www.denverpost.com
192.0.66.2 Public Scan Open in urlscan Pro

Go To Rescan
Add Verdict Report

Submitted URL:
https://info.silobreaker.com/e2t/tc/VW01XH7WBQ9cW5WHp4_89tSl8VcSh174mdXw-N2XT74t2-Hw7V1-WJV7CgLCjN2Ms-CnZQXNlW2slSdz51VgD_W8J... 7yr old
Effective URL:
https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okm... 10yr old
Submission: On January 25 via api (January 25th 2021, 12:03:58 pm UTC) from DE

Summary HTTP 288 Redirects Links 49 Behaviour Indicators

Summary

This website contacted 97 IPs in 11 countries across 68 domains to perform 288 HTTP transactions. The main IP is 192.0.66.2, located in San Francisco, United States and belongs to AUTOMATTIC, US. The main domain is www.denverpost.com. 10yr old
TLS certificate: Issued by Let's Encrypt Authority X3 on November 29th 2020. Valid for: 3mo.

This is the only time www.denverpost.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	199.60.103.2 199.60.103.2	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
24	192.0.66.2 192.0.66.2	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2a00:1450:400... 2a00:1450:4001:81a::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
1	13.224.102.102 13.224.102.102	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:206... 2600:9000:206f:3c00:3:b7e:8940:93a1	16509 (AMAZON-02) (AMAZON-02)
1	13.82.152.48 13.82.152.48	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.224.102.52 13.224.102.52	16509 (AMAZON-02) (AMAZON-02)
2 5	23.210.249.164 23.210.249.164	16625 (AKAMAI-AS) (AKAMAI-AS)
1	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
1	72.247.178.49 72.247.178.49	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a00:1450:400... 2a00:1450:4001:820::2004	15169 (GOOGLE) (GOOGLE)
2	2600:9000:219... 2600:9000:2190:5000:c:2267:880:93a1	16509 (AMAZON-02) (AMAZON-02)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
16	2606:2800:233... 2606:2800:233:1cb7:261b:1f9c:2074:3c	15133 (EDGECAST) (EDGECAST)
1	2a04:4e42:400... 2a04:4e42:400::621	54113 (FASTLY) (FASTLY)
12	34.225.175.99 34.225.175.99	14618 (AMAZON-AES) (AMAZON-AES)
4	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
3	13.224.103.105 13.224.103.105	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
24	172.217.22.98 172.217.22.98	15169 (GOOGLE) (GOOGLE)
5	2600:1fa0:c02... 2600:1fa0:c020:281:34db:74f9::	16509 (AMAZON-02) (AMAZON-02)
4	72.247.178.11 72.247.178.11	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	54.80.13.234 54.80.13.234	14618 (AMAZON-AES) (AMAZON-AES)
4	72.247.178.42 72.247.178.42	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
1	13.224.102.86 13.224.102.86	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:6c0... 2a02:26f0:6c00:291::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	107.178.250.234 107.178.250.234	15169 (GOOGLE) (GOOGLE)
4	3.17.209.243 3.17.209.243	16509 (AMAZON-02) (AMAZON-02)
1	151.101.114.217 151.101.114.217	54113 (FASTLY) (FASTLY)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	35.244.220.155 35.244.220.155	15169 (GOOGLE) (GOOGLE)
1 2	104.108.64.33 104.108.64.33	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	34.251.61.210 34.251.61.210	16509 (AMAZON-02) (AMAZON-02)
1	13.224.89.166 13.224.89.166	16509 (AMAZON-02) (AMAZON-02)
1	13.224.96.8 13.224.96.8	16509 (AMAZON-02) (AMAZON-02)
3	72.247.178.33 72.247.178.33	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	2a00:1450:400... 2a00:1450:4001:819::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:820::2001	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:814::2001	15169 (GOOGLE) (GOOGLE)
3	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba20	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	13.224.102.21 13.224.102.21	16509 (AMAZON-02) (AMAZON-02)
1	52.207.51.121 52.207.51.121	14618 (AMAZON-AES) (AMAZON-AES)
1	54.160.201.253 54.160.201.253	14618 (AMAZON-AES) (AMAZON-AES)
2	23.210.249.92 23.210.249.92	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	23.37.42.132 23.37.42.132	16625 (AKAMAI-AS) (AKAMAI-AS)
2	104.108.50.124 104.108.50.124	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	66.155.71.150 66.155.71.150	13768 (COGECO-PEER1) (COGECO-PEER1)
5	62.149.0.72 62.149.0.72	15497 (COLOCALL ...) (COLOCALL Internet Data Center _ColoCALL_)
2 2	185.33.220.241 185.33.220.241	29990 (ASN-APPNEX) (ASN-APPNEX)
2 4	185.94.180.126 185.94.180.126	35220 (SPOTX-AMS) (SPOTX-AMS)
1 2	52.28.239.147 52.28.239.147	16509 (AMAZON-02) (AMAZON-02)
1	34.120.207.148 34.120.207.148	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:819::2013	15169 (GOOGLE) (GOOGLE)
1	13.225.84.48 13.225.84.48	16509 (AMAZON-02) (AMAZON-02)
8	213.174.135.2 213.174.135.2	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
1	2a02:26f0:6c0... 2a02:26f0:6c00:19a::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	54.198.41.31 54.198.41.31	14618 (AMAZON-AES) (AMAZON-AES)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	104.108.58.15 104.108.58.15	16625 (AKAMAI-AS) (AKAMAI-AS)
1	172.217.21.230 172.217.21.230	15169 (GOOGLE) (GOOGLE)
4	3.88.253.15 3.88.253.15	14618 (AMAZON-AES) (AMAZON-AES)
2	52.1.162.64 52.1.162.64	14618 (AMAZON-AES) (AMAZON-AES)
10	23.227.137.155 23.227.137.155	55081 (24SHELLS) (24SHELLS)
2	2600:9000:219... 2600:9000:2190:ec00:4:b37b:9440:93a1	16509 (AMAZON-02) (AMAZON-02)
2	172.217.18.162 172.217.18.162	15169 (GOOGLE) (GOOGLE)
4	13.85.16.224 13.85.16.224	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.224.89.182 13.224.89.182	16509 (AMAZON-02) (AMAZON-02)
1	52.217.98.4 52.217.98.4	16509 (AMAZON-02) (AMAZON-02)
2 2	185.33.221.52 185.33.221.52	29990 (ASN-APPNEX) (ASN-APPNEX)
2	213.174.135.1 213.174.135.1	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
4	69.173.144.141 69.173.144.141	26667 (RUBICONPR...) (RUBICONPROJECT)
2	185.255.84.151 185.255.84.151	200271 (IGUANE-) (IGUANE-)
2	2a0c:5c81:502... 2a0c:5c81:5026:0:ae1f:6bff:fe5a:4696	55081 (24SHELLS) (24SHELLS)
4	2606:2800:233... 2606:2800:233:97b6:26be:138a:cba8:bb01	15133 (EDGECAST) (EDGECAST)
2	185.184.10.30 185.184.10.30	203690 (RTB-HOUSE...) (RTB-HOUSE-ASH)
2	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	2a0c:5c81:505... 2a0c:5c81:5052::2	55081 (24SHELLS) (24SHELLS)
1	34.120.253.250 34.120.253.250	15169 (GOOGLE) (GOOGLE)
1	34.98.72.95 34.98.72.95	15169 (GOOGLE) (GOOGLE)
1	35.201.86.85 35.201.86.85	15169 (GOOGLE) (GOOGLE)
1	130.211.19.253 130.211.19.253	15169 (GOOGLE) (GOOGLE)
1	35.227.224.17 35.227.224.17	15169 (GOOGLE) (GOOGLE)
1	52.203.214.114 52.203.214.114	14618 (AMAZON-AES) (AMAZON-AES)
3	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
1	54.192.232.170 54.192.232.170	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:815::2001	15169 (GOOGLE) (GOOGLE)
1	130.211.47.17 130.211.47.17	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:821::2002	15169 (GOOGLE) (GOOGLE)
1	104.26.4.15 104.26.4.15	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.0.218.6 52.0.218.6	14618 (AMAZON-AES) (AMAZON-AES)
1	34.107.221.36 34.107.221.36	15169 (GOOGLE) (GOOGLE)
1	34.95.65.255 34.95.65.255	15169 (GOOGLE) (GOOGLE)
2	151.101.113.53 151.101.113.53	54113 (FASTLY) (FASTLY)
1	63.147.65.174 63.147.65.174	209 (CENTURYLI...) (CENTURYLINK-US-LEGACY-QWEST)
2	65.9.67.38 65.9.67.38	16509 (AMAZON-02) (AMAZON-02)
2	51.107.59.180 51.107.59.180	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
288	97

2 199.60.103.2 (Canada) 1 redirects

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

info.silobreaker.com 7yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

24 192.0.66.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

www.denverpost.com 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2a00:1450:4001:81a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 13.224.102.102 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-102-102.zrh50.r.cloudfront.net

cdn.blueconic.net 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

3 2600:9000:206f:3c00:3:b7e:8940:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.osano.com 7yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 13.82.152.48 (Washington, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

prodmg2.blob.core.windows.net 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 13.224.102.52 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-102-52.zrh50.r.cloudfront.net

cdn.p-n.io 8yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

5 23.210.249.164 (Netherlands) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-249-164.deploy.static.akamaitechnologies.com

js-sec.indexww.com 11yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools
ssum.casalemedia.com 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 192.0.77.2 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)
PTR: i1.wp.com

i2.wp.com 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 72.247.178.49 (Netherlands)

ASN20940 (AKAMAI-ASN1, NL)

launcher.spot.im 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

3 2a00:1450:4001:820::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com 13yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 2600:9000:2190:5000:c:2267:880:93a1 (United States)

ASN16509 (AMAZON-02, US)

c.go-fet.ch 8yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools
pixel.wp.com 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

16 2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)

az416426.vo.msecnd.net 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools
loader-cdn.azureedge.net 8yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools
fp-cdn.azureedge.net 8yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools
g2insights-cdn.azureedge.net 8yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools
cdn.ayc0zsm69431gfebd.xyz 8yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools
cdn.mg2connext.com 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2a04:4e42:400::621 (Ascension Island)

ASN54113 (FASTLY, US)

polyfill.io 13yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

12 34.225.175.99 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

medianewsgroup.blueconic.net 6yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

4 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

3 13.224.103.105 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-103-105.zrh50.r.cloudfront.net

c.amazon-adsystem.com 12yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

3 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com 13yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

5 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools
www.gstatic.com 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

24 172.217.22.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s18-in-f98.1e100.net

securepubads.g.doubleclick.net 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools
pagead2.googlesyndication.com 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools
www.googletagservices.com 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

5 2600:1fa0:c020:281:34db:74f9:: (San Jose, United States)

ASN16509 (AMAZON-02, US)

emojipedia-us.s3.dualstack.us-west-1.amazonaws.com 8yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

4 72.247.178.11 (Netherlands)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a72-247-178-11.deploy.static.akamaitechnologies.com

api-2-0.spot.im 7yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 54.80.13.234 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

direct-events-collector.spot.im 7yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

4 72.247.178.42 (Netherlands)

ASN20940 (AKAMAI-ASN1, NL)

publisher-assets.spot.im 8yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools
recirculation.spot.im 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

3 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com 13yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 13.224.102.86 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-102-86.zrh50.r.cloudfront.net

d31qbv1cthcecs.cloudfront.net 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2a02:26f0:6c00:291::11a6 (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)

s.go-mpulse.net 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 107.178.250.234 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 234.250.178.107.bc.googleusercontent.com

js.matheranalytics.com 12yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

4 3.17.209.243 (Columbus, United States)

ASN16509 (AMAZON-02, US)

nexus.ensighten.com 13yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 151.101.114.217 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

scripts.webcontentassessor.com 8yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net 13yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 35.244.220.155 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 155.220.244.35.bc.googleusercontent.com

ats.rlcdn.com 6yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 104.108.64.33 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-64-33.deploy.static.akamaitechnologies.com

sb.scorecardresearch.com 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 34.251.61.210 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

insight.adsrvr.org 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 13.224.89.166 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-89-166.zrh50.r.cloudfront.net

d1z2jf7jlzjs58.cloudfront.net 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 13.224.96.8 (Seattle, United States)

ASN16509 (AMAZON-02, US)

cdn.listrakbi.com 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

3 72.247.178.33 (Netherlands)

ASN20940 (AKAMAI-ASN1, NL)

events-collector.spot.im 7yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools
pix.spot.im 8yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

5 2a00:1450:4001:819::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2a00:1450:4001:820::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

76546244d1c81ae3d677fce14e9439d7.safeframe.googlesyndication.com 5yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

11 2a00:1450:4001:814::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com 13yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

3 2a02:26f0:6c00::210:ba20 (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)

static-cdn.spot.im 7yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 13.224.102.21 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-102-21.zrh50.r.cloudfront.net

certify.alexametrics.com 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 52.207.51.121 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

s1.listrakbi.com 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 54.160.201.253 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

onescript-recscont.listrakbi.com 8yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 23.210.249.92 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-249-92.deploy.static.akamaitechnologies.com

ads.pubmatic.com 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 23.37.42.132 (Netherlands) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 104.108.50.124 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-50-124.deploy.static.akamaitechnologies.com

eus.rubiconproject.com 8yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 66.155.71.150 (Southampton, United Kingdom) 2 redirects

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com 8yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

5 62.149.0.72 (Ukraine)

ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA)

sync.spotim.market 8yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools
sync.ads.152media.com 7yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 185.33.220.241 (Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 732.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

4 185.94.180.126 (Netherlands) 2 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com 13yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 52.28.239.147 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-239-147.eu-central-1.compute.amazonaws.com

pixel.advertising.com 12yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 34.120.207.148 (United States)

ASN15169 (GOOGLE, US)
PTR: 148.207.120.34.bc.googleusercontent.com

di.rlcdn.com 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2a00:1450:4001:819::2013 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

geo.rlcdn.com 6yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 13.225.84.48 (Seattle, United States)

ASN16509 (AMAZON-02, US)

d2lv4zbk7v5f93.cloudfront.net 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

8 213.174.135.2 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

player.spotim.market 7yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools
p.delivercdn.com 6yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools
p.kfmlax.com 6yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2a02:26f0:6c00:19a::11a6 (Ascension Island)

ASN20940 (AKAMAI-ASN1, NL)

c.go-mpulse.net 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

5 54.198.41.31 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-198-41-31.compute-1.amazonaws.com

www.i.matheranalytics.com 12yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com 11yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 104.108.58.15 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-58-15.deploy.static.akamaitechnologies.com

cdn3.optimizely.com 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 172.217.21.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s13-in-f6.1e100.net

ad.doubleclick.net 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

4 3.88.253.15 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

at1.listrakbi.com 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 52.1.162.64 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-1-162-64.compute-1.amazonaws.com

track1.aniview.com 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

10 23.227.137.155 (Piscataway, United States)

ASN55081 (24SHELLS, US)

hb.spotim.market 8yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 2600:9000:2190:ec00:4:b37b:9440:93a1 (United States)

ASN16509 (AMAZON-02, US)

rumcdn.geoedge.be 8yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 172.217.18.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s29-in-f2.1e100.net

securepubads.g.doubleclick.net 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

4 13.85.16.224 (San Antonio, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

prod-dfm-proxy-connext.azurewebsites.net 6yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 13.224.89.182 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-89-182.zrh50.r.cloudfront.net

d1wa9546y9kg0n.cloudfront.net 8yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 52.217.98.4 (Ashburn, United States)

ASN16509 (AMAZON-02, US)

paywall-ad-bucket.s3.amazonaws.com 7yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 185.33.221.52 (Netherlands) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 213.174.135.1 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

player.adtelligent.com 8yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

4 69.173.144.141 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 185.255.84.151 (France)

ASN200271 (IGUANE-, FR)

hb-api.omnitagjs.com 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 2a0c:5c81:5026:0:ae1f:6bff:fe5a:4696 (United Kingdom)

ASN55081 (24SHELLS, US)

ghb.ads.152media.com 7yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

4 2606:2800:233:97b6:26be:138a:cba8:bb01 (United States)

ASN15133 (EDGECAST, US)

adserver-us.adtech.advertising.com 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 185.184.10.30 (Poland)

ASN203690 (RTB-HOUSE-ASH, PL)
PTR: ip-185-184-10-30.rtbhouse.net

prebid-us.creativecdn.com 8yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com 8yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 2a0c:5c81:5052::2 (United Kingdom)

ASN55081 (24SHELLS, US)

ghb.adtelligent.com 7yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 34.120.253.250 (United States)

ASN15169 (GOOGLE, US)
PTR: 250.253.120.34.bc.googleusercontent.com

tag.wknd.ai 6yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 34.98.72.95 (United States)

ASN15169 (GOOGLE, US)
PTR: 95.72.98.34.bc.googleusercontent.com

assets.bounceexchange.com 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 35.201.86.85 (Ascension Island)

ASN15169 (GOOGLE, US)
PTR: 85.86.201.35.bc.googleusercontent.com

data.cdnbasket.net 8yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 130.211.19.253 (Mountain View, United States)

ASN15169 (GOOGLE, US)

page.cdnbasket.net 8yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 35.227.224.17 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 17.224.227.35.bc.googleusercontent.com

view.cdnbasket.net 8yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 52.203.214.114 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

cs.choozle.com 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

3 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net 13yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ff8cb082fb3e0ae250f80b898f6fae3d.safeframe.googlesyndication.com 5yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 54.192.232.170 (Seattle, United States)

ASN16509 (AMAZON-02, US)

d1eoo1tco6rr5e.cloudfront.net 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2a00:1450:4001:815::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdc58d79a088552000be8f8c42c7127e.safeframe.googlesyndication.com 5yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 130.211.47.17 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: 17.47.211.130.bc.googleusercontent.com

ids.cdnwidget.com 8yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 2a00:1450:4001:821::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 104.26.4.15 (United States)

ASN13335 (CLOUDFLARENET, US)

api-mg2.db-ip.com 8yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 52.0.218.6 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

metrics-logger.spot.im 7yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 34.107.221.36 (United States)

ASN15169 (GOOGLE, US)
PTR: 36.221.107.34.bc.googleusercontent.com

e.cdnwidget.com 8yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 34.95.65.255 (United States)

ASN15169 (GOOGLE, US)

events.bouncex.net 9yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 151.101.113.53 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

extras.denverpost.com 10yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 63.147.65.174 (Waldorf, United States)

ASN209 (CENTURYLINK-US-LEGACY-QWEST, US)

uploads.denverpost.com 7yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 65.9.67.38 (Seattle, United States)

ASN16509 (AMAZON-02, US)

tattle.api.osano.com 6yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 51.107.59.180 (Zurich, Switzerland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

dc.services.visualstudio.com 13yr old	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

	Apex Domain Subdomains	Transfer
38	googlesyndication.com pagead2.googlesyndication.com 10yr old 76546244d1c81ae3d677fce14e9439d7.safeframe.googlesyndication.com 5yr old tpc.googlesyndication.com 13yr old ff8cb082fb3e0ae250f80b898f6fae3d.safeframe.googlesyndication.com 5yr old cdc58d79a088552000be8f8c42c7127e.safeframe.googlesyndication.com 5yr old	306 KB
27	denverpost.com www.denverpost.com 10yr old extras.denverpost.com 10yr old uploads.denverpost.com 7yr old	391 KB
19	spotim.market sync.spotim.market 8yr old player.spotim.market 7yr old hb.spotim.market 8yr old	271 KB
17	spot.im launcher.spot.im 9yr old api-2-0.spot.im 7yr old direct-events-collector.spot.im 7yr old publisher-assets.spot.im 8yr old recirculation.spot.im 9yr old events-collector.spot.im 7yr old static-cdn.spot.im 7yr old pix.spot.im 8yr old metrics-logger.spot.im 7yr old	118 KB
13	blueconic.net cdn.blueconic.net 10yr old medianewsgroup.blueconic.net 6yr old	252 KB
10	ayc0zsm69431gfebd.xyz cdn.ayc0zsm69431gfebd.xyz 8yr old	200 KB
8	rubiconproject.com 2 redirects secure-assets.rubiconproject.com 10yr old eus.rubiconproject.com 8yr old fastlane.rubiconproject.com 10yr old	3 KB
8	googletagservices.com www.googletagservices.com 10yr old	236 KB
7	listrakbi.com cdn.listrakbi.com 9yr old s1.listrakbi.com 9yr old onescript-recscont.listrakbi.com 8yr old at1.listrakbi.com 9yr old	27 KB
7	matheranalytics.com 1 redirects js.matheranalytics.com 12yr old www.i.matheranalytics.com 12yr old	42 KB
6	advertising.com 1 redirects pixel.advertising.com 12yr old adserver-us.adtech.advertising.com 10yr old	961 B
6	amazonaws.com emojipedia-us.s3.dualstack.us-west-1.amazonaws.com 8yr old paywall-ad-bucket.s3.amazonaws.com 7yr old	85 KB
6	doubleclick.net securepubads.g.doubleclick.net 10yr old ad.doubleclick.net 10yr old	328 KB
5	cloudfront.net d31qbv1cthcecs.cloudfront.net 10yr old d1z2jf7jlzjs58.cloudfront.net 10yr old d2lv4zbk7v5f93.cloudfront.net 10yr old d1wa9546y9kg0n.cloudfront.net 8yr old d1eoo1tco6rr5e.cloudfront.net 10yr old	55 KB
5	gstatic.com fonts.gstatic.com 10yr old www.gstatic.com 10yr old	178 KB
5	osano.com cmp.osano.com 7yr old tattle.api.osano.com 6yr old	96 KB
4	adtelligent.com player.adtelligent.com 8yr old ghb.adtelligent.com 7yr old	4 KB
4	152media.com sync.ads.152media.com 7yr old ghb.ads.152media.com 7yr old	2 KB
4	azurewebsites.net prod-dfm-proxy-connext.azurewebsites.net 6yr old	152 KB
4	spotxchange.com 2 redirects sync.search.spotxchange.com 13yr old	2 KB
4	adnxs.com 4 redirects ib.adnxs.com 10yr old	4 KB
4	casalemedia.com 2 redirects ssum.casalemedia.com 10yr old htlb.casalemedia.com Failed 7yr old	1 KB
4	pubmatic.com ads.pubmatic.com 10yr old hbopenbid.pubmatic.com 8yr old	180 B
4	ensighten.com nexus.ensighten.com 13yr old	11 KB
3	criteo.net static.criteo.net 13yr old	77 KB
3	cdnbasket.net data.cdnbasket.net 8yr old page.cdnbasket.net 8yr old view.cdnbasket.net 8yr old	1 KB
3	rlcdn.com ats.rlcdn.com 6yr old di.rlcdn.com 10yr old geo.rlcdn.com 6yr old	60 KB
3	google-analytics.com www.google-analytics.com 13yr old	38 KB
3	azureedge.net loader-cdn.azureedge.net 8yr old fp-cdn.azureedge.net 8yr old g2insights-cdn.azureedge.net 8yr old	239 KB
3	googletagmanager.com www.googletagmanager.com 13yr old	160 KB
3	amazon-adsystem.com c.amazon-adsystem.com 12yr old	34 KB
3	google.com www.google.com 13yr old	648 B
3	wp.com i2.wp.com 10yr old stats.wp.com 10yr old pixel.wp.com 10yr old	21 KB
2	visualstudio.com dc.services.visualstudio.com 13yr old	789 B
2	cdnwidget.com ids.cdnwidget.com 8yr old e.cdnwidget.com 8yr old	238 B
2	creativecdn.com prebid-us.creativecdn.com 8yr old	360 B
2	omnitagjs.com hb-api.omnitagjs.com 9yr old	1 KB
2	geoedge.be rumcdn.geoedge.be 8yr old	103 KB
2	aniview.com track1.aniview.com 9yr old	141 B
2	facebook.com www.facebook.com 11yr old	518 B
2	sitescout.com 2 redirects pixel-sync.sitescout.com 8yr old	528 B
2	adsrvr.org 1 redirects insight.adsrvr.org 10yr old	408 B
2	scorecardresearch.com 1 redirects sb.scorecardresearch.com 10yr old	1 KB
2	facebook.net connect.facebook.net 13yr old	91 KB
2	go-mpulse.net s.go-mpulse.net 9yr old c.go-mpulse.net 10yr old	51 KB
2	msecnd.net az416426.vo.msecnd.net 10yr old	45 KB
2	go-fet.ch c.go-fet.ch 8yr old	37 KB
2	googleapis.com fonts.googleapis.com 10yr old ajax.googleapis.com 10yr old	34 KB
2	silobreaker.com 1 redirects info.silobreaker.com 7yr old	3 KB
1	mg2connext.com cdn.mg2connext.com 9yr old	2 KB
1	bouncex.net events.bouncex.net 9yr old	230 B
1	db-ip.com api-mg2.db-ip.com 8yr old	906 B
1	choozle.com cs.choozle.com 9yr old	123 B
1	bounceexchange.com assets.bounceexchange.com 10yr old	137 KB
1	wknd.ai tag.wknd.ai 6yr old	12 KB
1	kfmlax.com p.kfmlax.com 6yr old
1	delivercdn.com p.delivercdn.com 6yr old
1	optimizely.com cdn3.optimizely.com 10yr old	697 B
1	alexametrics.com certify.alexametrics.com 9yr old	552 B
1	webcontentassessor.com scripts.webcontentassessor.com 8yr old	37 KB
1	polyfill.io polyfill.io 13yr old	550 B
1	indexww.com js-sec.indexww.com 11yr old	39 KB
1	p-n.io cdn.p-n.io 8yr old	68 KB
1	windows.net prodmg2.blob.core.windows.net 9yr old	143 KB
0	openx.net Failed spot-im-d.openx.net Failed 8yr old
0	lockerdome.com Failed lockerdome.com Failed 13yr old
0	criteo.com Failed bidder.criteo.com Failed 9yr old
0	lijit.com Failed ap.lijit.com Failed 10yr old
288	68

	Domain	Requested by
24	pagead2.googlesyndication.com	securepubads.g.doubleclick.net info.silobreaker.com scripts.webcontentassessor.com www.googletagservices.com www.denverpost.com
24	www.denverpost.com	info.silobreaker.com www.denverpost.com cmp.osano.com
12	medianewsgroup.blueconic.net	cdn.blueconic.net cmp.osano.com
11	tpc.googlesyndication.com	cmp.osano.com securepubads.g.doubleclick.net scripts.webcontentassessor.com tpc.googlesyndication.com
10	hb.spotim.market	player.spotim.market
10	cdn.ayc0zsm69431gfebd.xyz	ajax.googleapis.com cmp.osano.com
8	www.googletagservices.com	cmp.osano.com securepubads.g.doubleclick.net scripts.webcontentassessor.com
6	player.spotim.market	info.silobreaker.com player.spotim.market
5	www.i.matheranalytics.com	www.denverpost.com
5	emojipedia-us.s3.dualstack.us-west-1.amazonaws.com	www.denverpost.com
5	securepubads.g.doubleclick.net	cmp.osano.com info.silobreaker.com securepubads.g.doubleclick.net
4	adserver-us.adtech.advertising.com	player.spotim.market
4	fastlane.rubiconproject.com	player.spotim.market
4	prod-dfm-proxy-connext.azurewebsites.net	info.silobreaker.com
4	at1.listrakbi.com	cmp.osano.com
4	sync.search.spotxchange.com	2 redirects www.denverpost.com
4	ib.adnxs.com	4 redirects player.spotim.market
4	ssum.casalemedia.com	2 redirects cmp.osano.com
4	nexus.ensighten.com	cmp.osano.com
4	api-2-0.spot.im	launcher.spot.im
4	fonts.gstatic.com	fonts.googleapis.com
3	static.criteo.net	player.spotim.market static.criteo.net
3	sync.spotim.market	cmp.osano.com www.denverpost.com
3	static-cdn.spot.im	www.denverpost.com cmp.osano.com
3	www.google-analytics.com	cmp.osano.com
3	publisher-assets.spot.im	launcher.spot.im www.denverpost.com
3	www.googletagmanager.com	cmp.osano.com
3	c.amazon-adsystem.com	cmp.osano.com c.amazon-adsystem.com
3	www.google.com	www.denverpost.com cmp.osano.com
3	cmp.osano.com	www.denverpost.com cmp.osano.com
2	dc.services.visualstudio.com	az416426.vo.msecnd.net
2	tattle.api.osano.com	az416426.vo.msecnd.net
2	extras.denverpost.com	www.denverpost.com
2	pix.spot.im	launcher.spot.im
2	ghb.adtelligent.com	player.spotim.market
2	hbopenbid.pubmatic.com	player.spotim.market
2	prebid-us.creativecdn.com	player.spotim.market
2	ghb.ads.152media.com	player.spotim.market
2	hb-api.omnitagjs.com	player.spotim.market
2	player.adtelligent.com	player.spotim.market
2	sync.ads.152media.com	www.denverpost.com
2	rumcdn.geoedge.be	player.spotim.market
2	track1.aniview.com	www.denverpost.com
2	www.facebook.com	www.denverpost.com connect.facebook.net
2	pixel.advertising.com	1 redirects www.denverpost.com
2	pixel-sync.sitescout.com	2 redirects
2	eus.rubiconproject.com	cmp.osano.com
2	secure-assets.rubiconproject.com	2 redirects
2	ads.pubmatic.com	cmp.osano.com
2	insight.adsrvr.org	1 redirects www.denverpost.com
2	sb.scorecardresearch.com	1 redirects www.denverpost.com
2	connect.facebook.net	cmp.osano.com
2	js.matheranalytics.com	1 redirects www.denverpost.com
2	az416426.vo.msecnd.net	www.denverpost.com cmp.osano.com
2	c.go-fet.ch	www.denverpost.com c.go-fet.ch
2	info.silobreaker.com	1 redirects
1	uploads.denverpost.com	az416426.vo.msecnd.net
1	cdn.mg2connext.com	cdn.ayc0zsm69431gfebd.xyz
1	events.bouncex.net	www.denverpost.com
1	e.cdnwidget.com	www.denverpost.com
1	metrics-logger.spot.im	launcher.spot.im
1	api-mg2.db-ip.com	info.silobreaker.com
1	ids.cdnwidget.com	az416426.vo.msecnd.net
1	cdc58d79a088552000be8f8c42c7127e.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	d1eoo1tco6rr5e.cloudfront.net	cmp.osano.com
1	ff8cb082fb3e0ae250f80b898f6fae3d.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	cs.choozle.com	www.denverpost.com
1	view.cdnbasket.net	az416426.vo.msecnd.net
1	page.cdnbasket.net	az416426.vo.msecnd.net
1	data.cdnbasket.net	az416426.vo.msecnd.net
1	assets.bounceexchange.com	cmp.osano.com
1	tag.wknd.ai	cmp.osano.com
1	paywall-ad-bucket.s3.amazonaws.com	www.denverpost.com
1	d1wa9546y9kg0n.cloudfront.net	cmp.osano.com
1	p.kfmlax.com	player.spotim.market
1	p.delivercdn.com	player.spotim.market
1	ad.doubleclick.net	www.denverpost.com
1	cdn3.optimizely.com	d2lv4zbk7v5f93.cloudfront.net
1	c.go-mpulse.net	s.go-mpulse.net
1	d2lv4zbk7v5f93.cloudfront.net	cmp.osano.com
1	geo.rlcdn.com	ats.rlcdn.com
1	di.rlcdn.com	www.denverpost.com
1	onescript-recscont.listrakbi.com	cmp.osano.com
1	s1.listrakbi.com	cmp.osano.com
1	certify.alexametrics.com	www.denverpost.com
1	76546244d1c81ae3d677fce14e9439d7.safeframe.googlesyndication.com	cmp.osano.com
1	events-collector.spot.im	launcher.spot.im
1	pixel.wp.com	www.denverpost.com
1	www.gstatic.com	cmp.osano.com
1	recirculation.spot.im	cmp.osano.com
1	cdn.listrakbi.com	cmp.osano.com
1	d1z2jf7jlzjs58.cloudfront.net	cmp.osano.com
1	ats.rlcdn.com	cmp.osano.com
1	scripts.webcontentassessor.com	cmp.osano.com
1	s.go-mpulse.net	cmp.osano.com
1	d31qbv1cthcecs.cloudfront.net	cmp.osano.com
1	direct-events-collector.spot.im	launcher.spot.im
1	g2insights-cdn.azureedge.net	ajax.googleapis.com
1	fp-cdn.azureedge.net	ajax.googleapis.com
1	loader-cdn.azureedge.net	ajax.googleapis.com
1	polyfill.io	ajax.googleapis.com
1	stats.wp.com	www.denverpost.com
1	launcher.spot.im	www.denverpost.com
1	i2.wp.com	www.denverpost.com
1	js-sec.indexww.com	www.denverpost.com
1	cdn.p-n.io	www.denverpost.com
1	prodmg2.blob.core.windows.net	www.denverpost.com
1	cdn.blueconic.net	www.denverpost.com
1	ajax.googleapis.com	www.denverpost.com
1	fonts.googleapis.com	www.denverpost.com
0	spot-im-d.openx.net Failed	player.spotim.market
0	lockerdome.com Failed	player.spotim.market
0	bidder.criteo.com Failed	player.spotim.market
0	htlb.casalemedia.com Failed	player.spotim.market
0	ap.lijit.com Failed	player.spotim.market
288	115

This site contains links to these domains. Also see Links.

