last-modified: Thu, 22 Jul 2021 19:04:20 GMT
x-traceid: 3d987de0e083cc7c506741ba4f08bfe7
timing-allow-origin: *
content-length: 15718
content-type: image/webp

GET
H2 200 eyJpdSI6ImQzZmU4ZDkyZWNjZWVhZmI0ZjFiOGM5MjhjOGE0Zjk4YjhhZWU4OWQ4ZjRiNDNhNWVkOWU2YWNkMjFjNDRmNTkiLCJ3Ijo5MDAsImgiOjQ1MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 68 KB
68 KB 1326ms
1325ms Image
image/webp 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImQzZmU4ZDkyZWNjZWVhZmI0ZjFiOGM5MjhjOGE0Zjk4YjhhZWU4OWQ4ZjRiNDNhNWVkOWU2YWNkMjFjNDRmNTkiLCJ3Ijo5MDAsImgiOjQ1MCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/?fbclid=IwAR1_wADxU4i9aghqmr-rUVcEHcOjDvYFGJK3qUze_pKeOWXCG8ugoV3p8w8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 21595cfd5f1f7c23acc8d69d2530d43f783ec37aa6b00865a968d74bdd772d88

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 01:46:51 GMT
cache-control: max-age=2462400
last-modified: Tue, 20 Jul 2021 09:32:52 GMT
x-traceid: f8194e189be76b35c4555172d575274c
timing-allow-origin: *
content-length: 69254
content-type: image/webp

GET
H2 200 eyJpdSI6IjhkNjc1Nzg1NTZiYWY2MjRmZDEzNjIzZGQ0MzAwNWY5YmZmNjQ2Nzg5OTczZGE0YTg4NTVhZmYzYzIwN2I5MTUiLCJ3Ijo0MDAsImgiOjIyNSwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 29 KB
29 KB 747ms
746ms Image
image/webp 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjhkNjc1Nzg1NTZiYWY2MjRmZDEzNjIzZGQ0MzAwNWY5YmZmNjQ2Nzg5OTczZGE0YTg4NTVhZmYzYzIwN2I5MTUiLCJ3Ijo0MDAsImgiOjIyNSwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/?fbclid=IwAR1_wADxU4i9aghqmr-rUVcEHcOjDvYFGJK3qUze_pKeOWXCG8ugoV3p8w8
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: b68d848dcc3b43b9ab8620e2524694925b930ac53202ae386598c58361f495e7

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 01:46:51 GMT
cache-control: max-age=348837
last-modified: Thu, 01 Jul 2021 16:48:06 GMT
x-traceid: 428d9807c4280803a924eb9eea72d63a
timing-allow-origin: *
content-length: 29746
content-type: image/webp

GET
H2 200 pubads_impl_2021072701.js Show response
securepubads.g.doubleclick.net/gpt/ 318 KB
111 KB 374ms
73ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072701.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

efd6c3fe040e0780295b2bb958b6cb638b10d68ea13bb0a5d3a4da7efce788a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 01:46:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 27 Jul 2021 08:37:43 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113834
x-xss-protection: 0
expires: Sun, 01 Aug 2021 01:46:52 GMT

GET
H3-29 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 65 B
96 B 62ms
32ms XHR
application/json 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.kolotv.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

18acebd020c26751fc32fc6e2a2eee60af62cd839938416b8b89457aea93c285

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 01 Aug 2021 01:46:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 71
x-xss-protection: 0
expires: Sun, 01 Aug 2021 01:46:51 GMT

GET
H2 200 integrator.js Show response
adservice.google.be/adsid/ 107 B
853 B 47ms
15ms Script
application/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.be/adsid/integrator.js?domain=www.kolotv.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 01 Aug 2021 01:46:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 35ms
15ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.kolotv.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 01 Aug 2021 01:46:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 17 KB
8 KB 993ms
993ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=504986625198968&correlator=1058192807521065&output=ldjh&impl=fifs&eid=31060890%2C20211866%2C21065725&vrg=2021072701&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20210801&iu_parts=63316753%2Ckolo%2Cweb%2Cnews&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=970x250%7C970x90%7C728x90&prev_scp=pt%3Dstory%26cid%3DVTGDV3GYGVDUNNVGUPMMTO4HDE%26position%3D1&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1627782407&dt=1627782413202&dlt=1627782407455&idt=5702&frm=20&biw=1600&bih=1200&oid=3&adxs=315&adys=99&adks=1764353783&ucis=1&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.kolotv.com%2F2020%2F07%2F11%2Fincrease-in-identity-theft-tied-to-fraudulent-unemployment-claims%2F%3Ffbclid%3DIwAR1_wADxU4i9aghqmr-rUVcEHcOjDvYFGJK3qUze_pKeOWXCG8ugoV3p8w8&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x19&msz=970x0&ga_vid=926350045.1627782408&ga_sid=1627782413&ga_hid=1719115966&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

1eac5fbb7f04b03590fd9b18d6d4af72fedcc2bf60277dbfded3d5ae65c906e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 01:46:54 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8180
x-xss-protection: 0
google-lineitem-id: 5646738932
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138353608569
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.kolotv.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
328768522572c50ec1e7680a4578297a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame DD29 6 KB
3 KB 47ms
14ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://328768522572c50ec1e7680a4578297a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 328768522572c50ec1e7680a4578297a.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.kolotv.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.kolotv.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Sun, 01 Aug 2021 01:46:53 GMT
expires: Mon, 01 Aug 2022 01:46:53 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 44 KB
11 KB 734ms
733ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=504986625198968&correlator=1058192807521065&output=ldjh&impl=fifs&eid=31060890%2C20211866%2C21065725&vrg=2021072701&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20210801&iu_parts=63316753%2Ckolo%2Cweb%2Cnews&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1024x90&prev_scp=position%3D101%26pt%3Dstory%26cid%3DVTGDV3GYGVDUNNVGUPMMTO4HDE&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1627782407&dt=1627782413207&dlt=1627782407455&idt=5702&frm=20&biw=1600&bih=1200&oid=3&adxs=288&adys=1200&adks=3962307085&ucis=2&ifi=2&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.kolotv.com%2F2020%2F07%2F11%2Fincrease-in-identity-theft-tied-to-fraudulent-unemployment-claims%2F%3Ffbclid%3DIwAR1_wADxU4i9aghqmr-rUVcEHcOjDvYFGJK3qUze_pKeOWXCG8ugoV3p8w8&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x-1&msz=1024x-1&ga_vid=926350045.1627782408&ga_sid=1627782413&ga_hid=1719115966&ga_fc=false&fws=512&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

1046e8f1a8eca3965f89dc69299d131f362e1077a0d10e1de6eae3b65f6fbc76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 01:46:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11068
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.kolotv.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 446 B
261 B 1525ms
1524ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=504986625198968&correlator=1058192807521065&output=ldjh&impl=fifs&eid=31060890%2C20211866%2C21065725&vrg=2021072701&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20210801&iu_parts=63316753%2Ckolo%2Cweb%2Cnews&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=970x250%7C970x90%7C728x90&prev_scp=pt%3Dstory%26cid%3DVTGDV3GYGVDUNNVGUPMMTO4HDE%26position%3D2&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1627782407&dt=1627782413210&dlt=1627782407455&idt=5702&frm=20&biw=1600&bih=1200&oid=3&adxs=315&adys=5481&adks=3424606682&ucis=3&ifi=3&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.kolotv.com%2F2020%2F07%2F11%2Fincrease-in-identity-theft-tied-to-fraudulent-unemployment-claims%2F%3Ffbclid%3DIwAR1_wADxU4i9aghqmr-rUVcEHcOjDvYFGJK3qUze_pKeOWXCG8ugoV3p8w8&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1270x19&msz=970x0&ga_vid=926350045.1627782408&ga_sid=1627782413&ga_hid=1719115966&ga_fc=false&fws=0&ohw=0&btvi=2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

77a4e44a052acc4e6222de37110d11d1796ff28b4858a990e7f610f04c5faeb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 01:46:54 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 231
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.kolotv.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 73 KB
17 KB 438ms
437ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=504986625198968&correlator=1058192807521065&output=ldjh&impl=fifs&eid=31060890%2C20211866%2C21065725&vrg=2021072701&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20210801&iu_parts=63316753%2Ckolo%2Cweb%2Cnews&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90&prev_scp=pt%3Dstory%26cid%3DVTGDV3GYGVDUNNVGUPMMTO4HDE%26position%3D3&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1627782407&dt=1627782413213&dlt=1627782407455&idt=5702&frm=20&biw=1600&bih=1200&oid=3&adxs=270&adys=1128&adks=4285509391&ucis=4&ifi=4&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.kolotv.com%2F2020%2F07%2F11%2Fincrease-in-identity-theft-tied-to-fraudulent-unemployment-claims%2F%3Ffbclid%3DIwAR1_wADxU4i9aghqmr-rUVcEHcOjDvYFGJK3qUze_pKeOWXCG8ugoV3p8w8&vis=1&dmc=8&scr_x=0&scr_y=0&psz=938x19&msz=728x0&ga_vid=926350045.1627782408&ga_sid=1627782413&ga_hid=1719115966&ga_fc=false&fws=4&ohw=938&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

13166ae4f3ccc9cbcbc1211420b277c6c36396a75f01c3f7f05a3df28005c06a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 01:46:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17884
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.kolotv.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 85 KB
27 KB 1944ms
1943ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=504986625198968&correlator=1058192807521065&output=ldjh&impl=fifs&eid=31060890%2C20211866%2C21065725&vrg=2021072701&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20210801&iu_parts=63316753%2Ckolo%2Cweb%2Cnews&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x600%7C300x250&prev_scp=pt%3Dstory%26cid%3DVTGDV3GYGVDUNNVGUPMMTO4HDE%26position%3D1&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1627782407&dt=1627782413216&dlt=1627782407455&idt=5702&frm=20&biw=1600&bih=1200&oid=3&adxs=1135&adys=150&adks=3825047885&ucis=5&ifi=5&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.kolotv.com%2F2020%2F07%2F11%2Fincrease-in-identity-theft-tied-to-fraudulent-unemployment-claims%2F%3Ffbclid%3DIwAR1_wADxU4i9aghqmr-rUVcEHcOjDvYFGJK3qUze_pKeOWXCG8ugoV3p8w8&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x269&msz=300x250&ga_vid=926350045.1627782408&ga_sid=1627782413&ga_hid=1719115966&ga_fc=false&fws=512&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