Domain
www.medianewsgroup.com
thecannabist.co
www.youtube.com
yourhub.denverpost.com
games.denverpost.com
calendar.denverpost.com
theknow.denverpost.com
marketplace.denverpost.com
www.gomnlt.com
checkout.denverpost.com
myaccount.denverpost.com
mng-prod.auth0.com
denverpost-co.newsmemory.com
www.stumbleupon.com
www.latimes.com
stopfraudcolorado.gov
www.oig.dol.gov
cdle.colorado.gov
dynamic-cdn.spot.im
thetrustproject.org
facebook.com
twitter.com
instagram.com
dpo.st
www.denverpoststore.com
www.dphomes.today
businessdirectory.denverpost.com
www.denverpostmemberservices.com
www.denverpostmedia.com
www.digitalfirstmedia.com
promote.denverpost.com
extras.denverpost.com
vip.wordpress.com

Subject Issuer	Validity	Valid
info.silobreaker.com Cloudflare Inc ECC CA-3	`2020-06-30` - `2021-06-30`	1yr	crt.sh
denverpost.com Let's Encrypt Authority X3	`2020-11-29` - `2021-02-27`	3mo	crt.sh
upload.video.google.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3mo	crt.sh
*.blueconic.net Thawte TLS RSA CA G1	`2019-12-04` - `2022-02-01`	2yr	crt.sh
cmp.osano.com Amazon	`2020-08-26` - `2021-09-25`	1yr	crt.sh
*.blob.core.windows.net Microsoft RSA TLS CA 02	`2020-11-17` - `2021-11-17`	1yr	crt.sh
*.p-n.io Amazon	`2020-04-04` - `2021-05-04`	1yr	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2020-03-02` - `2021-04-01`	1yr	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-02` - `2022-07-05`	2yr	crt.sh
*.spot.im DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2020-11-26` - `2021-11-30`	1yr	crt.sh
*.google.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3mo	crt.sh
*.go-fet.ch Amazon	`2020-12-08` - `2022-01-06`	1yr	crt.sh
sni1e6ffgl.wpc.edgecastcdn.net DigiCert SHA2 Secure Server CA	`2020-04-16` - `2022-04-21`	2yr	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-10-26` - `2021-04-17`	6mo	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-05` - `2021-03-30`	3mo	crt.sh
c.amazon-adsystem.com Amazon	`2020-08-04` - `2021-08-02`	1yr	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3mo	crt.sh
*.gstatic.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3mo	crt.sh
sni22a5dgl.wpc.edgecastcdn.net DigiCert TLS RSA SHA256 2020 CA1	`2020-11-03` - `2021-11-07`	1yr	crt.sh
*.s3-us-west-1.amazonaws.com DigiCert Baltimore CA-2 G2	`2020-07-30` - `2021-08-04`	1yr	crt.sh
sni1ad09gl.wpc.edgecastcdn.net DigiCert SHA2 Secure Server CA	`2019-11-22` - `2021-12-01`	2yr	crt.sh
sni1ad03gl.wpc.edgecastcdn.net DigiCert SHA2 Secure Server CA	`2019-11-22` - `2021-12-01`	2yr	crt.sh
sni9642gl.wpc.edgecastcdn.net DigiCert SHA2 Secure Server CA	`2020-05-30` - `2021-04-20`	1yr	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2020-05-26` - `2021-04-21`	1yr	crt.sh
akstat.io DigiCert Secure Site ECC CA-1	`2020-05-06` - `2021-08-05`	1yr	crt.sh
js.matheranalytics.com Sectigo RSA Domain Validation Secure Server CA	`2019-04-04` - `2021-04-03`	2yr	crt.sh
nexus.ensighten.com DigiCert SHA2 Secure Server CA	`2020-09-09` - `2021-10-11`	1yr	crt.sh
k3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2021-01-15` - `2021-04-20`	3mo	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-12-22` - `2021-03-21`	3mo	crt.sh
ats.rlcdn.com GTS CA 1D2	`2021-01-12` - `2021-04-12`	3mo	crt.sh
sb.scorecardresearch.com DigiCert Secure Site ECC CA-1	`2020-07-17` - `2021-06-02`	1yr	crt.sh
*.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1	`2019-03-07` - `2021-04-19`	2yr	crt.sh
*.listrakbi.com Amazon	`2020-02-10` - `2021-03-10`	1yr	crt.sh
spot.im Let's Encrypt Authority X3	`2020-11-25` - `2021-02-23`	3mo	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3mo	crt.sh
certify.alexametrics.com Amazon	`2020-07-12` - `2021-08-12`	1yr	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2020-02-26` - `2021-05-27`	1yr	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-05` - `2022-01-18`	1yr	crt.sh
sync.spotim.market R3	`2020-12-07` - `2021-03-07`	3mo	crt.sh
*.search.spotxchange.com GeoTrust RSA CA 2018	`2019-03-20` - `2021-04-21`	2yr	crt.sh
pixel.advertising.com DigiCert SHA2 High Assurance Server CA	`2020-10-04` - `2021-03-31`	6mo	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-14` - `2021-04-23`	1yr	crt.sh
geo.rlcdn.com GTS CA 1D2	`2020-12-28` - `2021-03-28`	3mo	crt.sh
www.google.com GTS CA 1O1	`2021-01-05` - `2021-03-30`	3mo	crt.sh
player.spotim.market R3	`2021-01-02` - `2021-04-02`	3mo	crt.sh
www.i.matheranalytics.com Sectigo RSA Domain Validation Secure Server CA	`2020-01-28` - `2022-01-27`	2yr	crt.sh
*.optimizely.com DigiCert SHA2 Secure Server CA	`2020-01-20` - `2021-03-20`	1yr	crt.sh
*.doubleclick.net GTS CA 1O1	`2021-01-05` - `2021-03-30`	3mo	crt.sh
*.aniview.com Amazon	`2020-03-04` - `2021-04-04`	1yr	crt.sh
hb.spotim.market R3	`2020-12-12` - `2021-03-12`	3mo	crt.sh
rumcdn.geoedge.be Amazon	`2020-10-02` - `2021-11-03`	1yr	crt.sh
p.delivercdn.com Let's Encrypt Authority X3	`2020-11-28` - `2021-02-26`	3mo	crt.sh
p.kfmlax.com R3	`2020-12-16` - `2021-03-16`	3mo	crt.sh
*.azurewebsites.net Microsoft RSA TLS CA 01	`2020-09-28` - `2021-09-28`	1yr	crt.sh
*.s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2019-11-09` - `2021-03-12`	1yr	crt.sh
sync.ads.152media.com Let's Encrypt Authority X3	`2020-11-29` - `2021-02-27`	3mo	crt.sh
*.adtelligent.com Sectigo RSA Domain Validation Secure Server CA	`2020-10-28` - `2021-11-27`	1yr	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-18` - `2021-06-18`	1yr	crt.sh
ghb.ads.152media.com R3	`2020-12-27` - `2021-03-27`	3mo	crt.sh
*.adtech.advertising.com DigiCert SHA2 Secure Server CA	`2020-04-16` - `2022-04-21`	2yr	crt.sh
*.creativecdn.com RapidSSL RSA CA 2018	`2019-01-11` - `2021-04-11`	2yr	crt.sh
ghb.adtelligent.com R3	`2021-01-06` - `2021-04-06`	3mo	crt.sh
tag.wknd.ai R3	`2020-12-29` - `2021-03-29`	3mo	crt.sh
assets.bounceexchange.com GTS CA 1D2	`2020-12-24` - `2021-03-24`	3mo	crt.sh
*.cdnbasket.net Go Daddy Secure Certificate Authority - G2	`2020-07-29` - `2021-09-27`	1yr	crt.sh
*.choozle.com Sectigo RSA Domain Validation Secure Server CA	`2019-06-07` - `2021-06-06`	2yr	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2020-11-17` - `2021-02-14`	3mo	crt.sh
ids.cdnwidget.com GTS CA 1D2	`2020-12-06` - `2021-03-06`	3mo	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-18` - `2021-07-18`	1yr	crt.sh
e.cdnwidget.com GTS CA 1D2	`2020-12-18` - `2021-03-18`	3mo	crt.sh
events.bouncex.net GTS CA 1D2	`2020-12-13` - `2021-03-13`	3mo	crt.sh
sni1575gl.wpc.edgecastcdn.net DigiCert SHA2 Secure Server CA	`2020-05-30` - `2021-04-16`	1yr	crt.sh
dfm2.map.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2021-01-14` - `2021-04-20`	3mo	crt.sh
uploads.denverpost.com R3	`2021-01-12` - `2021-04-12`	3mo	crt.sh
*.api.osano.com Amazon	`2020-09-09` - `2021-10-10`	1yr	crt.sh
in.applicationinsights.azure.com Microsoft Azure TLS Issuing CA 05	`2021-01-21` - `2022-01-16`	1yr	crt.sh

This page contains 24 frames:

Primary Page: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
Frame ID: CA65D011B8E6879BA234B67F053BA756
Requests: 174 HTTP requests in this frame

Frame: https://cmp.osano.com/
Frame ID: FDB5FC86313170C8917AEC93A6DB47BE
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Frame ID: FCA48A5A9BBAFF122085F012678B456F
Requests: 1 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?s=190532&cb=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D301804%26extuid%3D&C=1
Frame ID: FF95862B9B532320B4776643EB278C10
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
Frame ID: A948AEDFEE26FCA55D50387993884F69
Requests: 1 HTTP requests in this frame

Frame: https://sync.spotim.market/csync?t=a&ep=309017&extuid=no-consent
Frame ID: 01FE0BE17FF231BC8EDEE8CD5A0A7961
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Frame ID: 7EE4F0F91D47BBF472F0D49427D1CC0B
Requests: 1 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?s=190532&cb=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D301804%26extuid%3D&C=1
Frame ID: 75B6CDA1E51F960EA05DA5187F960FAD
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
Frame ID: 3E36819515949ECA9E1EFC2C8178F360
Requests: 1 HTTP requests in this frame

Frame: https://sync.spotim.market/csync?t=a&ep=309017&extuid=no-consent
Frame ID: 5C2BE000E0416BF369278F45921D5CED
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdkxKQUAAAAACsHxmeRK-KlXl7MnOblfo6SbZ80&co=aHR0cHM6Ly93d3cuZGVudmVycG9zdC5jb206NDQz&hl=en&type=image&v=_KUxfxvAoJ4k7SaKyLbja4Mi&theme=light&size=normal&cb=su2nudakm7a
Frame ID: 13D0BFF2BCEB3FED9F1A046994D15449
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjss_7iob0l7JQepert1vQPC1ffytgYvdnFBI9HjKHrRm3K9btGACjkZnIzZtQe54Jx4xoxPdZZNcKJ_fmNraN8u8pD9lktAyT0iNuenxsmqRKaDjdCTO-8kOb4Nzuoktf2ccr17p64iVOi53KbC0WVLKdHzcTSF0qrU8795jVRY8zgx6G5vp46mhuwvanyzu3s40oa0U7sK08Hl4lYnxPe2g2HJbpBnpgY2R-k_kg2wFZRNpehCRp2l-AiDU09gpExaCe7vuWqqHN_TbR7-m1cbozklM3o_AE4qf60Hrj7jIs9oEV3waObx6onM&sig=Cg0ArKJSzMiZwoaPuJG4EAE&adurl=
Frame ID: EE0F5957B841761D4EFB7E7D84A276CE
Requests: 8 HTTP requests in this frame

Frame: https://player.spotim.market/prebidlink/447660/hb_270443_140.js
Frame ID: 001ACA7C8E2F0B9439EB5C786836475B
Requests: 36 HTTP requests in this frame

Frame: https://player.spotim.market/prebidlink/447660/hb_270443_140.js
Frame ID: 0688F4B73571D600BD184BD3F403C236
Requests: 36 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjssBwrs6K9w_3jfUFTNfcRa8o8MYQhze26WJhHzzm3lWbi6AWPF6fhsK4Ke6Z5ErccSmnKrsSSysp3ycLK3Bd_OGasckuDlAMN2sKXtkbFj_Dzh5iV6hT5NMqx-8nswltDuMAYZyOadCKugY81Iu6H_IqHxLMtoAec3gw03CxVupuTdHjuhJg39s_2XDf8eAYknh4zJgnceQy3yVONHP5jjcYwajJwTp4IadD4GfKV_-PYYzZ3xs8r3CnzThDuQwATbHtnLxUvyJr2ONXb5mBnBKuQy1JSD4Kg4mpF4Q3KUstX1ox_DNoyPdbpQ&sig=Cg0ArKJSzEFaD4Ehsz2xEAE&adurl=
Frame ID: F5B465A78DDF5DDF77984260A8F7D7EA
Requests: 7 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=_KUxfxvAoJ4k7SaKyLbja4Mi&k=6LdkxKQUAAAAACsHxmeRK-KlXl7MnOblfo6SbZ80&cb=quvhcyeya22h
Frame ID: 2D2A001D51CA23EFA1FE9CCF483296C7
Requests: 1 HTTP requests in this frame

Frame: https://cdn3.optimizely.com/js/geo2.js?cb=1611576249793
Frame ID: F8B4A01319193C915C6A3DF59F459BF0
Requests: 1 HTTP requests in this frame

Frame: https://p.delivercdn.com/prebidlink/18652/j.html?i=6864
Frame ID: 5EABB6D461C558BD7836E08AFD3877AD
Requests: 1 HTTP requests in this frame

Frame: https://p.kfmlax.com/prebidlink/18652/j.html?i=6967
Frame ID: 94244B5A0EED0907776667AF150BC47D
Requests: 1 HTTP requests in this frame

Frame: https://d1eoo1tco6rr5e.cloudfront.net/ighse75/rz1s9i5/iframe
Frame ID: 4DE61173CA6DDD95146461C9924EC9FB
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjss68FqduXazOrzwjpsWw52giJDSGbRsoZV2H8J1iutwPhVMvd-u8pp5j2KDbwmGgH9v_VGD5JfaizPL8WlIP0ywlTWHEOBY3PtzFNh6EcFd9Wa8BqMllxadLwc5OZk0JNSRECoKWsankMACdFqdokFjXw63okjOuOhKBHsO_kR2pAFqOjvcceZSc5r2yEdLJEgglUreaF_uN7mOFmTdnU5yEg0AVgv8VvvU-00pWUEhFQ7jcG7bsD9SjQUBzx6fttNqYkgg6FiENrsuUHbpIHJgdrslgrs1AquqJXrNtte3r17Vn7W6EjdXc56YHFV4ZOK2&sig=Cg0ArKJSzON2v4YEo5R0EAE&adurl=
Frame ID: 5F40201CECCC63BC00AFD5C23EA79344
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjssGbvk-O10kR_a8SKDPNCDgUj2GZNokoCb5QAis8NUoHkYE61DIjqcG6LpGq3lp-akRVVv_WEbHAud_kcLFb2MyVEZnfkBOv8-CeOr_a7zB_HRi8rXQEYoI3NcYEONep7UYcP-SKw7HMPIiYPE-NB7TW8ngWx5wZ0HKC7_s-J0LhfKkRyhViBy3d5TfF2E7Vb9hrZdAHQx5MSIF3MgaAPWsQ83GjKlQtlwHNqEnQQHF-07AFCr_guVLvCmPZkAGoqUzwjJHhH_0aAdWG1LIFDK75QSUSEEbmLf7vMzcFt5LnfuZLpq6HiU&sig=Cg0ArKJSzFt328gQVNoOEAE&adurl=
Frame ID: C1C7D34FE50FCDF8A0902D8B48676C63
Requests: 7 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/220/runner.html
Frame ID: 18039341ED939E0FBD39E38CFFA22D55
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/220/runner.html
Frame ID: 9197D72C76284DC772C97C7CA81475FC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://info.silobreaker.com/e2t/tc/VW01XH7WBQ9cW5WHp4_89tSl8VcSh174mdXw-N2XT74t2-Hw7V1-WJV7CgLCjN2Ms-CnZ... Page URL
https://info.silobreaker.com/events/public/v1/track/tc/VW01XH7WBQ9cW5WHp4_89tSl8VcSh174mdXw-N2XT74t2-Hw7V... HTTP 307
https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2AN... Page URL

Detected technologies

CloudFlare () Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

288
Requests

96 %
HTTPS

29 %
IPv6

68
Domains

115
Subdomains

97
IPs

11
Countries

4210 kB
Transfer

14331 kB
Size

0
Cookies

49 Outgoing links

These are links going to different origins than the main page.

URL: https://www.medianewsgroup.com/privacy-policy/
Title: Data Storage Policy

Search URL Search Domain Scan URL

URL: http://thecannabist.co/
Title: Cannabist

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/DenverPost/?sub_confirmation=1
Title: Video

Search URL Search Domain Scan URL

URL: https://yourhub.denverpost.com/
Title: Your Hub

Search URL Search Domain Scan URL

URL: https://games.denverpost.com/
Title: Games

Search URL Search Domain Scan URL

URL: http://calendar.denverpost.com/
Title: Calendar

Search URL Search Domain Scan URL

URL: http://theknow.denverpost.com/category/music/
Title: Music

Search URL Search Domain Scan URL

URL: https://theknow.denverpost.com/
Title: The Know

Search URL Search Domain Scan URL

URL: https://theknow.denverpost.com/neighborhoods/
Title: Neighborhoods

Search URL Search Domain Scan URL

URL: https://theknow.denverpost.com/outdoors/
Title: The Know Outdoors

Search URL Search Domain Scan URL

URL: http://marketplace.denverpost.com/
Title: Classifieds

Search URL Search Domain Scan URL

URL: https://marketplace.denverpost.com/
Title: Classifieds

Search URL Search Domain Scan URL

URL: https://www.gomnlt.com/dfm/denverpost/?utm_source=denverpost&utm_medium=navweblink&utm_campaign=dfm
Title: Freelance Jobs

Search URL Search Domain Scan URL

URL: https://checkout.denverpost.com/?returnUrl=https%3A%2F%2Fwww.denverpost.com%2F2021%2F01%2F24%2Fcolorado-unemployment-insurance-fraud%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
Title: Subscribe

Search URL Search Domain Scan URL

URL: https://myaccount.denverpost.com/
Title: Log In

Search URL Search Domain Scan URL

URL: https://mng-prod.auth0.com/v2/logout?returnTo=https%3A%2F%2Fwww.denverpost.com%2F
Title: Logout

Search URL Search Domain Scan URL

URL: https://myaccount.denverpost.com/index.aspx
Title: Manage subscription

Search URL Search Domain Scan URL

URL: https://myaccount.denverpost.com/dp/preference
Title: Sign up for Newsletters

Search URL Search Domain Scan URL

URL: https://denverpost-co.newsmemory.com/
Title: DIGITAL REPLICA EDITION

Search URL Search Domain Scan URL

URL: http://www.stumbleupon.com/submit?url=https%3A%2F%2Fwww.denverpost.com%2F2021%2F01%2F24%2Fcolorado-unemployment-insurance-fraud%2F
Title: Submit to Stumbleupon (Opens in new window)

Search URL Search Domain Scan URL

URL: https://www.latimes.com/california/story/2020-12-01/california-prisoner-unemployment-fraud-estimated-400-million
Title: at least $400 million was paid out

Search URL Search Domain Scan URL

URL: https://stopfraudcolorado.gov/
Title: Stopfraudcolorado.gov

Search URL Search Domain Scan URL

URL: https://www.oig.dol.gov/public/Unemployment%20Insurance%20Fraud%20Consumer%20Protection%20Guide,%20Final.pdf
Title: National Unemployment Fraud Task Force

Search URL Search Domain Scan URL

URL: https://cdle.colorado.gov/unemployment
Title: cdle.colorado.gov/unemployment

Search URL Search Domain Scan URL

URL: https://dynamic-cdn.spot.im/yad/optout.html

Search URL Search Domain Scan URL

URL: https://thetrustproject.org/
Title:

Search URL Search Domain Scan URL

URL: https://facebook.com/denverpost
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/denverpost
Title: Twitter

Search URL Search Domain Scan URL

URL: https://instagram.com/denverpost
Title: Instagram

Search URL Search Domain Scan URL

URL: https://twitter.com/Noelle_Phillips
Title: Follow Noelle Phillips @Noelle_Phillips

Search URL Search Domain Scan URL

URL: https://twitter.com/rubinojc
Title: Follow Joe Rubino @rubinojc

Search URL Search Domain Scan URL

URL: http://dpo.st/alerts
Title: News Alerts

Search URL Search Domain Scan URL

URL: https://checkout.denverpost.com/
Title: Subscribe

Search URL Search Domain Scan URL

URL: http://www.denverpoststore.com/
Title: Denver Post Store

Search URL Search Domain Scan URL

URL: http://www.dphomes.today/
Title: Real Estate

Search URL Search Domain Scan URL

URL: https://businessdirectory.denverpost.com/marketplace/todays_ads/
Title: Today’s Ads

Search URL Search Domain Scan URL

URL: https://businessdirectory.denverpost.com/marketplace/
Title: Daily Ads

Search URL Search Domain Scan URL

URL: https://www.denverpostmemberservices.com/
Title: Member Services

Search URL Search Domain Scan URL

URL: https://www.denverpostmedia.com/wp-content/uploads/2020/10/CORRECTED-10-13-2020-Q3-Media-Kit.pdf
Title: Advertise With Us

Search URL Search Domain Scan URL

URL: https://www.digitalfirstmedia.com/advertise-with-us/
Title: MNG Network Advertising

Search URL Search Domain Scan URL

URL: http://www.digitalfirstmedia.com/careers
Title: Careers

Search URL Search Domain Scan URL

URL: https://promote.denverpost.com/denver-adportal/obits/index.html
Title: Place an Obituary

Search URL Search Domain Scan URL

URL: http://extras.denverpost.com/mobile/index.html
Title: Mobile Apps

Search URL Search Domain Scan URL

URL: https://www.medianewsgroup.com/copyright/
Title: Copyright ©2021 MediaNews Group, Inc.

Search URL Search Domain Scan URL

URL: https://www.medianewsgroup.com/terms-of-use/
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://www.medianewsgroup.com/cookie-policy/
Title: Cookie Policy

Search URL Search Domain Scan URL

URL: https://www.medianewsgroup.com/arbitration/
Title: Arbitration

Search URL Search Domain Scan URL

URL: https://vip.wordpress.com/
Title: Powered by WordPress.com VIP

Search URL Search Domain Scan URL

URL: https://checkout.denverpost.com/NoLanding?&ofrgp_id=29&g2i_source=ConneXt&g2i_medium=paywall&g2i_campaign=MG2PW07&g2i_or_o=Internet&g2i_or_p=MG2PW07&returnUrl=https%3A%2F%2Fwww.denverpost.com%2F2021%2F01%2F24%2Fcolorado-unemployment-insurance-fraud%2F%3FclearUserState%3Dtrue
Title: Get Started today99¢ for 3 months

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://info.silobreaker.com/e2t/tc/VW01XH7WBQ9cW5WHp4_89tSl8VcSh174mdXw-N2XT74t2-Hw7V1-WJV7CgLCjN2Ms-CnZQXNlW2slSdz51VgD_W8Jc4Ff6bQkfsW35hnmj3T_fq5V20KSQ81CX7FN6fls5N8CGXlW1Hghcm2TgqxTW8VcP022rm4m1W7R6rWN91lylNVlQhX85kDTbCVdDYzs61hpj3W2HvRTT8NLGC3Vch7_K7W7PNCW1nnGLH3tXfP-W8rYwwf43Rzy4W3x52b-7rprh6W2d839F1d9Tz8W3BVLq05H9RWKW7GyS5d7wm_mMW3ryMff5DPGS5W5QGzTT7gGkK4N7-Z3-ygRXn6W7r7bpv5BLQLnW3LgvwV4nx9Lz346T1 Page URL
https://info.silobreaker.com/events/public/v1/track/tc/VW01XH7WBQ9cW5WHp4_89tSl8VcSh174mdXw-N2XT74t2-Hw7V1-WJV7CgLCjN2Ms-CnZQXNlW2slSdz51VgD_W8Jc4Ff6bQkfsW35hnmj3T_fq5V20KSQ81CX7FN6fls5N8CGXlW1Hghcm2TgqxTW8VcP022rm4m1W7R6rWN91lylNVlQhX85kDTbCVdDYzs61hpj3W2HvRTT8NLGC3Vch7_K7W7PNCW1nnGLH3tXfP-W8rYwwf43Rzy4W3x52b-7rprh6W2d839F1d9Tz8W3BVLq05H9RWKW7GyS5d7wm_mMW3ryMff5DPGS5W5QGzTT7gGkK4N7-Z3-ygRXn6W7r7bpv5BLQLnW3LgvwV4nx9Lz346T1?_ud=cd18151c-a266-49a1-ae65-a1831fa6e8c0&_ch=p&_pr2=p&_pl=0&_lg=en-US&_dr=b&_ts=p HTTP 307
https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 71

https://js.matheranalytics.com/s/ma23578/239876503/wp/ml.js?cb=1554 HTTP 301
https://js.matheranalytics.com/static/ltm/ma23578/wp/14/ml.br.js

Request Chain 76

https://sb.scorecardresearch.com/b?c1=2&c2=6035443&ns__t=1611576243978&ns_c=UTF-8&c8=Ramifications%20of%20unemployment%20insurance%20fraud%20run%20deep%20in%20Colorado&c7=https%3A%2F%2Fwww.denverpost.com%2F2021%2F01%2F24%2Fcolorado-unemployment-insurance-fraud%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=6035443&ns__t=1611576243978&ns_c=UTF-8&c8=Ramifications%20of%20unemployment%20insurance%20fraud%20run%20deep%20in%20Colorado&c7=https%3A%2F%2Fwww.denverpost.com%2F2021%2F01%2F24%2Fcolorado-unemployment-insurance-fraud%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk&c9=&cs_ak_ss=1

Request Chain 109

https://ssum.casalemedia.com/usermatch?s=190532&cb=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D301804%26extuid%3D HTTP 302
https://ssum.casalemedia.com/usermatch?s=190532&cb=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D301804%26extuid%3D&C=1

Request Chain 110

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184&endpoint=us-east HTTP 301
https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east

Request Chain 111

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=117&redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D309017%26extuid%3D%7BuserId%7D HTTP 302
https://sync.spotim.market/csync?t=a&ep=309017&extuid=no-consent

Request Chain 115

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D271858%26extuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.spotim.market%252Fcsync%253Ft%253Da%2526ep%253D271858%2526extuid%253D%2524UID HTTP 302
https://sync.spotim.market/csync?t=a&ep=271858&extuid=8096477413580383358

Request Chain 116

https://sync.search.spotxchange.com/partner?source=211945 HTTP 302
https://sync.search.spotxchange.com/partner?source=211945&__user_check__=1&sync_id=6c407d96-5f05-11eb-b8aa-16821cb21d06

Request Chain 117

https://pixel.advertising.com/ups/58196/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
https://pixel.advertising.com/ups/58196/sync?&gdpr=&gdpr_consent=&redir=true&verify=true

Request Chain 118

https://sync.search.spotxchange.com/partner?adv_id=8721&redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%2F%3Ft%3Da%26ep%3D301276%26extuid%3D%24SPOTX_USER_ID%20 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=8721&redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%2F%3Ft%3Da%26ep%3D301276%26extuid%3D%24SPOTX_USER_ID%20&__user_check__=1&sync_id=6c4e1f32-5f05-11eb-9907-14684a3a4706

Request Chain 121

https://ssum.casalemedia.com/usermatch?s=190532&cb=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D301804%26extuid%3D HTTP 302
https://ssum.casalemedia.com/usermatch?s=190532&cb=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D301804%26extuid%3D&C=1

Request Chain 122

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184&endpoint=us-east HTTP 301
https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east

Request Chain 123

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=117&redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D309017%26extuid%3D%7BuserId%7D HTTP 302
https://sync.spotim.market/csync?t=a&ep=309017&extuid=no-consent

Request Chain 190

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.ads.152media.com%2Fcsync%3Ft%3Da%26ep%3D285868%26extuid%3D%24UID HTTP 302
https://sync.ads.152media.com/csync?t=a&ep=285868&extuid=8096477413580383358

Request Chain 191

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.ads.152media.com%2Fcsync%3Ft%3Da%26ep%3D285868%26extuid%3D%24UID HTTP 302
https://sync.ads.152media.com/csync?t=a&ep=285868&extuid=8096477413580383358

Request Chain 240

https://insight.adsrvr.org/tags/ighse75/rz1s9i5/iframe HTTP 303
https://d1eoo1tco6rr5e.cloudfront.net/ighse75/rz1s9i5/iframe

288 HTTP transactions
11 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 VW01XH7WBQ9cW5WHp4_89tSl8VcSh174mdXw-N2XT74t2-Hw7V1-WJV7CgLCjN2Ms-CnZQXNlW2slSdz51VgD_W8Jc4Ff6bQkfsW35hnmj3T_fq5V20KSQ81CX7FN6fls5N8CGXlW1Hghcm2TgqxTW8VcP022rm4m1W7R6rWN91lylNVlQhX85kDTbCVdDYzs61hp... Show response
info.silobreaker.com/e2t/tc/ 9 KB
2 KB 153ms
152ms Document
text/html 199.60.103.2
CLOUDFLARESPECTRU...

General

Check archive.org

Download Go to

Full URL: https://info.silobreaker.com/e2t/tc/VW01XH7WBQ9cW5WHp4_89tSl8VcSh174mdXw-N2XT74t2-Hw7V1-WJV7CgLCjN2Ms-CnZQXNlW2slSdz51VgD_W8Jc4Ff6bQkfsW35hnmj3T_fq5V20KSQ81CX7FN6fls5N8CGXlW1Hghcm2TgqxTW8VcP022rm4m1W7R6rWN91lylNVlQhX85kDTbCVdDYzs61hpj3W2HvRTT8NLGC3Vch7_K7W7PNCW1nnGLH3tXfP-W8rYwwf43Rzy4W3x52b-7rprh6W2d839F1d9Tz8W3BVLq05H9RWKW7GyS5d7wm_mMW3ryMff5DPGS5W5QGzTT7gGkK4N7-Z3-ygRXn6W7r7bpv5BLQLnW3LgvwV4nx9Lz346T1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.60.103.2 , Canada, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa266a03f44fb0e6632bf588915b9a5f3447fec5cad3e198f250685bab7214dc

Request headers

:method: GET
:authority: info.silobreaker.com
:scheme: https
:path: /e2t/tc/VW01XH7WBQ9cW5WHp4_89tSl8VcSh174mdXw-N2XT74t2-Hw7V1-WJV7CgLCjN2Ms-CnZQXNlW2slSdz51VgD_W8Jc4Ff6bQkfsW35hnmj3T_fq5V20KSQ81CX7FN6fls5N8CGXlW1Hghcm2TgqxTW8VcP022rm4m1W7R6rWN91lylNVlQhX85kDTbCVdDYzs61hpj3W2HvRTT8NLGC3Vch7_K7W7PNCW1nnGLH3tXfP-W8rYwwf43Rzy4W3x52b-7rprh6W2d839F1d9Tz8W3BVLq05H9RWKW7GyS5d7wm_mMW3ryMff5DPGS5W5QGzTT7gGkK4N7-Z3-ygRXn6W7r7bpv5BLQLnW3LgvwV4nx9Lz346T1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 12:03:59 GMT
content-type: text/html;charset=utf-8
set-cookie: __cfduid=d1638e0f8a687026e779671da2fb04dde1611576239; expires=Wed, 24-Feb-21 12:03:59 GMT; path=/; domain=.info.silobreaker.com; HttpOnly; SameSite=Lax __cfruid=a3e5692082dac9eebaa810879288d44c448950d3-1611576239; path=/; domain=.info.silobreaker.com; HttpOnly; Secure; SameSite=None
cf-ray: 6171daa5ac760824-CDG
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: false
cf-request-id: 07db06fb8f000008249e9f0000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: no-referrer
server: cloudflare
content-encoding: br

GET
H2

200

Primary Request / Show response
www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/
Redirect Chain

https://info.silobreaker.com/events/public/v1/track/tc/VW01XH7WBQ9cW5WHp4_89tSl8VcSh174mdXw-N2XT74t2-Hw7V1-WJV7CgLCjN2Ms-CnZQXNlW2slSdz51VgD_W8Jc4Ff6bQkfsW35hnmj3T_fq5V20KSQ81CX7FN6fls5N8CGXlW1Hghc...
https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1Bt...

236 KB
52 KB

538ms
410ms

Document
text/html

192.0.66.2
AUTOMATTIC

General

Check archive.org

Download Go to

Full URL

https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk

Requested by

Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VW01XH7WBQ9cW5WHp4_89tSl8VcSh174mdXw-N2XT74t2-Hw7V1-WJV7CgLCjN2Ms-CnZQXNlW2slSdz51VgD_W8Jc4Ff6bQkfsW35hnmj3T_fq5V20KSQ81CX7FN6fls5N8CGXlW1Hghcm2TgqxTW8VcP022rm4m1W7R6rWN91lylNVlQhX85kDTbCVdDYzs61hpj3W2HvRTT8NLGC3Vch7_K7W7PNCW1nnGLH3tXfP-W8rYwwf43Rzy4W3x52b-7rprh6W2d839F1d9Tz8W3BVLq05H9RWKW7GyS5d7wm_mMW3ryMff5DPGS5W5QGzTT7gGkK4N7-Z3-ygRXn6W7r7bpv5BLQLnW3LgvwV4nx9Lz346T1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

7db451749b00f969e3891c8a04d4ff6db363eaed48749ddfc6d956e7632fd1d2

Security Headers

Name	Value
Content-Security-Policy	default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: data: blob:; media-src blob: data: https:; object-src https:; child-src https: data: blob:; upgrade-insecure-requests; block-all-mixed-content;
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

:method: GET
:authority: www.denverpost.com
:scheme: https
:path: /2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://info.silobreaker.com/e2t/tc/VW01XH7WBQ9cW5WHp4_89tSl8VcSh174mdXw-N2XT74t2-Hw7V1-WJV7CgLCjN2Ms-CnZQXNlW2slSdz51VgD_W8Jc4Ff6bQkfsW35hnmj3T_fq5V20KSQ81CX7FN6fls5N8CGXlW1Hghcm2TgqxTW8VcP022rm4m1W7R6rWN91lylNVlQhX85kDTbCVdDYzs61hpj3W2HvRTT8NLGC3Vch7_K7W7PNCW1nnGLH3tXfP-W8rYwwf43Rzy4W3x52b-7rprh6W2d839F1d9Tz8W3BVLq05H9RWKW7GyS5d7wm_mMW3ryMff5DPGS5W5QGzTT7gGkK4N7-Z3-ygRXn6W7r7bpv5BLQLnW3LgvwV4nx9Lz346T1

Response headers

server: nginx
date: Mon, 25 Jan 2021 12:03:59 GMT
content-type: text/html; charset=UTF-8
content-security-policy: default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: data: blob:; media-src blob: data: https:; object-src https:; child-src https: data: blob:; upgrade-insecure-requests; block-all-mixed-content;
x-hacker: If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
x-powered-by: WordPress VIP <https://wpvip.com>
host-header: a9130478a60e5f9135f765b23f26593b
link: <https://www.denverpost.com/wp-json/>; rel="https://api.w.org/" <https://www.denverpost.com/wp-json/wp/v2/posts/4427044>; rel="alternate"; type="application/json" <https://dpo.st/2KzPhOg>; rel=shortlink
content-encoding: gzip
x-rq: mxp2 87 131 3082
cache-control: max-age=300, must-revalidate
age: 0
x-cache: miss
vary: Accept-Encoding
accept-ranges: bytes
strict-transport-security: max-age=31536000;includeSubdomains

Redirect headers

date: Mon, 25 Jan 2021 12:03:59 GMT
location: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
cf-ray: 6171daa6c8620824-CDG
link: <https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk>; rel="canonical"
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: false
cf-request-id: 07db06fc3e00000824e78b3000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: no-referrer
x-robots-tag: none
server: cloudflare

GET
H2 200 /
www.denverpost.com/_static/ 55 KB
9 KB 184ms
39ms Stylesheet
text/css 192.0.66.2
AUTOMATTIC

General

Check archive.org

Download Go to

Full URL

https://www.denverpost.com/_static/??-eJx9kNEKwjAMRX/IGvdS9yLip3RtdcGmLU2G7O/NHAwR9Snh3tyTEHhUg9mnKUQGzwwBWWBIxd9NwqG5NgPLnOKeMO91YAea8CVLzAI1TTfMGrqSkTaxKCugd1Iaa8wJ+hf00/sLU6m6xjHNb+3Paa5FkFQmUpnBMUfh9WYe49KT+7LNJ9RiaDIbqXm4hI2w3E1lwBSNC2NkLNmsn1DnTKfOHo69tbbvnp39ehQ=

Requested by

Host: www.denverpost.com
URL: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

52a86d4b4b4d717c2876cf04c6af2d7ceb7a7d587b749f99ead0b26bca09a3c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 12:04:00 GMT
content-encoding: gzip
x-rq: mxp2 91 185 3094
last-modified: Fri, 08 Jan 2021 13:23:26 GMT
server: nginx
age: 313585
vary: Accept-Encoding
x-cache: hit
content-type: text/css;charset=utf-8
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;includeSubdomains
accept-ranges: bytes
content-length: 9124

GET
H2 200 css
fonts.googleapis.com/ 2 KB
934 B 170ms
7ms Stylesheet
text/css 2a00:1450:4001:81a::200a
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.googleapis.com/css?family=Droid+Sans%3A400%2C700%7CDroid+Serif%3A400%2C400i%2C700%2C700i&ver=5.6

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c12ad48662df927beeef1d9e57a7e9e8055ea2c578cedc962441858481879656

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Origin: https://www.denverpost.com
Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 25 Jan 2021 12:04:00 GMT
server: ESF
date: Mon, 25 Jan 2021 12:04:00 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 25 Jan 2021 12:04:00 GMT

GET
H2 200 screen.min.css
www.denverpost.com/wp-content/plugins/dfm-ad-mods/static/css/ 76 B
205 B 203ms
54ms Stylesheet
text/css 192.0.66.2
AUTOMATTIC

General

Check archive.org

Download Go to

Full URL

https://www.denverpost.com/wp-content/plugins/dfm-ad-mods/static/css/screen.min.css?m=1607866681g