383f7db9df9a4c04e1d75381df8425d4d42ca8a340536047d302a64fd5ca64c5

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4974159998619265864/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4974159998619265864/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPGk6ITajvICFVbtdwod7-0CxA&gqi=&layout=/sadbundle/%24csp%253Der3%24/4974159998619265864/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4974159998619265864/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4974159998619265864/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CPGk6ITajvICFVbtdwod7-0CxA&gqi=&layout=/sadbundle/%24csp%253Der3%24/4974159998619265864/index.html
content-encoding: br
x-content-type-options: nosniff
google-creative-id: -1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27120
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
date: Sun, 01 Aug 2021 01:46:55 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.kolotv.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 17 KB
8 KB 1283ms
1282ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=504986625198968&correlator=1058192807521065&output=ldjh&impl=fifs&eid=31060890%2C20211866%2C21065725&vrg=2021072701&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20210801&iu_parts=63316753%2Ckolo%2Cweb%2Cnews&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x600%7C300x250&prev_scp=pt%3Dstory%26cid%3DVTGDV3GYGVDUNNVGUPMMTO4HDE%26position%3D2&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1627782407&dt=1627782413220&dlt=1627782407455&idt=5702&frm=20&biw=1600&bih=1200&oid=3&adxs=1135&adys=2037&adks=3988140803&ucis=6&ifi=6&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.kolotv.com%2F2020%2F07%2F11%2Fincrease-in-identity-theft-tied-to-fraudulent-unemployment-claims%2F%3Ffbclid%3DIwAR1_wADxU4i9aghqmr-rUVcEHcOjDvYFGJK3qUze_pKeOWXCG8ugoV3p8w8&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x269&msz=300x250&ga_vid=926350045.1627782408&ga_sid=1627782413&ga_hid=1719115966&ga_fc=false&fws=512&ohw=0&btvi=3&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

fb9ba05bd5f57897d11992bc4ea144f4c760dc5ad4720ad64450d5e68eccd057

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 01:46:54 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8152
x-xss-protection: 0
google-lineitem-id: 5646738932
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138353608566
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.kolotv.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 17 KB
8 KB 2102ms
2102ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=504986625198968&correlator=1058192807521065&output=ldjh&impl=fifs&eid=31060890%2C20211866%2C21065725&vrg=2021072701&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20210801&iu_parts=63316753%2Ckolo%2Cweb%2Cnews&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250&prev_scp=pt%3Dstory%26cid%3DVTGDV3GYGVDUNNVGUPMMTO4HDE%26position%3D3&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1627782407&dt=1627782413222&dlt=1627782407455&idt=5702&frm=20&biw=1600&bih=1200&oid=3&adxs=1135&adys=3959&adks=1370613838&ucis=7&ifi=7&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.kolotv.com%2F2020%2F07%2F11%2Fincrease-in-identity-theft-tied-to-fraudulent-unemployment-claims%2F%3Ffbclid%3DIwAR1_wADxU4i9aghqmr-rUVcEHcOjDvYFGJK3qUze_pKeOWXCG8ugoV3p8w8&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x269&msz=300x250&ga_vid=926350045.1627782408&ga_sid=1627782413&ga_hid=1719115966&ga_fc=false&fws=512&ohw=0&btvi=4&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

8d4fd39e9d3f24aabb6ec964e76ea9748130e09abf3aca50851f55287dac2744

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 01:46:55 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8107
x-xss-protection: 0
google-lineitem-id: 5566273170
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138353917028
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.kolotv.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 v2ijbLJCdMJyruPbsYZse83NuQ_--hgq_PwLKQdWcl3Klm-ZVhnF1kP_-JB2gfstv4BwUgiss Show response
reconditerespect.com/ 216 B
613 B 114ms
26ms Fetch
application/json 35.201.98.64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://reconditerespect.com/v2ijbLJCdMJyruPbsYZse83NuQ_--hgq_PwLKQdWcl3Klm-ZVhnF1kP_-JB2gfstv4BwUgiss

Requested by

Host: reconditerespect.com
URL: https://reconditerespect.com/v2ifvwqPXE9BFrH8cuq6EjcK57ICvp7Rg1NTbeoWDvSiagk8PzI4p2yLt

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.98.64 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

64.98.201.35.bc.googleusercontent.com

Software

Resource Hash

af52eab40ed4c0dd37ebac54b48f8e82f13b86068f8dc670e8f34d9395ff3c8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
x-datacenter: gce-europe-west1
date: Sun, 01 Aug 2021 01:46:53 GMT
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.kolotv.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-hostname: 0586a9fb
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length: 216
expires: Sun, 01 Aug 2021 01:46:52 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j92&a=1719115966&t=timing&_s=2&dl=https%3A%2F%2Fwww.kolotv.com%2F2020%2F07%2F11%2Fincrease-in-identity-theft-tied-to-fraudulent-unemployment-claims%2F%3Ffbclid%3DIwAR1_wADxU4i9aghqmr-rUVcEHcOjDvYFGJK3qUze_pKeOWXCG8ugoV3p8w8&ul=en-us&de=UTF-8&dt=Increase%20in%20identity%20theft%20tied%20to%20fraudulent%20unemployment%20claims&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=6759&pdt=6&dns=141&rrt=0&srt=775&tcp=16&dit=1416&clt=1468&_gst=1683&_gbt=1696&_cst=1274&_cbt=1677&_u=YGBACEABBAAAAC~&jid=&gjid=&cid=926350045.1627782408&tid=UA-3637494-7&_gid=248249013.1627782408&gtm=2wg7s0K98NJ4V&cg1=%2Fnews&cg2=story&cg3=kolo&cg4=VTGDV3GYGVDUNNVGUPMMTO4HDE&cd1=07%2F10%2F2020&cd2=10&cd3=07&cd4=2020&cd5=story&cd6=1&cd7=News&cd8=kolo&cd9=kolo&cd10=VTGDV3GYGVDUNNVGUPMMTO4HDE&cd11=%2Fnews&cd12=PageBuilder%20Fusion%20-%20Arc%20Publishing&cd13=Staff&cd14=In%20the%20last%20three%20weeks%20there%20are%2037%20cases%20where%20people%27s%20Social%20Security%20numbers%20were%20used%20to%20file%20for%20unemployment%20benefits%20through%20DETR.&cd16=Sun%20Aug%2001%202021%2003%3A46%3A47%20GMT%2B0200%20(Central%20European%20Summer%20Time)&cd17=%2B02%3A00&cd18=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F89.0.4389.72%20Safari%2F537.36&cd19=Increase%20in%20identity%20theft%20tied%20to%20fraudulent%20unemployment%20claims&cd35=gray&cd36=staff&cd40=default&z=375670394

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 31 Jul 2021 21:12:22 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 16471
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 /
364bf52c.akstat.io/ 0
202 B 50ms
49ms Ping
image/gif 2a02:26f0:6c00:2b9::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://364bf52c.akstat.io/

Requested by

Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/2E2M7-67B4A-DL5Z6-QJNZK-YUVYQ

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

2a02:26f0:6c00:2b9::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sun, 01 Aug 2021 01:46:53 GMT
content-type: image/gif
access-control-allow-origin: https://www.kolotv.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *
x-xss-protection: 0
expires: Sun, 01 Aug 2021 01:46:53 GMT

GET
H/1.1

200
OK

results.txt Show response
kjtbhcc7munskyif7ugq-pljeb6-d6475f27f-clientnsv4-s.akamaihd.net/eum/ Frame 6C65
Redirect Chain

https://trial-eum-clientnsv4-s.akamaihd.net/eum/getdns.txt?c=pljeb6qyy
https://kjtbhcc7munskyif7ugq-pljeb6-d6475f27f-clientnsv4-s.akamaihd.net/eum/results.txt

8 B
312 B

2766ms
1621ms

XHR
text/plain

95.101.27.37
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://kjtbhcc7munskyif7ugq-pljeb6-d6475f27f-clientnsv4-s.akamaihd.net/eum/results.txt
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 95.101.27.37 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-101-27-37.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 01 Aug 2021 01:46:54 GMT
Last-Modified: Wed, 08 May 2013 07:51:12 GMT
Server: AkamaiNetStorage
ETag: "402e7a087747cb56c718bde84651f96a:1367999472"
Content-Type: text/plain
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8

Redirect headers

Location: https://kjtbhcc7munskyif7ugq-pljeb6-d6475f27f-clientnsv4-s.akamaihd.net/eum/results.txt
Date: Sun, 01 Aug 2021 01:46:53 GMT
Server: AkamaiGHost
Connection: keep-alive
Access-Control-Allow-Origin: *
Content-Length: 0

GET
H/1.1

200
OK

results.txt Show response
fiaqj6absjkbikqce3ygyaaaabqql7in-pljeb6-f1f9ae1d2-clienttons-s.akamaihd.net/eum/ Frame 6C65
Redirect Chain

https://trial-eum-clienttons-s.akamaihd.net/eum/getdns.txt?c=pljeb6qyy
https://fiaqj6absjkbikqce3ygyaaaabqql7in-pljeb6-f1f9ae1d2-clienttons-s.akamaihd.net/eum/results.txt

8 B
312 B

48ms
6ms

XHR
text/plain

2a02:26f0:6c00::210:ba19
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://fiaqj6absjkbikqce3ygyaaaabqql7in-pljeb6-f1f9ae1d2-clienttons-s.akamaihd.net/eum/results.txt
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:26f0:6c00::210:ba19 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 01 Aug 2021 01:46:53 GMT
Last-Modified: Wed, 08 May 2013 07:51:12 GMT
Server: AkamaiNetStorage
ETag: "402e7a087747cb56c718bde84651f96a:1367999472"
Content-Type: text/plain
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8

Redirect headers

Location: https://fiaqj6absjkbikqce3ygyaaaabqql7in-pljeb6-f1f9ae1d2-clienttons-s.akamaihd.net/eum/results.txt
Date: Sun, 01 Aug 2021 01:46:53 GMT
Server: AkamaiGHost
Connection: keep-alive
Access-Control-Allow-Origin: *
Content-Length: 0

POST
H2 200 v2xvoMkeIJNkcA0J7Gnxxrtovbmz6QZSbxs0jgujBwHd2eIsL11cbYNZROHT_RwKEqGdnbCtg Show response
reconditerespect.com/ 3 B
36 B 43ms
43ms Fetch
application/json 35.201.98.64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://reconditerespect.com/v2xvoMkeIJNkcA0J7Gnxxrtovbmz6QZSbxs0jgujBwHd2eIsL11cbYNZROHT_RwKEqGdnbCtg

Requested by

Host: reconditerespect.com
URL: https://reconditerespect.com/v2ifvwqPXE9BFrH8cuq6EjcK57ICvp7Rg1NTbeoWDvSiagk8PzI4p2yLt

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.98.64 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

64.98.201.35.bc.googleusercontent.com

Software

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
x-datacenter: gce-europe-west1
date: Sun, 01 Aug 2021 01:46:53 GMT
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.kolotv.com
access-control-allow-credentials: true
x-hostname: 0586a9fb
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length: 3

GET
H3-29 200 container.html Show response
328768522572c50ec1e7680a4578297a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F567 6 KB
3 KB 20ms
6ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://328768522572c50ec1e7680a4578297a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 328768522572c50ec1e7680a4578297a.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.kolotv.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.kolotv.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Sun, 01 Aug 2021 01:46:53 GMT
expires: Mon, 01 Aug 2022 01:46:53 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 33ms
13ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

163ad32a13401b1f5387b23c7d749fccac8da49e9914584fe3aca42884532c09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 01:46:53 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627644667915703"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27995
x-xss-protection: 0
expires: Sun, 01 Aug 2021 01:46:53 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
9 KB 36ms
17ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021072701&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7bd61ee5124d4e968a2a1cffd941e86aec827920d12a17b7db8846c5942095b5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 01 Aug 2021 01:46:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8451
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame F567 3 KB
1 KB 33ms
14ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: 328768522572c50ec1e7680a4578297a.safeframe.googlesyndication.com
URL: https://328768522572c50ec1e7680a4578297a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://328768522572c50ec1e7680a4578297a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sun, 01 Aug 2021 01:09:13 GMT
server: ESF
date: Sun, 01 Aug 2021 01:46:53 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 01 Aug 2021 01:46:53 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/ Frame F567 1 KB
936 B 33ms
10ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: 328768522572c50ec1e7680a4578297a.safeframe.googlesyndication.com
URL: https://328768522572c50ec1e7680a4578297a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://328768522572c50ec1e7680a4578297a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 01:43:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 190
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 830
x-xss-protection: 0
server: cafe
etag: 3558876194914413708
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 15 Aug 2021 01:43:43 GMT

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame F567 0
0 58ms
57ms Fetch
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CL-VqDf0FYbSTEM_t3wPkvb5A1LmQgmT7zoj5jw5kEAEg-b_DI2C5-MeA3AGgAdnS5M8DyAEJqQK3jaj_-eizPuACAKgDAcgDmwSqBJQCT9CN1xRmV7eyILCYlJjPw3NZ4OsCYyCTgcdSxwEpqQePE7z2zrpgYJ5EmI882tH2rgOaDeAkJ9AeC6XjhIYG5E5YQAgC-qzEFnnabSUnJ8SnYaciPtVfcX-7Itko2t-vLYPRY8XrqgPLRGp5_tAfeLFNMwgJYmMfHIg1I7XfwlBpXo_SKXj0rmqLCNyG6X0J58Gw5J4PTTE5Ch2RInabIWTr7C7uCuC4ILdZW0PKo1R47MQnfwm3gxF904rWdKkSyK9UU2LIwEXZcXvFTU2jwYiXWxcdez2CechZ1kkz6SWxfeTK47IEtn2ms0noQYAFnkDOWdkerBo6v5-WvxhnIivCjXjtSGny2-zamdRV2RBINlcHwATu89Oc1gPgBAGSBQQIBBgBkgUECAUYBKAGLoAH-LGtNagH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBCbkgrSCAkIiOGAEBABGB2ACgPICwGYDOXCu8_RA7gTgwTYEw7QFQGAFwGyFxoKGAgAEhRwdWItMDg4MzEyNjcyNTc3MzAyNg&sigh=LANxqvEOp6E&template_id=515
Requested by: Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/?fbclid=IwAR1_wADxU4i9aghqmr-rUVcEHcOjDvYFGJK3qUze_pKeOWXCG8ugoV3p8w8
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://328768522572c50ec1e7680a4578297a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210728/r20110914/ Frame F567 18 KB
8 KB 26ms
5ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210728/r20110914/abg_lite_fy2019.js

Requested by

Host: 328768522572c50ec1e7680a4578297a.safeframe.googlesyndication.com
URL: https://328768522572c50ec1e7680a4578297a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b6a55c5d865e518cbf4451782c130c5e487f72d7194c68832f61c4914e8f818

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://328768522572c50ec1e7680a4578297a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 01:28:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1111
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7612
x-xss-protection: 0
server: cafe
etag: 18375530890449129318
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 15 Aug 2021 01:28:22 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/ Frame F567 2 KB
1 KB 32ms
11ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/window_focus_fy2019.js

Requested by

Host: 328768522572c50ec1e7680a4578297a.safeframe.googlesyndication.com
URL: https://328768522572c50ec1e7680a4578297a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://328768522572c50ec1e7680a4578297a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 01:39:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 438
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 15 Aug 2021 01:39:35 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F567 124 KB
37 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 328768522572c50ec1e7680a4578297a.safeframe.googlesyndication.com
URL: https://328768522572c50ec1e7680a4578297a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0dc0de8e5e96c7703251d73a1804e8558151983afa3a2af5a7dfb29001dbe99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://328768522572c50ec1e7680a4578297a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 01:46:53 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627644660751711"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38134
x-xss-protection: 0
expires: Sun, 01 Aug 2021 01:46:53 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/ Frame F567 14 KB
6 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 328768522572c50ec1e7680a4578297a.safeframe.googlesyndication.com
URL: https://328768522572c50ec1e7680a4578297a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9d8a9aaecb7cd39329dcfad9a882ce0d174802ded027e150440484e097c73cb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://328768522572c50ec1e7680a4578297a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 01:24:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1365
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6207
x-xss-protection: 0
server: cafe
etag: 18081889583213459188
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 15 Aug 2021 01:24:08 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame F567 0
0 33ms
13ms Image
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTXUKS24qK7LNNRhs05-PJ-nS-6tsKnQS3JpXQA4sHKE2OwLal-T75Bfg-2F7QfkhgTuKnv4bPYMafIoyy2KO7zO5YhVw
Requested by: Host: 328768522572c50ec1e7680a4578297a.safeframe.googlesyndication.com
URL: https://328768522572c50ec1e7680a4578297a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://328768522572c50ec1e7680a4578297a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 638cf57158770915db314ccd85b2248b.js Show response
www.gstatic.com/mysidia/ Frame F567 26 KB
11 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/638cf57158770915db314ccd85b2248b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 328768522572c50ec1e7680a4578297a.safeframe.googlesyndication.com
URL: https://328768522572c50ec1e7680a4578297a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2815473cb317930b4e63191154c2bbbf5d3b3165b461207ac7548af646b8a19e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://328768522572c50ec1e7680a4578297a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 18:06:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 114014
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10810
x-xss-protection: 0
last-modified: Tue, 27 Jul 2021 00:49:08 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 28 Oct 2021 18:06:39 GMT

GET
H2 200 10074023703360132787
tpc.googlesyndication.com/simgad/ Frame F567 3 KB
3 KB 28ms
11ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10074023703360132787?w=100&h=100

Requested by

Host: 328768522572c50ec1e7680a4578297a.safeframe.googlesyndication.com
URL: https://328768522572c50ec1e7680a4578297a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e4aadb2562ca721cfd827a843b4f98758939082377413f3b915114e1a4753922

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://328768522572c50ec1e7680a4578297a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 30 Jul 2021 09:34:56 GMT
x-content-type-options: nosniff
age: 144717
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2998
x-xss-protection: 0
last-modified: Thu, 10 Jun 2021 09:21:26 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Jul 2022 09:34:56 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 01:46:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Sun, 01 Aug 2021 01:46:53 GMT

GET
DATA 200
OK truncated
/ Frame F567 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ecf18e451c40429bffc83a1c654c2a202247ef96437cb864a148f50849b4acba

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 993C 12 KB
5 KB 20ms
6ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.kolotv.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.kolotv.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Sat, 31 Jul 2021 18:05:04 GMT
expires: Sun, 31 Jul 2022 18:05:04 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 27709
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4C76 783 B
532 B 28ms
27ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f7353befad1c1a787eb99dbd50d91ba96b0bfa0b59eebce63104e2f4cfddcc4d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-DmkOJRt/iMpyG5vnjqwBhw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.kolotv.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.kolotv.com/

Response headers

expires: Sun, 01 Aug 2021 01:46:53 GMT
date: Sun, 01 Aug 2021 01:46:53 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-DmkOJRt/iMpyG5vnjqwBhw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame F567 21 KB
21 KB 30ms
11ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://328768522572c50ec1e7680a4578297a.safeframe.googlesyndication.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 02:22:18 GMT
x-content-type-options: nosniff
age: 429875
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21716
x-xss-protection: 0
last-modified: Wed, 11 Nov 2020 20:26:21 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 02:22:18 GMT

GET
H2 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame F567 21 KB
22 KB 21ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://328768522572c50ec1e7680a4578297a.safeframe.googlesyndication.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 13:46:22 GMT
x-content-type-options: nosniff
age: 388831
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21552
x-xss-protection: 0
last-modified: Wed, 11 Nov 2020 20:26:16 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 13:46:22 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/022107200040000/ Frame F40B 188 KB
55 KB 28ms
7ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022107200040000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74098b59023dde77ec8c75a48ad6509ef8404dffe131152181b90e3030c8d942

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 362996
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55132
x-xss-protection: 0
server: sffe
date: Tue, 27 Jul 2021 20:56:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "b0e0389ab71ebda8"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 20:56:57 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/022107200040000/v0/ Frame F40B 13 KB
5 KB 38ms
17ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022107200040000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b4f1f72b78c93a6cdf32fbce758cc76e353e589296975f8491a265167cfdb0c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 362996
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4808
x-xss-protection: 0
server: sffe
date: Tue, 27 Jul 2021 20:56:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "82cb572e3b54d217"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 20:56:57 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/022107200040000/v0/ Frame F40B 87 KB
27 KB 39ms
18ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022107200040000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

695be856611d9d209b70e4b7356594bd123af15d79843a3711289bf90e3525b1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 362996
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27828
x-xss-protection: 0
server: sffe
date: Tue, 27 Jul 2021 20:56:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "2309f93374d1f64f"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 20:56:57 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/022107200040000/v0/ Frame F40B 4 KB
2 KB 41ms
20ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022107200040000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0c3f2e5825816bcac42e686f0c3aa76e1aa566f71a437d8768702d4a3a45875

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 119350
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1648
x-xss-protection: 0
server: sffe
date: Fri, 30 Jul 2021 16:37:43 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "0ef177dade489237"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Jul 2022 16:37:43 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/022107200040000/v0/ Frame F40B 40 KB
13 KB 38ms
17ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022107200040000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072701.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

172ecde3db13e66cf99995d63de308e2d6e3fdeb1a99dfaeec136f4862eb1573

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 362996
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12831
x-xss-protection: 0
server: sffe
date: Tue, 27 Jul 2021 20:56:57 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "896e0bc3d66ccdf5"
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 20:56:57 GMT

GET
DATA 200
OK truncated
/ Frame F40B 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7c0c3c8a219677eaadfee1947adfe77e0f0d86579dedd4b652ab398f891c4196

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 18007140288022914656
tpc.googlesyndication.com/daca_images/simgad/ Frame F40B 17 KB
17 KB 83ms
82ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/18007140288022914656

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

81ba613b3aa0b306f5960b1fffad3c4ac5a672139ec21cedade2bcaafbfc7362

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 01:46:54 GMT
x-content-type-options: nosniff
last-modified: Sat, 13 Feb 2021 07:14:19 GMT
server: sffe
x-dns-prefetch-control: off
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17811
x-xss-protection: 0
expires: Mon, 01 Aug 2022 01:46:54 GMT

GET
H3-29 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F40B 2 KB
2 KB 7ms
6ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 31 Jul 2021 03:19:18 GMT
x-content-type-options: nosniff
server: cafe
age: 80855
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Sun, 01 Aug 2021 03:19:18 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame F40B 295 B
319 B 7ms
6ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 31 Jul 2021 13:07:41 GMT
x-content-type-options: nosniff
server: cafe
age: 45552
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Sun, 01 Aug 2021 13:07:41 GMT