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

0f4ec9b423f653cfb9d1e9b0cd6db63cd134f4426762dee082071a9e2d20ca25

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 12:04:00 GMT
x-rq: mxp2 82 235 3086
last-modified: Tue, 10 Nov 2020 22:22:44 GMT
server: nginx
age: 1606409
etag: "5fab12b4-4c"
strict-transport-security: max-age=31536000;includeSubdomains
x-cache: hit
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 76
expires: Tue, 25 Jan 2022 12:04:00 GMT

GET
H2 200 screen.min.css
www.denverpost.com/var/www/wp-content/plugins/site-plugins/site-denverpost/static/css/ 556 B
366 B 206ms
61ms Stylesheet
text/css 192.0.66.2
AUTOMATTIC

General

Check archive.org

Download Go to

Full URL

https://www.denverpost.com/var/www/wp-content/plugins/site-plugins/site-denverpost/static/css/screen.min.css?ver=0.1.0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

0ab8bb0bff4647bf446f50e9c09b5081319d875a89635061fbf6c69dc369a26a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 12:04:00 GMT
content-encoding: gzip
x-rq: mxp2 82 235 3086
last-modified: Tue, 10 Nov 2020 18:48:31 GMT
server: nginx
age: 1606941
etag: W/"5faae07f-22c"
vary: Accept-Encoding
x-cache: hit
content-type: text/css
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;includeSubdomains
accept-ranges: bytes
content-length: 276
expires: Tue, 25 Jan 2022 12:04:00 GMT

GET
H2 200 /
www.denverpost.com/_static/ 88 KB
22 KB 206ms
62ms Stylesheet
text/css 192.0.66.2
AUTOMATTIC

General

Check archive.org

Download Go to

Full URL

https://www.denverpost.com/_static/??-eJyFjEEKgCAQAD+UbiGUHqKnRCwiW7oKq/T96tChU8eBmYGzKMxcPVdITZXYArHA7mvZ8FBOG1iJESQjbVHFHLJ8QCdijSId/J9u7eUnWdI8jL2z1k7OXIg+MIQ=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

a2a8b48415cbae7e8cd24426b36c823726c634ad4b9a1eddac7f8c2a27012590

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 12:04:00 GMT
content-encoding: gzip
x-rq: mxp2 82 235 3086
last-modified: Tue, 05 Jan 2021 23:19:53 GMT
server: nginx
age: 316561
vary: Accept-Encoding
x-cache: hit
content-type: text/css;charset=utf-8
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;includeSubdomains
accept-ranges: bytes
content-length: 22774

GET
H2 200 connext-events.min.js Show response
www.denverpost.com/wp-content/client-mu-plugins/src/SSO/assets/js/ 3 KB
788 B 207ms
63ms Script
application/x-javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Download Go to

Full URL

https://www.denverpost.com/wp-content/client-mu-plugins/src/SSO/assets/js/connext-events.min.js?m=1607866681g

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

4c78e1c09099107a82796834fb2f99112c97883053b2fa5565325ed60c672bd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 12:04:00 GMT
content-encoding: gzip
x-rq: mxp2 87 131 3082
last-modified: Sun, 13 Dec 2020 13:38:01 GMT
server: nginx
age: 1604810
etag: W/"5fd61939-a19"
vary: Accept-Encoding
x-cache: hit
content-type: application/x-javascript
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;includeSubdomains
accept-ranges: bytes
content-length: 680
expires: Tue, 25 Jan 2022 12:04:00 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.3/ 94 KB
33 KB 147ms
3ms Script
text/javascript 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js?ver=1.11.3

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 24 Jan 2021 01:16:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 125256
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33507
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 24 Jan 2022 01:16:24 GMT

GET
H2 200 loader.min.js Show response
www.denverpost.com/wp-content/plugins/loader-wp/static/ 16 KB
5 KB 208ms
64ms Script
application/x-javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Download Go to

Full URL

https://www.denverpost.com/wp-content/plugins/loader-wp/static/loader.min.js?ver=1.0.6.3

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

80fcbd06bbf276b74b41aa77405ffd52243587afb254d1efa88027c33fbba932

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 12:04:00 GMT
content-encoding: gzip
x-rq: mxp2 87 176 3080
last-modified: Fri, 11 Dec 2020 12:19:17 GMT
server: nginx
age: 1606941
etag: W/"5fd363c5-3e4a"
vary: Accept-Encoding
x-cache: hit
content-type: application/x-javascript
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;includeSubdomains
accept-ranges: bytes
content-length: 5483
expires: Tue, 25 Jan 2022 12:04:00 GMT

GET
H2 200 / Show response
www.denverpost.com/_static/ 8 KB
2 KB 209ms
66ms Script
application/x-javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Download Go to

Full URL

https://www.denverpost.com/_static/??-eJzTLy/QTc7PK0nNK9EvyClNz8wr1k9M0c1JrEwtKtbPQuLopqQV6GUV6+gTrQOo2j7X1tDMwNzCzMzMwjALAKxOJsg=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

486e7061a989cf1c6834390c0fdc9a8d181f9179efe68fe8c35c254ff2d49de6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 12:04:00 GMT
content-encoding: gzip
x-rq: mxp2 87 131 3082
last-modified: Sun, 13 Dec 2020 13:38:01 GMT
server: nginx
age: 313585
vary: Accept-Encoding
x-cache: hit
content-type: application/x-javascript
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;includeSubdomains
accept-ranges: bytes
content-length: 2421

GET
H2 200 medianewsgroup.js Show response
cdn.blueconic.net/ 131 KB
40 KB 348ms
46ms Script
text/javascript 13.224.102.102
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://cdn.blueconic.net/medianewsgroup.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.102.102 Seattle, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-102-102.zrh50.r.cloudfront.net

Software

- /

Resource Hash

36e14c51aae1aebf9430c406541b11d1b6f2c12a13d771cafedc93d4b97063dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 11:59:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
age: 459
x-cache: Hit from cloudfront
content-length: 39966
x-xss-protection: 1; mode=block
last-modified: Fri, 18 Dec 2020 21:45:14 GMT
server: -
etag: "20b83-5b6c40606d6b0-gzip"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 a63182cf51dce7998774e112bf9ee7c6.cloudfront.net (CloudFront)
cache-control: public, max-age=600, s-maxage=500
x-amz-cf-pop: ZRH50-C1
accept-ranges: none
x-robots-tag: noindex, nofollow
x-amz-cf-id: A-7yGFOLwGBGgQ1zSrDsqGGG7O25hDpB81bTUW1Zomj4Pte_mBwfuA==

GET
H/1.1 200
OK osano.js Show response
cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/ 392 KB
96 KB 160ms
8ms Script
application/javascript 2600:9000:206f:3c00:3:b7e:8940:93a1
AMAZON-02

General

Check archive.org

Download Go to

Full URL

https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:3c00:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

5d37638ca8c572b3a95105601f702819ed42929a00e083bb6779fc79cf226ff5

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	mode=block

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 24 Jan 2021 22:00:07 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 50633
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 97443
X-XSS-Protection: mode=block
Server: CloudFront
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=2592000
Content-Type: application/javascript; charset=utf-8
Via: 1.1 715791ebe4663055c84208b8a58b2b80.cloudfront.net (CloudFront)
Cache-Control: public, max-age=86400, s-maxage=86400, must-revalidate, proxy-revalidate, no-transform
X-Amz-Cf-Pop: FRA56-C1
X-Amz-Cf-Id: IjT-M-FB5sgsW7NOpa7SXqmrwhcfMr8PMs0f69Zi4N-3Ydc2njycKw==

GET
H/1.1 200
OK mg2nw.min.js Show response
prodmg2.blob.core.windows.net/newsletterwidget/mngcep/ 142 KB
143 KB 754ms
148ms Script
application/javascript 13.82.152.48
MICROSOFT-CORP-MS...

General

Check archive.org

Download Go to

Full URL: https://prodmg2.blob.core.windows.net/newsletterwidget/mngcep/mg2nw.min.js
Requested by: Host: www.denverpost.com
URL: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.82.152.48 Washington, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 62d9dd790ecf0e613f9675fb2870fc437a39ac6978afdfbad86c92eb0cf2010f

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Mon, 25 Jan 2021 12:03:59 GMT
Last-Modified: Wed, 02 Dec 2020 13:53:48 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: jXD0+OlfSDrkmm5rpi1BZQ==
ETag: 0x8D896C9B1576758
Content-Type: application/javascript
Access-Control-Allow-Origin: *
x-ms-request-id: 961f7f35-801e-0055-1f12-f3cd08000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
Content-Length: 145408

GET
H2 200 hhsl-check.min.js Show response
www.denverpost.com/wp-content/plugins/dfm-ad-mods/static/js/ 2 KB
902 B 200ms
66ms Script
application/x-javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Download Go to

Full URL

https://www.denverpost.com/wp-content/plugins/dfm-ad-mods/static/js/hhsl-check.min.js?m=1607866681g

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

98c46f91bb0d2b1658a9651e858bb2dcccc58eb337b9b76aa4c357889b648978

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 12:04:00 GMT
content-encoding: gzip
x-rq: mxp2 87 184 3080
last-modified: Fri, 11 Dec 2020 12:24:00 GMT
server: nginx
age: 1604810
etag: W/"5fd364e0-888"
vary: Accept-Encoding
x-cache: hit
content-type: application/x-javascript
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;includeSubdomains
accept-ranges: bytes
content-length: 804
expires: Tue, 25 Jan 2022 12:04:00 GMT

GET
H2 200 pushly-sdk.min.js Show response
cdn.p-n.io/ 342 KB
68 KB 309ms
38ms Script
application/javascript 13.224.102.52
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://cdn.p-n.io/pushly-sdk.min.js?domain_key=WZUt8dwXwUZotnPfklpQcv7B2rwEoNFUnwAN&ver=5.6
Requested by: Host: www.denverpost.com
URL: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.102.52 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-102-52.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 35b2f0b3d5b3e137933923617954edd447ff0eb10d7d44f6ff8a55a9d0d2f5c0

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 12:02:20 GMT
content-encoding: gzip
last-modified: Sun, 24 Jan 2021 18:21:05 GMT
server: AmazonS3
age: 202
etag: W/"be5e6af3caa7d3bfb8d4e0d82c6a3080"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 a63182cf51dce7998774e112bf9ee7c6.cloudfront.net (CloudFront)
cache-control: max-age=900
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: BJq9CdaAur22k96pYQ3Za7Xt4EEXgiIViGtGfYo8irlhM1PdwqrLJQ==

GET
H2 200 dfm-pushly.min.js Show response
www.denverpost.com/wp-content/plugins/dfm-pushly/static/js/ 160 B
222 B 201ms
67ms Script
application/x-javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Download Go to

Full URL

https://www.denverpost.com/wp-content/plugins/dfm-pushly/static/js/dfm-pushly.min.js?m=1607866681g

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

d9f2778c47db32b56109a39c8c3393b7e213095aa043df32153367708a50dcd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 12:04:00 GMT
x-rq: mxp2 91 185 3094
last-modified: Fri, 08 Jan 2021 13:23:26 GMT
server: nginx
age: 1172961
etag: "5ff85cce-a0"
strict-transport-security: max-age=31536000;includeSubdomains
x-cache: hit
content-type: application/x-javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 160
expires: Tue, 25 Jan 2022 12:04:00 GMT

GET
H/1.1 200
OK 185707-243432272500252.js Show response
js-sec.indexww.com/ht/p/ 137 KB
39 KB 1005ms
886ms Script
text/javascript 23.210.249.164
AKAMAI-AS

General

Check archive.org

Download Go to

Full URL: https://js-sec.indexww.com/ht/p/185707-243432272500252.js
Requested by: Host: www.denverpost.com
URL: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.164 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-164.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 834be1b4f54d76d208b8c39a6f039a82077dfefaf4ab90b23c05c3d312550a0b

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 25 Jan 2021 12:04:02 GMT
Content-Encoding: gzip
Last-Modified: Mon, 25 Jan 2021 12:00:30 GMT
Server: Apache
ETag: "90503b-22404-5b9b848d5c422"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=3599
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 39264
Expires: Mon, 25 Jan 2021 13:04:01 GMT

GET
H2 200 boldcoastal.css
www.denverpost.com/wp-content/themes/assets/static/css/ 352 KB
55 KB 88ms
74ms Stylesheet
text/css 192.0.66.2
AUTOMATTIC

General

Check archive.org

Download Go to

Full URL

https://www.denverpost.com/wp-content/themes/assets/static/css/boldcoastal.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

a2d901cca4fffbae43e7ba04da2a3332d9389493d008a90fc0f2705a500d1f46

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 12:04:01 GMT
content-encoding: gzip
x-rq: mxp2 87 203 3092
last-modified: Fri, 15 Jan 2021 00:02:07 GMT
server: nginx
age: 907025
etag: W/"6000db7f-57e02"
vary: Accept-Encoding
x-cache: hit
content-type: text/css
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;includeSubdomains
accept-ranges: bytes
content-length: 56643
expires: Tue, 25 Jan 2022 12:04:01 GMT

GET
H2 200 wp-emoji-release.min.js Show response
www.denverpost.com/wp-includes/js/ 14 KB
5 KB 94ms
72ms Script
application/x-javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Download Go to

Full URL

https://www.denverpost.com/wp-includes/js/wp-emoji-release.min.js?ver=5.6

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

3685c3818240f5f390073c7d04f944a5cb5d848093224f3a7888034e8c050eb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 12:04:01 GMT
content-encoding: gzip
x-rq: mxp2 87 176 3080
last-modified: Tue, 08 Dec 2020 22:29:13 GMT
server: nginx
age: 1606942
etag: W/"5fcffe39-37a6"
vary: Accept-Encoding
x-cache: hit
content-type: application/x-javascript
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;includeSubdomains
accept-ranges: bytes
content-length: 4721
expires: Tue, 25 Jan 2022 12:04:01 GMT

GET
H2 200 dp-logo-1.svg
www.denverpost.com/wp-content/uploads/2020/11/ 10 KB
4 KB 92ms
70ms Image
image/svg+xml 192.0.66.2
AUTOMATTIC

General

Check archive.org

Download Go to Show image

Full URL

https://www.denverpost.com/wp-content/uploads/2020/11/dp-logo-1.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

2590d66919bcebebcab8820a8e98a672c795c718f39f53d1c62cdd26ced8660b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 12:04:01 GMT
content-encoding: gzip
x-rq: mxp2 109 142 443
last-modified: Tue, 10 Nov 2020 18:50:29 GMT
server: nginx
etag: W/"9a1141ac603be4a8"
vary: Accept-Encoding
x-cache: HIT
content-type: image/svg+xml
cache-control: max-age=2592000
strict-transport-security: max-age=31536000;includeSubdomains
expires: Wed, 10 Nov 2021 18:53:47 GMT

GET
H2 200 TDP-L-kondofamily012221-cha-280.jpg
i2.wp.com/www.denverpost.com/wp-content/uploads/2021/01/ 17 KB
17 KB 261ms
75ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Download Go to Show image

Full URL

https://i2.wp.com/www.denverpost.com/wp-content/uploads/2021/01/TDP-L-kondofamily012221-cha-280.jpg?fit=620%2C9999px&ssl=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

b89869c69a0a9dff0bf334cbbe511c2c8aaafc1d64f9f4a1507699212dcdcccb

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: MISS mxp 5
date: Mon, 25 Jan 2021 12:04:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 24 Jan 2021 13:00:22 GMT
server: nginx
etag: "0edd9e570a579f65"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
link: <https://www.denverpost.com/wp-content/uploads/2021/01/TDP-L-kondofamily012221-cha-280.jpg>; rel="canonical"
content-length: 17466
expires: Wed, 25 Jan 2023 01:00:22 GMT

GET
H2 200 Trust-Logo-Horizontal.svg
www.denverpost.com/wp-content/plugins/dfm-trust-indicators/static/images/ 7 KB
2 KB 94ms
73ms Image
image/svg+xml 192.0.66.2
AUTOMATTIC

General

Check archive.org

Download Go to Show image

Full URL

https://www.denverpost.com/wp-content/plugins/dfm-trust-indicators/static/images/Trust-Logo-Horizontal.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

d3110f199d22d9d122a62c288cca3b3c80edccdb2979c02bcbfa0602a7b88039

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 12:04:01 GMT
content-encoding: gzip
x-rq: mxp2 87 131 3082
last-modified: Sun, 13 Dec 2020 13:38:01 GMT
server: nginx
age: 60
etag: W/"5fd61939-1ab8"
vary: Accept-Encoding
x-cache: hit
content-type: image/svg+xml
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;includeSubdomains
accept-ranges: bytes
content-length: 2485
expires: Tue, 25 Jan 2022 12:04:01 GMT

GET
H2 200 sp_sXPv48AD Show response
launcher.spot.im/spot/ 412 KB
85 KB 563ms
377ms Script
application/javascript 72.247.178.49
AKAMAI-ASN1

General

Check archive.org

Download Go to

Full URL: https://launcher.spot.im/spot/sp_sXPv48AD
Requested by: Host: www.denverpost.com
URL: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.178.49 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: fasthttp /
Resource Hash: 911c88016cb7ca3086754b998282fb807dba429f740f05704a0dbc6d3b1c18cc

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 12:04:01 GMT
content-encoding: br
server: fasthttp
cache-control: max-age=600
content-type: application/javascript; charset=UTF-8
content-length: 86879
expires: Mon, 25 Jan 2021 12:14:01 GMT

GET
H3-Q050 200 api.js Show response
www.google.com/recaptcha/ 850 B
648 B 35ms
15ms Script
text/javascript 2a00:1450:4001:820::2004
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.google.com/recaptcha/api.js?hl=en_US

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:820::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f883ac1ff4bb4a60ccf481ff2f9231b07dcb0bb82c64b8c6f96f5b91e152da9c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 12:04:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 555
x-xss-protection: 1; mode=block
expires: Mon, 25 Jan 2021 12:04:01 GMT

GET
H2 200 loading.gif
www.denverpost.com/wp-content/mu-plugins/jetpack-9.3/modules/sharedaddy/images/ 2 KB
3 KB 94ms
74ms Image
image/gif 192.0.66.2
AUTOMATTIC

General

Check archive.org

Download Go to Show image

Full URL

https://www.denverpost.com/wp-content/mu-plugins/jetpack-9.3/modules/sharedaddy/images/loading.gif

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

3fa54e29f88aee644eaaac38e11681ea07858eb1ea76b1baae12597aae83fe82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 12:04:01 GMT
x-rq: mxp2 89 56 3090
last-modified: Tue, 05 Jan 2021 23:19:51 GMT
server: nginx
age: 930287
etag: "5ff4f417-9e2"
strict-transport-security: max-age=31536000;includeSubdomains
x-cache: hit
content-type: image/gif
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 2530
expires: Tue, 25 Jan 2022 12:04:01 GMT

GET
H2 200 comments-number.css
www.denverpost.com/wp-content/plugins/spotim-comments/assets/stylesheets/ 1 KB
735 B 47ms
46ms Stylesheet
text/css 192.0.66.2
AUTOMATTIC

General

Check archive.org

Download Go to

Full URL

https://www.denverpost.com/wp-content/plugins/spotim-comments/assets/stylesheets/comments-number.css?m=1607866681g

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

60ae6a4bb71a75329fc3c3e5616989c9f855c27dbbc9c5c2f1e05523f3fdd579

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 12:04:00 GMT
content-encoding: gzip
x-rq: mxp2 87 176 3080
last-modified: Fri, 11 Dec 2020 12:19:17 GMT
server: nginx
age: 1654248
etag: W/"5fd363c5-4fa"
vary: Accept-Encoding
x-cache: hit
content-type: text/css
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;includeSubdomains
accept-ranges: bytes
content-length: 668
expires: Tue, 25 Jan 2022 12:04:00 GMT

GET
H2 200 / Show response
www.denverpost.com/_static/ 18 KB
8 KB 49ms
48ms Script
application/x-javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Download Go to

Full URL

https://www.denverpost.com/_static/??-eJyNy0sKgCAQANALlZObyU10ljCrER3FT5Gnj6ADtH3w4Iq9DlwMF4iu7sQZ4hFK4I2cg9PwGhJE0qUm85LwxMLmDn5Ft7Q7UzP5a7OfJA6jQkQl7QPpWC6u

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

4d5f2c09a690b52d4d5aacf685ce7e137ef476f335b705223373f6a986bcb287

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 12:04:00 GMT
content-encoding: gzip
x-rq: mxp2 91 185 3094
last-modified: Fri, 08 Jan 2021 13:23:26 GMT
server: nginx
age: 313586
vary: Accept-Encoding
x-cache: hit
content-type: application/x-javascript
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;includeSubdomains
accept-ranges: bytes
content-length: 7899

GET
H2 200 ads.js Show response
www.denverpost.com/wp-content/themes/wp-mason/static/js/ 87 B
232 B 48ms
47ms Script
application/x-javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Download Go to

Full URL

https://www.denverpost.com/wp-content/themes/wp-mason/static/js/ads.js?ver=1.0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

b36d838681171ab6906d3206d2fd6cc17a7a7a5867213c7595fe0865aeb9e969

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 12:04:01 GMT
x-rq: mxp2 91 222 3086
last-modified: Tue, 27 Oct 2020 01:34:47 GMT
server: nginx
age: 1606942
etag: "5f977937-57"
strict-transport-security: max-age=31536000;includeSubdomains
x-cache: hit
content-type: application/x-javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 87
expires: Tue, 25 Jan 2022 12:04:01 GMT

GET
H2 200 / Show response
www.denverpost.com/_static/ 106 KB
29 KB 50ms
48ms Script
application/x-javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Download Go to

Full URL

https://www.denverpost.com/_static/??-eJydz00KwjAQQOELmY4V0boQz5ImaZs6P4WZKt7egC4URKzbB9/iwXVyQdgSG9iQKCl41WQKat5ygFEhCJFwFYaZzxVlrkZdwQ9uErx1GVGXoFYwBvEl4BdWCnkVfoE9SrvUoPQus2tnszL4gU4495kVYkfOR0cS9Y2X9jhYjnXDlxyT/CEnMZfpCU90rHf1er+tm+Yw3gGVlqvS

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

cdc896b90d2fe7be561b62ba541584a2505aabc80a8f5e14180b61c60bfa9432

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 12:04:01 GMT
content-encoding: gzip
x-rq: mxp2 86 200 3200
last-modified: Fri, 15 Jan 2021 20:18:21 GMT
server: nginx
age: 313586
vary: Accept-Encoding
x-cache: hit
content-type: application/x-javascript
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;includeSubdomains
accept-ranges: bytes
content-length: 29745

GET
H2 200 embed.js Show response
c.go-fet.ch/a/ 168 KB
37 KB 146ms
27ms Script
application/javascript 2600:9000:2190:5000:c:2267:880:93a1
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://c.go-fet.ch/a/embed.js?ver=1.0.0
Requested by: Host: www.denverpost.com
URL: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:5000:c:2267:880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 53c6c96f062c045609d9c40f923d2fb9bc14d7d67b246cf60a94eceff7a8e714

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 11:52:08 GMT
content-encoding: gzip
last-modified: Mon, 25 Jan 2021 05:20:07 GMT
server: AmazonS3
age: 798
etag: W/"2326b78efeaf550c9fa1dcefa1b33b88"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 0c476b4e93e7b13a5f68b185a8e9753c.cloudfront.net (CloudFront)
cache-control: public,max-age=900
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: thFy3lRTgWvkl2NdMWYz9qBossy0OUWzj9G7tF_ael4KhHmDPs5HIw==

GET
H2 200 / Show response
www.denverpost.com/_static/ 9 KB
3 KB 93ms
71ms Script
application/x-javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Download Go to

Full URL

https://www.denverpost.com/_static/??/wp-includes/js/wp-embed.min.js,/wp-content/mu-plugins/jetpack-9.3/_inc/build/sharedaddy/sharing.min.js?m=1609888792j

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

8716edfd746386aa5c49a0e03af716e21389f30483b1ee0db9be3badb6f9d5f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 12:04:01 GMT
content-encoding: gzip
x-rq: mxp2 91 222 3086
last-modified: Tue, 05 Jan 2021 23:19:53 GMT
server: nginx
age: 313586
vary: Accept-Encoding
x-cache: hit
content-type: application/x-javascript
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;includeSubdomains
accept-ranges: bytes
content-length: 3267

GET
H2 200 e-202104.js Show response
stats.wp.com/ 9 KB
3 KB 179ms
57ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Download Go to

Full URL: https://stats.wp.com/e-202104.js
Requested by: Host: www.denverpost.com
URL: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-nc: HIT mxp
date: Mon, 25 Jan 2021 12:04:01 GMT
content-encoding: gzip
server: nginx
etag: W/"5c6340e3-350a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
expires: Mon, 17 Jan 2022 00:25:35 GMT

GET
H2 200 ai.0.js Show response
az416426.vo.msecnd.net/scripts/a/ 94 KB
22 KB 147ms
29ms Script
application/x-javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Download Go to

Full URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by: Host: www.denverpost.com
URL: https://www.denverpost.com/wp-content/plugins/loader-wp/static/loader.min.js?ver=1.0.6.3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FA5) /
Resource Hash: 5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 25 Jan 2021 12:04:01 GMT
content-encoding: gzip
x-ms-meta-lastmodified: 2020-10-01 19:31:04
content-md5: HdY95yzx9wIyQkVEGES+Ew==
age: 894
x-cache: HIT
content-length: 22495
x-ms-lease-status: unlocked
last-modified: Fri, 23 Oct 2020 22:12:59 GMT
server: ECAcc (frc/8FA5)
etag: 0x8D877A0CD108633
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 40117bf1-601e-0015-7f10-f380d5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800
x-ms-version: 2009-09-19
expires: Mon, 25 Jan 2021 12:34:01 GMT

GET
H2 200 polyfill.min.js Show response
polyfill.io/v3/ 72 B
550 B 161ms
44ms Script
text/javascript 2a04:4e42:400::621
FASTLY

General

Check archive.org

Download Go to

Full URL

https://polyfill.io/v3/polyfill.min.js?flags=gated&features=es5%2CCustomEvent%2CArray.from%2CArray.isArray%2CArray.prototype.filter%2CArray.prototype.find%2CArray.prototype.findIndex%2CArray.prototype.forEach%2CArray.prototype.indexOf%2CArray.prototype.keys%2CArray.prototype.lastIndexOf%2CArray.prototype.map%2CArray.prototype.reduce%2CDate.prototype.toISOString%2CDocumentFragment%2CDocumentFragment.prototype.append%2CDocumentFragment.prototype.prepend%2CElement%2CElement.prototype.after%2CElement.prototype.append%2CElement.prototype.before%2CElement.prototype.classList%2CElement.prototype.cloneNode%2CElement.prototype.closest%2CElement.prototype.dataset%2CElement.prototype.matches%2CElement.prototype.placeholder%2CElement.prototype.prepend%2CElement.prototype.remove%2CElement.prototype.replaceWith%2CElement.prototype.toggleAttribute%2CEvent%2CJSON%2CMap%2CNumber.parseInt%2CNumber.parseFloat%2CObject.assign%2CObject.create%2CObject.defineProperties%2CObject.defineProperty%2CObject.entries%2CObject.getOwnPropertyDescriptor%2CObject.getOwnPropertyNames%2CObject.is%2CObject.keys%2CObject.values%2CPromise%2CPromise.prototype.finally%2CSet%2CString.prototype.trim%2CXMLHttpRequest%2Cdocument.getElementsByClassName%2Cdocument.currentScript%2Cdocument.querySelector%2Cfetch%2CgetComputedStyle%2ClocalStorage%2CArray.prototype.some%2CDate.now%2CEvent.focusin%2CEventSource%2CFunction.prototype.bind%2CFunction.prototype.name%2CHTMLDocument%2CNodeList.prototype.forEach%2CNodeList.prototype.%40%40iterator%2CNode.prototype.contains%2CObject.getPrototypeOf%2CObject.setPrototypeOf%2CRegExp.prototype.flags%2CString.prototype.%40%40iterator%2CString.prototype.startsWith%2Cconsole%2Cconsole.debug%2Cconsole.error%2Cconsole.info%2Cconsole.log%2Cdocument%2Cdocument.head%2Cdocument.visibilityState%2Clocation.origin%2CrequestIdleCallback%2Cscreen.orientation%2CmatchMedia%2CURL

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js?ver=1.11.3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:400::621 , Ascension Island, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

aaecd144d2b8763b2fa5c91f09778294363cef363c10504205f4203922644d11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
content-type: text/javascript; charset=utf-8
age: 844809
detected-user-agent: Chrome Mobile/83.0.4103
server-timing: HIT-CLUSTER, fastly;desc="Edge time";dur=1, HIT-CLUSTER, fastly;desc="Edge time";dur=2
content-length: 74
referrer-policy: origin-when-cross-origin
last-modified: Fri, 15 Jan 2021 17:17:39 GMT
date: Mon, 25 Jan 2021 12:04:01 GMT
access-control-allow-methods: GET,HEAD,OPTIONS
normalized-user-agent: chrome/83.0.0
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

OPTIONS
H/1.1 403
Forbidden vendor-list.json
cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/ Frame 0
0 20ms
5ms Other
text/html 2600:9000:206f:3c00:3:b7e:8940:93a1
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/vendor-list.json
Protocol: HTTP/1.1
Server: 2600:9000:206f:3c00:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.denverpost.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

POST
H2 200 json Show response
medianewsgroup.blueconic.net/DG/DEFAULT/rest/rpc/ 102 KB
16 KB 424ms
193ms XHR
application/json 34.225.175.99
AMAZON-AES

General

Check archive.org

Download Go to

Full URL

https://medianewsgroup.blueconic.net/DG/DEFAULT/rest/rpc/json?referer=https%3A%2F%2Fwww.denverpost.com%2F2021%2F01%2F24%2Fcolorado-unemployment-insurance-fraud%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk&bcsessionid=&bctempid=&overruleReferrer=&time=2021-01-25T13%3A04%3A00%2B01%3A00&ts=1611576240514

Requested by

Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/medianewsgroup.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.225.175.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

- /

Resource Hash

da9002923af8cb51f30fcf38f9a6d4836d59cd8f77b8387652f21eb9a0273804

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 25 Jan 2021 12:04:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
x-robots-tag: noindex, nofollow
p3p: policyref="", CP="DSP"
access-control-allow-origin: https://www.denverpost.com
x-permitted-cross-domain-policies: master-only
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 15324
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET vendor-list.json
cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/ 0
0

GET
H2 200 e0565dbab7b93f15f62c4f5e4923fe0b Show response
medianewsgroup.blueconic.net/plugin/plugin/ 174 KB
43 KB 531ms
512ms Script
text/javascript 34.225.175.99
AMAZON-AES

General

Check archive.org

Download Go to

Full URL

https://medianewsgroup.blueconic.net/plugin/plugin/e0565dbab7b93f15f62c4f5e4923fe0b

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.225.175.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

- /

Resource Hash

186d8db4abc377ab4b51889dd2144960383b7ef8da7fb1372d0fd187d8d00eac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 12:04:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
etag: e0565dbab7b93f15f62c4f5e4923fe0b
x-robots-tag: noindex, nofollow
p3p: policyref="", CP="DSP"
x-permitted-cross-domain-policies: master-only
cache-control: private, max-age=31536000
content-type: text/javascript; charset=utf-8
content-length: 43807
x-xss-protection: 1; mode=block
expires: Tue, 25 Jan 2022 12:04:01 GMT

POST
H2 200 LB-Zone-1 Show response
medianewsgroup.blueconic.net/DG/DEFAULT/rest/rpc/json/ 223 B
756 B 698ms
693ms XHR
application/json 34.225.175.99
AMAZON-AES

General

Check archive.org

Download Go to

Full URL

https://medianewsgroup.blueconic.net/DG/DEFAULT/rest/rpc/json/LB-Zone-1?referer=https%3A%2F%2Fwww.denverpost.com%2F2021%2F01%2F24%2Fcolorado-unemployment-insurance-fraud%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk&bcsessionid=&bctempid=088f6758-2659-45ad-9fbe-4efdcabbfaba&overruleReferrer=&time=2021-01-25T13%3A04%3A01%2B01%3A00&ts=1611576241197

Requested by

Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/medianewsgroup.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.225.175.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

- /

Resource Hash

cca29113cd10c5921e1f09aa4a3f224b50a2dd4b0937222de5dd0a759f164ea1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 25 Jan 2021 12:04:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
x-robots-tag: noindex, nofollow
p3p: policyref="", CP="DSP"
access-control-allow-origin: https://www.denverpost.com
x-permitted-cross-domain-policies: master-only
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 153
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 55 KB
19 KB 79ms
64ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5e5484e32e75103eddb9c2a422c43c74b6323d90cf438d5f4e09271d6e4c982

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 12:04:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "764 / 846 of 1000 / last-modified: 1611571202"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 18907
x-xss-protection: 0
expires: Mon, 25 Jan 2021 12:04:01 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 116 KB
30 KB 90ms
75ms Script
application/javascript 13.224.103.105
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.103.105 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-103-105.zrh50.r.cloudfront.net
Software: Server /
Resource Hash: dde5dcb02f349d5cd1f36d6afe709ddfd5713b27129dbae727f456cde6582883

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 11:54:56 GMT
content-encoding: gzip
server: Server
age: 544
etag: 089c185b065ebe3e9c21625b16dea242
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 1437ff2cfbc1ea8c7a36e6b0ce6e935a.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: ZRH50-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-version-id: _tJcEejvI3lMG1vG763SOdL7bPxWjlBE
x-amz-cf-id: T6nEH1K8hC-xDiaZ_FpdAuLOHboVN2WRwfkZshVZ9Bgr4g1TzdNdDA==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 616 KB
77 KB 30ms
16ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TLFP4R

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

76d24fe2a04cda554a4f2205582e7e4e0261dee22017e701d6ab78757082f536

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 12:04:01 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 78616
x-xss-protection: 0
expires: Mon, 25 Jan 2021 12:04:01 GMT

GET
H2 200 SlGVmQWMvZQIdix7AFxXkHNSbRYXags.woff2
fonts.gstatic.com/s/droidsans/v12/ 11 KB
11 KB 10ms
7ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/droidsans/v12/SlGVmQWMvZQIdix7AFxXkHNSbRYXags.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Droid+Sans%3A400%2C700%7CDroid+Serif%3A400%2C400i%2C700%2C700i&ver=5.6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8cb742dbb60decab090cf738bfef2d8a780141573e9a2a3854bf3f78919faed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.denverpost.com
Referer: https://fonts.googleapis.com/css?family=Droid+Sans%3A400%2C700%7CDroid+Serif%3A400%2C400i%2C700%2C700i&ver=5.6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 22 Jan 2021 19:56:35 GMT
x-content-type-options: nosniff
last-modified: Thu, 20 Feb 2020 02:00:07 GMT
server: sffe
age: 230846
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11236
x-xss-protection: 0
expires: Sat, 22 Jan 2022 19:56:35 GMT

GET
H2 200 SlGWmQWMvZQIdix7AFxXmMh3eDs1ZyHKpWg.woff2
fonts.gstatic.com/s/droidsans/v12/ 11 KB
11 KB 10ms
8ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/droidsans/v12/SlGWmQWMvZQIdix7AFxXmMh3eDs1ZyHKpWg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Droid+Sans%3A400%2C700%7CDroid+Serif%3A400%2C400i%2C700%2C700i&ver=5.6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd33ffebb82d0e70371aedd27d79a993c98b29fb0d5e3d8c99c376cc9d57414d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.denverpost.com
Referer: https://fonts.googleapis.com/css?family=Droid+Sans%3A400%2C700%7CDroid+Serif%3A400%2C400i%2C700%2C700i&ver=5.6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 22 Jan 2021 01:57:50 GMT
x-content-type-options: nosniff
last-modified: Thu, 20 Feb 2020 02:52:18 GMT
server: sffe
age: 295571
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11396
x-xss-protection: 0
expires: Sat, 22 Jan 2022 01:57:50 GMT