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame F40B 0
0 58ms
57ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CW9J9Df0FYdKVJdir3gO1n4WoCtiXgcdj28WWn-gL5dPa05QaEAEg-b_DI2C5-MeA3AGgAd7XhbcCyAECqQK3jaj_-eizPuACAKgDAcgDCKoEoAJP0CUzd4OZ7Zo_9MLbpPAeOQYwT98g_7z34nQXRauL7Fzpai0Ss6yL3OgkkwzrRVTiU6IFgbXbots-cM7Bf8hiXg2FYJ2O7lUYY5YbpPsV1pa3QJyJSiD1vXouphmGxbg0XqSgwPAhSb91Y3mi8LMTnoIOlX7jbsNJTgWR9dwR_TfAxnHqTgDfUKcoDB2BNZkKmkCp-Jd-wwxXf-kLkmDeU95kQQPCVhkTzqit-jS13PgeJ-H6110K5bf-XEYf_aJxlwz614a6-epFDNbz0bELy99fDKJ0plpA7oq2ISV7J58GY7A2NJG9BczHYzxwZtmBD01Q8ySqJDIB9hQOrqLgaYCHH1ATJEokEPCfhaXg6ZXc3mTAoQGYJXz94Z4kpajABK7Gr-X5AuAEAaAGAoAHiqj6yAGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQiJUG0ggJCIjhgBAQARgdgAoDyAsB2BMD0BUBgBcBshcaChgIABIUcHViLTA4ODMxMjY3MjU3NzMwMjY&sigh=zyfJdykciVo
Requested by: Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/?fbclid=IwAR1_wADxU4i9aghqmr-rUVcEHcOjDvYFGJK3qUze_pKeOWXCG8ugoV3p8w8
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 5DoHiAB8gciOXy4tN-30Samgrf9Qq3bIy1sciudvWGA.js Show response
pagead2.googlesyndication.com/bg/ Frame 993C 35 KB
13 KB 19ms
6ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/5DoHiAB8gciOXy4tN-30Samgrf9Qq3bIy1sciudvWGA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e43a0788007c81c88e5f2e2d37edf449a9a0adff50ab76c8cb5b1c8ae76f5860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 31 Jul 2021 21:06:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16811
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13434
x-xss-protection: 0
last-modified: Mon, 26 Jul 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 31 Jul 2022 21:06:43 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame F40B
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

33ms
14ms

Image
text/html

2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/?fbclid=IwAR1_wADxU4i9aghqmr-rUVcEHcOjDvYFGJK3qUze_pKeOWXCG8ugoV3p8w8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date: Sun, 01 Aug 2021 01:46:54 GMT
x-content-type-options: nosniff
server: safe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 42ms
41ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021072701&jk=504986625198968&bg=!FBelF1PNAAals0SOpbM7ACkAdvg8WubmrsL-8I36Yz54cmx3PJCJM1T67wXg6hWk-WMKUeq_pwn9RwIAAABvUgAAAAtoAQcKAOBpB0v-6D0_PdihBAJ6YH2R24lF3JMAkzziOfrc84OfZODuGSZp5yNK_XRGd4br8UdhgMV5cfFyQlNC0glyE5gJVbtA2cZKZ0ACPPd0EsOfREqECMzxlhkkGZVR-aYqtXzyHE2Boimjmfbo5lAtH6MJcrVEvJNSRF_LL8jMzK5mBzjePsQMCM7ouadwagmPMdGlcp9nzPgMCpT-leZC0aNPgzZuDjOXqMKUuCRXAy-3vb6vZOnF1VRnnRhmD9m2EFiBqQziSWGWE3AUhBG78gxzA0pqc5CnssHsMj2EzwX2WZkCbHJFP2BIJOOLSbhfbXxkERANapJVyqzGrqxThmLT_F6GNUlzoRAXYcUZvzyaZ4ABDxn2uw6y-elmHfbEGS0-oUq1ktkbP1o09M-eznFQomTMqjGKzQLm2h8amxrpdYEgNYMo33AdpMRfVpRcxEox6hsXm0rtWL5BwHg-fGpIhI8xt_1k5Hp2X9z_MPPSZ8pDRtLE0FMkI7BUtMNnjeWb_ltOGSuM1zheXS8bfFLQYarUvarR39Gt3SZYmfUwmD139uCruk_aIv0-JWA_ZecapQGqEQRQ4XltEsMZFi_8R-OxtsUBD1EiONKtFuj10zRZihEXVkIkdHTfy3bFsEotCRc5Adq6_D5kedqfG7OVcFU5cXf9_RkRPVZwVy1yCH-zTOLtybzvhAMQQOlz7b-5csuI6n4aTUl36XuPeqD8NiCm6m9EP22_2yPh9Ids5oernQXhdrPP4sd3SXIoM6IwJndmuMpm-oY3yK_XUpkKgBhrOzCUa23FUJxlBsT-ia0lnhlsKE_SnN2_mJ8We7XZY2vjsEZWDzI9ycc-Aj52U0a-WXvfke0GHXasBNv59Df-ghyEmedL1VDuUFThb32YZYm12RFgVmni0TopnJC-_3lCh7ZH1NY-bY2QOExwmaGYavV-VbkrXYbsad0Vn5CXdG9oaFjtnX6AsGblXs1Eo_WfEFEiwkLmsuQt39vzJ_ttN3xbCnfABEw8gZBh1RPtbI6BSjCaFUz__ft0FVWiJzX_b8hFatFMseKStdXixyQEHGmKOeUwDS9XZhB61tpkQUmny5pyMGyzvnRWd1JbQsQhQpT2EoksbOeeTYba

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 01 Aug 2021 01:46:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 07DC 0
0 59ms
58ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu5sDeVJgq3hCcsvNSGrFKr5JX1xdRrfyGdJsNyiGYraKKX4FNiGETHlMQW7Bwvch2KZUbr9TceS8Q4E0-vJfLFzF7wwgvzVLYEnawNNeLp3Pk3wupEko-9JrNjJnbg5Z8kXCwsTSS3h-mT7B4NwhjJVXWPp-_dSokqSNg0FtC4SZTlXecseSmiusyCaVrwYkMu9eewnF-bvr47ycSBRpQUKp3buW8aCVeJ1HFKNyj0ON4QZsWrZSr1t2W7-xMyQpjKPbupCDP6LS2wMdGMS8olZhp1iTANVIFjEnt3DwKHRwUE5wm8gHTQKfbx4qPFvVwc3lJD41_JlA&sai=AMfl-YRlE4oEb_pD-IqxbkCb6khxjaMh2dMrnz3AnKmGfdYqFULT-S8xB35OVs_pgpSVuyw3ff1cxI49etQKMpswUs6ao-cgvTKi-VNN4BcHc0TujeUD9B6uZxIuI9WsZk4&sig=Cg0ArKJSzL-bprmBca4NEAE&adurl=

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 01 Aug 2021 01:46:54 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/ Frame 07DC 2 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 01:39:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 439
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 15 Aug 2021 01:39:35 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 07DC 124 KB
37 KB 28ms
14ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0dc0de8e5e96c7703251d73a1804e8558151983afa3a2af5a7dfb29001dbe99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 01:46:54 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627644660751711"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38134
x-xss-protection: 0
expires: Sun, 01 Aug 2021 01:46:54 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 07DC 0
0 14ms
13ms Image
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTqjIjRYtGEXioRYgZb3miJ9c61imuyUrkjVfFXopGyAI58uzpMq2ti4HhLBO9UhvlHfhQnvOH1_sU8vBiFsifwH9ziDg
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072701.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 16097075946213693021
tpc.googlesyndication.com/simgad/ Frame 07DC 47 KB
47 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16097075946213693021

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e45cde573b366aa1bbc122f60c550dd2614b5cb0a88326cab46e68ef036aa66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 00:16:14 GMT
x-content-type-options: nosniff
age: 437440
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48473
x-xss-protection: 0
last-modified: Mon, 21 Jun 2021 18:42:30 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 00:16:14 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 07DC 0
0 58ms
57ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssyNIqn19O5UcQi8cJ-PASertD_foLBmGK38d_avEhHEdo2N6MthMPzo9qdijFrxh1Wo20aMEqVYrn1zRCTqffHRMzM6S3AwkO-V9lefE0Qj_Uz9zuO94Jb3PB8gD1SDr76II9fk4Vh66a3UPNrQHre7z7HxGiA60M4rL23jqQY6oERQ4-IGvpgx7uhtrTU5LPmvGPT2HnKlLLxAlczSI2mb424em_cehnduc9wWpKqZnaXxw6ZUA8bvJb1aRY7XXtjyeuslt6YtNk57sVz896q-s6RCZ4n_lVuNZacMlqRexmkOgDilrp_gMak9Q&sai=AMfl-YRUKldu-xyAa8HhkREZjrC1YWA5ag-_QrWxhBP9SVpCxxFiKZBdC055XhGRH9RvhezohcttF9GhvexjAI_6FTYN6Z1WO5mmcGGjYfYExfQFCpG8X5YzwgMD5gHWQvU&sig=Cg0ArKJSzFkbUM1WSWX9EAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 01 Aug 2021 01:46:54 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sun, 01 Aug 2021 01:46:54 GMT

GET
DATA 200
OK truncated
/ Frame 07DC 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f06b9e2f99c3e18904a11caa78a63efb7cf2ebc280a3d9e92d95cc9a7e4a7fe7

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 69DE 0
0 87ms
86ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv3CNnbrm9BOlt0zGbQ-WGtI3ik178mndT0Mk4_iJXzYFW4qOVAzaaCUhedBKfrZJbkr-0n1_86MAWyaTl5whh59fxnPm0jZ4iC2TlftMN-Ymbhxqx9KEkeO1zReX5F6K_ZCiT88UXt-nhGGy00VZMAjiLGjooPTOg0qVXwZiIQjoeSIIdCxZHdH1RtjqWEAjofRphPSKsT0pVKciMqYWFOFuLV_k5E34-Y6HlYIWweNhNqd7Bx7ji_Mt630CKcltXjBTljQ9274gznciR_3a19CBHwdCE_gXoof7x8L0actI22UjZ7w2saF8GxQOY_kTaxDu8dkbC9Uw&sai=AMfl-YS_Ffjq5ukc8iYpA1d4Z2nAQnPHGI135aduShCpSzsCiXRkjcJetXsXZ2BRhjbFoFo7tIfOcd7QfhutH8-BkJqc4kfrHSOgYI1k0u3T8Y_FLYMoZig4Q-Ayt1DRnj8&sig=Cg0ArKJSzFArizOlwCSVEAE&adurl=

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 01 Aug 2021 01:46:54 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/ Frame 69DE 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 01:39:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 439
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 15 Aug 2021 01:39:35 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 69DE 124 KB
37 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0dc0de8e5e96c7703251d73a1804e8558151983afa3a2af5a7dfb29001dbe99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 01:46:54 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627644660751711"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38134
x-xss-protection: 0
expires: Sun, 01 Aug 2021 01:46:54 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 69DE 0
0 17ms
16ms Image
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS19Eo4h95cSJFM6-jxqm8IpW8x4p41jafF5-7kYBybx8ue71TjCCUq7F1wjZ4qSr_Ls4Cksp5bFDirA6OoUwBNVSZSTw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072701.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 14871554273649431464
tpc.googlesyndication.com/simgad/ Frame 69DE 51 KB
51 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14871554273649431464

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e7930f8e5c76efeaed63af39a7f5f482ef64075cda8217a0ff29facbdf5deea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Jul 2021 02:35:21 GMT
x-content-type-options: nosniff
age: 429093
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52125
x-xss-protection: 0
last-modified: Mon, 21 Jun 2021 18:41:51 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 02:35:21 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 69DE 0
0 136ms
135ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstOeGfIWeRl0hp9TWoYFW8YVQzMujeNCKObV1tYDw1Ln7rVtP6X5iJlsKbnLGQLiGUHEMoBGuMPlK-g7onHfbLZqNnE-0A3ZyjsmYcIQnoItF3KW7nuy8WOsY_-7ekvtXrY_IbCgRz-lVwa2mcxivFceE5LSNVEaDYk1j4UAa205drjFx1PmlGREZIwwjEk3gkZb8-oPrg62IbJggE3VkLHER_gQnlr2iAOy5nJZi4kjOKkDEGtPigR8ETSl1dZ8J7_6BWSXZfkQgq6_i6WvWqFIJrB4c9v6WlsWT_tN_pv5PQ_x4U9Owrq9Hvsig&sai=AMfl-YROG3NtdR9QCBqdNjBWcrtatQr-N4WwlpURdj52ueUIn2WA1_gYVF0dN3LaG7J47-kp9x9QGbtnVGjoAej8tTe0TJNoNh4HEBgZPWVnT1xMeCHQHhreepvjGTsoAWs&sig=Cg0ArKJSzPYNYAKfwBbXEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 01 Aug 2021 01:46:54 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sun, 01 Aug 2021 01:46:54 GMT

GET
DATA 200
OK truncated
/ Frame 69DE 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ec044467c708fc97af9b50056366054f53175b0af20b00c38cd3eb03a7b5f390

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame F40B 0
0 60ms
58ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cql7ZDf0FYdKVJdir3gO1n4WoCtiXgcdj28WWn-gL5dPa05QaEAEg-b_DI2C5-MeA3AGgAd7XhbcCyAECqQK3jaj_-eizPuACAKgDAaoEoAJP0CUzd4OZ7Zo_9MLbpPAeOQYwT98g_7z34nQXRauL7Fzpai0Ss6yL3OgkkwzrRVTiU6IFgbXbots-cM7Bf8hiXg2FYJ2O7lUYY5YbpPsV1pa3QJyJSiD1vXouphmGxbg0XqSgwPAhSb91Y3mi8LMTnoIOlX7jbsNJTgWR9dwR_TfAxnHqTgDfUKcoDB2BNZkKmkCp-Jd-wwxXf-kLkmDeU95kQQPCVhkTzqit-jS13PgeJ-H6110K5bf-XEYf_aJxlwz614a6-epFDNbz0bELy99fDKJ0plpA7oq2ISV7J58GY7A2NJG9BczHYzxwZtmBD01Q8ySqJDIB9hQOrqLgaYCHH1ATJEokEPCfhaXg6ZXc3mTAoQGYJXz94Z4kpajABK7Gr-X5AuAEAaAGAoAHiqj6yAGoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQiJUG0ggJCIjhgBAQARgdgAoDyAsB2BMD0BUBgBcBshcaChgIABIUcHViLTA4ODMxMjY3MjU3NzMwMjY&sigh=BnmSn3XR8Oc&vt=1
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 activeview
pagead2.googlesyndication.com/pcs/ Frame F40B 42 B
64 B 47ms
46ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssqBwIBoEuEvpCxXQlaAIDCvfwrCI_34L5okBm31jiD0F02SGv8V5YKxzVcsekmxsf7JwlLLOxWfnN9Fg8uW0idiTPquJVUS6LVjRubTjfVRXRAY6SjVtsu50fH5_4GUKEkUWw2s4Unj4kZSQvV_zvl&sai=AMfl-YQL2w68n1TBdQIHAuRq7VC7lcoSDIS5A24ETy2NiEY-JX9HbM_WE-zLbVdKFzG3hWzCnPKihkjGBauxlp8vV_jcxsT00q9zj3lce4NG9Aw6AIR4kGaAQNaiIViBc-o&sig=Cg0ArKJSzDewumNjgdRAEAE&id=ampim&o=288,1110&d=1024,90&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=87&tls=1088&g=100&h=100&tt=1088&r=v&avms=ampa&adk=3962307085

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 01 Aug 2021 01:46:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 container.html Show response
328768522572c50ec1e7680a4578297a.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 34B6 6 KB
3 KB 6ms
6ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://328768522572c50ec1e7680a4578297a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 328768522572c50ec1e7680a4578297a.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.kolotv.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.kolotv.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Sun, 01 Aug 2021 01:46:53 GMT
expires: Mon, 01 Aug 2022 01:46:53 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4974159998619265864/ Frame 5A81 19 KB
4 KB 7ms
6ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4974159998619265864/index.html

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

26030ea37d9e08236adba542c74d508bb0b45a3830db2003616d1c31f1371367

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/4974159998619265864/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://328768522572c50ec1e7680a4578297a.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://328768522572c50ec1e7680a4578297a.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Wed, 28 Jul 2021 00:37:20 GMT
expires: Thu, 28 Jul 2022 00:37:20 GMT
last-modified: Mon, 08 Mar 2021 13:07:17 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
content-length: 3589
age: 349775
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 34B6 0
0 57ms
57ms Fetch
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cd5fgDv0FYfHlLNba3wPv24ugDLvnj_JjxrPN_psN29keEAEg-b_DI2C5-MeA3AGgAb_568UDyAEJqQK3jaj_-eizPuACAKgDAcgDCKoEnAJP0DQx7yRgnqoWf7j3WUQwOhdAW3wTo2DhOCFYma1gAZA2o17AmEFd4ag_OZkoVMAQEu04lOszg-XuFZwsWXItwul9xQAHeSSt74QM2oCNMt8YmbB0WKxf22_l7kiIyOPYHQFrBc_K1xxD7tE3CYi3NTf3DA6TLXxPyr_9medMVx4D5yoLVqrv3e3Pd5xaJ_YpJm8Jg0GiP8ujYBpdK1kTEwH_oOFwicmY5A43d1kJYdu3S6aFgOsHLKAojOFKE_d66aE2f9p2KYpz1kMwEl3vv1Igyv4mBKnUyM6hnaYFxQL6dNRjIhTJekrEgdhHDxpQE6AWuWKt73-f1WyXk_DKxqQn_NUUHsKoQHJvfwlFCMjCGgOaQGPUJYjXNcAEkJ_-rroD4AQBkgUECAQYAZIFBAgFGASgBi6AB6mGlDqoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQhvYG0ggJCIjhgBAQARgdgAoDyAsB2BML0BUBmBYBgBcBshcaChgIABIUcHViLTA4ODMxMjY3MjU3NzMwMjY&sigh=I2BgneenA8Y&template_id=419
Requested by: Host: www.kolotv.com
URL: https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/?fbclid=IwAR1_wADxU4i9aghqmr-rUVcEHcOjDvYFGJK3qUze_pKeOWXCG8ugoV3p8w8
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://328768522572c50ec1e7680a4578297a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210728/r20110914/ Frame 34B6 18 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210728/r20110914/abg_lite_fy2019.js

Requested by

Host: 328768522572c50ec1e7680a4578297a.safeframe.googlesyndication.com
URL: https://328768522572c50ec1e7680a4578297a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b6a55c5d865e518cbf4451782c130c5e487f72d7194c68832f61c4914e8f818

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://328768522572c50ec1e7680a4578297a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 01:28:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1113
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7612
x-xss-protection: 0
server: cafe
etag: 18375530890449129318
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 15 Aug 2021 01:28:22 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/ Frame 34B6 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/window_focus_fy2019.js

Requested by

Host: 328768522572c50ec1e7680a4578297a.safeframe.googlesyndication.com
URL: https://328768522572c50ec1e7680a4578297a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://328768522572c50ec1e7680a4578297a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 01:39:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 440
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 15 Aug 2021 01:39:35 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 34B6 124 KB
37 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 328768522572c50ec1e7680a4578297a.safeframe.googlesyndication.com
URL: https://328768522572c50ec1e7680a4578297a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0dc0de8e5e96c7703251d73a1804e8558151983afa3a2af5a7dfb29001dbe99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://328768522572c50ec1e7680a4578297a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 01:46:55 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627644660751711"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38134
x-xss-protection: 0
expires: Sun, 01 Aug 2021 01:46:55 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/ Frame 34B6 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 328768522572c50ec1e7680a4578297a.safeframe.googlesyndication.com
URL: https://328768522572c50ec1e7680a4578297a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9d8a9aaecb7cd39329dcfad9a882ce0d174802ded027e150440484e097c73cb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://328768522572c50ec1e7680a4578297a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 01:24:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1367
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6207
x-xss-protection: 0
server: cafe
etag: 18081889583213459188
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 15 Aug 2021 01:24:08 GMT

GET
H3-29 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame 5A81 9 KB
3 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4974159998619265864/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 31 Jul 2021 23:05:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9667
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 01 Aug 2021 23:05:48 GMT

GET
H3-29 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 5A81 26 KB
10 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4974159998619265864/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 31 Jul 2021 18:31:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26142
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10382
x-xss-protection: 0
server: cafe
etag: 12806417668659483808
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sun, 01 Aug 2021 18:31:13 GMT

GET
H2 200 gsap_3.2.4_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 5A81 57 KB
23 KB 33ms
13ms Script
text/javascript 2a00:1450:4001:82b::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.2.4_min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4974159998619265864/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 01:46:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23276
x-xss-protection: 0
last-modified: Thu, 05 Mar 2020 03:53:22 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 Aug 2021 01:46:55 GMT

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 04A5 143 B
163 B 6ms
5ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: 328768522572c50ec1e7680a4578297a.safeframe.googlesyndication.com
URL: https://328768522572c50ec1e7680a4578297a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://328768522572c50ec1e7680a4578297a.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUltuE5MrmkXTZNGBayWjashP3MQuafzSxKAi_AF1eetlhnPNFh1eka1cqr0UYY; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://328768522572c50ec1e7680a4578297a.safeframe.googlesyndication.com/

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sun, 01 Aug 2021 01:16:24 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1831
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 34B6 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c8f5e335f6684c6cf0a8408360aed8f5854c64bd4b1a2d15abe4b34867836ab2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 07DC 42 B
64 B 53ms
39ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuFMhR2pF7-h_ATeqiexcDfQc0xJa4E27F_ZzBAy7qJaHkNsLwhvUu05LeSxQlGub1LpTq4gtIfbjERH0P4JtCQxW7rvUhtu8N34FKKCB04lS-tCvU0&sig=Cg0ArKJSzC4mM80eduKOEAE&id=lidar2&mcvt=1011&p=99,436,189,1164&mtos=1011,1011,1011,1011,1011&tos=1011,0,0,0,0&v=20210730&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=1764353783&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1627782414227&rpt=59&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 01 Aug 2021 01:46:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 5913e75e6c513383fa24401500837f05.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4974159998619265864/ Frame 5A81 2 KB
2 KB 11ms
8ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4974159998619265864/5913e75e6c513383fa24401500837f05.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4974159998619265864/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e0083ebd804f6189719f6f6ddb52f9c627e802d88f52164047b2f60d8f6234f5