GET
DATA 200
OK truncated
/ 9 KB
9 KB Font
font/truetype

General

Check archive.org

Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 182abb62bdb40059dbda691bf6631cf6b471499a85971a5fd04832453d7b4141

Request headers

Origin: https://www.denverpost.com
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: font/truetype

GET
H3-Q050 200 tDbV2oqRg1oM3QBjjcaDkOJGiRD7OwGtT0rU.woff2
fonts.gstatic.com/s/droidserif/v13/ 13 KB
13 KB 20ms
20ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/droidserif/v13/tDbV2oqRg1oM3QBjjcaDkOJGiRD7OwGtT0rU.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Droid+Sans%3A400%2C700%7CDroid+Serif%3A400%2C400i%2C700%2C700i&ver=5.6

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6663a15ba588e2aefc9628eaa5755e740f7a31c3caff63430d14248f53281ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.denverpost.com
Referer: https://fonts.googleapis.com/css?family=Droid+Sans%3A400%2C700%7CDroid+Serif%3A400%2C400i%2C700%2C700i&ver=5.6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 16:02:02 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:03:58 GMT
server: sffe
age: 331319
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13096
x-xss-protection: 0
expires: Fri, 21 Jan 2022 16:02:02 GMT

GET
DATA 200
OK truncated
/ 7 KB
7 KB Font
application/font-woff

General

Check archive.org

Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cdf3f88beb166e98d2656e957b247c886d1702027559a290e74a02d58d950c8c

Request headers

Origin: https://www.denverpost.com
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H2 200 loader-config.json Show response
loader-cdn.azureedge.net/prod/dfm/ 1 KB
2 KB 144ms
104ms XHR
application/json 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Download Go to

Full URL: https://loader-cdn.azureedge.net/prod/dfm/loader-config.json?_=1611576240399
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js?ver=1.11.3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: e36c7ea599f1f0c2c2eab3832e151605e0d86c04ce9bf63688ba75414aa5524c

Request headers

Accept: */*
Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Mon, 25 Jan 2021 12:04:02 GMT
last-modified: Wed, 28 Oct 2020 10:33:42 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: kzKvBDBRZW+glYHyGQWuXQ==
etag: 0x8D87B2CF14670AF
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: bdcfe113-f01e-0096-5c12-f3444b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Content-Language,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: no-cache
x-ms-version: 2009-09-19
content-length: 1333

GET
H2 200 pubads_impl_2021012001.js Show response
securepubads.g.doubleclick.net/gpt/ 273 KB
97 KB 74ms
73ms Script
text/javascript 172.217.22.98
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021012001.js?21069868

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s18-in-f98.1e100.net

Software

sffe /

Resource Hash

d82439f1cc267511ad24334015165ee5a382a7e6ba8164d6de02404664be324a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 12:04:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 20 Jan 2021 09:39:43 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98873
x-xss-protection: 0
expires: Mon, 25 Jan 2021 12:04:02 GMT

GET
H2 200 tDbI2oqRg1oM3QBjjcaDkOr9rAXWGQyH.woff2
fonts.gstatic.com/s/droidserif/v13/ 12 KB
12 KB 11ms
11ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/droidserif/v13/tDbI2oqRg1oM3QBjjcaDkOr9rAXWGQyH.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Droid+Sans%3A400%2C700%7CDroid+Serif%3A400%2C400i%2C700%2C700i&ver=5.6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c91e2af7df1a9d8a403108592949a68b78ccbb50c38561aeb4cd1d107ebed276

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.denverpost.com
Referer: https://fonts.googleapis.com/css?family=Droid+Sans%3A400%2C700%7CDroid+Serif%3A400%2C400i%2C700%2C700i&ver=5.6
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 20 Jan 2021 10:36:41 GMT
x-content-type-options: nosniff
last-modified: Thu, 10 Sep 2020 17:04:27 GMT
server: sffe
age: 437241
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12560
x-xss-protection: 0
expires: Thu, 20 Jan 2022 10:36:41 GMT

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 64 B
412 B 121ms
121ms XHR
text/javascript 13.224.103.105
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=3391&u=https%3A%2F%2Fwww.denverpost.com%2F2021%2F01%2F24%2Fcolorado-unemployment-insurance-fraud%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk&pid=m33LhUbDeA35b&cb=0&ws=1600x1200&v=7.58.01&t=2000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-SBB%22%2C%22s%22%3A%5B%22970x30%22%2C%22970x250%22%5D%7D%2C%7B%22sd%22%3A%22div-gpt-ad-interstitial%22%2C%22s%22%3A%5B%221x1%22%5D%7D%2C%7B%22sd%22%3A%22div-gpt-ad-top_leaderboard%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%2C%22970x30%22%2C%22300x50%22%2C%22320x50%22%2C%22320x100%22%5D%7D%2C%7B%22sd%22%3A%22div-gpt-ad-Cube1_RRail_ATF%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22300x1050%22%2C%22160x600%22%5D%7D%2C%7B%22sd%22%3A%22div-gpt-ad-Cube2_RRail_mid%22%2C%22s%22%3A%5B%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22div-gpt-ad-Cube3_RRail_lower%22%2C%22s%22%3A%5B%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22div-gpt-ad-bottom_leaderboard%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%2C%22320x50%22%2C%22320x100%22%5D%7D%2C%7B%22sd%22%3A%22div-gpt-ad-Cube3b_Flex%22%2C%22s%22%3A%5B%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22div-gpt-ad-Cube_Article%22%2C%22s%22%3A%5B%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22div-gpt-ad-Cube2b_Flex%22%2C%22s%22%3A%5B%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22div-gpt-ad-Cube4_BottomLine%22%2C%22s%22%3A%5B%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22div-gpt-ad-Sponsorship_1%22%2C%22s%22%3A%5B%22300x50%22%5D%7D%2C%7B%22sd%22%3A%22div-gpt-ad-Sponsorship_2%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%2C%22300x50%22%2C%22320x50%22%2C%22320x100%22%5D%7D%2C%7B%22sd%22%3A%22div-gpt-ad-Sponsorship_3%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%2C%22300x50%22%2C%22320x50%22%2C%22320x100%22%5D%7D%2C%7B%22sd%22%3A%22div-gpt-ad-Sponsorship_4%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%2C%22300x50%22%2C%22320x50%22%2C%22320x100%22%5D%7D%2C%7B%22sd%22%3A%22div-gpt-ad-mobile_adhesion%22%2C%22s%22%3A%5B%22300x50%22%2C%22320x50%22%2C%22728x90%22%5D%7D%5D&gdpre=1&gdprc=CPAkwT8PAkwT8EXABAENA3CwAAAAAH_AAAYgGggBIAJEQABAIAAEAIAEAAAAQBAAAEAgAAAAAAAAAAAABAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAIAAAAAAgXmAAAAkQAAEAAAAAAAAQAAABAEAAAAAAAAAAAAAAAAAAECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAA.YAAAAAAAAAAA&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.103.105 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-103-105.zrh50.r.cloudfront.net
Software: Server /
Resource Hash: d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 12:04:02 GMT
via: 1.1 1437ff2cfbc1ea8c7a36e6b0ce6e935a.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: ZRH50-C1
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.denverpost.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 64
x-amz-cf-id: tafZ650ies9_wa9EiOgHu7PFjBZrhvtKmVhiSGNBU-dvijt0LOzy0A==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 56ms
56ms XHR
application/javascript 13.224.103.105
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.103.105 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-103-105.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: qvfBoISJ5ymXoV8clHCjrjeaYCNnawpM
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 76626
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 23 Dec 2020 21:52:09 GMT
server: AmazonS3
date: Sun, 24 Jan 2021 14:46:57 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 a4f3f56409fe4e0b42683dc15dd52ef8.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: ZRH50-C1
x-amz-cf-id: tGZZsjWHwe489ODEjfvNKu-J1cb0xtQLulZ-gi26JUgD9ZWRp4OYAQ==

GET
H2 200 d11a1add16ec5bfd57837c1ca63f340a Show response
medianewsgroup.blueconic.net/plugin/library/ 478 KB
142 KB 126ms
125ms Script
text/javascript 34.225.175.99
AMAZON-AES

General

Check archive.org

Download Go to

Full URL

https://medianewsgroup.blueconic.net/plugin/library/d11a1add16ec5bfd57837c1ca63f340a

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.225.175.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

- /

Resource Hash

f300e3e74fd9be18039e3869d57d0e12e42f53a5ca542a14e75b459e1252af80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 12:04:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
etag: d11a1add16ec5bfd57837c1ca63f340a
x-robots-tag: noindex, nofollow
p3p: policyref="", CP="DSP"
x-permitted-cross-domain-policies: master-only
cache-control: private, max-age=31536000
content-type: text/javascript; charset=utf-8
content-length: 144461
x-xss-protection: 1; mode=block
expires: Tue, 25 Jan 2022 12:04:03 GMT

POST
H2 200 json Show response
medianewsgroup.blueconic.net/DG/DEFAULT/rest/rpc/ 3 KB
2 KB 206ms
206ms XHR
application/json 34.225.175.99
AMAZON-AES

General

Check archive.org

Download Go to

Full URL

https://medianewsgroup.blueconic.net/DG/DEFAULT/rest/rpc/json?referer=https%3A%2F%2Fwww.denverpost.com%2F2021%2F01%2F24%2Fcolorado-unemployment-insurance-fraud%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk&bcsessionid=088f6758-2659-45ad-9fbe-4efdcabbfaba&bctempid=&overruleReferrer=&time=2021-01-25T13%3A04%3A03%2B01%3A00&ts=1611576243210

Requested by

Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/medianewsgroup.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.225.175.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

- /

Resource Hash

a13f3c3dcb44fb06ebef144bdcab443dfa3caf927312b3b2273f209c5ac69723

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 25 Jan 2021 12:04:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
x-robots-tag: noindex, nofollow
p3p: policyref="", CP="DSP"
access-control-allow-origin: https://www.denverpost.com
x-permitted-cross-domain-policies: master-only
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 1138
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK chart-with-upwards-trend_1f4c8.png
emojipedia-us.s3.dualstack.us-west-1.amazonaws.com/thumbs/120/apple/237/ 19 KB
20 KB 679ms
166ms Image
image/png 2600:1fa0:c020:281:34db:74f9::
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://emojipedia-us.s3.dualstack.us-west-1.amazonaws.com/thumbs/120/apple/237/chart-with-upwards-trend_1f4c8.png
Requested by: Host: www.denverpost.com
URL: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1fa0:c020:281:34db:74f9:: San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2bb2133a02340dfcf536c60236214d414dfcbd9162ffffda0909804a0b5c8fef

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 25 Jan 2021 12:04:04 GMT
Last-Modified: Fri, 22 Nov 2019 22:25:42 GMT
Server: AmazonS3
x-amz-request-id: 842F045B4DB49E88
ETag: "444ea66d66f6350f315396312349a659"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 19913
x-amz-id-2: SZUlf2YOVGx0s6JsoQV8gwOLQPulAGJgeAXsUDBBwG/ygGaXeW5BB3EGVmwl3L1n8qj5naBc92U=

GET
H/1.1 200
OK syringe_1f489.png
emojipedia-us.s3.dualstack.us-west-1.amazonaws.com/thumbs/240/apple/271/ 16 KB
16 KB 680ms
167ms Image
image/png 2600:1fa0:c020:281:34db:74f9::
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://emojipedia-us.s3.dualstack.us-west-1.amazonaws.com/thumbs/240/apple/271/syringe_1f489.png
Requested by: Host: www.denverpost.com
URL: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1fa0:c020:281:34db:74f9:: San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 73bab331f32e9f7c9119b041a1e57138effe0d5b675d8830a63f4a61dc505ce3

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 25 Jan 2021 12:04:04 GMT
Last-Modified: Sun, 01 Nov 2020 21:23:54 GMT
Server: AmazonS3
x-amz-request-id: 99C3D1F339CA9AEB
ETag: "a71324675a7b48c0074ddab9375ca60f"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 15909
x-amz-id-2: Q7NJWMZX5Sh5lfcdv/DIV5ScKPxVIqmjKq8ThfB3zhJbzdt6T0k13ycXOS/FdMzE2U9cATp0sww=

GET
H/1.1 200
OK hospital_1f3e5.png
emojipedia-us.s3.dualstack.us-west-1.amazonaws.com/thumbs/240/apple/271/ 25 KB
25 KB 689ms
170ms Image
image/png 2600:1fa0:c020:281:34db:74f9::
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://emojipedia-us.s3.dualstack.us-west-1.amazonaws.com/thumbs/240/apple/271/hospital_1f3e5.png
Requested by: Host: www.denverpost.com
URL: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1fa0:c020:281:34db:74f9:: San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8cdc9df7424edf2a019314a902d6433a6976bcda21040cf187bbe30116622675

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 25 Jan 2021 12:04:04 GMT
Last-Modified: Sun, 01 Nov 2020 18:19:33 GMT
Server: AmazonS3
x-amz-request-id: 6C571E84082C749B
ETag: "d45abce5b8d64c477e63dc99fb47e86e"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 25513
x-amz-id-2: cTXBks0iXZGY6xSyaxNFNK7ojvhc5XupJ5W4f1QdXWd/6qYzNDThcjw5p82lehPwTOfRbRIVChM=

GET
H/1.1 200
OK face-with-medical-mask_1f637.png
emojipedia-us.s3.dualstack.us-west-1.amazonaws.com/thumbs/120/apple/271/ 16 KB
17 KB 683ms
168ms Image
image/png 2600:1fa0:c020:281:34db:74f9::
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://emojipedia-us.s3.dualstack.us-west-1.amazonaws.com/thumbs/120/apple/271/face-with-medical-mask_1f637.png
Requested by: Host: www.denverpost.com
URL: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1fa0:c020:281:34db:74f9:: San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1db3632994c4b0349befef9708623ec0f2583436e0817855e7dbc6cee503a1b1

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 25 Jan 2021 12:04:04 GMT
Last-Modified: Sun, 01 Nov 2020 21:58:05 GMT
Server: AmazonS3
x-amz-request-id: 4811BA767CFC93A1
ETag: "489351053810a97c093c0c44b661494f"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 16785
x-amz-id-2: GdjL4Y6AXRpJq11XzjLJW9gQAJNClwYGSFl9hSZv92Q7tcCP363cbetWf6Wpdux8ewJYuzYEC5o=

GET
H/1.1 200
OK envelope_2709.png
emojipedia-us.s3.dualstack.us-west-1.amazonaws.com/thumbs/120/apple/237/ 6 KB
7 KB 689ms
170ms Image
image/png 2600:1fa0:c020:281:34db:74f9::
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://emojipedia-us.s3.dualstack.us-west-1.amazonaws.com/thumbs/120/apple/237/envelope_2709.png
Requested by: Host: www.denverpost.com
URL: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1fa0:c020:281:34db:74f9:: San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cca8adf06f9a3f619c20df56302170ecc928c4f3f54c82b6765fb6e2a2e4919f

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 25 Jan 2021 12:04:04 GMT
Last-Modified: Sat, 23 Nov 2019 00:59:47 GMT
Server: AmazonS3
x-amz-request-id: 75F706C31CCE60F4
ETag: "c2b9ba2588e95bbe7b600cc114cb4c7f"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 6381
x-amz-id-2: W2ns0bVTlFdBF61SoB47MSeFs9G/Ujzu13J08HmFt8DTq/elsxS9zC4WEz5YMF3i9EksFYxmDpg=

GET
H2 200 fp.min.js Show response
fp-cdn.azureedge.net/prod/dfm/ 59 KB
20 KB 39ms
8ms XHR
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Download Go to

Full URL: https://fp-cdn.azureedge.net/prod/dfm/fp.min.js?
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js?ver=1.11.3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F4C) /
Resource Hash: 9d7ae5b7196c72a8c09f3a766e06e61b2ef1d6192076016838b479136435b678

Request headers

Accept: */*
Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 25 Jan 2021 12:04:03 GMT
content-encoding: gzip
content-md5: I+TRQO5bVyRNfhz04pv14Q==
age: 11134
x-cache: HIT
content-length: 19745
x-ms-lease-status: unlocked
last-modified: Thu, 24 Dec 2020 08:54:59 GMT
server: ECAcc (frc/8F4C)
etag: 0x8D8A7E997F32F60
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 7afc8c63-601e-0136-45f8-f2cd78000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=43200
x-ms-version: 2009-09-19

GET
H2 200 g2insights.min.js Show response
g2insights-cdn.azureedge.net/prod/dfm/ 1 MB
217 KB 52ms
10ms XHR
application/x-javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Download Go to

Full URL: https://g2insights-cdn.azureedge.net/prod/dfm/g2insights.min.js?
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js?ver=1.11.3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FE9) /
Resource Hash: a7193b4a580e14658a91dd634cc0ef32ebccae115e311886a993b5e07ca5102d

Request headers

Accept: */*
Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 25 Jan 2021 12:04:03 GMT
content-encoding: gzip
content-md5: MEV0XK+iSrlNTVyliS0EpQ==
age: 36273
x-cache: HIT
content-length: 221901
x-ms-lease-status: unlocked
last-modified: Tue, 29 Dec 2020 13:55:30 GMT
server: ECAcc (frc/8FE9)
etag: 0x8D8AC016798A67D
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 99344c78-c01e-00bc-2dbd-f2310e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=43200
x-ms-version: 2009-09-19

GET
H2 200 t8y9347t.min.js Show response
cdn.ayc0zsm69431gfebd.xyz/prod/dfm/ 547 KB
115 KB 56ms
7ms XHR
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Download Go to

Full URL: https://cdn.ayc0zsm69431gfebd.xyz/prod/dfm/t8y9347t.min.js?v=20201027.3
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js?ver=1.11.3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FC9) /
Resource Hash: 2f7c27148d0d40433fdc58480eb53706587114517254d6b2318b5b34b36af34d

Request headers

Accept: */*
Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 25 Jan 2021 12:04:03 GMT
content-encoding: gzip
content-md5: JnvKeqsH/3bkA8FZT+h5pQ==
age: 41995
x-cache: HIT
content-length: 116925
x-ms-lease-status: unlocked
last-modified: Wed, 18 Nov 2020 10:43:07 GMT
server: ECAcc (frc/8FC9)
etag: 0x8D88BAEBC79F4BA
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: bbacbaae-f01e-00f0-2db0-f2f611000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=43200
x-ms-version: 2009-09-19

OPTIONS
H2 200 v2
api-2-0.spot.im/v1.0.0/owa-gw/spot/sp_sXPv48AD/ Frame 0
0 240ms
131ms Other 72.247.178.11
AKAMAI-ASN1

General

Check archive.org

Download Go to

Full URL: https://api-2-0.spot.im/v1.0.0/owa-gw/spot/sp_sXPv48AD/v2?platform=Desktop
Protocol: H2
Server: 72.247.178.11 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a72-247-178-11.deploy.static.akamaitechnologies.com
Software: fasthttp /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-guid,x-post-id,x-spot-id
Origin: https://www.denverpost.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-length: 0
server: fasthttp
access-control-allow-origin: https://www.denverpost.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: x-spot-id,x-post-id,x-guid
access-control-expose-headers
access-control-max-age: 86400
date: Mon, 25 Jan 2021 12:04:03 GMT

POST
H2 204 events Show response
direct-events-collector.spot.im/api/v2/ 0
265 B 339ms
110ms XHR
text/plain 54.80.13.234
AMAZON-AES

General

Check archive.org

Download Go to

Full URL: https://direct-events-collector.spot.im/api/v2/events?stream_name=init
Requested by: Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_sXPv48AD
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.80.13.234 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: fasthttp /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.denverpost.com
date: Mon, 25 Jan 2021 12:04:03 GMT
access-control-allow-credentials: true
server: fasthttp
access-control-allow-headers: content-type, x-spotim-device-uuid, x-spotim-page-view-id, x-spotim-source, x-xsrf-token
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS

HEAD
H2 200 pixel-ads-google-adsense.html
publisher-assets.spot.im/ad/event-tracking/ 0
0 156ms
47ms Fetch
text/html 72.247.178.42
AKAMAI-ASN1

General

Check archive.org

Download Go to

Full URL: https://publisher-assets.spot.im/ad/event-tracking/pixel-ads-google-adsense.html
Requested by: Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_sXPv48AD
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.178.42 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 12:04:03 GMT
content-encoding: gzip
last-modified: Wed, 12 Aug 2020 13:25:53 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cache-control: max-age=31622400
accept-ranges: bytes
content-length: 20
x-amz-cf-id: E34b4ayeW0pMWumxrCygjlfLO0z_9VJKLILvWdRAwQA76ErjTtqPRQ==
expires: Wed, 26 Jan 2022 12:04:03 GMT

POST
H2 200 v2 Show response
api-2-0.spot.im/v1.0.0/owa-gw/spot/sp_sXPv48AD/ 29 KB
3 KB 302ms
207ms Fetch
application/json 72.247.178.11
AKAMAI-ASN1

General

Check archive.org

Download Go to

Full URL: https://api-2-0.spot.im/v1.0.0/owa-gw/spot/sp_sXPv48AD/v2?platform=Desktop
Requested by: Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_sXPv48AD
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.178.11 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a72-247-178-11.deploy.static.akamaitechnologies.com
Software: fasthttp /
Resource Hash: 0cb121c2b3ff60543105fd6b5baefa3517e2515635407647d023909f496172fe

Request headers

x-spot-id: sp_sXPv48AD
x-guid: null
Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
x-post-id: 4427044
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 25 Jan 2021 12:04:04 GMT
content-encoding: gzip
server: fasthttp
vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.denverpost.com
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: x-spot-id,x-post-id,x-guid
content-length: 3016
x-request-id: 6b0c5db8-5f05-11eb-a42d-a28a8a4b6c20
access-control-expose-headers

HEAD
H2 200 pixel-ads-google-adsense.html
publisher-assets.spot.im/ad/event-tracking/ 0
0 155ms
48ms Fetch
text/html 72.247.178.42
AKAMAI-ASN1

General

Check archive.org

Download Go to

Full URL: https://publisher-assets.spot.im/ad/event-tracking/pixel-ads-google-adsense.html
Requested by: Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_sXPv48AD
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.178.42 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 12:04:03 GMT
content-encoding: gzip
last-modified: Wed, 12 Aug 2020 13:25:53 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cache-control: max-age=31622400
accept-ranges: bytes
content-length: 20
x-amz-cf-id: E34b4ayeW0pMWumxrCygjlfLO0z_9VJKLILvWdRAwQA76ErjTtqPRQ==
expires: Wed, 26 Jan 2022 12:04:03 GMT

GET
DATA 200
OK truncated
/ 44 B
0 Image
image/webp

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 2672
date: Mon, 25 Jan 2021 11:19:31 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Mon, 25 Jan 2021 13:19:31 GMT

GET
H/1.1 200
OK atrk.js Show response
d31qbv1cthcecs.cloudfront.net/ 4 KB
5 KB 150ms
50ms Script
text/javascript 13.224.102.86
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://d31qbv1cthcecs.cloudfront.net/atrk.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.102.86 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-102-86.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 90451ba3e82cd9db02f0ca76bd45d0ab5ef7e90a49da4215903cb7f08471e2e7

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sat, 19 Dec 2020 08:26:48 GMT
Via: 1.1 01ec1718bcc130455b377ec6b38ad50d.cloudfront.net (CloudFront)
Connection: keep-alive
Last-Modified: Sat, 16 Mar 2019 16:01:33 GMT
Server: AmazonS3
Age: 3209837
ETag: "96c08723796affab377d9bb08d631cd0"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Cache-Control: max-age=26920000
X-Amz-Cf-Pop: ZRH50-C1
Accept-Ranges: bytes
Content-Length: 4264
X-Amz-Cf-Id: feEgs-iRj3LU7_HKZwEQx5EN2LGRAVrZbTB67EDXU8roGLpGB2HOpQ==

GET
H2 200 TWTC4-NWJAU-FVVAU-VQNPU-LATGK Show response
s.go-mpulse.net/boomerang/ 205 KB
49 KB 28ms
7ms Script
application/javascript 2a02:26f0:6c00:291::11a6
AKAMAI-ASN1

General

Check archive.org

Download Go to

Full URL: https://s.go-mpulse.net/boomerang/TWTC4-NWJAU-FVVAU-VQNPU-LATGK
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:291::11a6 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 12:04:03 GMT
content-encoding: br
last-modified: Wed, 16 Dec 2020 16:11:45 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
timing-allow-origin: *
content-length: 50393

GET
H2

200

ml.br.js Show response
js.matheranalytics.com/static/ltm/ma23578/wp/14/
Redirect Chain

https://js.matheranalytics.com/s/ma23578/239876503/wp/ml.js?cb=1554
https://js.matheranalytics.com/static/ltm/ma23578/wp/14/ml.br.js

141 KB
41 KB

42ms
41ms

Script
application/x-javascript

107.178.250.234
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://js.matheranalytics.com/static/ltm/ma23578/wp/14/ml.br.js
Requested by: Host: www.denverpost.com
URL: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.250.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 234.250.178.107.bc.googleusercontent.com
Software: nginx /
Resource Hash: 79297cf1e36e4e293f4c1d0d7a2761cef47e79c6696c56449ea6e6461f0059ab

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 23 Jan 2021 05:12:04 GMT
content-encoding: br
last-modified: Thu, 27 Aug 2020 21:04:38 GMT
server: nginx
age: 197521
etag: "3a6e372f19bd4bc068c12731274dfe48"
vary: Accept-Encoding
x-cache: HIT Thu, 27 Aug 2020 21:19:10 GMT
content-type: application/x-javascript
via: 1.1 google
cache-control: public, max-age=269200
alt-svc: clear
content-length: 41998

Redirect headers

date: Mon, 25 Jan 2021 12:04:04 GMT
via: 1.1 google
server: nginx
vary: Accept-Encoding
location: https://js.matheranalytics.com/static/ltm/ma23578/wp/14/ml.br.js
cache-control: public, max-age=269200
alt-svc: clear
x-served-by: 4-gc-euw1-10923

GET
H2 200 Bootstrap.js Show response
nexus.ensighten.com/choozle/2867/ 34 KB
10 KB 371ms
124ms Script
application/javascript 3.17.209.243
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://nexus.ensighten.com/choozle/2867/Bootstrap.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.17.209.243 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 85eb44416cc1c0c3312fc9bf0e6bb210a105a9dab0534cc376529084bebdafdf

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 12:04:04 GMT
content-encoding: gzip
last-modified: Sat, 09 Jun 2018 23:37:40 GMT
server: nginx
etag: W/"5b1c64c4-87c6"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=300

GET
H2 200 9d67f9eb2b6f2363971f073a76a50f6b264d1941d6a40bae000c2ca9b8f920a4 Show response
scripts.webcontentassessor.com/scripts/ 138 KB
37 KB 132ms
38ms Script
application/javascript 151.101.114.217
FASTLY

General

Check archive.org

Download Go to

Full URL: https://scripts.webcontentassessor.com/scripts/9d67f9eb2b6f2363971f073a76a50f6b264d1941d6a40bae000c2ca9b8f920a4
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c074da4fbf0575ebc8ef7221e0d7748b97ec7cda5b8b43de7506be913800557a

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 12:04:04 GMT
content-encoding: gzip
age: 3418
x-cache: HIT
content-length: 37802
x-amz-id-2: NYSrASXk/OD0maI/OXuiQvr0JtDfhmTzawu4TEV2SsY53hzvjdAeMU4dszTFWPTXdi9P0oeykzQ=
x-served-by: cache-hhn4067-HHN
last-modified: Mon, 25 Jan 2021 11:04:50 GMT
server: AmazonS3
x-timer: S1611576244.133464,VS0,VE0
etag: "a4a2fda11056f8bba9464cc80054fd85"
vary: Accept-Encoding
x-amz-request-id: 32A5E77A2FEBB2CF
via: 1.1 varnish
cache-control: max-age=3600,stale-if-error=86400,stale-while-revalidate=3600
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 91 KB
23 KB 18ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23762
x-fb-rlafr: 0
pragma: public
x-fb-debug: JfRB776uSRux5AcNDGoAZ/9/9P7PwcbovabWCpEcmUrKJFZuYU7xtQWb9R5wSTGxUh/DnwmWeTTH/D+WTJRuZw==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Mon, 25 Jan 2021 12:04:04 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ats.js Show response
ats.rlcdn.com/ 182 KB
60 KB 271ms
156ms Script
application/javascript 35.244.220.155
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://ats.rlcdn.com/ats.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.220.155 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 155.220.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 5e8e5fe8bda51e143511122e4296e652c905e0e7445cad6e3b79365eafaa7f0d

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 12:04:04 GMT
content-encoding: gzip
x-guploader-uploadid: ABg5-UwH4J1uYrcqO9ds5AIP4DvoQ3Hlnv6JiUWiyVMxweEzrzhYV7gX4izHHZ36PwqLSuijyoX0Jf2AfHw6LYRDBNU
x-goog-storage-class: STANDARD
x-goog-metageneration: 3
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 60625
last-modified: Fri, 22 Jan 2021 08:44:43 GMT
server: UploadServer
etag: "cd29a4c3533e427f1b5c357933c3c1ec"
x-goog-hash: crc32c=NT+O6A==, md5=zSmkw1M+Qn8bXDV5M8PB7A==
x-goog-generation: 1611305083757651
cache-control: no-transform
x-goog-stored-content-length: 60625
accept-ranges: bytes
content-type: application/javascript
expires: Tue, 25 Jan 2022 12:04:04 GMT

GET
H/1.1

204
No Content

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=6035443&ns__t=1611576243978&ns_c=UTF-8&c8=Ramifications%20of%20unemployment%20insurance%20fraud%20run%20deep%20in%20Colorado&c7=https%3A%2F%2Fwww.denverpo...
https://sb.scorecardresearch.com/b2?c1=2&c2=6035443&ns__t=1611576243978&ns_c=UTF-8&c8=Ramifications%20of%20unemployment%20insurance%20fraud%20run%20deep%20in%20Colorado&c7=https%3A%2F%2Fwww.denverp...

0
528 B

55ms
50ms

Image
text/plain

104.108.64.33
AKAMAI-AS

General

Check archive.org

Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=6035443&ns__t=1611576243978&ns_c=UTF-8&c8=Ramifications%20of%20unemployment%20insurance%20fraud%20run%20deep%20in%20Colorado&c7=https%3A%2F%2Fwww.denverpost.com%2F2021%2F01%2F24%2Fcolorado-unemployment-insurance-fraud%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk&c9=&cs_ak_ss=1
Requested by: Host: www.denverpost.com
URL: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.64.33 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-64-33.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 25 Jan 2021 12:04:04 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/b2?c1=2&c2=6035443&ns__t=1611576243978&ns_c=UTF-8&c8=Ramifications%20of%20unemployment%20insurance%20fraud%20run%20deep%20in%20Colorado&c7=https%3A%2F%2Fwww.denverpost.com%2F2021%2F01%2F24%2Fcolorado-unemployment-insurance-fraud%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk&c9=&cs_ak_ss=1
Pragma: no-cache
Date: Mon, 25 Jan 2021 12:04:04 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
insight.adsrvr.org/track/evnt/ 70 B
261 B 159ms
47ms Image
image/gif 34.251.61.210
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://insight.adsrvr.org/track/evnt/?adv=wvvvz6x&ct=0:75j4cjk&fmt=3
Requested by: Host: www.denverpost.com
URL: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.61.210 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Jan 2021 12:04:04 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
DATA 200
OK truncated
/ 82 B
0 Image
image/webp

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 90 B
0 Image
image/webp

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 38 B
0 Image
image/webp

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/webp

GET
H/1.1 200
OK p.js Show response
d1z2jf7jlzjs58.cloudfront.net/ 930 B
1 KB 156ms
49ms Script
application/x-javascript 13.224.89.166
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://d1z2jf7jlzjs58.cloudfront.net/p.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.89.166 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-89-166.zrh50.r.cloudfront.net
Software: nginx /
Resource Hash: 62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 24 Jan 2021 16:23:01 GMT
Via: 1.1 e1532b3ffd3d84bfecb9972a863a75ef.cloudfront.net (CloudFront)
Age: 70824
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 930
Pragma: public
Last-Modified: Wed, 06 May 2020 20:19:48 GMT
Server: nginx
ETag: "5eb31be4-3a2"
Content-Type: application/x-javascript
Cache-Control: max-age=86400, public
X-Amz-Cf-Pop: ZRH50-C1
Accept-Ranges: bytes
X-Amz-Cf-Id: kEo9f8gSw6QPmSfQZnKq87sn7EB-tG6aylqceR_aT21KW81hlxS4og==
Expires: Mon, 25 Jan 2021 16:23:01 GMT

GET
H/1.1 200
OK script.js Show response
cdn.listrakbi.com/scripts/ 64 KB
21 KB 180ms
57ms Script
text/javascript 13.224.96.8
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://cdn.listrakbi.com/scripts/script.js?m=tUxHTINGb1zW&v=1
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.96.8 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 4907bbcf5f0b81bb78857770341d43e9634c9c9498e637a442771813b7aba010

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 25 Jan 2021 12:02:22 GMT
Content-Encoding: gzip
X-AspNet-Version: 4.0.30319
Age: 510
X-Powered-By: ASP.NET
X-Cache: Hit from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP COR CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI COM NAV INT DEM CNT PRE LOC"
Connection: keep-alive
Content-Length: 20233
Last-Modified: Wed, 20 Jan 2021 17:24:03 GMT
Server: Microsoft-IIS/8.5
X-ltk: 1/22/2021 12:54:39 PM
ETag: "vTdKKylvo5RwwchqXo/0LA=="
Vary: Accept-encoding
Content-Type: text/javascript; charset=utf-8
Via: 1.1 af287426c130b47dba79bf825f91ebbb.cloudfront.net (CloudFront)
Cache-Control: public, no-transform, max-age=3600, s-maxage=600
X-Amz-Cf-Pop: ZRH50-C1
Accept-Ranges: bytes
X-Amz-Cf-Id: OUNq85lVNSJzjdUZLZu2FTCJRSz3kzqXDIj2XEu5D_sELAQAVT8ySg==
Expires: Mon, 25 Jan 2021 12:55:34 GMT

GET
H2 200 common-async.chunk.min.js Show response
www.denverpost.com/wp-content/themes/assets/static/js/ 57 KB
9 KB 56ms
52ms Script
application/x-javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Download Go to

Full URL

https://www.denverpost.com/wp-content/themes/assets/static/js/common-async.chunk.min.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

d09e06781c7912d734e3626706742a4052e41c1614a21e05f085213764700dec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 12:04:04 GMT
content-encoding: gzip
x-rq: mxp2 87 176 3080
last-modified: Mon, 11 Jan 2021 22:18:08 GMT
server: nginx
age: 1172229
etag: W/"5ffccea0-e37e"
vary: Accept-Encoding
x-cache: hit
content-type: application/x-javascript
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;includeSubdomains
accept-ranges: bytes
content-length: 8552
expires: Tue, 25 Jan 2022 12:04:04 GMT

GET
H2 200 boldcoastal-async.chunk.min.js Show response
www.denverpost.com/wp-content/themes/assets/static/js/ 3 KB
1 KB 53ms
52ms Script
application/x-javascript 192.0.66.2
AUTOMATTIC

General

Check archive.org

Download Go to

Full URL

https://www.denverpost.com/wp-content/themes/assets/static/js/boldcoastal-async.chunk.min.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

4d44f0b7afad99a1982df9a35143769afd51a028df9afbd181dce9cb42b8a98b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 12:04:04 GMT
content-encoding: gzip
x-rq: mxp2 89 56 3090
last-modified: Mon, 11 Jan 2021 22:18:08 GMT
server: nginx
age: 1172229
etag: W/"5ffccea0-aca"
vary: Accept-Encoding
x-cache: hit
content-type: application/x-javascript
cache-control: max-age=31536000
strict-transport-security: max-age=31536000;includeSubdomains
accept-ranges: bytes
content-length: 1213
expires: Tue, 25 Jan 2022 12:04:04 GMT

GET
H2 200 sp_sXPv48AD Show response
recirculation.spot.im/spot/ 0
0 182ms
62ms Script
text/html 72.247.178.42
AKAMAI-ASN1

General

Check archive.org

Download Go to

Full URL: https://recirculation.spot.im/spot/sp_sXPv48AD
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.178.42 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *, *

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 102 KB
34 KB 25ms
19ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KM8CCP2

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e2729d784506f6776f8b94c8046ee6a7b2eb409d48f26c9c6609bfa3e64bdfe4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 12:04:04 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34457
x-xss-protection: 0
expires: Mon, 25 Jan 2021 12:04:04 GMT

GET
H2 200 denverpost.com.json Show response
c.go-fet.ch/hosts/ 3 B
446 B 210ms
169ms Fetch
application/json 2600:9000:2190:5000:c:2267:880:93a1
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://c.go-fet.ch/hosts/denverpost.com.json
Requested by: Host: c.go-fet.ch
URL: https://c.go-fet.ch/a/embed.js?ver=1.0.0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:5000:c:2267:880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 24 Jan 2021 16:55:07 GMT
via: 1.1 8455bcb2c0203b0c4ee93b610d75e69b.cloudfront.net (CloudFront)
last-modified: Tue, 30 Oct 2018 18:22:13 GMT
server: AmazonS3
age: 68938
etag: "8a80554c91d9fca8acb82f023de02f11"
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, HEAD
content-type: application/json
access-control-allow-origin: *
access-control-max-age: 3000
x-cache: Error from cloudfront
x-amz-cf-pop: ZRH50-C1
content-length: 3
x-amz-cf-id: J4dSpuNaWSRlOdluLtJ7eqvMptSH8ywtJHSWsjCp3p7i_BzBzPyFzw==

GET
H/1.1 200
OK /
cmp.osano.com/ Frame FDB5 0
0 34ms
11ms Document
text/html 2600:9000:206f:3c00:3:b7e:8940:93a1
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://cmp.osano.com/
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3c00:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Host: cmp.osano.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk

Response headers

Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Date: Sun, 24 Jan 2021 21:27:53 GMT
Last-Modified: Wed, 05 Aug 2020 21:11:59 GMT
ETag: W/"a758a7d021a223d4dd8f6a96b4870cde"
x-amz-version-id: QQ2tnuZJqIRU17hPhCcXM42yBx8382wT
Server: AmazonS3
Content-Encoding: gzip
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 b8fb5d47d5536b63dd25111404e6e2e4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA56-C1
X-Amz-Cf-Id: N7Nk-XHGeofkLXRBTwlFcJZbOMpON4jVNXJCeTRJjhkqfz-sDzmhdg==
Age: 52572

GET
DATA 200
OK truncated
/ 772 B
0 Image
image/svg+xml

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 884c4cba946fc8a2c5479e4abb423711013a05af259ac7a7a31cafdb9d0e7dd1

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/_KUxfxvAoJ4k7SaKyLbja4Mi/ 331 KB
130 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/_KUxfxvAoJ4k7SaKyLbja4Mi/recaptcha__en.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2ab2ee6c6698b57f2f3c79839a574a6808197ac57b7fbc6295b1be3ab8a4d279

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.denverpost.com
Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 11:00:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3840
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 132786
x-xss-protection: 0
last-modified: Sun, 17 Jan 2021 15:08:17 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 25 Jan 2022 11:00:04 GMT

GET
H2 200 g.gif
pixel.wp.com/ 50 B
115 B 46ms
43ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&j=1%3A9.3.1&blog=111738712&post=4427044&tz=-7&srv=www.denverpost.com&host=www.denverpost.com&ref=&fcp=2464&rand=0.41355745506003694
Requested by: Host: www.denverpost.com
URL: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 12:04:04 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H2 200 device_load Show response
events-collector.spot.im/api/v1/ 36 B
477 B 261ms
134ms Fetch
text/plain 72.247.178.33
AKAMAI-ASN1

General

Check archive.org

Download Go to

Full URL: https://events-collector.spot.im/api/v1/device_load
Requested by: Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_sXPv48AD
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.178.33 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: fasthttp /
Resource Hash: 870fdd4f125f70d7ae5384fa882f0a8f2a592795e511d6ac9af0b1fc332752ca

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Jan 2021 12:04:04 GMT
server: fasthttp
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.denverpost.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
access-control-allow-headers: content-type, x-spotim-device-uuid, x-spotim-page-view-id, x-spotim-source, x-xsrf-token
content-length: 36
expires: Mon, 25 Jan 2021 12:04:04 GMT

GET
H2 200 close_54x54.png
www.denverpost.com/wp-content/client-mu-plugins/src/Ads/assets/img/ 1 KB
1 KB 57ms
53ms Image
image/png 192.0.66.2
AUTOMATTIC

General

Check archive.org

Download Go to Show image

Full URL

https://www.denverpost.com/wp-content/client-mu-plugins/src/Ads/assets/img/close_54x54.png

Requested by

Host: www.denverpost.com
URL: https://www.denverpost.com/_static/??-eJx9kNEKwjAMRX/IGvdS9yLip3RtdcGmLU2G7O/NHAwR9Snh3tyTEHhUg9mnKUQGzwwBWWBIxd9NwqG5NgPLnOKeMO91YAea8CVLzAI1TTfMGrqSkTaxKCugd1Iaa8wJ+hf00/sLU6m6xjHNb+3Paa5FkFQmUpnBMUfh9WYe49KT+7LNJ9RiaDIbqXm4hI2w3E1lwBSNC2NkLNmsn1DnTKfOHo69tbbvnp39ehQ=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

76db8eaafd56a116fa9f722f596da45b0ef936a6975861fe6b481fe3bccd2398

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

Referer: https://www.denverpost.com/_static/??-eJx9kNEKwjAMRX/IGvdS9yLip3RtdcGmLU2G7O/NHAwR9Snh3tyTEHhUg9mnKUQGzwwBWWBIxd9NwqG5NgPLnOKeMO91YAea8CVLzAI1TTfMGrqSkTaxKCugd1Iaa8wJ+hf00/sLU6m6xjHNb+3Paa5FkFQmUpnBMUfh9WYe49KT+7LNJ9RiaDIbqXm4hI2w3E1lwBSNC2NkLNmsn1DnTKfOHo69tbbvnp39ehQ=
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 12:04:04 GMT
x-rq: mxp2 91 222 3086
last-modified: Tue, 27 Oct 2020 01:34:46 GMT
server: nginx
age: 1669298
etag: "5f977936-547"
strict-transport-security: max-age=31536000;includeSubdomains
x-cache: hit
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1351
expires: Tue, 25 Jan 2022 12:04:04 GMT

GET
H2 200 ads Show response
pagead2.googlesyndication.com/gampad/ 100 KB
16 KB 294ms
293ms XHR
text/plain 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?gdfp_req=1&pvsid=2151224215079320&correlator=3619856572031531&output=ldjh&impl=fifs&eid=21068773%2C21069111%2C21069690%2C21069829%2C21069868&vrg=2021012001&ptt=17&gdpr_consent=CPAkwUQPAkwUQEXABAENA3CwAAAAAH_AAAYgGggBIAJEQABAIAAEAIAEAAAAQBAAAEAgAAAAAAAAAAAABAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAIAAAAAAgXmAAAAkQAAEAAAAAAAAQAAABAEAAAAAAAAAAAAAAAAAAECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAA.YAAAAAAAAAAA&gdpr=1&us_privacy=1---&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20210125&iu_parts=8013%2Cdenverpost.com%2Cbusiness&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x90%7C970x250%7C970x30%2C300x250%7C300x600%7C300x1050%2C300x250%2C300x250%2C728x90%7C970x250%7C970x90%2C1x1%2C300x251%2C728x90%2C1x1%2C300x50%2C1280x250%7C970x250%7C970x90%7C728x90&prev_scp=POS%3Dtop_leaderboard%26kv%3Dcolorado-department-of-labor%2Ceconomic-impact-coronavirus%2Cfraud%2Cmore-business-news%2Cu-s-department-of-labor%2Cunemployment%26page%3Darticle%26RPN%3D22%26rurl%3D%26articleid%3D4427044%26amznbid%3D2%26amznp%3D2%7CPOS%3DCube1_RRail_ATF%26kv%3Dcolorado-department-of-labor%2Ceconomic-impact-coronavirus%2Cfraud%2Cmore-business-news%2Cu-s-department-of-labor%2Cunemployment%26page%3Darticle%26RPN%3D22%26rurl%3D%26articleid%3D4427044%26amznbid%3D2%26amznp%3D2%7CPOS%3DCube2_RRail_mid%26kv%3Dcolorado-department-of-labor%2Ceconomic-impact-coronavirus%2Cfraud%2Cmore-business-news%2Cu-s-department-of-labor%2Cunemployment%26page%3Darticle%26RPN%3D22%26rurl%3D%26articleid%3D4427044%26amznbid%3D2%26amznp%3D2%7CPOS%3DCube_Article%26kv%3Dcolorado-department-of-labor%2Ceconomic-impact-coronavirus%2Cfraud%2Cmore-business-news%2Cu-s-department-of-labor%2Cunemployment%26page%3Darticle%26RPN%3D22%26rurl%3D%26articleid%3D4427044%26amznbid%3D2%26amznp%3D2%7CPOS%3Dbottom_leaderboard%26kv%3Dcolorado-department-of-labor%2Ceconomic-impact-coronavirus%2Cfraud%2Cmore-business-news%2Cu-s-department-of-labor%2Cunemployment%26page%3Darticle%26RPN%3D22%26rurl%3D%26articleid%3D4427044%26amznbid%3D2%26amznp%3D2%7CPOS%3Dinterstitial%26kv%3Dcolorado-department-of-labor%2Ceconomic-impact-coronavirus%2Cfraud%2Cmore-business-news%2Cu-s-department-of-labor%2Cunemployment%26page%3Darticle%26content%3Dtwitter%26RPN%3D22%26rurl%3D%26articleid%3D4427044%26amznbid%3D2%26amznp%3D2%7CPOS%3DSlideshow_1%26kv%3Dcolorado-department-of-labor%2Ceconomic-impact-coronavirus%2Cfraud%2Cmore-business-news%2Cu-s-department-of-labor%2Cunemployment%26page%3Darticle%26RPN%3D22%26rurl%3D%26articleid%3D4427044%7CPOS%3Dmobile_adhesion%26kv%3Dcolorado-department-of-labor%2Ceconomic-impact-coronavirus%2Cfraud%2Cmore-business-news%2Cu-s-department-of-labor%2Cunemployment%26page%3Darticle%26RPN%3D22%26rurl%3D%26articleid%3D4427044%26amznbid%3D2%26amznp%3D2%7CPOS%3DOutstream_Video%26kv%3Dcolorado-department-of-labor%2Ceconomic-impact-coronavirus%2Cfraud%2Cmore-business-news%2Cu-s-department-of-labor%2Cunemployment%26page%3Darticle%26RPN%3D22%26rurl%3D%26articleid%3D4427044%7CPOS%3DSponsorship_1%26kv%3Dcolorado-department-of-labor%2Ceconomic-impact-coronavirus%2Cfraud%2Cmore-business-news%2Cu-s-department-of-labor%2Cunemployment%26page%3Darticle%26RPN%3D22%26rurl%3D%26articleid%3D4427044%26amznbid%3D2%26amznp%3D2%7CPOS%3DSponsorship_2%26kv%3Dcolorado-department-of-labor%2Ceconomic-impact-coronavirus%2Cfraud%2Cmore-business-news%2Cu-s-department-of-labor%2Cunemployment%26page%3Darticle%26RPN%3D22%26rurl%3D%26articleid%3D4427044%26amznbid%3D2%26amznp%3D2&eri=1&bc=31&abxe=1&lmt=1611576244&dt=1611576244924&dlt=1611576239931&idt=4746&frm=20&biw=1600&bih=1200&oid=3&adxs=436%2C1135%2C1135%2C282%2C160%2C160%2C-9%2C-12245933%2C282%2C1140%2C-10&adys=183%2C537%2C1080%2C1521%2C10221%2C177%2C-9%2C-12245933%2C1024%2C17%2C9570&adks=685209867%2C779411635%2C3761832310%2C1096742112%2C2036989%2C3825197355%2C1883405259%2C2593284719%2C2853486072%2C2687247660%2C2901759020&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb&ifi=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.denverpost.com%2F2021%2F01%2F24%2Fcolorado-unemployment-insurance-fraud%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1280x97%7C304x817%7C304x817%7C711x8314%7C1300x10158%7C1280x97%7C0x-1%7C728x90%7C711x8314%7C1300x50%7C1280x775&msz=1600x96%7C304x250%7C304x250%7C711x250%7C1280x90%7C1280x1%7C0x-1%7C0x0%7C711x1%7C300x50%7C1610x250&ga_vid=1720914235.1611576245&ga_sid=1611576245&ga_hid=637600169&fws=4%2C4%2C4%2C4%2C4%2C4%2C2%2C132%2C4%2C4%2C4&ohw=1600%2C304%2C304%2C711%2C1280%2C1280%2C0%2C0%2C711%2C300%2C1600&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021012001.js?21069868

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a617ad74b82f44bc7ec6ac1adefd54840009de92c1fa3214e32f5d631027dc9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 12:04:05 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 15779
x-xss-protection: 0
google-lineitem-id: -2,-2,4788924865,-2,4788924865,-2,4492956232,-2,-2,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-2,138313334945,-2,138313335122,-2,138218003015,-2,-2,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.denverpost.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
76546244d1c81ae3d677fce14e9439d7.safeframe.googlesyndication.com/safeframe/1-0-37/html/ 0
0 77ms
14ms Other
text/html 2a00:1450:4001:820::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://76546244d1c81ae3d677fce14e9439d7.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ 0
0 15ms
13ms Other
text/html 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

POST
H2 200 LB-Zone-2 Show response
medianewsgroup.blueconic.net/DG/DEFAULT/rest/rpc/json/ 169 B
833 B 113ms
113ms XHR
application/json 34.225.175.99
AMAZON-AES

General

Check archive.org

Download Go to

Full URL

https://medianewsgroup.blueconic.net/DG/DEFAULT/rest/rpc/json/LB-Zone-2?referer=https%3A%2F%2Fwww.denverpost.com%2F2021%2F01%2F24%2Fcolorado-unemployment-insurance-fraud%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk&bcsessionid=088f6758-2659-45ad-9fbe-4efdcabbfaba&bctempid=&overruleReferrer=&time=2021-01-25T13%3A04%3A05%2B01%3A00&ts=1611576245248

Requested by

Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/medianewsgroup.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.225.175.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

- /

Resource Hash

9e314a4fc391de1006c05d42d614ed2aabc5a1632c822413351e336842e08898

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 25 Jan 2021 12:04:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
x-robots-tag: noindex, nofollow
p3p: policyref="", CP="DSP"
access-control-allow-origin: https://www.denverpost.com
x-permitted-cross-domain-policies: master-only
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 132
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 stats Show response
medianewsgroup.blueconic.net/rest/recommendations/LB-Zone-2/ 14 B
370 B 129ms
123ms Script
text/javascript 34.225.175.99
AMAZON-AES

General

Check archive.org

Download Go to

Full URL

https://medianewsgroup.blueconic.net/rest/recommendations/LB-Zone-2/stats?storeId=eb3cd944-53e0-47a9-a944-d4cdf9677a5e&action=view&itemId=4427044&url=https%3A%2F%2Fwww.denverpost.com%2F2021%2F01%2F24%2Fcolorado-unemployment-insurance-fraud%2F&profileId=088f6758-2659-45ad-9fbe-4efdcabbfaba&isEntrypage=true&hash=a640cfa1814ae5de7ae5d610e88c37d6&lastmodified=1611493201000&referer=https%3A%2F%2Fwww.denverpost.com%2F2021%2F01%2F24%2Fcolorado-unemployment-insurance-fraud%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk&bcsessionid=088f6758-2659-45ad-9fbe-4efdcabbfaba&bctempid=&overruleReferrer=&time=2021-01-25T13%3A04%3A05%2B01%3A00&callback=bc_json255

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.225.175.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

- /

Resource Hash

d8367202cbdf6d9122d43ac2b69a31aca40c9b5a9219894891a78f5fd63898ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Jan 2021 12:04:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
x-robots-tag: noindex, nofollow
p3p: policyref="", CP="DSP"
x-permitted-cross-domain-policies: master-only
cache-control: no-cache, no-store, no-transform, must-revalidate, private
content-type: text/javascript;charset=utf-8
content-length: 34
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 LB-Zone-2 Show response
medianewsgroup.blueconic.net/DG/DEFAULT/rest/rpc/json/ 237 B
542 B 126ms
126ms XHR
application/json 34.225.175.99
AMAZON-AES

General

Check archive.org

Download Go to

Full URL

Requested by

Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/medianewsgroup.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.225.175.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

- /

Resource Hash

c9afd43fdd55149ce4095d4755bc6f9c18148b9823ff0bdb8719920e9b3689e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 25 Jan 2021 12:04:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
x-robots-tag: noindex, nofollow
p3p: policyref="", CP="DSP"
access-control-allow-origin: https://www.denverpost.com
x-permitted-cross-domain-policies: master-only
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 135
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 TDP-L-kondofamily012221-cha-225.jpg
www.denverpost.com/wp-content/uploads/2021/01/ 174 KB
174 KB 678ms
675ms Image
image/webp 192.0.66.2
AUTOMATTIC

General

Check archive.org

Download Go to Show image

Full URL

https://www.denverpost.com/wp-content/uploads/2021/01/TDP-L-kondofamily012221-cha-225.jpg?w=862

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.66.2 San Francisco, United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

1e4805959cfd7ddb635dc0336bc4fdcf74ec90cde0eca240efd081c2935ba629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;includeSubdomains

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 12:04:06 GMT
x-rq: mxp2 109 196 443
last-modified: Mon, 25 Jan 2021 12:04:06 GMT
server: nginx
etag: "d052d6d3ee8c7fe1"
vary: Accept
x-cache: MISS
content-type: image/webp
cache-control: max-age=2592000
strict-transport-security: max-age=31536000;includeSubdomains
accept-ranges: bytes
content-length: 178216
expires: Tue, 25 Jan 2022 12:04:06 GMT

OPTIONS
H2 200 4427044
api-2-0.spot.im/v1.0.0/config/ab_test/sp_sXPv48AD/ Frame 0
0 124ms
123ms Other 72.247.178.11
AKAMAI-ASN1

General

Check archive.org

Download Go to

Full URL: https://api-2-0.spot.im/v1.0.0/config/ab_test/sp_sXPv48AD/4427044
Protocol: H2
Server: 72.247.178.11 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a72-247-178-11.deploy.static.akamaitechnologies.com
Software: fasthttp /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type,x-spotim-device-uuid,x-spotim-page-view-id
Origin: https://www.denverpost.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-length: 0
server: fasthttp
access-control-allow-origin: https://www.denverpost.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-headers: content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid
access-control-expose-headers: x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid
access-control-max-age: 86400
date: Mon, 25 Jan 2021 12:04:05 GMT

GET
H2 200 4427044 Show response
api-2-0.spot.im/v1.0.0/config/ab_test/sp_sXPv48AD/ 88 B
753 B 129ms
127ms Fetch
application/json 72.247.178.11
AKAMAI-ASN1

General

Check archive.org

Download Go to

Full URL: https://api-2-0.spot.im/v1.0.0/config/ab_test/sp_sXPv48AD/4427044
Requested by: Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_sXPv48AD
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.178.11 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a72-247-178-11.deploy.static.akamaitechnologies.com
Software: fasthttp /
Resource Hash: 5ed23f980d797bea902aa18ce23428b78abaed0a34a8b812399f18e8f37b2aa7

Request headers

Accept: application/json
Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
x-spotim-page-view-id: 3b9b316f-5e6b-4209-839f-60aba3af416f
Content-Type: application/json
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
x-spotim-device-uuid: 1a795440-2682-4280-9d43-af90eb395eb6

Response headers

date: Mon, 25 Jan 2021 12:04:05 GMT
server: fasthttp
access-control-max-age: 86400
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.denverpost.com
access-control-expose-headers: x-spotim-token, x-spotim-networkid, x-access-token, x-openweb-token, x-spotim-device-v2, x-spotim-device-uuid
access-control-allow-credentials: true
access-control-allow-headers: content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-openweb-token,x-spotim-page-view-id, x-spotim-device-v2, x-spotim-device-uuid, x-real-user-mode,x-auth-version,x-spotim-networkid
content-length: 88
x-request-id: 6c108bee-5f05-11eb-8467-9afa56d99bb5

GET
H2 200 conversation.svg
static-cdn.spot.im/production/launcher/tags/v2.46.7/launcher/ 2 KB
1004 B 57ms
9ms Image
image/svg+xml 2a02:26f0:6c00::210:ba20
AKAMAI-ASN1

General

Check archive.org

Download Go to Show image

Full URL: https://static-cdn.spot.im/production/launcher/tags/v2.46.7/launcher/conversation.svg
Requested by: Host: www.denverpost.com
URL: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e175230f4b01fe10db90b19b9893d3ee21f6cca46da1aca166983aff7ff6fc7d

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: gV.Y.Wtx5ZtXhTliH6EjCUILQ3JCHbzL
content-encoding: gzip
last-modified: Thu, 14 Jan 2021 08:50:11 GMT
server: AmazonS3
x-amz-cf-pop: EWR53-C2
etag: W/"199fb22f13e905d1f34cf988659ea4d0"
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31622400
date: Mon, 25 Jan 2021 12:04:05 GMT
content-length: 681
x-amz-cf-id: 3QyAxqSUrIt1zFDgUCsEHZVWOAH11pqANWpgsANwKLjfHX0a9Hw-bw==
expires: Wed, 26 Jan 2022 12:04:05 GMT

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
1011 B 15ms
8ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 11:09:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 3296
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
expires: Mon, 25 Jan 2021 12:09:09 GMT

GET
H/1.1 200
OK atrk.gif
certify.alexametrics.com/ 43 B
552 B 166ms
50ms Image
image/gif 13.224.102.21
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://certify.alexametrics.com/atrk.gif?frame_height=1200&frame_width=1600&iframe=0&title=Ramifications%20of%20unemployment%20insurance%20fraud%20run%20deep%20in%20Colorado&time=1611576245698&time_zone_offset=-60&screen_params=1600x1200x24&java_enabled=0&cookie_enabled=1&ref_url=&host_url=https%3A%2F%2Fwww.denverpost.com%2F2021%2F01%2F24%2Fcolorado-unemployment-insurance-fraud%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk&random_number=14654947879&sess_cookie=f9d33589177396dfdc018444746&sess_cookie_flag=1&user_cookie=f9d33589177396dfdc018444746&user_cookie_flag=1&dynamic=true&domain=denverpost.com&account=NJsqn1QolK10uW&jsv=20130128&user_lang=en-US
Requested by: Host: www.denverpost.com
URL: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.102.21 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-102-21.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 24 Jan 2021 14:51:43 GMT
Via: 1.1 376bac901e689131d2a41914df1245d9.cloudfront.net (CloudFront)
Last-Modified: Mon, 17 Jan 2011 20:41:40 GMT
Server: AmazonS3
Age: 76342
ETag: "221d8352905f2c38b3cb2bd191d630b0"
X-Cache: Hit from cloudfront
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
X-Amz-Cf-Pop: ZRH50-C1
x-amz-meta-alexa-last-modified: 20110117123941
Content-Length: 43
X-Amz-Cf-Id: BiKfjhiGTwn6ltf2j_3FchkwQsp7cxdazJkHfuexyIesgP0tJWM3UA==

GET
H2 200 getIds Show response
s1.listrakbi.com/tUxHTINGb1zW/session/ 175 B
1 KB 396ms
111ms Script
application/x-javascript 52.207.51.121
AMAZON-AES

General

Check archive.org

Download Go to

Full URL: https://s1.listrakbi.com/tUxHTINGb1zW/session/getIds?callback=ltkCallback4326&gsid=&_sid=&_tid=&ps=null&dps=true
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.207.51.121 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: 6fda9f9bd1fd7d841d00a5a81f0c3c1ead0a1aa207dcc4fc46fb7a0c990aeb7f

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Jan 2021 12:04:06 GMT
server: Microsoft-IIS/8.5
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
p3p: policyref="/w3c/p3p.xml", CP="CAO DSP COR CURa ADMa DEVa TAIa OUR BUS IND PHY ONL UNI COM NAV INT DEM CNT PRE LOC"
cache-control: no-cache
content-type: application/x-javascript; charset=utf-8
content-length: 175
expires: -1

GET
H2 200 tUxHTINGb1zW.js Show response
onescript-recscont.listrakbi.com/ 2 KB
2 KB 375ms
113ms Script
text/javascript 54.160.201.253
AMAZON-AES

General

Check archive.org

Download Go to

Full URL: https://onescript-recscont.listrakbi.com/tUxHTINGb1zW.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.160.201.253 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx/1.17.3 / ASP.NET
Resource Hash: 6a52dd58d7afae1b6bb657cbe920e39e8bad4b789b9f7a726bb499ffa34c966b

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 12:04:06 GMT
cache-control: max-age=300
server: nginx/1.17.3
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-length: 2040
content-type: text/javascript; charset=utf-8

GET
H/1.1 200
OK user_sync.html
ads.pubmatic.com/AdServer/js/ Frame FCA4 0
0 44ms
42ms Document
text/html 23.210.249.92
AKAMAI-AS

General

Check archive.org

Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.92 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-92.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:29 GMT
ETag: "1300708-1f78-5b232eb4914bb"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 2654
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=67219
Expires: Tue, 26 Jan 2021 06:44:24 GMT
Date: Mon, 25 Jan 2021 12:04:05 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1

200
OK

Cookie set usermatch
ssum.casalemedia.com/ Frame FF95
Redirect Chain

https://ssum.casalemedia.com/usermatch?s=190532&cb=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D301804%26extuid%3D
https://ssum.casalemedia.com/usermatch?s=190532&cb=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D301804%26extuid%3D&C=1

0
0

94ms
80ms

Document
text/html

23.210.249.164
AKAMAI-AS

General

Check archive.org

Download Go to

Full URL: https://ssum.casalemedia.com/usermatch?s=190532&cb=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D301804%26extuid%3D&C=1
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.164 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-164.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash

Request headers

Host: ssum.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: CMID=YA6zth9ecbKm9n04YCI.UwAA; CMPS=1132
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk

Response headers

Server: Apache
Content-Type: text/html
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1551
Expires: Mon, 25 Jan 2021 12:04:06 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 25 Jan 2021 12:04:06 GMT
Connection: keep-alive
Set-Cookie: CMID=YA6zth9ecbKm9n04YCI.UwAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 25 Jan 2022 12:04:06 GMT CMPS=1132;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 25 Apr 2021 12:04:06 GMT CMPRO=1176;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 25 Apr 2021 12:04:06 GMT CMRUM3=dd600eb3b627600&b0600eb3b605a00&82600eb3b6a8c0&bc600eb3b605a00&2d600eb3b605a0&f1600eb3b605a00&e6600eb3b627600&27600eb3b60b40;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 25 Jan 2022 12:04:06 GMT CMST=YA6ztmAOs7YA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 26 Jan 2021 12:04:06 GMT

Redirect headers

Server: Apache
Content-Length: 321
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum.casalemedia.com/usermatch?s=190532&cb=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D301804%26extuid%3D&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Mon, 25 Jan 2021 12:04:06 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 25 Jan 2021 12:04:06 GMT
Connection: keep-alive
Set-Cookie: CMID=YA6zth9ecbKm9n04YCI.UwAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 25 Jan 2022 12:04:06 GMT CMPS=1132;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 25 Apr 2021 12:04:06 GMT

GET
H/1.1

200
OK

usync.html
eus.rubiconproject.com/ Frame A948
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184&endpoint=us-east
https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east

0
0

156ms
51ms

Document
text/html

104.108.50.124
AKAMAI-AS

General

Check archive.org

Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.50.124 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-50-124.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Mon, 28 Sep 2020 17:02:39 GMT
ETag: "4000c-123-5b062a240e9c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 238
Content-Type: text/html; charset=UTF-8
Date: Mon, 25 Jan 2021 12:04:06 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
Date: Mon, 25 Jan 2021 12:04:06 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H/1.1

200
OK

Cookie set csync
sync.spotim.market/ Frame 01FE
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=117&redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D309017%26extuid%3D%7BuserId%7D
https://sync.spotim.market/csync?t=a&ep=309017&extuid=no-consent

0
0

1164ms
439ms

Document
image/gif

62.149.0.72
COLOCALL Internet...

General

Check archive.org

Download Go to

Full URL: https://sync.spotim.market/csync?t=a&ep=309017&extuid=no-consent
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash

Request headers

Host: sync.spotim.market
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk

Response headers

Server: VertaMedia 1.0
Date: Mon, 25 Jan 2021 12:04:06 GMT
Content-Type: image/gif
Content-Length: 86
Cache-Control: no-cache, no-store, must-revalidate
Set-Cookie: vmuid=f733ec11e7298161; expires=Sun, 28 Mar 2021 12:04:06 GMT; domain=.spotim.market; path=/; secure; SameSite=None a309017=no-consent; expires=Sun, 28 Mar 2021 12:04:06 GMT; domain=.spotim.market; path=/; secure; SameSite=None

Redirect headers

cache-control: max-age=0,no-cache,no-store
pragma: no-cache
expires: Tue, 11 Oct 1977 12:34:56 GMT
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://sync.spotim.market/csync?t=a&ep=309017&extuid=no-consent
content-length: 0
date: Mon, 25 Jan 2021 12:04:05 GMT
server: AC1.1

GET
H2 200 ad-choises.png
publisher-assets.spot.im/yad/ 4 KB
4 KB 191ms
42ms Image
image/png 72.247.178.42
AKAMAI-ASN1

General

Check archive.org

Download Go to Show image

Full URL: https://publisher-assets.spot.im/yad/ad-choises.png
Requested by: Host: www.denverpost.com
URL: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.178.42 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f27b4cdbd821100765224a52c7c8d544fa9fdd6d0aba21015eb66c11735e0989

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 12:04:06 GMT
content-encoding: gzip
last-modified: Mon, 02 Jul 2018 15:08:43 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
etag: "643378ef8a85df26380de21f9beb58ba"
vary: Accept-Encoding
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=31622400
accept-ranges: bytes
content-length: 4191
x-amz-cf-id: 7BrNjGjobt58rKc7O4jft8XRBZLplsx93kmbZLzKZ1AfYLRF8C2BDQ==
expires: Wed, 26 Jan 2022 12:04:06 GMT

GET
H2 200 vendors~main-chunk.js Show response
static-cdn.spot.im/production/ads/tags/v15.13.0/ads/ 55 KB
15 KB 12ms
12ms Script
application/javascript 2a02:26f0:6c00::210:ba20
AKAMAI-ASN1

General

Check archive.org

Download Go to

Full URL: https://static-cdn.spot.im/production/ads/tags/v15.13.0/ads/vendors~main-chunk.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: fasthttp /
Resource Hash: b1b87559ce34030ea79b41e9b7e03c709aa204d626d2a84af70e166e0c85ae32

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 12:04:05 GMT
content-encoding: br
server: fasthttp
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31622400
content-length: 15314
expires: Wed, 26 Jan 2022 12:04:05 GMT

GET
H2 200 main-chunk.js Show response
static-cdn.spot.im/production/ads/tags/v15.13.0/ads/ 26 KB
7 KB 12ms
8ms Script
application/javascript 2a02:26f0:6c00::210:ba20
AKAMAI-ASN1

General

Check archive.org

Download Go to

Full URL: https://static-cdn.spot.im/production/ads/tags/v15.13.0/ads/main-chunk.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba20 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: fasthttp /
Resource Hash: f4273d1ea3b52e8569b674627874e66e4807ae16e7eb16ac770863a68d23753f

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 12:04:05 GMT
content-encoding: br
server: fasthttp
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31622400
content-length: 7380
expires: Wed, 26 Jan 2022 12:04:05 GMT

GET
H/1.1

200
OK

csync
sync.spotim.market/
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D271858%26extuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.spotim.market%252Fcsync%253Ft%253Da%2526ep%253D271858%2526extuid%253D%2524UID
https://sync.spotim.market/csync?t=a&ep=271858&extuid=8096477413580383358

86 B
526 B

495ms
427ms

Image
image/gif

62.149.0.72
COLOCALL Internet...

General

Check archive.org

Download Go to Show image

Full URL: https://sync.spotim.market/csync?t=a&ep=271858&extuid=8096477413580383358
Requested by: Host: www.denverpost.com
URL: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: 1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 25 Jan 2021 12:04:08 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: VertaMedia 1.0
Content-Length: 86
Content-Type: image/gif

Redirect headers

Pragma: no-cache
Date: Mon, 25 Jan 2021 12:04:08 GMT
X-Proxy-Origin: 82.102.19.136; 82.102.19.136; 732.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.72:80
AN-X-Request-Uuid: 98249c44-5975-4532-8595-37fc2272e0ce
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.spotim.market/csync?t=a&ep=271858&extuid=8096477413580383358
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

204

partner
sync.search.spotxchange.com/
Redirect Chain

https://sync.search.spotxchange.com/partner?source=211945
https://sync.search.spotxchange.com/partner?source=211945&__user_check__=1&sync_id=6c407d96-5f05-11eb-b8aa-16821cb21d06

0
588 B

106ms
42ms

Image
text/plain

185.94.180.126
SPOTX-AMS

General

Check archive.org

Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?source=211945&__user_check__=1&sync_id=6c407d96-5f05-11eb-b8aa-16821cb21d06
Requested by: Host: www.denverpost.com
URL: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.94.180.126 , Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-spotx-halt-type: Audience Dsp sync Priority Sync endpoint Source ID is not on enabled source whitelist
Date: Mon, 25 Jan 2021 12:04:07 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 70
Connection: keep-alive
Content-Length: 0

Redirect headers

Date: Mon, 25 Jan 2021 12:04:06 GMT
Server: nginx
Location: /partner?source=211945&__user_check__=1&sync_id=6c407d96-5f05-11eb-b8aa-16821cb21d06
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 60
Connection: keep-alive
Content-Length: 0

GET
H2

204

sync
pixel.advertising.com/ups/58196/
Redirect Chain

https://pixel.advertising.com/ups/58196/sync?&gdpr=&gdpr_consent=&redir=true
https://pixel.advertising.com/ups/58196/sync?&gdpr=&gdpr_consent=&redir=true&verify=true

0
124 B

94ms
81ms

Image
text/plain

52.28.239.147
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL

https://pixel.advertising.com/ups/58196/sync?&gdpr=&gdpr_consent=&redir=true&verify=true

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.28.239.147 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-28-239-147.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 12:04:07 GMT
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://pixel.advertising.com/ups/58196/sync?&gdpr=&gdpr_consent=&redir=true&verify=true
date: Mon, 25 Jan 2021 12:04:06 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200

partner
sync.search.spotxchange.com/
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=8721&redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%2F%3Ft%3Da%26ep%3D301276%26extuid%3D%24SPOTX_USER_ID%20
https://sync.search.spotxchange.com/partner?adv_id=8721&redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%2F%3Ft%3Da%26ep%3D301276%26extuid%3D%24SPOTX_USER_ID%20&__user_check__=1&sync_id=6c4e1f32-5f05...