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 399237
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1761
x-xss-protection: 0
last-modified: Mon, 08 Mar 2021 13:07:17 GMT
server: sffe
date: Tue, 27 Jul 2021 10:52:58 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 10:52:58 GMT

GET
H3-29 200 7dbe08cbed540c40a808248096b81661.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4974159998619265864/ Frame 5A81 874 B
904 B 10ms
8ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4974159998619265864/7dbe08cbed540c40a808248096b81661.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4974159998619265864/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b4cd1bec59279fa984a355b00771a938a6610f43c43d0615d5400c4082a719fb

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 399237
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 874
x-xss-protection: 0
last-modified: Mon, 08 Mar 2021 13:07:17 GMT
server: sffe
date: Tue, 27 Jul 2021 10:52:58 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 10:52:58 GMT

GET
H3-29 200 31a4b7383d62f08275b70fb7f0e2132a.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4974159998619265864/ Frame 5A81 8 KB
8 KB 9ms
7ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4974159998619265864/31a4b7383d62f08275b70fb7f0e2132a.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4974159998619265864/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

023add6782303acda5d6e94937f0cf62592064481167baa0472e2aa50e96a615

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 399237
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8072
x-xss-protection: 0
last-modified: Mon, 08 Mar 2021 13:07:17 GMT
server: sffe
date: Tue, 27 Jul 2021 10:52:58 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 10:52:58 GMT

GET
H3-29 200 c058116c162c48aca5be1ebc9ac377e2.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4974159998619265864/ Frame 5A81 3 KB
3 KB 11ms
9ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4974159998619265864/c058116c162c48aca5be1ebc9ac377e2.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4974159998619265864/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e9bd7db5857b4d6fa206dd3c72f47f6009217e1e7dff3d0b70fa6281a7c951c

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 399237
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2822
x-xss-protection: 0
last-modified: Mon, 08 Mar 2021 13:07:17 GMT
server: sffe
date: Tue, 27 Jul 2021 10:52:58 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 10:52:58 GMT

GET
H3-29 200 002b913cb903e48b8e1b4c16908a5c93.jpg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4974159998619265864/ Frame 5A81 2 KB
2 KB 13ms
10ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4974159998619265864/002b913cb903e48b8e1b4c16908a5c93.jpg

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4974159998619265864/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9802e2ddc8288f29ee76fccf75f9f61b90f97dc51c06fce76a747ebf7c2483c0

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 399237
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1613
x-xss-protection: 0
last-modified: Mon, 08 Mar 2021 13:07:17 GMT
server: sffe
date: Tue, 27 Jul 2021 10:52:58 GMT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 10:52:58 GMT

GET
H3-29 200 dbe380f8ee37f202ba2a6a39c1c3f91c.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4974159998619265864/ Frame 5A81 782 B
812 B 12ms
10ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4974159998619265864/dbe380f8ee37f202ba2a6a39c1c3f91c.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4974159998619265864/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a63e91cdc8bfc63f3ab04812969c51afe4a0e0a5a57fde59b7aa0d4de0a5fbdc

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 399237
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 782
x-xss-protection: 0
last-modified: Mon, 08 Mar 2021 13:07:17 GMT
server: sffe
date: Tue, 27 Jul 2021 10:52:58 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 10:52:58 GMT

GET
H3-29 200 a50eb23a2d2cac05f57734823e1bfb87.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4974159998619265864/ Frame 5A81 760 B
790 B 12ms
9ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4974159998619265864/a50eb23a2d2cac05f57734823e1bfb87.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4974159998619265864/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

664f5f0b6fbfe5bbc3dffc1f91337f18f9ab62d3bd40ebcf7dc739ae6b5dbe9d

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 399237
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 760
x-xss-protection: 0
last-modified: Mon, 08 Mar 2021 13:07:17 GMT
server: sffe
date: Tue, 27 Jul 2021 10:52:58 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 10:52:58 GMT

GET
H3-29 200 48705986ce237122d707603ae08e4c24.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4974159998619265864/ Frame 5A81 5 KB
5 KB 11ms
9ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4974159998619265864/48705986ce237122d707603ae08e4c24.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4974159998619265864/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d14276e70c9e30006917c3738ba7e71f715f53bf34f85348f15bd03d056286bc

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 399237
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4876
x-xss-protection: 0
last-modified: Mon, 08 Mar 2021 13:07:17 GMT
server: sffe
date: Tue, 27 Jul 2021 10:52:58 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 10:52:58 GMT

GET
H3-29 200 770e10d80a95bbaef3b45691bb779768.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4974159998619265864/ Frame 5A81 1 KB
1 KB 11ms
9ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4974159998619265864/770e10d80a95bbaef3b45691bb779768.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4974159998619265864/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb7e54b920ffa79faa5441b656777efb1811b72c1236f71a56fb6058107fc2aa

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 399237
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1151
x-xss-protection: 0
last-modified: Mon, 08 Mar 2021 13:07:17 GMT
server: sffe
date: Tue, 27 Jul 2021 10:52:58 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 10:52:58 GMT

GET
H3-29 200 3fe533fe4300a6cbc43acf90fce91f2b.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4974159998619265864/ Frame 5A81 978 B
1008 B 13ms
11ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4974159998619265864/3fe533fe4300a6cbc43acf90fce91f2b.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4974159998619265864/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c7bc0fdae67d8d2203d55dabaa7d201cc21518fd2597a115ed7ec8801a886a

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 399237
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 978
x-xss-protection: 0
last-modified: Mon, 08 Mar 2021 13:07:17 GMT
server: sffe
date: Tue, 27 Jul 2021 10:52:58 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 10:52:58 GMT

GET
H3-29 200 1da153e6f49003c313a70f4b51d49590.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4974159998619265864/ Frame 5A81 17 KB
17 KB 12ms
10ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4974159998619265864/1da153e6f49003c313a70f4b51d49590.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4974159998619265864/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97ee8ed692637cd3481442c587855890c11fc853024be775a6a1beb4270bc461

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 399237
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17361
x-xss-protection: 0
last-modified: Mon, 08 Mar 2021 13:07:17 GMT
server: sffe
date: Tue, 27 Jul 2021 10:52:58 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 10:52:58 GMT

GET
H3-29 200 1cc463b248d8abb1ad27fcdc429b6ad5.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4974159998619265864/ Frame 5A81 622 B
652 B 12ms
10ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4974159998619265864/1cc463b248d8abb1ad27fcdc429b6ad5.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4974159998619265864/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b4e67d66ac8892902ebec5af1c3f9f87060c756e10e247c521edbda55680f31b

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 399237
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 622
x-xss-protection: 0
last-modified: Mon, 08 Mar 2021 13:07:17 GMT
server: sffe
date: Tue, 27 Jul 2021 10:52:58 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 10:52:58 GMT

GET
H3-29 200 d82be363e087ec5d56efbb6ca65c80d6.png
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4974159998619265864/ Frame 5A81 7 KB
7 KB 12ms
9ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4974159998619265864/d82be363e087ec5d56efbb6ca65c80d6.png

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/4974159998619265864/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

303800b6a6c067df67fa07119aa5cd95e183187e61756c5b410fdd0371fae27d

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
x-content-type-options: nosniff
age: 399237
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7410
x-xss-protection: 0
last-modified: Mon, 08 Mar 2021 13:07:17 GMT
server: sffe
date: Tue, 27 Jul 2021 10:52:58 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Jul 2022 10:52:58 GMT

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 04A5
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

14ms
14ms

Document
text/html

2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Host: 328768522572c50ec1e7680a4578297a.safeframe.googlesyndication.com
URL: https://328768522572c50ec1e7680a4578297a.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUltuE5MrmkXTZNGBayWjashP3MQuafzSxKAi_AF1eetlhnPNFh1eka1cqr0UYY; test_cookie=CheckForPermission; DSID=NO_DATA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 01 Aug 2021 01:46:55 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Sun, 01-Aug-2021 02:46:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sun, 01 Aug 2021 01:46:55 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sun, 01 Aug 2021 01:46:55 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 60D5 0
0 59ms
58ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstdNAE2rGmSSAdIw-vWwiWA9HE6mdItNtKGK1n3Dg5jOKs7eED-YPxQQNKPs4_M_WLzvzT3oFzx9p_XA0_kJ_saL-rxRcv3jdAn0hogQvlakHDdTjAY3DtScYGZafTqPPuH6JRNbOhMtVNxK4YlXZ9ZptRHzfUJLeil6mIBAbidHnUg7U-Fh5CFdHZzeHxjCj_vghQRfdhaR4PAJ7M6MAWkaqj597HHjVw4T_7WG1QoGUCGK_tdwJvqHtjdxpr7JPOAeMx2sIUN6xANo3NsxzhBgenovoHRaNItpef_Z9s5J7cojg86wAcc&sai=AMfl-YSnMgbYl20OV3RmPQF1WHRbig0opbymeKKeYZ0HFQNY0AyOSgYOddW8uND8IV0oOP_f2ba2GECwtDKs1DzpT5m2sgYF9yy7IUO3QNfD-kSbpxeuhQIV2Sp4a5mwcfw&sig=Cg0ArKJSzF_NTaGqnGd3EAE&adurl=

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 01 Aug 2021 01:46:55 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/ Frame 60D5 2 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210728/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 01:39:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 440
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 15 Aug 2021 01:39:35 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 60D5 124 KB
37 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0dc0de8e5e96c7703251d73a1804e8558151983afa3a2af5a7dfb29001dbe99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 01 Aug 2021 01:46:55 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1627644660751711"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38134
x-xss-protection: 0
expires: Sun, 01 Aug 2021 01:46:55 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 60D5 0
0 15ms
14ms Image
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTIfVUH4LxX69Ly1TO5fxzvZPLAJ_PA_JZaF76sBQq147CM18L8Kg0g8QhdyIeOCVKKOU30o_Lht5oG2-TNJlZLuPc0jQ
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072701.js
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 4946756854992282874
tpc.googlesyndication.com/simgad/ Frame 60D5 50 KB
50 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4946756854992282874

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021072701.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d77ea6309cb467064d2259c221b226e8a852a4465d91aad1b4104c84a1f3e1f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 28 Jul 2021 12:01:41 GMT
x-content-type-options: nosniff
age: 308714
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51218
x-xss-protection: 0
last-modified: Wed, 23 Jun 2021 23:16:42 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Jul 2022 12:01:41 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 60D5 0
0 86ms
86ms Fetch
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu1I5Pl0WGNBXh5M_kPE4DuULoEEmwzxT9QqrUBgJWlX7Moek7K0VuNWfKnWCwcLpB6YsQ2KjGDTCeehB7URp6RsZsiumZDD91OteFvPWjB4ha6qDnuly27y-dWwR73CUjD01iJk0FkvNiDhFn1tqjP2kmnFAlEdMShYlVk2qWLidhXhR1S2ljLxj5PmJCuCqc5MM0poZO6g38Bvq6lGSw-q760UkQV2jO-stg4rRtBfdO6pvz-cz-o2-VWkElDeSWTNwa9LVDDOOLzOvU4CvonT3kngi6R-4SbqUQbRTJ_86TeC9bCOdJJ544&sai=AMfl-YQire4IMEFq2x1kL2f8e550LqJ4qGABZj-VZiy2dlLiUNv2zM8tw_vrhwsOMzQ2_vwZblyHJX0aYtbSRaSuonOKanluhRlfHqKvT4gvtWbHPpEz5D3Vg2Rak1_0FR0&sig=Cg0ArKJSzIB9Vglc4XnGEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 01 Aug 2021 01:46:55 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Sun, 01 Aug 2021 01:46:55 GMT