43 B
608 B

96ms
81ms

Image
image/gif

185.94.180.126
SPOTX-AMS

General

Check archive.org

Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=8721&redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%2F%3Ft%3Da%26ep%3D301276%26extuid%3D%24SPOTX_USER_ID%20&__user_check__=1&sync_id=6c4e1f32-5f05-11eb-9907-14684a3a4706
Requested by: Host: www.denverpost.com
URL: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.94.180.126 , Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-spotx-halt-type: Audience DSP sync endpoint was unable to cookie the audience.
Date: Mon, 25 Jan 2021 12:04:07 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 127
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Mon, 25 Jan 2021 12:04:06 GMT
Server: nginx
Location: /partner?adv_id=8721&redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%2F%3Ft%3Da%26ep%3D301276%26extuid%3D%24SPOTX_USER_ID%20&__user_check__=1&sync_id=6c4e1f32-5f05-11eb-9907-14684a3a4706
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 117
Connection: keep-alive
Content-Length: 0

GET
H2 451 710530.gif
di.rlcdn.com/ 0
42 B 143ms
53ms Image
text/plain 34.120.207.148
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL: https://di.rlcdn.com/710530.gif
Requested by: Host: www.denverpost.com
URL: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.207.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 148.207.120.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 12:04:06 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

GET
H/1.1 200
OK user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 7EE4 0
0 162ms
83ms Document
text/html 23.210.249.92
AKAMAI-AS

General

Check archive.org

Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156758&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.92 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-92.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:29 GMT
ETag: "1300708-1f78-5b232eb4914bb"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 2654
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=67218
Expires: Tue, 26 Jan 2021 06:44:24 GMT
Date: Mon, 25 Jan 2021 12:04:06 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1

200
OK

Cookie set usermatch
ssum.casalemedia.com/ Frame 75B6
Redirect Chain

https://ssum.casalemedia.com/usermatch?s=190532&cb=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D301804%26extuid%3D
https://ssum.casalemedia.com/usermatch?s=190532&cb=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D301804%26extuid%3D&C=1

0
0

67ms
65ms

Document
text/html

23.210.249.164
AKAMAI-AS

General

Check archive.org

Download Go to

Full URL: https://ssum.casalemedia.com/usermatch?s=190532&cb=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D301804%26extuid%3D&C=1
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.164 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-164.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash

Request headers

Host: ssum.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: CMPS=1132; CMID=YA6zth9ecbKm9n04YCI.UwAA; CMPRO=1176; CMRUM3=dd600eb3b627600&b0600eb3b605a00&82600eb3b6a8c0&bc600eb3b605a00&2d600eb3b605a0&f1600eb3b605a00&e6600eb3b627600&27600eb3b60b40; CMST=YA6ztmAOs7YA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk

Response headers

Server: Apache
Content-Type: text/html
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1576
Expires: Mon, 25 Jan 2021 12:04:06 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 25 Jan 2021 12:04:06 GMT
Connection: keep-alive
Set-Cookie: CMID=YA6zth9ecbKm9n04YCI.UwAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 25 Jan 2022 12:04:06 GMT CMPS=1132;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 25 Apr 2021 12:04:06 GMT CMPRO=1176;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 25 Apr 2021 12:04:06 GMT CMRUM3=27600eb3b60b40&41600eb3b605a0&6f600eb3b605a0&2d600eb3b605a0&03600eb3b605a0&bc600eb3b605a00&dd600eb3b627600&49600eb3b605a00&08600eb3b605a00&58600eb3b605a0&f1600eb3b605a00&e6600eb3b627600&ce600eb3b605a00&2e600eb3b605a0&82600eb3b6a8c0&b0600eb3b605a00;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 25 Jan 2022 12:04:06 GMT

Redirect headers

Server: Apache
Content-Length: 321
Content-Type: text/html; charset=iso-8859-1
Location: https://ssum.casalemedia.com/usermatch?s=190532&cb=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D301804%26extuid%3D&C=1
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Expires: Mon, 25 Jan 2021 12:04:06 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 25 Jan 2021 12:04:06 GMT
Connection: keep-alive
Set-Cookie: CMID=YA6ztsa-rIyQn7N1Fw8tNAAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Tue, 25 Jan 2022 12:04:06 GMT CMPS=1132;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sun, 25 Apr 2021 12:04:06 GMT

GET
H/1.1

200
OK

usync.html
eus.rubiconproject.com/ Frame 3E36
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17184&endpoint=us-east
https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east

0
0

78ms
48ms

Document
text/html

104.108.50.124
AKAMAI-AS

General

Check archive.org

Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.50.124 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-50-124.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Mon, 28 Sep 2020 17:02:39 GMT
ETag: "4000c-123-5b062a240e9c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 238
Content-Type: text/html; charset=UTF-8
Date: Mon, 25 Jan 2021 12:04:06 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=17184&endpoint=us-east
Date: Mon, 25 Jan 2021 12:04:06 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H/1.1

200
OK

Cookie set csync
sync.spotim.market/ Frame 5C2B
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=117&redir=https%3A%2F%2Fsync.spotim.market%2Fcsync%3Ft%3Da%26ep%3D309017%26extuid%3D%7BuserId%7D
https://sync.spotim.market/csync?t=a&ep=309017&extuid=no-consent

0
0

1147ms
194ms

Document
image/gif

62.149.0.72
COLOCALL Internet...

General

Check archive.org

Download Go to

Full URL: https://sync.spotim.market/csync?t=a&ep=309017&extuid=no-consent
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash

Request headers

Host: sync.spotim.market
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk

Response headers

Server: VertaMedia 1.0
Date: Mon, 25 Jan 2021 12:04:06 GMT
Content-Type: image/gif
Content-Length: 86
Cache-Control: no-cache, no-store, must-revalidate
Set-Cookie: vmuid=f733ec11e7298161; expires=Sun, 28 Mar 2021 12:04:07 GMT; domain=.spotim.market; path=/; secure; SameSite=None a309017=no-consent; expires=Sun, 28 Mar 2021 12:04:07 GMT; domain=.spotim.market; path=/; secure; SameSite=None

Redirect headers

cache-control: max-age=0,no-cache,no-store
pragma: no-cache
expires: Tue, 11 Oct 1977 12:34:56 GMT
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://sync.spotim.market/csync?t=a&ep=309017&extuid=no-consent
content-length: 0
date: Mon, 25 Jan 2021 12:04:06 GMT
server: AC1.1

GET
H2 200 331892897543876 Show response
connect.facebook.net/signals/config/ 233 KB
67 KB 31ms
27ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Download Go to

Full URL

https://connect.facebook.net/signals/config/331892897543876?v=2.9.33&r=stable

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c3cf6b27b670f815b99dd0213928c7cb69f4af0a50e237e24e1c2b0b7b0d88f6

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 68601
x-fb-rlafr: 0
pragma: public
x-fb-debug: G3XiBO7e92Y0s9njMRgibfGFjefEAHkiCFAmXXHEtJkizXcwknKVsrh3XjE7qNXUrv0BNBmDVUrT7kt3JDZeKg==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Mon, 25 Jan 2021 12:04:06 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-content-id: 2025786094
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 / Show response
geo.rlcdn.com/ 123 B
350 B 200ms
172ms Fetch
application/json 2a00:1450:4001:819::2013
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://geo.rlcdn.com/
Requested by: Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:819::2013 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash: 5d2224ca29d8b6f9b56bff863843287704ffbbc80c9db432229b19e8c803054c

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 12:04:06 GMT
content-encoding: gzip
etag: W/"7b-Of9lGuGNqyN/OETvdyNe5EiL6jk"
server: Google Frontend
x-powered-by: Express
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-cloud-trace-context: 7c28082e742bfb8a032c60b500a0778f
cache-control: private
content-length: 134

GET
H2 200 anchor
www.google.com/recaptcha/api2/ Frame 13D0 0
0 43ms
41ms Document
text/html 2a00:1450:4001:820::2004
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LdkxKQUAAAAACsHxmeRK-KlXl7MnOblfo6SbZ80&co=aHR0cHM6Ly93d3cuZGVudmVycG9zdC5jb206NDQz&hl=en&type=image&v=_KUxfxvAoJ4k7SaKyLbja4Mi&theme=light&size=normal&cb=su2nudakm7a

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-jxZCr49x6cl9+ZuqSrXxOA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6LdkxKQUAAAAACsHxmeRK-KlXl7MnOblfo6SbZ80&co=aHR0cHM6Ly93d3cuZGVudmVycG9zdC5jb206NDQz&hl=en&type=image&v=_KUxfxvAoJ4k7SaKyLbja4Mi&theme=light&size=normal&cb=su2nudakm7a
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 25 Jan 2021 12:04:06 GMT
content-security-policy: script-src 'report-sample' 'nonce-jxZCr49x6cl9+ZuqSrXxOA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 11408
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 view
pagead2.googlesyndication.com/pcs/ Frame EE0F 0
0 195ms
182ms Fetch
image/gif 172.217.22.98
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjss_7iob0l7JQepert1vQPC1ffytgYvdnFBI9HjKHrRm3K9btGACjkZnIzZtQe54Jx4xoxPdZZNcKJ_fmNraN8u8pD9lktAyT0iNuenxsmqRKaDjdCTO-8kOb4Nzuoktf2ccr17p64iVOi53KbC0WVLKdHzcTSF0qrU8795jVRY8zgx6G5vp46mhuwvanyzu3s40oa0U7sK08Hl4lYnxPe2g2HJbpBnpgY2R-k_kg2wFZRNpehCRp2l-AiDU09gpExaCe7vuWqqHN_TbR7-m1cbozklM3o_AE4qf60Hrj7jIs9oEV3waObx6onM&sig=Cg0ArKJSzMiZwoaPuJG4EAE&adurl=

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.22.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s18-in-f98.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 25 Jan 2021 12:04:06 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 abg_lite_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210120/r20110914/ Frame EE0F 18 KB
7 KB 183ms
170ms Script
text/javascript 172.217.22.98
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210120/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021012001.js?21069868

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.22.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s18-in-f98.1e100.net

Software

cafe /

Resource Hash

369a0a9bee9bcd21bd53660799900a66ebbd0a279919b0e2028440d4be7ee64f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 10:34:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5388
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 7335
x-xss-protection: 0
server: cafe
etag: 3078594226291102177
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Feb 2021 10:34:18 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210120/r20110914/client/ Frame EE0F 3 KB
2 KB 193ms
166ms Script
text/javascript 172.217.22.98
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210120/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021012001.js?21069868

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.22.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s18-in-f98.1e100.net

Software

cafe /

Resource Hash

76dabcd9465d05cf69f06551b55987cf87b3e0aaa6de109158207c4be55143c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 24 Jan 2021 15:55:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 72529
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1533
x-xss-protection: 0
server: cafe
etag: 15947938921440589920
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 Feb 2021 15:55:17 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EE0F 107 KB
33 KB 56ms
32ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021012001.js?21069868

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2db0db0492984419389e4bfeca236bbbe527cd3ffcd626fab71d156a3b8a3bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 12:04:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611319194490518"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 33685
x-xss-protection: 0
expires: Mon, 25 Jan 2021 12:04:06 GMT

GET
H3-Q050 200 10909995965095651102
tpc.googlesyndication.com/simgad/ Frame EE0F 87 KB
87 KB 34ms
8ms Image
image/png 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/10909995965095651102

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021012001.js?21069868

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

77eed0056cd7e2c43bfc9c23198628c4a0a396807feb3e97e6b8958d4e25aec1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 24 Jan 2021 23:08:17 GMT
x-content-type-options: nosniff
age: 46549
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 89256
x-xss-protection: 0
last-modified: Thu, 04 Jun 2020 13:22:37 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 24 Jan 2022 23:08:17 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
28 KB 74ms
72ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b1187995a6a31ed3a06d13bae8d36edcc63782f5764897a5a62703d2d6cb840c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 12:04:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611319200633513"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28803
x-xss-protection: 0
expires: Mon, 25 Jan 2021 12:04:06 GMT

GET
H2 200 t8y9347t.min.css
cdn.ayc0zsm69431gfebd.xyz/prod/dfm/ 286 KB
27 KB 72ms
15ms Stylesheet
text/css 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Download Go to

Full URL: https://cdn.ayc0zsm69431gfebd.xyz/prod/dfm/t8y9347t.min.css?v=20201027.3
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F69) /
Resource Hash: d55ea5e4e837c0fc271ecc5fa3500b8d6c283bef9fcea0e1c9f58e5249568fc3

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 25 Jan 2021 12:04:07 GMT
content-encoding: gzip
content-md5: pOauzKqPs9xPi3YtznkwhQ==
age: 41940
x-cache: HIT
content-length: 27264
x-ms-lease-status: unlocked
last-modified: Wed, 18 Nov 2020 10:43:07 GMT
server: ECAcc (frc/8F69)
etag: 0x8D88BAEBC77D14E
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 9325a587-f01e-005a-57b0-f220fe000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=43200
x-ms-version: 2009-09-19

POST
H2 200 LB-Zone-2 Show response
medianewsgroup.blueconic.net/DG/DEFAULT/rest/rpc/json/ 119 B
534 B 114ms
112ms XHR
application/json 34.225.175.99
AMAZON-AES

General

Check archive.org

Download Go to

Full URL

Requested by

Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/medianewsgroup.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.225.175.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

- /

Resource Hash

285c8bfcdd64cef21a9fec68980705eb4bd8116beeb8764deafbeaf5cecbe384

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 25 Jan 2021 12:04:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
x-robots-tag: noindex, nofollow
p3p: policyref="", CP="DSP"
access-control-allow-origin: https://www.denverpost.com
x-permitted-cross-domain-policies: master-only
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 127
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-Q050 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 12ms
12ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 2676
date: Mon, 25 Jan 2021 11:19:31 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Mon, 25 Jan 2021 13:19:31 GMT

GET
H/1.1 200
OK esf.js Show response
d2lv4zbk7v5f93.cloudfront.net/ 223 KB
42 KB 271ms
88ms Script
application/javascript 13.225.84.48
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://d2lv4zbk7v5f93.cloudfront.net/esf.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.84.48 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 323075a1922843a6c7f5371bc7fa55500b77944f1268d83461964e3906942141

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 24 Jan 2021 23:36:28 GMT
Content-Encoding: gzip
Last-Modified: Tue, 06 Feb 2018 14:39:56 GMT
Server: AmazonS3
Age: 44860
ETag: "e817b0f323fb2559fcb2e5701865527a"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 f8fe53d5464b299529d281799da8de30.cloudfront.net (CloudFront)
Connection: keep-alive
X-Amz-Cf-Pop: FRA2-C2
Accept-Ranges: bytes
Content-Length: 42771
X-Amz-Cf-Id: qQRPG4XWQQUqBTGlSaYDqEjhrmdSQrDFl0R36lXNQ1vBR3Ectc5dyg==

POST
H2 200 LB-Zone-2 Show response
medianewsgroup.blueconic.net/DG/DEFAULT/rest/rpc/json/ 4 KB
3 KB 126ms
120ms XHR
application/json 34.225.175.99
AMAZON-AES

General

Check archive.org

Download Go to

Full URL

Requested by

Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/medianewsgroup.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.225.175.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

- /

Resource Hash

abd7f3961a0bbdfd9823fa142302d437c7181f22b58864f98b01d932f5f8684b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 25 Jan 2021 12:04:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
x-robots-tag: noindex, nofollow
p3p: policyref="", CP="DSP"
access-control-allow-origin: https://www.denverpost.com
x-permitted-cross-domain-policies: master-only
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 2000
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 hb_270443_140.js Show response
player.spotim.market/prebidlink/447660/ Frame 001A 306 KB
97 KB 288ms
154ms Script
application/javascript 213.174.135.2
ADVANCEDHOSTERS-AS

General

Check archive.org

Download Go to

Full URL: https://player.spotim.market/prebidlink/447660/hb_270443_140.js
Requested by: Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VW01XH7WBQ9cW5WHp4_89tSl8VcSh174mdXw-N2XT74t2-Hw7V1-WJV7CgLCjN2Ms-CnZQXNlW2slSdz51VgD_W8Jc4Ff6bQkfsW35hnmj3T_fq5V20KSQ81CX7FN6fls5N8CGXlW1Hghcm2TgqxTW8VcP022rm4m1W7R6rWN91lylNVlQhX85kDTbCVdDYzs61hpj3W2HvRTT8NLGC3Vch7_K7W7PNCW1nnGLH3tXfP-W8rYwwf43Rzy4W3x52b-7rprh6W2d839F1d9Tz8W3BVLq05H9RWKW7GyS5d7wm_mMW3ryMff5DPGS5W5QGzTT7gGkK4N7-Z3-ygRXn6W7r7bpv5BLQLnW3LgvwV4nx9Lz346T1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.174.135.2 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: b7ad0804b9b70dc7ce4fe127a9eacad4a75d7918759ce8d47a88bf574b0a2ed5

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 12:04:08 GMT
content-encoding: gzip
last-modified: Tue, 12 Jan 2021 15:27:32 GMT
server: nginx
etag: W/"5ffdbfe4-4c9b0"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Mon, 25 Jan 2021 13:04:08 GMT
cache-control: max-age=3600
x-proxy-cache: MISS

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 001A 55 KB
19 KB 82ms
75ms Script
text/javascript 172.217.22.98
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s18-in-f98.1e100.net

Software

sffe /

Resource Hash

10d066d09cf27504d732f13d784528bddcc63629bb8c2b6c23ed3fae1c090310

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 12:04:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "764 / 816 of 1000 / last-modified: 1611571202"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18907
x-xss-protection: 0
expires: Mon, 25 Jan 2021 12:04:08 GMT

GET
H2 200 wrapper_hb_270443_140.js Show response
player.spotim.market/prebidlink/447660/ Frame 001A 167 KB
28 KB 346ms
238ms Script
application/javascript 213.174.135.2
ADVANCEDHOSTERS-AS

General

Check archive.org

Download Go to

Full URL: https://player.spotim.market/prebidlink/447660/wrapper_hb_270443_140.js
Requested by: Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VW01XH7WBQ9cW5WHp4_89tSl8VcSh174mdXw-N2XT74t2-Hw7V1-WJV7CgLCjN2Ms-CnZQXNlW2slSdz51VgD_W8Jc4Ff6bQkfsW35hnmj3T_fq5V20KSQ81CX7FN6fls5N8CGXlW1Hghcm2TgqxTW8VcP022rm4m1W7R6rWN91lylNVlQhX85kDTbCVdDYzs61hpj3W2HvRTT8NLGC3Vch7_K7W7PNCW1nnGLH3tXfP-W8rYwwf43Rzy4W3x52b-7rprh6W2d839F1d9Tz8W3BVLq05H9RWKW7GyS5d7wm_mMW3ryMff5DPGS5W5QGzTT7gGkK4N7-Z3-ygRXn6W7r7bpv5BLQLnW3LgvwV4nx9Lz346T1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.174.135.2 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1dce75d4e25bcc1fcc55050c2aabfe460464f05e90f67f1cefe3fb54fb012309

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 12:04:08 GMT
content-encoding: gzip
last-modified: Mon, 25 Jan 2021 10:02:26 GMT
server: nginx
etag: W/"600e9732-29d1b"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Mon, 25 Jan 2021 13:04:08 GMT
cache-control: max-age=3600
x-proxy-cache: MISS

POST
H2 200 LB-Zone-2 Show response
medianewsgroup.blueconic.net/DG/DEFAULT/rest/rpc/json/ 4 KB
2 KB 121ms
121ms XHR
application/json 34.225.175.99
AMAZON-AES

General

Check archive.org

Download Go to

Full URL

Requested by

Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/medianewsgroup.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.225.175.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

- /

Resource Hash

68db56694a535862ad3cf1a48b77e46792eebc2a8fb5de03536af5225c3872c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 25 Jan 2021 12:04:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
x-robots-tag: noindex, nofollow
p3p: policyref="", CP="DSP"
access-control-allow-origin: https://www.denverpost.com
x-permitted-cross-domain-policies: master-only
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 1999
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 hb_270443_140.js Show response
player.spotim.market/prebidlink/447660/ Frame 0688 306 KB
97 KB 619ms
556ms Script
application/javascript 213.174.135.2
ADVANCEDHOSTERS-AS

General

Check archive.org

Download Go to

Full URL: https://player.spotim.market/prebidlink/447660/hb_270443_140.js
Requested by: Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VW01XH7WBQ9cW5WHp4_89tSl8VcSh174mdXw-N2XT74t2-Hw7V1-WJV7CgLCjN2Ms-CnZQXNlW2slSdz51VgD_W8Jc4Ff6bQkfsW35hnmj3T_fq5V20KSQ81CX7FN6fls5N8CGXlW1Hghcm2TgqxTW8VcP022rm4m1W7R6rWN91lylNVlQhX85kDTbCVdDYzs61hpj3W2HvRTT8NLGC3Vch7_K7W7PNCW1nnGLH3tXfP-W8rYwwf43Rzy4W3x52b-7rprh6W2d839F1d9Tz8W3BVLq05H9RWKW7GyS5d7wm_mMW3ryMff5DPGS5W5QGzTT7gGkK4N7-Z3-ygRXn6W7r7bpv5BLQLnW3LgvwV4nx9Lz346T1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.174.135.2 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: b7ad0804b9b70dc7ce4fe127a9eacad4a75d7918759ce8d47a88bf574b0a2ed5

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 12:04:08 GMT
content-encoding: gzip
last-modified: Tue, 12 Jan 2021 15:27:32 GMT
server: nginx
etag: W/"5ffdbfe4-4c9b0"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Mon, 25 Jan 2021 13:04:08 GMT
cache-control: max-age=3600
x-proxy-cache: HIT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 0688 55 KB
19 KB 161ms
160ms Script
text/javascript 172.217.22.98
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s18-in-f98.1e100.net

Software

sffe /

Resource Hash

0895b9bcff73ef694de9672ecceaad056b04b4d6381428d1a7ca79c08f5b56ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 12:04:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "764 / 266 of 1000 / last-modified: 1611571202"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18841
x-xss-protection: 0
expires: Mon, 25 Jan 2021 12:04:08 GMT

GET
H2 200 wrapper_hb_270443_140.js Show response
player.spotim.market/prebidlink/447660/ Frame 0688 167 KB
28 KB 638ms
575ms Script
application/javascript 213.174.135.2
ADVANCEDHOSTERS-AS

General

Check archive.org

Download Go to

Full URL: https://player.spotim.market/prebidlink/447660/wrapper_hb_270443_140.js
Requested by: Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VW01XH7WBQ9cW5WHp4_89tSl8VcSh174mdXw-N2XT74t2-Hw7V1-WJV7CgLCjN2Ms-CnZQXNlW2slSdz51VgD_W8Jc4Ff6bQkfsW35hnmj3T_fq5V20KSQ81CX7FN6fls5N8CGXlW1Hghcm2TgqxTW8VcP022rm4m1W7R6rWN91lylNVlQhX85kDTbCVdDYzs61hpj3W2HvRTT8NLGC3Vch7_K7W7PNCW1nnGLH3tXfP-W8rYwwf43Rzy4W3x52b-7rprh6W2d839F1d9Tz8W3BVLq05H9RWKW7GyS5d7wm_mMW3ryMff5DPGS5W5QGzTT7gGkK4N7-Z3-ygRXn6W7r7bpv5BLQLnW3LgvwV4nx9Lz346T1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.174.135.2 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1dce75d4e25bcc1fcc55050c2aabfe460464f05e90f67f1cefe3fb54fb012309

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 12:04:08 GMT
content-encoding: gzip
last-modified: Mon, 25 Jan 2021 10:02:26 GMT
server: nginx
etag: W/"600e9732-29d1b"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Mon, 25 Jan 2021 13:04:08 GMT
cache-control: max-age=3600
x-proxy-cache: HIT

GET
H2 200 view
pagead2.googlesyndication.com/pcs/ Frame F5B4 0
0 70ms
54ms Fetch
image/gif 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjssBwrs6K9w_3jfUFTNfcRa8o8MYQhze26WJhHzzm3lWbi6AWPF6fhsK4Ke6Z5ErccSmnKrsSSysp3ycLK3Bd_OGasckuDlAMN2sKXtkbFj_Dzh5iV6hT5NMqx-8nswltDuMAYZyOadCKugY81Iu6H_IqHxLMtoAec3gw03CxVupuTdHjuhJg39s_2XDf8eAYknh4zJgnceQy3yVONHP5jjcYwajJwTp4IadD4GfKV_-PYYzZ3xs8r3CnzThDuQwATbHtnLxUvyJr2ONXb5mBnBKuQy1JSD4Kg4mpF4Q3KUstX1ox_DNoyPdbpQ&sig=Cg0ArKJSzEFaD4Ehsz2xEAE&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 25 Jan 2021 12:04:08 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210120/r20110914/ Frame F5B4 18 KB
7 KB 19ms
7ms Script
text/javascript 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210120/r20110914/abg_lite_fy2019.js

Requested by

Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/9d67f9eb2b6f2363971f073a76a50f6b264d1941d6a40bae000c2ca9b8f920a4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

369a0a9bee9bcd21bd53660799900a66ebbd0a279919b0e2028440d4be7ee64f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 11:54:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 550
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 7335
x-xss-protection: 0
server: cafe
etag: 3078594226291102177
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Feb 2021 11:54:58 GMT

GET
H2 200 window_focus_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210120/r20110914/client/ Frame F5B4 3 KB
2 KB 22ms
9ms Script
text/javascript 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210120/r20110914/client/window_focus_fy2019.js

Requested by

Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/9d67f9eb2b6f2363971f073a76a50f6b264d1941d6a40bae000c2ca9b8f920a4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

76dabcd9465d05cf69f06551b55987cf87b3e0aaa6de109158207c4be55143c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 24 Jan 2021 21:55:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 50918
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1533
x-xss-protection: 0
server: cafe
etag: 15947938921440589920
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 Feb 2021 21:55:30 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F5B4 107 KB
33 KB 46ms
44ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/9d67f9eb2b6f2363971f073a76a50f6b264d1941d6a40bae000c2ca9b8f920a4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2db0db0492984419389e4bfeca236bbbe527cd3ffcd626fab71d156a3b8a3bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 12:04:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611319194490518"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 33685
x-xss-protection: 0
expires: Mon, 25 Jan 2021 12:04:08 GMT

GET
H2 200 18310848917609845678
tpc.googlesyndication.com/simgad/ Frame F5B4 68 KB
68 KB 11ms
9ms Image
image/png 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/18310848917609845678

Requested by

Host: scripts.webcontentassessor.com
URL: https://scripts.webcontentassessor.com/scripts/9d67f9eb2b6f2363971f073a76a50f6b264d1941d6a40bae000c2ca9b8f920a4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

814aeb7e502572c5bd7a51b23b2e6a71c86cffb040621c4fa7dfe11f4a9d4499

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 23 Jan 2021 19:26:03 GMT
x-content-type-options: nosniff
age: 146285
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69583
x-xss-protection: 0
last-modified: Thu, 04 Jun 2020 13:23:18 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 23 Jan 2022 19:26:03 GMT

GET
H2 200 serverComponent.php Show response
nexus.ensighten.com/choozle/2867/ 500 B
642 B 130ms
130ms Script
text/javascript 3.17.209.243
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://nexus.ensighten.com/choozle/2867/serverComponent.php?r=4002257.2294123424&ClientID=923&PageID=https%3A%2F%2Fwww.denverpost.com%2F2021%2F01%2F24%2Fcolorado-unemployment-insurance-fraud%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.17.209.243 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 60e23c4314a7ee70ef63dea783dbd82bdec94cb16e7b2f9f16cd87d69eddb1c4

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 12:04:08 GMT
cache-control: no-cache, no-store
server: nginx
content-type: text/javascript
content-length: 500
expires: Mon, 25 Jan 2021 12:04:07 GMT

GET
H/1.1 200
OK config.json Show response
c.go-mpulse.net/api/ 4 KB
1 KB 211ms
193ms XHR
application/json 2a02:26f0:6c00:19a::11a6
AKAMAI-ASN1

General

Check archive.org

Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=TWTC4-NWJAU-FVVAU-VQNPU-LATGK&d=www.denverpost.com&t=5371921&v=1.720.0&sl=0&si=8c963fdf-0abe-45f4-a6de-cd765a3082c1-qnho6n&plugins=ConfigOverride,Continuity,PageParams,IFrameDelay,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,CrossDomain,BW,PaintTiming,NavigationTiming,ResourceTiming,Memory,CACHE_RELOAD,Errors,TPAnalytics,UserTiming,Akamai,Early,EventTiming,LOGN&acao=
Requested by: Host: s.go-mpulse.net
URL: https://s.go-mpulse.net/boomerang/TWTC4-NWJAU-FVVAU-VQNPU-LATGK
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:19a::11a6 , Ascension Island, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 9529e4846128a014cca063f29a81415d01e1c326cfb81969f0d517db5b7e320f

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 25 Jan 2021 12:04:08 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 921

GET
H/1.1 200
OK i
www.i.matheranalytics.com/ 43 B
245 B 3399ms
134ms Image
image/gif 54.198.41.31
AMAZON-AES

General

Check archive.org

Download Go to Show image

Full URL: https://www.i.matheranalytics.com/i?e=ue&ue_na=Ad%20Impression&ue_px=eyJlYWlkIjoiNDc4ODkyNDg2NSIsImVidXkiOiIyMzg1MDczNDI2IiwiZWFkdiI6IjQ2MTg4NDU3NzIiLCJlY2lkIjoiMTM4MzEzMzM0OTQ1IiwiZWVudiI6ImoiLCJlcGlkIjoiNTM0NjEwOTQiLCJlc2lkIjoiNTM0NjA4NTQifQ&tv=js-3.0.112&tna=Mather&aid=v1&p=web&tz=Europe%2FBerlin&tzoff=-60&lang=en-US&cs=UTF-8&navt=link&res=1600x1200&cd=24&cookie=1&f_jquery=1&tvltm=14&tvcfg=wp&tid=898daf99-5da2-4d1e-99c8-a52e5b8e00a3&pid=add01440-71e6-43d5-8107-29f4f47668bd&dtm=1611576248786&qnm=_matherq&visible=1&tabid=f215b869-0607-4f02-a786-9b1c0bbbd1cf&url=https%3A%2F%2Fwww.denverpost.com%2F2021%2F01%2F24%2Fcolorado-unemployment-insurance-fraud%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk&vp=1600x1200&ds=1600x11730&tofa=1611576249&vid=1&lvidt=1611576249&duid=5187fbf830471ddc&fp=606422418&cid=ma23578&mrk=239876503
Requested by: Host: www.denverpost.com
URL: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.198.41.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-198-41-31.compute-1.amazonaws.com
Software: /
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 25 Jan 2021 12:04:12 GMT
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Content-Length: 43
Content-Type: image/gif

GET
DATA 200
OK truncated
/ Frame EE0F 214 B
0 Image
image/png

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b35b2be4ec32c5e6207efcb232e5a61c1235a81e1a770c0467e24340c9b55415

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 /
www.facebook.com/tr/ 44 B
409 B 23ms
9ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=331892897543876&ev=PageView&dl=https%3A%2F%2Fwww.denverpost.com%2F2021%2F01%2F24%2Fcolorado-unemployment-insurance-fraud%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk&rl=&if=false&ts=1611576249555&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=30&it=1611576246221&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 12:04:09 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 25 Jan 2021 12:04:09 GMT

GET
H2 200 view
pagead2.googlesyndication.com/pcs/ Frame EE0F 0
0 62ms
41ms Fetch
image/gif 2a00:1450:4001:819::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjss5NQtYBe9eo9Z5XauSLG8cwS4DqSDSEqbGXI30Dlp3VGcpYhBRjJ3_8ZGyQ-gvhs5zmkc2bCdbkjXhzuzCZDtiM8ePnjPxcxo9EmHZ6Wwnawrd8hCvJoUxOxIw491cYrzxCt2ETQVAWYd5Mj-UOZ1Bq5o92okb0ZPzlR75upBnOr1ZG1aeulPhjomYhmEYsOUzLBzyGHycP2q4h5Qgz804jfD_hHuFxSxAp4BoPuOXVXrSdZkDYwTUsPTs772PYyrLe32pxHxzvf76c-v7Ei9jLuDEW_iI0vpMhhYUZIHa3dFQ5xMVC4KA2nVWIg&sig=Cg0ArKJSzElDQDNZ-iUZEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 25 Jan 2021 12:04:09 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 bframe
www.google.com/recaptcha/api2/ Frame 2D2A 0
0 38ms
19ms Document
text/html 2a00:1450:4001:820::2004
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=_KUxfxvAoJ4k7SaKyLbja4Mi&k=6LdkxKQUAAAAACsHxmeRK-KlXl7MnOblfo6SbZ80&cb=quvhcyeya22h

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-MDF+c0qzY+vrNJBDMqKJYA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/bframe?hl=en&v=_KUxfxvAoJ4k7SaKyLbja4Mi&k=6LdkxKQUAAAAACsHxmeRK-KlXl7MnOblfo6SbZ80&cb=quvhcyeya22h
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 25 Jan 2021 12:04:09 GMT
content-security-policy: script-src 'report-sample' 'nonce-MDF+c0qzY+vrNJBDMqKJYA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1124
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK geo2.js Show response
cdn3.optimizely.com/js/ Frame F8B4 290 B
697 B 135ms
45ms Script
application/javascript 104.108.58.15
AKAMAI-AS

General

Check archive.org

Download Go to

Full URL: https://cdn3.optimizely.com/js/geo2.js?cb=1611576249793
Requested by: Host: d2lv4zbk7v5f93.cloudfront.net
URL: https://d2lv4zbk7v5f93.cloudfront.net/esf.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.58.15 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-58-15.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: b14701931e145ec735d777345c0ece29b81ffcd16d3faa1157e66b203422b42a

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-amz-version-id: Y1BKPK.c9lIaZx2uYj8JMWZye_vJfrh9
Server: AmazonS3
x-amz-request-id: 58F91F709437393D
ETag: "adadfc5d7afd13e353d9d52cec1c7827"
Content-Type: application/javascript
Cache-Control: max-age=33164
Date: Mon, 25 Jan 2021 12:04:09 GMT
Connection: keep-alive
Content-Length: 290
x-amz-id-2: Phn5k+QjLByfMD8t9FT8zSNZWClJ3+nxhXLTY5wx/QecmQtaAvbMffypFSTaQAElH17cGsDf1yg=

GET
H2 200 ;ord=1611576249794
ad.doubleclick.net/ddm/ad/eeyfbwlryr/gshqhlf/ 43 B
619 B 612ms
165ms Image
image/gif 172.217.21.230
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/ad/eeyfbwlryr/gshqhlf/;ord=1611576249794?