GET
DATA 200
OK truncated
/ Frame 60D5 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1c2294206c760f3ed66f42c9b4f4d41c4fccc0cab5960a79f5574ce012957d06

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 34B6 42 B
64 B 43ms
43ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvuvn3lt4NN09lRTV12_sXeApD_YRckPQqddtneOjI9-US-_sFhWoSq0NxDBe6pE1hMngOwolCPtVb9awtNDmgGnqoIFTK_CisAM5v4NN5KJ_dBHjBK6Rgt46VEMw&sai=AMfl-YT72sugkyHSENfTmGPQzuaMM6D6zJ9QQnx7HAa9iO4bU2I2_awP9qTgCIQSQIo9QTovep7C3fAaUmBKOcXE_6PHAsiYIQcoqE6liSMoOFyrfmchcd3Rgi_SDGikWvY&sig=Cg0ArKJSzNsUgQVMxuqoEAE&id=lidar2&mcvt=1000&p=240,1135,490,1435&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210730&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=3825047885&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1627782415218&dlt=9&rpt=2&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://328768522572c50ec1e7680a4578297a.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 01 Aug 2021 01:46:56 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 v2ijbLJCdMJyruPbsYZse83NuQ_--hgq_PwLKQdWcl3Klm-ZVhnF1kP_-JB2gfstv4BwUgiss Show response
reconditerespect.com/ 197 B
280 B 31ms
31ms Fetch
application/json 35.201.98.64
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://reconditerespect.com/v2ijbLJCdMJyruPbsYZse83NuQ_--hgq_PwLKQdWcl3Klm-ZVhnF1kP_-JB2gfstv4BwUgiss

Requested by

Host: reconditerespect.com
URL: https://reconditerespect.com/v2ifvwqPXE9BFrH8cuq6EjcK57ICvp7Rg1NTbeoWDvSiagk8PzI4p2yLt

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.98.64 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

64.98.201.35.bc.googleusercontent.com

Software

Resource Hash

015ce7bfbe89aa3374c3db36b67773f533e737d0caa365c3d49789b3cc031b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; preload

Request headers

Referer: https://www.kolotv.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

strict-transport-security: max-age=15724800; preload
x-datacenter: gce-europe-west1
date: Sun, 01 Aug 2021 01:46:58 GMT
vary: Accept-Encoding, Origin
access-control-allow-methods: POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.kolotv.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-hostname: 0586a9fb
timing-allow-origin: *
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
content-length: 197
expires: Sun, 01 Aug 2021 01:46:57 GMT

Verdicts & Comments Add Verdict or Comment

100 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.kolotv.com/	1970-01-19 20:09:42	Name: _gat_RMD Value: 1
.kolotv.com/	1970-01-19 20:11:08	Name: _gid Value: GA1.2.248249013.1627782408
www.kolotv.com/	1970-01-20 04:55:18	Name: usprivacy Value: 1---
.kolotv.com/	1970-01-20 13:40:54	Name: _ga Value: GA1.2.926350045.1627782408
.kolotv.com/	1970-01-19 20:19:47	Name: RT Value: "z=1&dm=kolotv.com&si=1uy9q9hp3jo&ss=krsjm8aj&sl=0&tt=0"
.kolotv.com/	1970-01-19 20:09:46	Name: AKA_A2 Value: A

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	error	URL: https://www.kolotv.com/pf/dist/engine/react.js?d=183(Line 22) Message: TypeError: Cannot read property 'gdmHiddenWeather AlertsAlert' of null
console-api	error	URL: https://www.kolotv.com/pf/dist/engine/react.js?d=183(Line 38) Message: TypeError: Cannot read property 'gdmHiddenWeather AlertsAlert' of null [object Object]
console-api	error	URL: https://www.kolotv.com/pf/dist/engine/react.js?d=183(Line 22) Message: TypeError: Cannot read property 'RCTempPreference' of null
console-api	error	URL: https://www.kolotv.com/pf/dist/engine/react.js?d=183(Line 38) Message: TypeError: Cannot read property 'RCTempPreference' of null [object Object]
console-api	info	URL: https://cdn.ampproject.org/rtv/022107200040000/amp4ads-v0.mjs(Line 6) Message: Powered by AMP ⚡ HTML – Version 2107200040000 https://www.kolotv.com/2020/07/11/increase-in-identity-theft-tied-to-fraudulent-unemployment-claims/?fbclid=IwAR1_wADxU4i9aghqmr-rUVcEHcOjDvYFGJK3qUze_pKeOWXCG8ugoV3p8w8