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.21.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s13-in-f6.1e100.net

Software

cafe /

Resource Hash

9c41ba408efaf3a7a36099370bc814e38b0afd42229fa9e0e6040740620c85c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Jan 2021 12:04:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 tUxHTINGb1zW Show response
at1.listrakbi.com/activity/ 111 B
702 B 340ms
117ms Script
text/javascript 3.88.253.15
AMAZON-AES

General

Check archive.org

Download Go to

Full URL: https://at1.listrakbi.com/activity/tUxHTINGb1zW
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.88.253.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: a36a064a814fccc47471689efa2d0828f15f5035210044696f4cc118f29e46a5

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 12:04:10 GMT
cache-control: private
server: Microsoft-IIS/8.5
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-length: 111
content-type: text/javascript; charset=utf-8

POST
H2 200 LB-Zone-2 Show response
medianewsgroup.blueconic.net/DG/DEFAULT/rest/rpc/json/ 119 B
730 B 363ms
145ms XHR
application/json 34.225.175.99
AMAZON-AES

General

Check archive.org

Download Go to

Full URL

Requested by

Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/medianewsgroup.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.225.175.99 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

- /

Resource Hash

08687d88ebc422f13a006771c948ba493a429e7ca18cd21a53b8abc9c56d5fb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 25 Jan 2021 12:04:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
x-robots-tag: noindex, nofollow
p3p: policyref="", CP="DSP"
access-control-allow-origin: https://www.denverpost.com
x-permitted-cross-domain-policies: master-only
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
content-length: 126
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 track
track1.aniview.com/ 0
71 B 1374ms
110ms Image
text/plain 52.1.162.64
AMAZON-AES

General

Check archive.org

Download Go to Show image

Full URL: https://track1.aniview.com/track?pid=5e0e296628a061270b21ccab&cid=5f8484a8cae1e34e567bdbdf&e=playerLoaded&cb=1611576249972&r=https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
Requested by: Host: www.denverpost.com
URL: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.162.64 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-162-64.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 12:04:11 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
H2 200 track
track1.aniview.com/ 0
70 B 1368ms
116ms Image
text/plain 52.1.162.64
AMAZON-AES

General

Check archive.org

Download Go to Show image

Full URL: https://track1.aniview.com/track?pid=5e0e296628a061270b21ccab&cid=5f327ef5712b6a63ae7736e5&e=playerLoaded&cb=1611576249980&r=https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
Requested by: Host: www.denverpost.com
URL: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.162.64 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-162-64.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 12:04:11 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0

GET
DATA 200
OK truncated
/ Frame F5B4 215 B
0 Image
image/png

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 627c7e9b49b30fbb960cb98a768dea6a9bac5ef49579dd439bf9f277b0e3cb9f

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK / Show response
hb.spotim.market/geo/ Frame 0688 134 B
388 B 628ms
103ms XHR
application/json 23.227.137.155
24SHELLS

General

Check archive.org

Download Go to

Full URL: https://hb.spotim.market/geo/
Requested by: Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/447660/wrapper_hb_270443_140.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 23.227.137.155 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: a7cdda380c16b607ff32de8509e79209a1675b1e0a88643570040366249fcf8e

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.denverpost.com
Date: Mon, 25 Jan 2021 12:04:10 GMT
Access-Control-Allow-Credentials: true
Server: VertaMedia 1.0
Connection: Keep-Alive
Content-Length: 134
Content-Type: application/json

GET
H/1.1 200
OK tracking Show response
hb.spotim.market/adunit/ Frame 0688 43 B
418 B 897ms
112ms XHR
image/gif 23.227.137.155
24SHELLS

General

Check archive.org

Download Go to

Full URL: https://hb.spotim.market/adunit/tracking?event=11&type=0&client_id=270443&site_id=140&full_page_url=https%3A%2F%2Fwww.denverpost.com&adid=ciw0z0.ns&vpbv=0732&lifecycle_tte=3999
Requested by: Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/447660/wrapper_hb_270443_140.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 23.227.137.155 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.denverpost.com
Date: Mon, 25 Jan 2021 12:04:10 GMT
Access-Control-Allow-Credentials: true
Server: VertaMedia 1.0
Connection: Keep-Alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 grumi.js Show response
rumcdn.geoedge.be/35362513-af22-4abd-a2c3-bcf6c62814c8/ Frame 0688 153 KB
51 KB 40ms
13ms Script
text/javascript 2600:9000:2190:ec00:4:b37b:9440:93a1
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://rumcdn.geoedge.be/35362513-af22-4abd-a2c3-bcf6c62814c8/grumi.js
Requested by: Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/447660/wrapper_hb_270443_140.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:ec00:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 90f036d54f7b60cd96d4ee3f09c04957c7ccd5140c1131f7b75d947c02da4b16

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 11:35:23 GMT
content-encoding: br
last-modified: Mon, 25 Jan 2021 11:30:29 GMT
server: AmazonS3
age: 1728
etag: W/"03367a0af1d2a5b3673a3558b45ab915"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: WzAyxLI9BaIWiyKDHvjavnRocIA6M9aI
via: 1.1 449f2b51e83bf8ba5fa5e65ce60bc277.cloudfront.net (CloudFront)
cache-control: public,max-age=1800,stale-while-revalidate=3600,immutable,must-revalidate
x-amz-cf-pop: ZRH50-C1
content-type: text/javascript
x-amz-cf-id: Rq-rggPzc8_ktIG5CoArTJES09B3QfiygB72G7hjGKpibFeCge14Gw==

GET
H2 200 j.html
p.delivercdn.com/prebidlink/18652/ Frame 5EAB 0
0 181ms
44ms Document
text/html 213.174.135.2
ADVANCEDHOSTERS-AS

General

Check archive.org

Download Go to

Full URL: https://p.delivercdn.com/prebidlink/18652/j.html?i=6864
Requested by: Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/447660/hb_270443_140.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.174.135.2 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

:method: GET
:authority: p.delivercdn.com
:scheme: https
:path: /prebidlink/18652/j.html?i=6864
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk

Response headers

date: Mon, 25 Jan 2021 12:04:10 GMT
content-type: text/html; charset=utf-8
server: nginx
last-modified: Wed, 16 Sep 2020 14:50:15 GMT
etag: W/"5f622627-434"
cache-control: max-age=3600
content-encoding: gzip
expires: Mon, 25 Jan 2021 13:04:10 GMT
access-control-allow-origin: *
x-proxy-cache: HIT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame EE0F 42 B
89 B 109ms
107ms Fetch
image/gif 172.217.22.98
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssCezC7ovj66GwOXJbw8_JylZ-eMJWIUUFfcaHZWbhaxeZn5xhZKeu9IeKgF2pk_nxRUvseGCvZSkppZ-BQLRDctumEGa1_yWI54yYqwZA&sig=Cg0ArKJSzGuWaFAjScr2EAE&id=osdim&mcvt=1147&p=709,1138,959,1438&mtos=1147,1147,1147,1147,1147&tos=1147,0,0,0,0&v=20210122&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=3761832310&rs=4&met=mue&la=0&cr=0&osd=0&vs=4&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.22.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s18-in-f98.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Jan 2021 12:04:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_2021012001.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 001A 273 KB
97 KB 932ms
140ms Script
text/javascript 172.217.18.162
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021012001.js?21069868

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

sffe /

Resource Hash

d82439f1cc267511ad24334015165ee5a382a7e6ba8164d6de02404664be324a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 12:04:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 20 Jan 2021 09:39:43 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98873
x-xss-protection: 0
expires: Mon, 25 Jan 2021 12:04:11 GMT

GET
H/1.1 200
OK / Show response
hb.spotim.market/geo/ Frame 001A 134 B
388 B 587ms
106ms XHR
application/json 23.227.137.155
24SHELLS

General

Check archive.org

Download Go to

Full URL: https://hb.spotim.market/geo/
Requested by: Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/447660/wrapper_hb_270443_140.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 23.227.137.155 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: a7cdda380c16b607ff32de8509e79209a1675b1e0a88643570040366249fcf8e

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.denverpost.com
Date: Mon, 25 Jan 2021 12:04:10 GMT
Access-Control-Allow-Credentials: true
Server: VertaMedia 1.0
Connection: Keep-Alive
Content-Length: 134
Content-Type: application/json

GET
H/1.1 200
OK tracking Show response
hb.spotim.market/adunit/ Frame 001A 43 B
418 B 931ms
106ms XHR
image/gif 23.227.137.155
24SHELLS

General

Check archive.org

Download Go to

Full URL: https://hb.spotim.market/adunit/tracking?event=11&type=0&client_id=270443&site_id=140&full_page_url=https%3A%2F%2Fwww.denverpost.com&adid=ciw119.ml&vpbv=0732&lifecycle_tte=4279
Requested by: Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/447660/wrapper_hb_270443_140.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 23.227.137.155 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://www.denverpost.com
Date: Mon, 25 Jan 2021 12:04:10 GMT
Access-Control-Allow-Credentials: true
Server: VertaMedia 1.0
Connection: Keep-Alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 grumi.js Show response
rumcdn.geoedge.be/35362513-af22-4abd-a2c3-bcf6c62814c8/ Frame 001A 153 KB
51 KB 20ms
19ms Script
text/javascript 2600:9000:2190:ec00:4:b37b:9440:93a1
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://rumcdn.geoedge.be/35362513-af22-4abd-a2c3-bcf6c62814c8/grumi.js
Requested by: Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/447660/wrapper_hb_270443_140.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:ec00:4:b37b:9440:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 90f036d54f7b60cd96d4ee3f09c04957c7ccd5140c1131f7b75d947c02da4b16

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 11:35:23 GMT
content-encoding: br
last-modified: Mon, 25 Jan 2021 11:30:29 GMT
server: AmazonS3
age: 1728
etag: W/"03367a0af1d2a5b3673a3558b45ab915"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: WzAyxLI9BaIWiyKDHvjavnRocIA6M9aI
via: 1.1 449f2b51e83bf8ba5fa5e65ce60bc277.cloudfront.net (CloudFront)
cache-control: public,max-age=1800,stale-while-revalidate=3600,immutable,must-revalidate
x-amz-cf-pop: ZRH50-C1
content-type: text/javascript
x-amz-cf-id: EHY6LqeZmermK12rxTOdubii1Emt8iSsJKNFJmOnnvWG5uyoWaAxhw==

GET
H2 200 j.html
p.kfmlax.com/prebidlink/18652/ Frame 9424 0
0 1171ms
46ms Document
text/html 213.174.135.2
ADVANCEDHOSTERS-AS

General

Check archive.org

Download Go to

Full URL: https://p.kfmlax.com/prebidlink/18652/j.html?i=6967
Requested by: Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/447660/hb_270443_140.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.174.135.2 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

:method: GET
:authority: p.kfmlax.com
:scheme: https
:path: /prebidlink/18652/j.html?i=6967
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk

Response headers

date: Mon, 25 Jan 2021 12:04:11 GMT
content-type: text/html; charset=utf-8
server: nginx
last-modified: Wed, 16 Sep 2020 14:50:15 GMT
etag: W/"5f622627-434"
cache-control: max-age=3600
content-encoding: gzip
expires: Mon, 25 Jan 2021 13:04:11 GMT
access-control-allow-origin: *

GET
H2 200 22ffdee66bcd4231ec3f4f8f22b7647a.js Show response
nexus.ensighten.com/choozle/2867/code/ 1 KB
867 B 3619ms
152ms Script
application/javascript 3.17.209.243
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://nexus.ensighten.com/choozle/2867/code/22ffdee66bcd4231ec3f4f8f22b7647a.js?conditionId0=2887325&conditionId1=469797
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.17.209.243 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5c764ba1ccecd6b069fa3af48c26616aa22fd6076413d7d3585172ca50df6af4

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 12:04:13 GMT
content-encoding: gzip
last-modified: Sat, 09 Jun 2018 23:37:40 GMT
server: nginx
etag: W/"5b1c64c4-5c4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000

GET
H2 200 pubads_impl_2021011301.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 0688 274 KB
97 KB 857ms
192ms Script
text/javascript 172.217.18.162
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021011301.js?21069858

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s29-in-f2.1e100.net

Software

sffe /

Resource Hash

c5ba89766067fcb53558dff3208b4fe427dafacb18b42d9e748bb76fd9884c8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 12:04:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Jan 2021 09:43:18 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99060
x-xss-protection: 0
expires: Mon, 25 Jan 2021 12:04:11 GMT

POST
H2 200 /
www.facebook.com/tr/ 0
109 B 11ms
6ms Other
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundarynGCkanb40fM0mnP3

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Mon, 25 Jan 2021 12:04:10 GMT
content-type: text/plain
access-control-allow-origin: https://www.denverpost.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

GET
H3-Q050 200 view
pagead2.googlesyndication.com/pcs/ Frame F5B4 0
0 389ms
389ms Fetch
image/gif 172.217.22.98
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjstzf89HMe2bq1XQlxNSUT3LJjeikbjEDh-WGPDkwWA3dGu2gYCXY-T5g1slEO9JpZOHN3Bzoz3UuF1O02EyN4tV9WmCwIU5Zdy3AcCUS_bLDVtxukugRY_wozi2exOP8XWRVLrmZAXdcvZnl1HGF30NEUgR6wlQ5gSilEU6hlS_LlvFm6r2x6DPHdk1SSKro0mVoS7WmY12hRKBc6jMH6yrBshdZKf93vUJcz2wo3FuD5tdlE8QO9UnJJm2fmdwptc0N9sNMDAGr35-V_sXLKbzGpcBRchlfCmwUhCBj2Qw8cpM7Vt02AM7wAA_BA&sig=Cg0ArKJSzDHzpvXJDw4AEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.22.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s18-in-f98.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 25 Jan 2021 12:04:10 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 203812f962cdac28cda2020bc8088b55.js Show response
nexus.ensighten.com/choozle/2867/code/ 261 B
443 B 3449ms
153ms Script
application/javascript 3.17.209.243
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://nexus.ensighten.com/choozle/2867/code/203812f962cdac28cda2020bc8088b55.js?conditionId0=421905
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 3.17.209.243 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b003b4bb9f910d93e4f42f609cc96dff2fe12888d3caaf9dea8b17c6b0901c9a

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 12:04:13 GMT
last-modified: Sat, 09 Jun 2018 23:37:40 GMT
server: nginx
etag: "5b1c64c4-105"
content-type: application/javascript; charset=utf-8
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 261

OPTIONS
H/1.1 200
OK DENVERPRODWP
prod-dfm-proxy-connext.azurewebsites.net/api/configuration/mapped/siteCode/DFM/configCode/ Frame 0
0 3672ms
149ms Other 13.85.16.224
MICROSOFT-CORP-MS...

General

Check archive.org

Download Go to

Full URL: https://prod-dfm-proxy-connext.azurewebsites.net/api/configuration/mapped/siteCode/DFM/configCode/DENVERPRODWP
Protocol: HTTP/1.1
Server: 13.85.16.224 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: access-control-allow-origin,attr,authorization,autoqa,config-code,content-type,environment,location,settingskey,site-code,source-system,ssid,version
Origin: https://www.denverpost.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: access-control-allow-origin,attr,authorization,autoqa,config-code,content-type,environment,location,settingskey,site-code,source-system,ssid,version
X-Powered-By: ASP.NET
Date: Mon, 25 Jan 2021 12:04:14 GMT
Content-Length: 0

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 166 KB
49 KB 42ms
19ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NFD2QGD&l=MG2DL

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

59b46a686e590a4543c08b260964e58877806d23668a959b4d2b46898e2a581a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 12:04:10 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49543
x-xss-protection: 0
expires: Mon, 25 Jan 2021 12:04:10 GMT

GET
H2 200 ai.0.js Show response
az416426.vo.msecnd.net/scripts/a/ 94 KB
22 KB 96ms
7ms Script
application/x-javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Download Go to

Full URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FA5) /
Resource Hash: 5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 25 Jan 2021 12:04:11 GMT
content-encoding: gzip
x-ms-meta-lastmodified: 2020-10-01 19:31:04
content-md5: HdY95yzx9wIyQkVEGES+Ew==
age: 904
x-cache: HIT
content-length: 22495
x-ms-lease-status: unlocked
last-modified: Fri, 23 Oct 2020 22:12:59 GMT
server: ECAcc (frc/8FA5)
etag: 0x8D877A0CD108633
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 40117bf1-601e-0015-7f10-f380d5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800
x-ms-version: 2009-09-19
expires: Mon, 25 Jan 2021 12:34:11 GMT

GET
H/1.1 200
OK index.js Show response
d1wa9546y9kg0n.cloudfront.net/ 6 KB
7 KB 3226ms
54ms Script
application/x-javascript 13.224.89.182
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://d1wa9546y9kg0n.cloudfront.net/index.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.89.182 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-89-182.zrh50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8431f4973d02bcceeadba217953b9a058dad0b1d958f9ba25f9fccfe95d7ae42

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Sun, 24 Jan 2021 21:22:44 GMT
Via: 1.1 110750d14d1d900cd5c76d0ac872f5dd.cloudfront.net (CloudFront)
Last-Modified: Tue, 23 Feb 2016 09:35:10 GMT
Server: AmazonS3
Age: 52891
ETag: "cf67eb51479caf3b57c3577a08b6a038"
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Connection: keep-alive
X-Amz-Cf-Pop: ZRH50-C1
Accept-Ranges: bytes
Content-Length: 6494
X-Amz-Cf-Id: NjFv9emF9-IYGLgZVXD3LgOl06rm6Fv9vq95EFp3HrpM1i4iZo67XQ==

GET
H/1.1 200
OK DENVERPRODWP Show response
prod-dfm-proxy-connext.azurewebsites.net/api/configuration/mapped/siteCode/DFM/configCode/ 566 KB
150 KB 279ms
277ms Fetch
application/json 13.85.16.224
MICROSOFT-CORP-MS...

General

Check archive.org

Download Go to

Full URL: https://prod-dfm-proxy-connext.azurewebsites.net/api/configuration/mapped/siteCode/DFM/configCode/DENVERPRODWP
Requested by: Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VW01XH7WBQ9cW5WHp4_89tSl8VcSh174mdXw-N2XT74t2-Hw7V1-WJV7CgLCjN2Ms-CnZQXNlW2slSdz51VgD_W8Jc4Ff6bQkfsW35hnmj3T_fq5V20KSQ81CX7FN6fls5N8CGXlW1Hghcm2TgqxTW8VcP022rm4m1W7R6rWN91lylNVlQhX85kDTbCVdDYzs61hpj3W2HvRTT8NLGC3Vch7_K7W7PNCW1nnGLH3tXfP-W8rYwwf43Rzy4W3x52b-7rprh6W2d839F1d9Tz8W3BVLq05H9RWKW7GyS5d7wm_mMW3ryMff5DPGS5W5QGzTT7gGkK4N7-Z3-ygRXn6W7r7bpv5BLQLnW3LgvwV4nx9Lz346T1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.85.16.224 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET, ASP.NET
Resource Hash: deb10458d1857757ff3e3539a7f16c22125c8cac0fc88a541958228d841aecd0

Request headers

authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1bmlxdWVfbmFtZSI6IkNvbm5lWHQiLCJleHAiOjE2MTE1OTA2NDd9.qJ8M7PGpM1hvMnfs4A9OmQ3clRsNpqiT90e3Chp2IDo
source-system: Plugin
site-code: DFM
autoqa: false
access-control-allow-origin: *
settingskey: PMP,DP
ssid: 89c257d2e77852a832423cffeaf46781
environment: prod
attr: DP
config-code: DENVERPRODWP
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
content-type: application/json
location: undefined
accept: application/json
Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
version: Version: 2.5.4.1

Response headers

Pragma: no-cache
Date: Mon, 25 Jan 2021 12:04:14 GMT
Content-Encoding: gzip
Expires: -1
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET, ASP.NET
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Server-Time,Request-Context
Cache-Control: no-cache
Content-Length: 152678
X-Server-Time: 1/25/2021 12:04:14 PM
Request-Context: appId=cid-v1:b3b1c194-8bfe-45e5-8168-866947d4f019

GET
H/1.1 200
OK ad_300_250.jpg
paywall-ad-bucket.s3.amazonaws.com/ 631 B
1 KB 7745ms
132ms Image
image/jpeg 52.217.98.4
AMAZON-02

General

Check archive.org

Download Go to Show image

Full URL: https://paywall-ad-bucket.s3.amazonaws.com/ad_300_250.jpg
Requested by: Host: www.denverpost.com
URL: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.98.4 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0859f5f9bf49348ef81d01f953d520c10a2a857961ef1bfad4a7903609889de5

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 25 Jan 2021 12:04:19 GMT
Last-Modified: Tue, 15 Oct 2019 13:44:16 GMT
Server: AmazonS3
x-amz-request-id: 16CD7896DF259668
ETag: "ef2cc7f55b7ab677b023e36033e26471"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 631
x-amz-id-2: 40P8ArUdNxJCgDy8vLMSLJE0Pgwjp8o8SZcJp0kYrMrzjkLZi11XGj2wP72+oUZFngc+4x76J78=
x-amz-meta-s3b-last-modified: 20191015T134358Z

GET
H/1.1 200
OK csyncs Show response
hb.spotim.market/ Frame 0688 431 B
548 B 107ms
106ms XHR
application/json 23.227.137.155
24SHELLS

General

Check archive.org

Download Go to

Full URL: https://hb.spotim.market/csyncs?aid1=436894&aid2=537181&aid3=572165&aid4=573838
Requested by: Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/447660/wrapper_hb_270443_140.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 23.227.137.155 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: 9793005511de088264cc93f17db86dc7f015180f3fd67ee584c956e2c3753598

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 25 Jan 2021 12:04:11 GMT
Content-Encoding: gzip
Server: VertaMedia 1.0
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://www.denverpost.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Length: 255

GET
H/1.1 200
OK csyncs Show response
hb.spotim.market/ Frame 001A 431 B
548 B 105ms
104ms XHR
application/json 23.227.137.155
24SHELLS

General

Check archive.org

Download Go to

Full URL: https://hb.spotim.market/csyncs?aid1=436894&aid2=537181&aid3=572165&aid4=573838
Requested by: Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/447660/wrapper_hb_270443_140.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 23.227.137.155 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: 9793005511de088264cc93f17db86dc7f015180f3fd67ee584c956e2c3753598

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 25 Jan 2021 12:04:11 GMT
Content-Encoding: gzip
Server: VertaMedia 1.0
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://www.denverpost.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Length: 255

GET
H2 200 tUxHTINGb1zW Show response
at1.listrakbi.com/activity/ 111 B
708 B 110ms
110ms Script
text/javascript 3.88.253.15
AMAZON-AES

General

Check archive.org

Download Go to

Full URL: https://at1.listrakbi.com/activity/tUxHTINGb1zW?vuid=29aa8191-6d01-4a75-a7a4-8ccab2ce502e&uid=90D39A1A-1746-4E95-88BC-CAC434D921CD&gsid=07f88e6d-9200-4a34-a6c8-1fc47e3fde54&_t_0=at&t_0=PageBrowse&k_0=https%3A%2F%2Fwww.denverpost.com%2F2021%2F01%2F24%2Fcolorado-unemployment-insurance-fraud%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.88.253.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: a36a064a814fccc47471689efa2d0828f15f5035210044696f4cc118f29e46a5

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 12:04:11 GMT
cache-control: private
server: Microsoft-IIS/8.5
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-length: 111
content-type: text/javascript; charset=utf-8

GET
H2 200 tUxHTINGb1zW Show response
at1.listrakbi.com/activity/ 111 B
708 B 111ms
110ms Script
text/javascript 3.88.253.15
AMAZON-AES

General

Check archive.org

Download Go to

Full URL: https://at1.listrakbi.com/activity/tUxHTINGb1zW?vuid=29aa8191-6d01-4a75-a7a4-8ccab2ce502e&uid=A4822478-61CD-4856-98B0-4CCB3BC573DC&gsid=07f88e6d-9200-4a34-a6c8-1fc47e3fde54&_t_0=at&t_0=Identification&k_0=3&_t_1=at&t_1=Identification&k_1=4&_t_2=at&t_2=Identification&k_2=5
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.88.253.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: a36a064a814fccc47471689efa2d0828f15f5035210044696f4cc118f29e46a5

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 12:04:11 GMT
cache-control: private
server: Microsoft-IIS/8.5
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-length: 111
content-type: text/javascript; charset=utf-8

GET
H2 200 tUxHTINGb1zW Show response
at1.listrakbi.com/activity/ 111 B
703 B 112ms
111ms Script
text/javascript 3.88.253.15
AMAZON-AES

General

Check archive.org

Download Go to

Full URL: https://at1.listrakbi.com/activity/tUxHTINGb1zW?vuid=29aa8191-6d01-4a75-a7a4-8ccab2ce502e&uid=C379D5C0-424E-4EB2-8B75-338451D82058&gsid=07f88e6d-9200-4a34-a6c8-1fc47e3fde54&_t_0=at&t_0=ContentBrowse&k_0=https%3A%2F%2Fwww.denverpost.com%2F2021%2F01%2F24%2Fcolorado-unemployment-insurance-fraud%2F
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.88.253.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: a36a064a814fccc47471689efa2d0828f15f5035210044696f4cc118f29e46a5

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 12:04:11 GMT
cache-control: private
server: Microsoft-IIS/8.5
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-length: 111
content-type: text/javascript; charset=utf-8

GET
H/1.1

200
OK

csync
sync.ads.152media.com/ Frame 0688
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.ads.152media.com%2Fcsync%3Ft%3Da%26ep%3D285868%26extuid%3D%24UID
https://sync.ads.152media.com/csync?t=a&ep=285868&extuid=8096477413580383358

86 B
532 B

910ms
428ms

Image
image/gif

62.149.0.72
COLOCALL Internet...

General

Check archive.org

Download Go to Show image

Full URL: https://sync.ads.152media.com/csync?t=a&ep=285868&extuid=8096477413580383358
Requested by: Host: www.denverpost.com
URL: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: 1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 25 Jan 2021 12:04:13 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: VertaMedia 1.0
Content-Length: 86
Content-Type: image/gif

Redirect headers

Pragma: no-cache
Date: Mon, 25 Jan 2021 12:04:12 GMT
X-Proxy-Origin: 82.102.19.136; 82.102.19.136; 725.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.133:80
AN-X-Request-Uuid: ba7bab7c-ff94-4d2f-88bd-45d5e52c128f
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.ads.152media.com/csync?t=a&ep=285868&extuid=8096477413580383358
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

csync
sync.ads.152media.com/ Frame 001A
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.ads.152media.com%2Fcsync%3Ft%3Da%26ep%3D285868%26extuid%3D%24UID
https://sync.ads.152media.com/csync?t=a&ep=285868&extuid=8096477413580383358

86 B
532 B

1065ms
187ms

Image
image/gif

62.149.0.72
COLOCALL Internet...

General

Check archive.org

Download Go to Show image

Full URL: https://sync.ads.152media.com/csync?t=a&ep=285868&extuid=8096477413580383358
Requested by: Host: www.denverpost.com
URL: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center _ColoCALL_, UA),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: 1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 25 Jan 2021 12:04:13 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: VertaMedia 1.0
Content-Length: 86
Content-Type: image/gif

Redirect headers

Pragma: no-cache
Date: Mon, 25 Jan 2021 12:04:12 GMT
X-Proxy-Origin: 82.102.19.136; 82.102.19.136; 725.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.221.68:80
AN-X-Request-Uuid: 8abbf767-a602-409c-bd16-d0c43bf113b4
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://sync.ads.152media.com/csync?t=a&ep=285868&extuid=8096477413580383358
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 config.json Show response
player.adtelligent.com/exchange_rates/279896/ Frame 001A 2 KB
1 KB 316ms
91ms XHR
application/json 213.174.135.1
ADVANCEDHOSTERS-AS

General

Check archive.org

Download Go to

Full URL: https://player.adtelligent.com/exchange_rates/279896/config.json?cb=https%3A%2F%2Fwww.denverpost.com
Requested by: Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/447660/hb_270443_140.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: f8055ce309652266d3e3930cdb3b624fa03263a362e03976fd83bc6f7bdf9222

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 25 Jan 2021 12:04:12 GMT
content-encoding: gzip
last-modified: Mon, 25 Jan 2021 00:01:50 GMT
server: nginx
etag: W/"600e0a6e-866"
content-type: application/json
access-control-allow-origin: https://www.denverpost.com
expires: Mon, 25 Jan 2021 13:04:12 GMT
cache-control: max-age=3600
x-proxy-cache: HIT

GET
H2 200 config.json Show response
player.adtelligent.com/exchange_rates/279896/ Frame 0688 2 KB
1 KB 286ms
92ms XHR
application/json 213.174.135.1
ADVANCEDHOSTERS-AS

General

Check archive.org

Download Go to

Full URL: https://player.adtelligent.com/exchange_rates/279896/config.json?cb=https%3A%2F%2Fwww.denverpost.com
Requested by: Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/447660/hb_270443_140.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.174.135.1 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: f8055ce309652266d3e3930cdb3b624fa03263a362e03976fd83bc6f7bdf9222

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 25 Jan 2021 12:04:12 GMT
content-encoding: gzip
last-modified: Mon, 25 Jan 2021 00:01:50 GMT
server: nginx
etag: W/"600e0a6e-866"
content-type: application/json
access-control-allow-origin: https://www.denverpost.com
expires: Mon, 25 Jan 2021 13:04:12 GMT
cache-control: max-age=3600
x-proxy-cache: HIT

POST bid
ap.lijit.com/rtb/ Frame 001A 0
0

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 001A 264 B
746 B 179ms
51ms XHR
application/json 69.173.144.141
RUBICONPROJECT

General

Check archive.org

Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=829892&size_id=15&alt_size_ids=16%2C159&gdpr=1&gdpr_consent=CPAkwVYPAkwVYEXABBENA3CwAAAAAH_AAAYgGggBIAJEQABAIAAEAIAEAAAAQBAAAEAgAAAAAAAAAAAABAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAIAAAAAAgXmAAAAkQAAEAAAAAAAAQAAABAEAAAAAAAAAAAAAAAAAAECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAA.YAAAAAAAAAAA&rp_schain=1.0,1!spotim.market,sp_sXPv48AD,1,,,&rf=https%3A%2F%2Fwww.denverpost.com%2F2021%2F01%2F24%2Fcolorado-unemployment-insurance-fraud%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk&tk_flint=pbjs_lite_v4.15.0-pre&x_source.tid=8c0d6438-63b8-4981-938a-965fd6197e8a&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.9491205411832762
Requested by: Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/447660/hb_270443_140.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 7ae1459d3342efa79e04c534cf0a447e0c2dc68b89bc8f94aa74943e3ff23d11

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 25 Jan 2021 12:04:12 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.denverpost.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 264
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 v1 Show response
hb-api.omnitagjs.com/hb-api/prebid/ Frame 001A 373 B
725 B 1230ms
129ms XHR
application/json 185.255.84.151
IGUANE-

General

Check archive.org

Download Go to

Full URL

https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.denverpost.com%2F2021%2F01%2F24%2Fcolorado-unemployment-insurance-fraud%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk&SafeFrame=true&CanonicalUrl=https%3A%2F%2Fwww.denverpost.com%2F2021%2F01%2F24%2Fcolorado-unemployment-insurance-fraud%2F&PublisherDomain=https%3A%2F%2Fwww.denverpost.com

Requested by

Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/447660/hb_270443_140.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.151 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

bcef5f4b2cd26bcee39e750e042a629af71e04bd3f591bcdd75bf969d45bccbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 25 Jan 2021 12:04:12 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.denverpost.com
access-control-max-age: 3600
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 89
access-control-allow-headers: Accept-Encoding, Content-Type
content-length: 373
expires: 0

GET cygnus
htlb.casalemedia.com/ Frame 001A 0
0

POST cdb
bidder.criteo.com/ Frame 001A 0
0

POST
H/1.1 200
OK / Show response
ghb.ads.152media.com/v2/auction/ Frame 001A 235 B
512 B 129ms
66ms XHR
application/json 2a0c:5c81:5026:0:ae1f:6bff:fe5a:4696
24SHELLS

General

Check archive.org

Download Go to

Full URL: https://ghb.ads.152media.com/v2/auction/
Requested by: Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/447660/hb_270443_140.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5026:0:ae1f:6bff:fe5a:4696 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: 7b6ba525cf92a2c989611639dd4d593bb898b6a4028d1b385e28fac5a3baf69d

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 25 Jan 2021 12:04:11 GMT
Content-Encoding: gzip
Server: VertaMedia 1.0
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://www.denverpost.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Length: 219

POST prebid
lockerdome.com/ladbid/ Frame 001A 0
0

GET
H2 200 ADTECH;v=2;cmd=bid;cors=yes;alias=456b4f8926478d8;misc=1611576252064;gdpr=1;euconsent=CPAkwVYPAkwVYEXABBENA3CwAAAAAH_AAAYgGggBIAJEQABAIAAEAIAEAAAAQBAAAEAgAAAAAAAAAAAABAgAAAAAAAAAAAAAAAAAAAAAAAAAAAA... Show response
adserver-us.adtech.advertising.com/pubapi/3.0/11465.1/4850946/0/0/ Frame 001A 48 B
81 B 418ms
396ms XHR
application/json 2606:2800:233:97b6:26be:138a:cba8:bb01
EDGECAST

General

Check archive.org

Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11465.1/4850946/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=456b4f8926478d8;misc=1611576252064;gdpr=1;euconsent=CPAkwVYPAkwVYEXABBENA3CwAAAAAH_AAAYgGggBIAJEQABAIAAEAIAEAAAAQBAAAEAgAAAAAAAAAAAABAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAIAAAAAAgXmAAAAkQAAEAAAAAAAAQAAABAEAAAAAAAAAAAAAAAAAAECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAA.YAAAAAAAAAAA;
Requested by: Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/447660/hb_270443_140.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:97b6:26be:138a:cba8:bb01 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: f73eb3f58480204fb870966c8f80760bfed6205ea8d28f5774ece87037b5d49e

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 25 Jan 2021 12:04:12 GMT
server: Adtech Adserver
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json
access-control-allow-origin: https://www.denverpost.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 48
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 200 ADTECH;v=2;cmd=bid;cors=yes;alias=46331e74a588dde;misc=1611576252064;gdpr=1;euconsent=CPAkwVYPAkwVYEXABBENA3CwAAAAAH_AAAYgGggBIAJEQABAIAAEAIAEAAAAQBAAAEAgAAAAAAAAAAAABAgAAAAAAAAAAAAAAAAAAAAAAAAAAAA... Show response
adserver-us.adtech.advertising.com/pubapi/3.0/11465.1/5242527/0/0/ Frame 001A 47 B
268 B 127ms
106ms XHR
application/json 2606:2800:233:97b6:26be:138a:cba8:bb01
EDGECAST

General

Check archive.org

Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11465.1/5242527/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=46331e74a588dde;misc=1611576252064;gdpr=1;euconsent=CPAkwVYPAkwVYEXABBENA3CwAAAAAH_AAAYgGggBIAJEQABAIAAEAIAEAAAAQBAAAEAgAAAAAAAAAAAABAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAIAAAAAAgXmAAAAkQAAEAAAAAAAAQAAABAEAAAAAAAAAAAAAAAAAAECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAA.YAAAAAAAAAAA;
Requested by: Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/447660/hb_270443_140.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:97b6:26be:138a:cba8:bb01 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: 3dc5abd42494c5478a3790a3721fd082077689db3e8a124921b01d0b48c58fa7

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 25 Jan 2021 12:04:12 GMT
server: Adtech Adserver
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json
access-control-allow-origin: https://www.denverpost.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 47
expires: Mon, 15 Jun 1998 00:00:00 GMT

POST
H2 204 bids Show response
prebid-us.creativecdn.com/bidder/prebid/ Frame 001A 0
180 B 655ms
164ms XHR
text/plain 185.184.10.30
RTB-HOUSE-ASH

General

Check archive.org

Download Go to

Full URL: https://prebid-us.creativecdn.com/bidder/prebid/bids
Requested by: Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/447660/hb_270443_140.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS: ip-185-184-10-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.denverpost.com
date: Mon, 25 Jan 2021 12:04:12 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

GET arj
spot-im-d.openx.net/w/1.0/ Frame 001A 0
0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 001A 0
62 B 1299ms
77ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/447660/hb_270443_140.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.denverpost.com
date: Mon, 25 Jan 2021 12:04:11 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK / Show response
ghb.adtelligent.com/v2/auction/ Frame 001A 121 B
390 B 37ms
36ms XHR
application/json 2a0c:5c81:5052::2
24SHELLS

General

Check archive.org

Download Go to

Full URL: https://ghb.adtelligent.com/v2/auction/
Requested by: Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/447660/hb_270443_140.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5052::2 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: d16858f057b587a1f2c36ab965d15872711796ff79c2520fd84003fd8d303f2f

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.denverpost.com
Date: Mon, 25 Jan 2021 12:04:11 GMT
Access-Control-Allow-Credentials: true
Server: VertaMedia 1.0
Connection: Keep-Alive
Content-Length: 121
Content-Type: application/json; charset=UTF-8

POST prebid
ib.adnxs.com/ut/v3/ Frame 001A 0
0

GET
H2 200 i.js Show response
tag.wknd.ai/3994/ 28 KB
12 KB 218ms
136ms Script
text/plain 34.120.253.250
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://tag.wknd.ai/3994/i.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.253.250 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 250.253.120.34.bc.googleusercontent.com
Software: fasthttp /
Resource Hash: 6e551d131eeec66f83636c0c145ffffc17c1f360d7c983553e1d4b0040ff499e

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 12:04:11 GMT
content-encoding: gzip
server: fasthttp
age: 1
etag: 25a7beb079e12c
content-type: text/plain; charset=utf-8
via: 1.1 google
cache-control: public, max-age=60
x-region: us-central1
timing-allow-origin: *
alt-svc: clear
content-length: 12024