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

328768522572c50ec1e7680a4578297a.safeframe.googlesyndication.com
364bf52c.akstat.io
adservice.google.be
adservice.google.com
c.go-mpulse.net
capi.connatix.com
cd.connatix.com
cdn.ampproject.org
cdnjs.cloudflare.com
cds.connatix.com
d1d3jupgwm7m5r.cloudfront.net
d3agakyjgjv5i8.cloudfront.net
do0bihdskp9dy.cloudfront.net
fiaqj6absjkbikqce3ygyaaaabqql7in-pljeb6-f1f9ae1d2-clienttons-s.akamaihd.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gray-config-prod.api.cdn.arcpublishing.com
gray-kolo-prod.cdn.arcpublishing.com
gray-prod-cdn.video-api.arcpublishing.com
gray.video-player.arcpublishing.com
images.outbrainimg.com
kjtbhcc7munskyif7ugq-pljeb6-d6475f27f-clientnsv4-s.akamaihd.net
log.outbrainimg.com
mcdp-chidc2.outbrain.com
mv.outbrain.com
odb.outbrain.com
pagead2.googlesyndication.com
polyfill.io
reconditerespect.com
s.go-mpulse.net
s0.2mdn.net
sb.scorecardresearch.com
securepubads.g.doubleclick.net
static.adsafeprotected.com
stats.g.doubleclick.net
tcheck.outbrainimg.com
tpc.googlesyndication.com
trial-eum-clientnsv4-s.akamaihd.net
trial-eum-clienttons-s.akamaihd.net
widget-pixels.outbrain.com
widgets.outbrain.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.kolotv.com
13.224.96.100
13.224.96.92
13.225.87.112
142.250.184.226
151.101.129.26
151.101.14.132
151.101.14.137
2.16.186.170
2.18.232.28
2.18.234.190
2600:9000:20eb:7000:8:48e:53c0:93a1
2600:9000:2190:fc00:b:5584:2800:93a1
2600:9000:21f3:c000:1b:7b40:7bc0:21
2600:9000:21f3:e000:16:e423:f180:21
2606:4700::6810:125e
2a00:1450:4001:800::2003
2a00:1450:4001:809::2001
2a00:1450:4001:80f::200e
2a00:1450:4001:813::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::2006
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2004
2a00:1450:4001:831::2001
2a00:1450:4001:831::2002
2a00:1450:4001:831::2003
2a00:1450:4001:831::200a
2a00:1450:400c:c06::9c
2a02:26f0:6c00:1bb::11a6
2a02:26f0:6c00:2b9::11a6
2a02:26f0:6c00::210:ba19
2a02:26f0:6c00::210:ba91
2a02:26f0:6c00::210:bb11
3.22.136.188
35.201.98.64
50.31.142.63
64.202.112.95
95.101.27.37
00758f40607bc5d56f029f03409eb1bc7e85faa067ad418ac1ad409aee6c50a5
015ce7bfbe89aa3374c3db36b67773f533e737d0caa365c3d49789b3cc031b44
023add6782303acda5d6e94937f0cf62592064481167baa0472e2aa50e96a615
069a660398be8db8f9b6d8dad3f052d9a061b697b5354c24784c62d3df0a82f7
09b8a233a8d0129804836aaa57d401962ab8026d520507ccd3470ced33d75b1a
09e4f0b788966ce2b1bf0a3c5af62dd6179e29662299e37e64f6a05c2af6b5f4
0b451292d6bd71211242ba4f97851d5adbba5c8aba4de8a4ea7c635711104249
0c447973530d4fadf98caaabf0919752f0ccb658f486fd29a473e060b74edd1a
0e5cc0e72c3b89f5345e3e04ae5db4fbcb91daff763a05f6fbc1d0783f90918d
1020d4ced502ebdf4a119dc151225157786d44d4a651686ad2bbdeb95d892a86
1046e8f1a8eca3965f89dc69299d131f362e1077a0d10e1de6eae3b65f6fbc76
107c64079e2c420ea5e5d5beb00ecf61f478c3c760c6b45bcc926491721accf3
1265259bb7e9869d0669aff14986f17d012a835a7974f0b2e6a522221487c785
13166ae4f3ccc9cbcbc1211420b277c6c36396a75f01c3f7f05a3df28005c06a
13c3ad86a8c876e675435eff9b0a747fbf099ad965e46bc2f13fd5e165c307d5
15171b9c56b8ad36dcdb47fd61fef088477c6db266862c0a77cbaca1bc8fbf44
159dcd54082c2061a80aacfd427a6d6e66d33efe68a861d8858b0021f83e79ab
163ad32a13401b1f5387b23c7d749fccac8da49e9914584fe3aca42884532c09
172ecde3db13e66cf99995d63de308e2d6e3fdeb1a99dfaeec136f4862eb1573
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18acebd020c26751fc32fc6e2a2eee60af62cd839938416b8b89457aea93c285
18c327afa903633f86c3efcf12b77f098077eacaa8be101bb007846fd74f8b93
1c2294206c760f3ed66f42c9b4f4d41c4fccc0cab5960a79f5574ce012957d06
1c24874277416ebbff07fe854cf053e98762f91b2603439b4e26b93fefe2abd3
1c3f4a047c5ddcce8a03d02d2d271a2edefa6b3fb8996991c4c54e1727b30f92
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
1e9bd7db5857b4d6fa206dd3c72f47f6009217e1e7dff3d0b70fa6281a7c951c
1eac5fbb7f04b03590fd9b18d6d4af72fedcc2bf60277dbfded3d5ae65c906e8
21595cfd5f1f7c23acc8d69d2530d43f783ec37aa6b00865a968d74bdd772d88
217a3bd4ea0e5ff7d80fc60002bd213fc41d416b562d70b5a93fcec2745fb2a1
226498f13c068bc17f822cbceeb9a8eab0a8b6b851265cb15049d2c911ea967e
26030ea37d9e08236adba542c74d508bb0b45a3830db2003616d1c31f1371367
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
272313e898ae80acc3982cdd3eeb44bccaf10b718cdbcfff866333c091187437
2815473cb317930b4e63191154c2bbbf5d3b3165b461207ac7548af646b8a19e
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
303800b6a6c067df67fa07119aa5cd95e183187e61756c5b410fdd0371fae27d
351e6a349eebf6f4990b1a896ecd7e119708c8f7992d79287a914cc3c6987a6b
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
37a31babfe828a9d98de47ba0d59947c5c4261755c5aa2684c3c4816f642ce0c
3824b32a56951681500ae1f81a755f4dff630ee3117fab288af32fe83b3dece0
383f7db9df9a4c04e1d75381df8425d4d42ca8a340536047d302a64fd5ca64c5
39063b28697e2d943a54a1639ecb4f9c237eef65830f4944a4eb6b79bda69a47
3c724210b1d423e31f77b25b6411a64e2f83b45190fe37b7e5a59126a9c87242
3c887f0515601c3f1efe961e70129a49873522e94a9051e345d21a50d01ca789
3dca31fae05b39652695af2c73807e58d09525d61b38fee199703d223933ff56
4073b04164cb9a10531daa3169ea0819ccb5045921c1dbb44e4dd427eaf27616
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
4421847b8ec4eb23f1eb9c56e5f3b30faa7894432144eed5107d3ab20a6eb375
487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb
4f3b933077b738b503f7543ffc82fa0a061f0fe7d0ff1470865fde561a324bcc
4f7a77f6f467ede2e489e81a7c866a3434c7a2433849018ce7bd2a8cfd073a2e
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
528409a194fa83ec0b1ec00f76d54b986238ed2fbd072b11e28223070ea795b0
54a66c4693bfd79901040269ae7d7304508cbd02859797a1780f2bbe72176e23
599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a
5aa16b69c64458398393a7b10d26bd6ed05b5775082b261a7d2ef8cd11800e26
5ab1b0acbaa31e89bdb4e7610fae25ad219a8354559a53662d4cd7b2cf9fd7e0
5d1f3a4ee5a02abdbc66a11aad769dd81cbe4d07f0b3799ff0940ad7b7d6cc1a
5d87a790df2f8526923b52b40390d1aeaf02b46171a6d9f785bf3383b98c87dd
60748fdd53c96d1eca2671628730f0a745d86d8223bc86f1d77d9b691920d8f9
6139e1fc0d3709eebbe2b18510cf24361b9f8a538c3529a73c282bafe6c78474
65c7bc0fdae67d8d2203d55dabaa7d201cc21518fd2597a115ed7ec8801a886a
662efaf46c617ddbcb8ff4a2a8f64cffd3d93630f1003f8e66511f369b87730f
664f5f0b6fbfe5bbc3dffc1f91337f18f9ab62d3bd40ebcf7dc739ae6b5dbe9d
695be856611d9d209b70e4b7356594bd123af15d79843a3711289bf90e3525b1
6b4f1f72b78c93a6cdf32fbce758cc76e353e589296975f8491a265167cfdb0c
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e5b1e1b9b4274ca4dcd0892ab40dba4c94d7513e388b129412e1917942c4c96
6f2e2de73e61591963b33aba348a25716104ddfb10f4481162d868bd5161937f
7156d948cec0e396395a9d4fa5cb7e1e9a126dfdacc0cb304f1559c6f527e41c
71601234f74f6e47b6d08b4264e423ab49f7b59767a4abaab51eccd7416d45e8
71a0cdbc52030fca8c48452d84ecc917bf6c2d86d1948aaa78f5883964e5d65f
71c3f1487f9c95430f3d5ada83a454cec5966f5c875f069e12abd4d7854ca741
7358848cf7362bfde5fd980cb9626b411809ff024bb1e6703de1f112aaf615b5
74098b59023dde77ec8c75a48ad6509ef8404dffe131152181b90e3030c8d942
77a4e44a052acc4e6222de37110d11d1796ff28b4858a990e7f610f04c5faeb0
7bd61ee5124d4e968a2a1cffd941e86aec827920d12a17b7db8846c5942095b5
7c0c3c8a219677eaadfee1947adfe77e0f0d86579dedd4b652ab398f891c4196
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8050f05c230d74be333b63cef230e786094e9100f55fa19c6c0831e95870768d
81ba613b3aa0b306f5960b1fffad3c4ac5a672139ec21cedade2bcaafbfc7362
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8579ca474b3a82f66a23f4a0653c62f82a02b349a2daecedb9e57d822e36524d
8a9426e0df38c451e484670521dd394920bfb707c25e70c4af7fdcbb6ed1f218
8d4fd39e9d3f24aabb6ec964e76ea9748130e09abf3aca50851f55287dac2744
8fd5123e028a49c31f4aa2b491ab44f9569906f2f88ed637bc2dd00a3904f431
901722ff9cf85c265833c36cd1124078eebcef1fab7bb287dd131d66ef396957
913a86344adc640cc94792bbea4000cac0288d920388a4b6a83b534a2b4da550
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f
956222f0963e82c570c88ce9314d73686af701b83d4e0ddc7534f9cc2d004e49
95a439c4e11ace2484e8d42c30ff56cf7db5ea7c6463df9ce2fdafa7f6ccbf54
97ee8ed692637cd3481442c587855890c11fc853024be775a6a1beb4270bc461
9802e2ddc8288f29ee76fccf75f9f61b90f97dc51c06fce76a747ebf7c2483c0
9891f884ba5cc7246dfba48bffa6baa3c2f7d086c71c966bed7edaebdb4d1a8c
98ed35488f1a723c9d22378853e9ca715a7702e800a861b2a2aa29d253f71c17
9b039009cf1a681fa5d076d7f5944b177936b64d6ecf2e0c13625e8197bfa6cb
9b6a55c5d865e518cbf4451782c130c5e487f72d7194c68832f61c4914e8f818
9cbabd2665634e98958e83026d79f365ba93df9876c50f2f197388bc13a15d25
9d8a9aaecb7cd39329dcfad9a882ce0d174802ded027e150440484e097c73cb8
9e3e6f587b0661ef86c9494599687788366be90aad0b066dc689fc79825d018d
9e45cde573b366aa1bbc122f60c550dd2614b5cb0a88326cab46e68ef036aa66
9e7930f8e5c76efeaed63af39a7f5f482ef64075cda8217a0ff29facbdf5deea
a0c3f2e5825816bcac42e686f0c3aa76e1aa566f71a437d8768702d4a3a45875
a0dc0de8e5e96c7703251d73a1804e8558151983afa3a2af5a7dfb29001dbe99
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a2949f9a9e08a2ff119bcc873dc672bb6c18714b7e9d5d6452bad2a1dfe0b4f6
a47715e7a74a758bf33f6b1547b2eb7b4724d17ad6c13651c0945ac9c6187ff7
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a63e91cdc8bfc63f3ab04812969c51afe4a0e0a5a57fde59b7aa0d4de0a5fbdc
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
abb5cb643d499c00a815f7c7a9f1bdd72d112545dfd3c1e8bf3047069b907521
af52eab40ed4c0dd37ebac54b48f8e82f13b86068f8dc670e8f34d9395ff3c8e
b4cd1bec59279fa984a355b00771a938a6610f43c43d0615d5400c4082a719fb
b4e67d66ac8892902ebec5af1c3f9f87060c756e10e247c521edbda55680f31b
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b68d848dcc3b43b9ab8620e2524694925b930ac53202ae386598c58361f495e7
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
b9b401a5d10a1817be22708d87eebd91c68691c4845ea85d7131e0989cff57ad
bdb74443ddbaf04619a101b5b46662121be486859b7ce034db669847fd622c49
bfab61aaa5ed192e3737cf414d53a431d2110c1980d7ede99484111d4b8138c1
bff17a5baab7ede5f5753a39e36045ddaad9ad4a9072f4cf59c927c3c8b161e6
c87156f914b7b19017ebaf0679a2522f94207e6af259843a8e9bb15a514ef8ce
c8f5e335f6684c6cf0a8408360aed8f5854c64bd4b1a2d15abe4b34867836ab2
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cc8b84ad84585cf2ee61f8f2f7ce48b578872bd753e6c0495f79a16ac27bb0b8
ce67cd6665e835604c7a650ea355d41857dcd2284618b61d82d252dca0abfe5d
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfa42a5ba462e4f6cf354f865601b1f5a1a45225262b4ec62e3e1b7b0c6ac291
d14276e70c9e30006917c3738ba7e71f715f53bf34f85348f15bd03d056286bc
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d73268c706a2ca22a13a545d39aba12557112cdc90fc14db69c4b28d487e552e
d77ea6309cb467064d2259c221b226e8a852a4465d91aad1b4104c84a1f3e1f1
d8fc1ef044fdde973136545250f6ed542b28b21418227244d0592d62ff84c7a8
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de8557a6f98165fcfded870d1e4d1c2dce814993aa4fda052afb9b9cddc5aed5
e0083ebd804f6189719f6f6ddb52f9c627e802d88f52164047b2f60d8f6234f5
e1a3194bd62d03308849352ddcd3bade31cc7564672097758ee755c9c8cb39c5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e43a0788007c81c88e5f2e2d37edf449a9a0adff50ab76c8cb5b1c8ae76f5860
e4aadb2562ca721cfd827a843b4f98758939082377413f3b915114e1a4753922
e5174588266fb7aeb5cad9715d2e6f74abc853d0f5b313f2fe1734560e269d0a
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
e93ab9edb3e0f65747d72c4d260adb9dc89549e06e447c93674b4142e5f29113
eb38b7be9192ae70b8caa74b5e98c64e5a8ffdda9bb35b638dccc46a33d3493b
ec044467c708fc97af9b50056366054f53175b0af20b00c38cd3eb03a7b5f390
ecf18e451c40429bffc83a1c654c2a202247ef96437cb864a148f50849b4acba
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efd6c3fe040e0780295b2bb958b6cb638b10d68ea13bb0a5d3a4da7efce788a6
f06b9e2f99c3e18904a11caa78a63efb7cf2ebc280a3d9e92d95cc9a7e4a7fe7
f24f74f3a3b8e4a926d156cb5186b0b2c113682f62914aaf512ef136bccbd718
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
f3b43c677c700f1dc7a0d7a5c241662cc702886857ec68b8a6b7e888b5055054
f7353befad1c1a787eb99dbd50d91ba96b0bfa0b59eebce63104e2f4cfddcc4d
fb7e54b920ffa79faa5441b656777efb1811b72c1236f71a56fb6058107fc2aa
fb9ba05bd5f57897d11992bc4ea144f4c760dc5ad4720ad64450d5e68eccd057
fbc00fbdbc571b840ecea374e1e4156f1ef0b53bd6bc5916fd94809a1f7ce318
fcdb431bf000b9a2fe0fda9b63eb08e7d9ff54081ed257fd7d406328d50313ba
fdb0368cac8214ffc79b22e95e33e398a023a67c689030431b60d91f02815e0c

www.kolotv.com Open in urlscan Pro 2a02:26f0:6c00::210:ba91 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

199 Requests

100 %HTTPS

63 %IPv6

25 Domains

48 Subdomains

41 IPs

3 Countries

3790 kBTransfer

8856 kBSize

6 Cookies

36 Outgoing links

Redirected requests

199 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.kolotv.com Open in urlscan Pro
2a02:26f0:6c00::210:ba91 Public Scan

Screenshot
Live screenshot

Full Image

199
Requests

100 %
HTTPS

63 %
IPv6

25
Domains

48
Subdomains

41
IPs

3
Countries

3790 kB
Transfer

8856 kB
Size

6
Cookies

199 HTTP transactions
6 data transactions