GET
H2 200 ADTECH;v=2;cmd=bid;cors=yes;alias=408de8b343ded28;misc=1611576252224;gdpr=1;euconsent=CPAkwVaPAkwVaEXABBENA3CwAAAAAH_AAAYgGggBIAJEQABAIAAEAIAEAAAAQBAAAEAgAAAAAAAAAAAABAgAAAAAAAAAAAAAAAAAAAAAAAAAAAA... Show response
adserver-us.adtech.advertising.com/pubapi/3.0/11465.1/4850946/0/0/ Frame 0688 48 B
81 B 132ms
130ms XHR
application/json 2606:2800:233:97b6:26be:138a:cba8:bb01
EDGECAST

General

Check archive.org

Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11465.1/4850946/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=408de8b343ded28;misc=1611576252224;gdpr=1;euconsent=CPAkwVaPAkwVaEXABBENA3CwAAAAAH_AAAYgGggBIAJEQABAIAAEAIAEAAAAQBAAAEAgAAAAAAAAAAAABAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAIAAAAAAgXmAAAAkQAAEAAAAAAAAQAAABAEAAAAAAAAAAAAAAAAAAECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAA.YAAAAAAAAAAA;
Requested by: Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/447660/hb_270443_140.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:97b6:26be:138a:cba8:bb01 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: 8ae04937b6b02b73852788c552bc016bd0c8deaa219d39b935e03c30bce61b51

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 25 Jan 2021 12:04:12 GMT
server: Adtech Adserver
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json
access-control-allow-origin: https://www.denverpost.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 48
expires: Mon, 15 Jun 1998 00:00:00 GMT

GET
H2 200 ADTECH;v=2;cmd=bid;cors=yes;alias=41ee0c1d8985882;misc=1611576252224;gdpr=1;euconsent=CPAkwVaPAkwVaEXABBENA3CwAAAAAH_AAAYgGggBIAJEQABAIAAEAIAEAAAAQBAAAEAgAAAAAAAAAAAABAgAAAAAAAAAAAAAAAAAAAAAAAAAAAA... Show response
adserver-us.adtech.advertising.com/pubapi/3.0/11465.1/4850946/0/0/ Frame 0688 48 B
81 B 135ms
134ms XHR
application/json 2606:2800:233:97b6:26be:138a:cba8:bb01
EDGECAST

General

Check archive.org

Download Go to

Full URL: https://adserver-us.adtech.advertising.com/pubapi/3.0/11465.1/4850946/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=41ee0c1d8985882;misc=1611576252224;gdpr=1;euconsent=CPAkwVaPAkwVaEXABBENA3CwAAAAAH_AAAYgGggBIAJEQABAIAAEAIAEAAAAQBAAAEAgAAAAAAAAAAAABAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAIAAAAAAgXmAAAAkQAAEAAAAAAAAQAAABAEAAAAAAAAAAAAAAAAAAECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAA.YAAAAAAAAAAA;
Requested by: Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/447660/hb_270443_140.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:97b6:26be:138a:cba8:bb01 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: Adtech Adserver /
Resource Hash: e4fb9ec457f5cd0e37f85568514d1554a70269c025f082921d24b851e55f175d

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 25 Jan 2021 12:04:12 GMT
server: Adtech Adserver
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json
access-control-allow-origin: https://www.denverpost.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
content-length: 48
expires: Mon, 15 Jun 1998 00:00:00 GMT

POST
H2 204 bids Show response
prebid-us.creativecdn.com/bidder/prebid/ Frame 0688 0
180 B 498ms
165ms XHR
text/plain 185.184.10.30
RTB-HOUSE-ASH

General

Check archive.org

Download Go to

Full URL: https://prebid-us.creativecdn.com/bidder/prebid/bids
Requested by: Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/447660/hb_270443_140.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS: ip-185-184-10-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.denverpost.com
date: Mon, 25 Jan 2021 12:04:12 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST prebid
lockerdome.com/ladbid/ Frame 0688 0
0

POST bid
ap.lijit.com/rtb/ Frame 0688 0
0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 0688 0
118 B 1125ms
62ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/447660/hb_270443_140.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.denverpost.com
date: Mon, 25 Jan 2021 12:04:12 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H/1.1 200
OK / Show response
ghb.adtelligent.com/v2/auction/ Frame 0688 361 B
469 B 31ms
31ms XHR
application/json 2a0c:5c81:5052::2
24SHELLS

General

Check archive.org

Download Go to

Full URL: https://ghb.adtelligent.com/v2/auction/
Requested by: Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/447660/hb_270443_140.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5052::2 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: 2b73fa1e440eb874bc2ad5cc05d82e19b7ee59a353e8013c7ec37e2916bdd8a5

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 25 Jan 2021 12:04:11 GMT
Content-Encoding: gzip
Server: VertaMedia 1.0
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://www.denverpost.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Length: 176

POST
H/1.1 200
OK / Show response
ghb.ads.152media.com/v2/auction/ Frame 0688 235 B
513 B 65ms
65ms XHR
application/json 2a0c:5c81:5026:0:ae1f:6bff:fe5a:4696
24SHELLS

General

Check archive.org

Download Go to

Full URL: https://ghb.ads.152media.com/v2/auction/
Requested by: Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/447660/hb_270443_140.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5026:0:ae1f:6bff:fe5a:4696 , United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: cf6325a39372b1807ddab19a616181ec30db1eb8960ee8bf86d50cc92c1c60d8

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 25 Jan 2021 12:04:11 GMT
Content-Encoding: gzip
Server: VertaMedia 1.0
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://www.denverpost.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Length: 220

POST prebid
ib.adnxs.com/ut/v3/ Frame 0688 0
0

GET cygnus
htlb.casalemedia.com/ Frame 0688 0
0

POST
H2 200 v1 Show response
hb-api.omnitagjs.com/hb-api/prebid/ Frame 0688 374 B
449 B 1064ms
156ms XHR
application/json 185.255.84.151
IGUANE-

General

Check archive.org

Download Go to

Full URL

Requested by

Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/447660/hb_270443_140.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.151 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

bedd1d8dae422fb1a6366f3ab4f2f556bc61cba7171af40662ca80a710e14234

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 25 Jan 2021 12:04:13 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.denverpost.com
access-control-max-age: 3600
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 116
access-control-allow-headers: Accept-Encoding, Content-Type
content-length: 374
expires: 0

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 0688 264 B
746 B 56ms
55ms XHR
application/json 69.173.144.141
RUBICONPROJECT

General

Check archive.org

Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=829892&size_id=15&alt_size_ids=16%2C159&gdpr=1&gdpr_consent=CPAkwVaPAkwVaEXABBENA3CwAAAAAH_AAAYgGggBIAJEQABAIAAEAIAEAAAAQBAAAEAgAAAAAAAAAAAABAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAIAAAAAAgXmAAAAkQAAEAAAAAAAAQAAABAEAAAAAAAAAAAAAAAAAAECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAA.YAAAAAAAAAAA&rp_schain=1.0,1!spotim.market,sp_sXPv48AD,1,,,&rf=https%3A%2F%2Fwww.denverpost.com%2F2021%2F01%2F24%2Fcolorado-unemployment-insurance-fraud%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk&tk_flint=pbjs_lite_v4.15.0-pre&x_source.tid=b65aa4a9-e360-41e5-9f42-de2f264176dd&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.022836094125957107
Requested by: Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/447660/hb_270443_140.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: a933c89b2505034026bcb7ef5e61486c81fe28a4b1c55e893965e61d6a9cce1c

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 25 Jan 2021 12:04:12 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.denverpost.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 264
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 0688 264 B
746 B 112ms
53ms XHR
application/json 69.173.144.141
RUBICONPROJECT

General

Check archive.org

Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=163630&zone_id=785062&size_id=15&alt_size_ids=16%2C159&gdpr=1&gdpr_consent=CPAkwVaPAkwVaEXABBENA3CwAAAAAH_AAAYgGggBIAJEQABAIAAEAIAEAAAAQBAAAEAgAAAAAAAAAAAABAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAIAAAAAAgXmAAAAkQAAEAAAAAAAAQAAABAEAAAAAAAAAAAAAAAAAAECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAA.YAAAAAAAAAAA&rp_schain=1.0,1!spotim.market,sp_sXPv48AD,1,,,&rf=https%3A%2F%2Fwww.denverpost.com%2F2021%2F01%2F24%2Fcolorado-unemployment-insurance-fraud%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk&tk_flint=pbjs_lite_v4.15.0-pre&x_source.tid=b65aa4a9-e360-41e5-9f42-de2f264176dd&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.7983325910387513
Requested by: Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/447660/hb_270443_140.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: eee5613d4b9ac3edb6c2c077c33e5581ba17109038e562c907d0eb4b24f10e58

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 25 Jan 2021 12:04:12 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.denverpost.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 264
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 0688 265 B
747 B 156ms
43ms XHR
application/json 69.173.144.141
RUBICONPROJECT

General

Check archive.org

Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17184&site_id=322812&zone_id=1676640&size_id=15&alt_size_ids=16%2C159&gdpr=1&gdpr_consent=CPAkwVaPAkwVaEXABBENA3CwAAAAAH_AAAYgGggBIAJEQABAIAAEAIAEAAAAQBAAAEAgAAAAAAAAAAAABAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAIAAAAAAgXmAAAAkQAAEAAAAAAAAQAAABAEAAAAAAAAAAAAAAAAAAECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAA.YAAAAAAAAAAA&rp_schain=1.0,1!spotim.market,sp_sXPv48AD,1,,,&rf=https%3A%2F%2Fwww.denverpost.com%2F2021%2F01%2F24%2Fcolorado-unemployment-insurance-fraud%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk&tk_flint=pbjs_lite_v4.15.0-pre&x_source.tid=b65aa4a9-e360-41e5-9f42-de2f264176dd&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.4465908686774167
Requested by: Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/447660/hb_270443_140.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.141 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: 26392c221bad1bf32478ca20c7565489e32074875f7ed72615be36cb56222872

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 25 Jan 2021 12:04:12 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.denverpost.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Keep-Alive: timeout=5
Content-Length: 265
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST cdb
bidder.criteo.com/ Frame 0688 0
0

GET
H/1.1 200
OK i
www.i.matheranalytics.com/ 43 B
245 B 116ms
109ms Image
image/gif 54.198.41.31
AMAZON-AES

General

Check archive.org

Download Go to Show image

Full URL: https://www.i.matheranalytics.com/i?e=pv&page=Ramifications%20of%20unemployment%20insurance%20fraud%20run%20deep%20in%20Colorado&wrdcnt=3039&sec=Business&ptype=article&cms=WP&chrcnt=18803&auth=Noelle%20Phillips%7CJoe%20Rubino&artupt=1611508002&artpubt=1611493201&artid=4427044&tv=js-3.0.112&tna=Mather&aid=v1&p=web&tz=Europe%2FBerlin&tzoff=-60&lang=en-US&cs=UTF-8&navt=link&res=1600x1200&cd=24&cookie=1&f_jquery=1&tvltm=14&tvcfg=wp&tid=80dd4714-57bf-44b8-b334-13bbbf24bab2&pid=add01440-71e6-43d5-8107-29f4f47668bd&dtm=1611576249385&qnm=_matherq&visible=1&tabid=f215b869-0607-4f02-a786-9b1c0bbbd1cf&url=https%3A%2F%2Fwww.denverpost.com%2F2021%2F01%2F24%2Fcolorado-unemployment-insurance-fraud%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk&vp=1600x1200&ds=1600x11730&tofa=1611576249&vid=1&lvidt=1611576249&duid=5187fbf830471ddc&fp=606422418&cid=ma23578&mrk=239876503&cx=eyJwZXJmIjp7InN0YXJ0IjoiMTYxMTU3NjIzOTE0NCIsInJlZGlyQ250IjoiMCIsIm5hdlR5cGUiOiJsaW5rIiwiaGVhcFUiOiIzNi44NDQ1NjhtYiIsImhlYXBUIjoiNDkuNTA2NTI4bWIiLCJmc3RQYWludCI6IjI0NjQiLCJmZXRjaFMiOiIyMzQiLCJkb21haW5TIjoiMjQ3IiwiZG9tYWluRSI6IjI2MiIsImNvbm5TIjoiMjYyIiwiY29ubkUiOiIzNjEiLCJzc2xTIjoiMjkyIiwicmVxdVMiOiIzNjIiLCJyZXNwUyI6Ijc3MiIsInJlc3BFIjoiOTAzIiwiZG9tTG9hZCI6Ijc4NyIsImRvbUludGVyIjoiNTIxNyIsImRvbUxvYWRTIjoiNTMzOSIsImRvbUxvYWRFIjoiNTQ0MSJ9fQ
Requested by: Host: www.denverpost.com
URL: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.198.41.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-198-41-31.compute-1.amazonaws.com
Software: /
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 25 Jan 2021 12:04:12 GMT
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Content-Length: 43
Content-Type: image/gif

GET
H2 200 ijs_all_modules_cjs_min_ac816a7913cd82f0864893a97a5ce5c5.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 563 KB
137 KB 359ms
37ms Script
text/javascript 34.98.72.95
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/ijs_all_modules_cjs_min_ac816a7913cd82f0864893a97a5ce5c5.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.72.95 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 2e826d9af287405ebd0dfd43fbd58f3ee502970bb3590771dbef0440d216806b

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 16:02:10 GMT
content-encoding: gzip
age: 331322
x-guploader-uploadid: ABg5-Uy3SIQW1aQJx-TGhYvVQ4MS-ci8f8nTa5Q4IhI0tVRamkry8lI4KzQT_Zhn2Gxm1ESwCVYnbRcjA-VYKnYP_mAP-9LfwQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: clear
content-length: 140035
last-modified: Thu, 21 Jan 2021 16:02:02 GMT
server: UploadServer
etag: "41e802c5a3a97d00e636d83710a15d7a"
vary: Accept-Encoding
x-goog-hash: crc32c=oFNUdg==, md5=QegCxaOpfQDmNtg3EKFdeg==
x-goog-generation: 1611244922279980
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 140035
accept-ranges: bytes
content-type: text/javascript
expires: Fri, 21 Jan 2022 16:02:10 GMT

GET
H/1.1 200
OK i
www.i.matheranalytics.com/ 43 B
245 B 110ms
109ms Image
image/gif 54.198.41.31
AMAZON-AES

General

Check archive.org

Download Go to Show image

Full URL: https://www.i.matheranalytics.com/i?e=ue&ue_na=Ad%20Impression&ue_px=eyJlYWlkIjoiNDc4ODkyNDg2NSIsImVidXkiOiIyMzg1MDczNDI2IiwiZWFkdiI6IjQ2MTg4NDU3NzIiLCJlY2lkIjoiMTM4MzEzMzM1MTIyIiwiZWVudiI6ImoiLCJlcGlkIjoiNTM0NjEwOTQiLCJlc2lkIjoiNTM0NjA4NTQifQ&tv=js-3.0.112&tna=Mather&aid=v1&p=web&tz=Europe%2FBerlin&tzoff=-60&lang=en-US&cs=UTF-8&navt=link&res=1600x1200&cd=24&cookie=1&f_jquery=1&tvltm=14&tvcfg=wp&tid=16f19566-1d71-4f25-88ea-4914ebe35273&pid=add01440-71e6-43d5-8107-29f4f47668bd&dtm=1611576250075&qnm=_matherq&visible=1&tabid=f215b869-0607-4f02-a786-9b1c0bbbd1cf&url=https%3A%2F%2Fwww.denverpost.com%2F2021%2F01%2F24%2Fcolorado-unemployment-insurance-fraud%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk&vp=1600x1200&ds=1600x11867&tofa=1611576249&vid=1&lvidt=1611576249&duid=5187fbf830471ddc&fp=606422418&cid=ma23578&mrk=239876503
Requested by: Host: www.denverpost.com
URL: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.198.41.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-198-41-31.compute-1.amazonaws.com
Software: /
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 25 Jan 2021 12:04:12 GMT
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK / Show response
data.cdnbasket.net/ 57 B
406 B 312ms
126ms XHR
application/json 35.201.86.85
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://data.cdnbasket.net/
Requested by: Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.201.86.85 , Ascension Island, ASN15169 (GOOGLE, US),
Reverse DNS: 85.86.201.35.bc.googleusercontent.com
Software: /
Resource Hash: e725f24120d6f9c0523d6dbf68876df32ffb2e17d08334beacdaac05d39e2977

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 25 Jan 2021 12:04:13 GMT
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Timing-Allow-Origin: *
Access-Control-Allow-Headers: Origin, Content-Type, Accept
Expires: 0

GET
H/1.1 200
OK / Show response
page.cdnbasket.net/ 57 B
406 B 419ms
130ms XHR
application/json 130.211.19.253
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://page.cdnbasket.net/
Requested by: Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 130.211.19.253 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 0d4b6a8f3b8e470fd5830f143130d580ef5919d1b8761cbda43702038892ab9e

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 25 Jan 2021 12:04:13 GMT
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Timing-Allow-Origin: *
Access-Control-Allow-Headers: Origin, Content-Type, Accept
Expires: 0

GET
H/1.1 200
OK / Show response
view.cdnbasket.net/ 100 B
449 B 1420ms
130ms XHR
application/json 35.227.224.17
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://view.cdnbasket.net/
Requested by: Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.227.224.17 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 17.224.227.35.bc.googleusercontent.com
Software: /
Resource Hash: 7265ff1176257749a6a740d77ba4ef758f675b8e606636baf8c4a1321331aad6

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 25 Jan 2021 12:04:14 GMT
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Timing-Allow-Origin: *
Access-Control-Allow-Headers: Origin, Content-Type, Accept
Expires: 0

POST
H/1.1 204
No Content multitracking Show response
hb.spotim.market/adunit/ Frame 001A 0
209 B 104ms
103ms XHR
text/plain 23.227.137.155
24SHELLS

General

Check archive.org

Download Go to

Full URL: https://hb.spotim.market/adunit/multitracking
Requested by: Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/447660/wrapper_hb_270443_140.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 23.227.137.155 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www.denverpost.com
Date: Mon, 25 Jan 2021 12:04:12 GMT
Access-Control-Allow-Credentials: true
Server: VertaMedia 1.0
Connection: Keep-Alive

GET
H2 200 v2_270443_140.json Show response
player.spotim.market/prebidlink/2685960/ Frame 0688 130 KB
8 KB 133ms
43ms XHR
application/json 213.174.135.2
ADVANCEDHOSTERS-AS

General

Check archive.org

Download Go to

Full URL: https://player.spotim.market/prebidlink/2685960/v2_270443_140.json?cb=www.denverpost.com
Requested by: Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/447660/wrapper_hb_270443_140.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.174.135.2 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 6eb37b20488927e3fcce743122c1922e6a87a2c6aa3be6c2d5a35e4615bb39a0

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 12:04:13 GMT
content-encoding: gzip
last-modified: Mon, 25 Jan 2021 10:02:26 GMT
server: nginx
etag: W/"600e9732-206bf"
content-type: application/json
access-control-allow-origin: https://www.denverpost.com
expires: Mon, 25 Jan 2021 13:04:13 GMT
cache-control: max-age=3600
x-proxy-cache: HIT

GET
H2 200 v2_270443_140.json Show response
player.spotim.market/prebidlink/2685960/ Frame 001A 130 KB
8 KB 74ms
70ms XHR
application/json 213.174.135.2
ADVANCEDHOSTERS-AS

General

Check archive.org

Download Go to

Full URL: https://player.spotim.market/prebidlink/2685960/v2_270443_140.json?cb=www.denverpost.com
Requested by: Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/447660/wrapper_hb_270443_140.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.174.135.2 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 6eb37b20488927e3fcce743122c1922e6a87a2c6aa3be6c2d5a35e4615bb39a0

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 12:04:13 GMT
content-encoding: gzip
last-modified: Mon, 25 Jan 2021 10:02:26 GMT
server: nginx
etag: W/"600e9732-206bf"
content-type: application/json
access-control-allow-origin: https://www.denverpost.com
expires: Mon, 25 Jan 2021 13:04:13 GMT
cache-control: max-age=3600
x-proxy-cache: HIT

POST
H/1.1 204
No Content multitracking Show response
hb.spotim.market/adunit/ Frame 0688 0
209 B 111ms
111ms XHR
text/plain 23.227.137.155
24SHELLS

General

Check archive.org

Download Go to

Full URL: https://hb.spotim.market/adunit/multitracking
Requested by: Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/447660/wrapper_hb_270443_140.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 23.227.137.155 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www.denverpost.com
Date: Mon, 25 Jan 2021 12:04:12 GMT
Access-Control-Allow-Credentials: true
Server: VertaMedia 1.0
Connection: Keep-Alive

POST
H2 200 pixels
pix.spot.im/api/v1/ 0
0 236ms
147ms Other
application/json 72.247.178.33
AKAMAI-ASN1

General

Check archive.org

Download Go to

Full URL: https://pix.spot.im/api/v1/pixels
Requested by: Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_sXPv48AD
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.178.33 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H/1.1 200
OK 5450
cs.choozle.com/dp/chz/ 35 B
123 B 491ms
109ms Image
image/gif 52.203.214.114
AMAZON-AES

General

Check archive.org

Download Go to Show image

Full URL: https://cs.choozle.com/dp/chz/5450?d=www.denverpost.com&cb=376144806
Requested by: Host: www.denverpost.com
URL: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.203.214.114 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Connection: keep-alive
Content-Length: 35
Content-Type: image/gif

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 001A 81 KB
26 KB 44ms
20ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/447660/hb_270443_140.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 2616735e4a72622e770658b4837cb2d6258456c3358f8ebec83b1fd88ed93ada

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 12:04:14 GMT
content-encoding: gzip
last-modified: Thu, 07 Jan 2021 11:16:36 GMT
server: nginx
etag: W/"5ff6ed94-14284"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Tue, 26 Jan 2021 12:04:14 GMT

GET
H3-Q050 200 ads Show response
pagead2.googlesyndication.com/gampad/ Frame 001A 29 KB
11 KB 129ms
129ms XHR
text/plain 172.217.22.98
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?gdfp_req=1&pvsid=1891021212085103&correlator=646297813885419&output=ldjh&impl=fifs&eid=21068602%2C21068773%2C21069828%2C21069868&vrg=2021012001&ptt=17&gdpr_consent=CPAkwVtPAkwVtEXABBENA3CwAAAAAH_AAAYgGggBIAJEQABAIAAEAIAEAAAAQBAAAEAgAAAAAAAAAAAABAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAIAAAAAAgXmAAAAkQAAEAAAAAAAAQAAABAEAAAAAAAAAAAAAAAAAAECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAA.YAAAAAAAAAAA&gdpr=1&us_privacy=1---&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20210125&iu_parts=39694909%2CReactions%2CReact-DenverPost&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C336x280%7C320x250&prev_scp=reactionsSpotId%3Dsp_sXPv48AD%26source_version%3Dv15.13.0%26topSpotId%3Dsp_sXPv48AD%26source%3Dreactions%26pageViewId%3D3b9b316f-5e6b-4209-839f-60aba3af416f%26isStandaloneAdUnit%3Dtrue%26excl_cat%3DPREPOST&eri=5&cdm=www.denverpost.com&bc=31&abxe=1&dt=1611576254078&dlt=1611576245905&idt=6014&ea=0&frm=23&biw=1600&bih=1200&isw=336&ish=280&oid=3&adxs=160&adys=10076&adks=4013319095&ucis=t9jkg9yq199x&ifi=1&ifk=1052431319&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=www.denverpost.com&loc=https%3A%2F%2Fwww.denverpost.com%2F2021%2F01%2F24%2Fcolorado-unemployment-insurance-fraud%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk&top=www.denverpost.com&vis=1&dmc=8&scr_x=0&scr_y=0&psz=336x280&msz=336x250&ga_vid=1096790884.1611576254&ga_sid=1611576254&ga_hid=4122384&fws=260&ohw=336&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021012001.js?21069868

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.22.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s18-in-f98.1e100.net

Software

cafe /

Resource Hash

19fc82a8534ba02abc18bebd99ffabf7684d931a3d87198ef0c0ddadc684b587

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 12:04:14 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 10699
x-xss-protection: 0
google-lineitem-id: 5405547493
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138315067715
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.denverpost.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
ff8cb082fb3e0ae250f80b898f6fae3d.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 001A 0
0 50ms
14ms Other
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://ff8cb082fb3e0ae250f80b898f6fae3d.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021012001.js?21069868
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 001A 0
0 28ms
6ms Other
text/html 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021012001.js?21069868
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H/1.1

200
OK

iframe
d1eoo1tco6rr5e.cloudfront.net/ighse75/rz1s9i5/ Frame 4DE6
Redirect Chain

https://insight.adsrvr.org/tags/ighse75/rz1s9i5/iframe
https://d1eoo1tco6rr5e.cloudfront.net/ighse75/rz1s9i5/iframe

0
0

198ms
65ms

Document
text/html

54.192.232.170
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://d1eoo1tco6rr5e.cloudfront.net/ighse75/rz1s9i5/iframe
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 54.192.232.170 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

Host: d1eoo1tco6rr5e.cloudfront.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk

Response headers

Content-Type: text/html
Content-Length: 133
Connection: keep-alive
Last-Modified: Thu, 27 Oct 2016 21:55:01 GMT
Accept-Ranges: bytes
Server: AmazonS3
Date: Mon, 25 Jan 2021 01:39:17 GMT
ETag: "d51601446745c7954e13cffdaadeac4d"
Cache-Control: max-age=86400
X-Cache: Hit from cloudfront
Via: 1.1 fd2233138aed760b9a691989eb6a3d9c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OTP50-C1
X-Amz-Cf-Id: hhEz3DbqN3MJmfiYJw6KwvRtDP3dVL7sUewDqyXHF9Yo_CIeUwD67g==
Age: 37501

Redirect headers

date: Mon, 25 Jan 2021 12:04:17 GMT
content-type: text/html; charset=UTF-8
content-length: 183
location: https://d1eoo1tco6rr5e.cloudfront.net/ighse75/rz1s9i5/iframe
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H3-Q050 200 ads Show response
pagead2.googlesyndication.com/gampad/ Frame 0688 29 KB
10 KB 299ms
299ms XHR
text/plain 172.217.22.98
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?gdfp_req=1&pvsid=3171909878396157&correlator=112211991635055&output=ldjh&impl=fifs&eid=21068773%2C21069822%2C21069858%2C44734255&vrg=2021011301&ptt=17&gdpr_consent=CPAkwVuPAkwVuEXABBENA3CwAAAAAH_AAAYgGggBIAJEQABAIAAEAIAEAAAAQBAAAEAgAAAAAAAAAAAABAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAIAAAAAAgXmAAAAkQAAEAAAAAAAAQAAABAEAAAAAAAAAAAAAAAAAAECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAA.YAAAAAAAAAAA&gdpr=1&us_privacy=1---&guci=1.2.0.0.2.2.0.0&sc=1&sfv=1-0-37&ecs=20210125&iu_parts=39694909%2CHB%2CDenverpost_HB&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C336x280%7C320x250&prev_scp=pitcSpotId%3Dsp_sXPv48AD%26source_version%3Dv15.13.0%26topSpotId%3Dsp_sXPv48AD%26source%3Dpitc%26pageViewId%3D3b9b316f-5e6b-4209-839f-60aba3af416f%26isStandaloneAdUnit%3Dtrue%26excl_cat%3DPREPOST&eri=5&cdm=www.denverpost.com&bc=31&abxe=1&dt=1611576254241&dlt=1611576246098&idt=5856&ea=0&frm=23&biw=1600&bih=1200&isw=336&ish=280&oid=3&adxs=282&adys=9165&adks=3128375877&ucis=ozclillgzifi&ifi=1&ifk=1052431319&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=www.denverpost.com&loc=https%3A%2F%2Fwww.denverpost.com%2F2021%2F01%2F24%2Fcolorado-unemployment-insurance-fraud%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk&top=www.denverpost.com&vis=1&dmc=8&scr_x=0&scr_y=0&psz=336x280&msz=336x250&ga_vid=383548106.1611576254&ga_sid=1611576254&ga_hid=993144745&fws=260&ohw=336&tt_state=W3siaXNzdWVyT3JpZ2luIjoiaHR0cHM6Ly9hZHNlcnZpY2UuZ29vZ2xlLmNvbSIsInN0YXRlIjowfSx7Imlzc3Vlck9yaWdpbiI6Imh0dHBzOi8vYXR0ZXN0YXRpb24uYW5kcm9pZC5jb20iLCJzdGF0ZSI6MH1d

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021011301.js?21069858

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.22.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s18-in-f98.1e100.net

Software

cafe /

Resource Hash

e7f029ecf0a7e7531e5275c903bfdff12dc144ee767aea3603965d9cbbc98b33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 12:04:14 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 10597
x-xss-protection: 0
google-lineitem-id: 5405521804
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138315064394
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.denverpost.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
cdc58d79a088552000be8f8c42c7127e.safeframe.googlesyndication.com/safeframe/1-0-37/html/ Frame 0688 0
0 51ms
14ms Other
text/html 2a00:1450:4001:815::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://cdc58d79a088552000be8f8c42c7127e.safeframe.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021011301.js?21069858
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:815::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H3-Q050 200 container.html
tpc.googlesyndication.com/safeframe/1-0-37/html/ Frame 0688 0
0 7ms
6ms Other
text/html 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-37/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021011301.js?21069858
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 0688 81 KB
26 KB 17ms
17ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/447660/hb_270443_140.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 2616735e4a72622e770658b4837cb2d6258456c3358f8ebec83b1fd88ed93ada

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 12:04:14 GMT
content-encoding: gzip
last-modified: Thu, 07 Jan 2021 11:16:36 GMT
server: nginx
etag: W/"5ff6ed94-14284"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Tue, 26 Jan 2021 12:04:14 GMT

GET
H2 200 c Show response
ids.cdnwidget.com/ 31 B
170 B 1464ms
133ms XHR
application/json 130.211.47.17
GOOGLE

General

Check archive.org

Download Go to

Full URL: https://ids.cdnwidget.com/c?cookieID=&deviceID=&iv=&v=&GCH1=223f8affd95bcc9244199f9da1755d03&SCH1=&GCS1=228181196&GCS2=OGEwMzQ5YmQtOTc2MS00OWY4LWEzNDMtMzY1Y2ZlZjJhNjJiLmxvY2FsLDJiNTYzODhiLWRkM2YtNGQ5My04MDFlLWUyZmNhNzQzZGJhMS5sb2NhbA==&pe=false&wsid=3994&log=%7B%22config%22%3A%7B%22gmEN%22%3Afalse%2C%22pixEN%22%3Afalse%7D%2C%22apikey%22%3A%222%5EHIykD%22%2C%22cjsversion%22%3A%221.5.9%22%2C%22wsid%22%3A3994%2C%22loadID%22%3A%228r2T86AfnbfKWbT%22%2C%22timing%22%3A%7B%22sessionStorageLoad%22%3A14%2C%22IDStageStart%22%3A14%2C%22netComplete%22%3A154%2C%22obsReqdata%22%3A335%2C%22obsReqpage%22%3A438%2C%22obsReqview%22%3A1442%2C%22IDStagePrefire%22%3A1442%7D%2C%22matches%22%3A%7B%22cookie%22%3Afalse%2C%22LS%22%3Afalse%7D%2C%22info%22%3A%7B%22isSpoofed%22%3Atrue%2C%22PM%22%3Afalse%2C%22DNT%22%3Afalse%2C%22deviceTimezone%22%3A1%2C%22extensionID%22%3Anull%2C%22externalID%22%3Anull%2C%22agent%22%3A%7B%22device%22%3Anull%7D%2C%22firstLoad%22%3Atrue%7D%7D
Requested by: Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.47.17 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 17.47.211.130.bc.googleusercontent.com
Software: /
Resource Hash: 6627c5ab36fa407f18fc9b6987e359eccef005ae6d35b370d2142b7daa770324

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: https://www.denverpost.com
date: Mon, 25 Jan 2021 12:04:15 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: clear
content-type: application/json

GET
H3-Q050 200 view
pagead2.googlesyndication.com/pcs/ Frame 5F40 0
0 164ms
163ms Fetch
image/gif 172.217.22.98
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjss68FqduXazOrzwjpsWw52giJDSGbRsoZV2H8J1iutwPhVMvd-u8pp5j2KDbwmGgH9v_VGD5JfaizPL8WlIP0ywlTWHEOBY3PtzFNh6EcFd9Wa8BqMllxadLwc5OZk0JNSRECoKWsankMACdFqdokFjXw63okjOuOhKBHsO_kR2pAFqOjvcceZSc5r2yEdLJEgglUreaF_uN7mOFmTdnU5yEg0AVgv8VvvU-00pWUEhFQ7jcG7bsD9SjQUBzx6fttNqYkgg6FiENrsuUHbpIHJgdrslgrs1AquqJXrNtte3r17Vn7W6EjdXc56YHFV4ZOK2&sig=Cg0ArKJSzON2v4YEo5R0EAE&adurl=

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.22.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s18-in-f98.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 25 Jan 2021 12:04:14 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 abg_lite_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210120/r20110914/ Frame 5F40 18 KB
7 KB 64ms
62ms Script
text/javascript 172.217.22.98
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210120/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021012001.js?21069868

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.22.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s18-in-f98.1e100.net

Software

cafe /

Resource Hash

369a0a9bee9bcd21bd53660799900a66ebbd0a279919b0e2028440d4be7ee64f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 10:34:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5396
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 7335
x-xss-protection: 0
server: cafe
etag: 3078594226291102177
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Feb 2021 10:34:18 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210120/r20110914/client/ Frame 5F40 3 KB
2 KB 160ms
158ms Script
text/javascript 172.217.22.98
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210120/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021012001.js?21069868

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.22.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s18-in-f98.1e100.net

Software

cafe /

Resource Hash

76dabcd9465d05cf69f06551b55987cf87b3e0aaa6de109158207c4be55143c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 24 Jan 2021 15:55:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 72537
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1533
x-xss-protection: 0
server: cafe
etag: 15947938921440589920
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 Feb 2021 15:55:17 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5F40 107 KB
33 KB 35ms
15ms Script
text/javascript 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021012001.js?21069868

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2db0db0492984419389e4bfeca236bbbe527cd3ffcd626fab71d156a3b8a3bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 12:04:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611319194490518"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 33685
x-xss-protection: 0
expires: Mon, 25 Jan 2021 12:04:14 GMT

GET
H3-Q050 200 3401363011969375890
tpc.googlesyndication.com/simgad/ Frame 5F40 23 KB
23 KB 8ms
6ms Image
image/jpeg 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3401363011969375890

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021012001.js?21069868

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f000df796debd07faa29d809c48dee602de4144bec3dc1384e58da1ab5ac21cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 21 Jan 2021 15:52:54 GMT
x-content-type-options: nosniff
age: 331880
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23394
x-xss-protection: 0
last-modified: Wed, 24 Jun 2020 07:11:18 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 21 Jan 2022 15:52:54 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 001A 74 KB
28 KB 39ms
22ms Script
text/javascript 2a00:1450:4001:821::2002
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021012001.js?21069868

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b1187995a6a31ed3a06d13bae8d36edcc63782f5764897a5a62703d2d6cb840c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 12:04:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611319200633513"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28803
x-xss-protection: 0
expires: Mon, 25 Jan 2021 12:04:14 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 001A 9 KB
7 KB 166ms
166ms XHR
application/json 172.217.22.98
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021012001&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021012001.js?21069868

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.22.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s18-in-f98.1e100.net

Software

cafe /

Resource Hash

68c886e13e3f8d1632a3bd2a0572d66f8a69cea1df3fa277ca6504950afe7a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 25 Jan 2021 12:04:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6762
x-xss-protection: 0

GET
H3-Q050 200 view
pagead2.googlesyndication.com/pcs/ Frame C1C7 0
0 146ms
145ms Fetch
image/gif 172.217.22.98
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjssGbvk-O10kR_a8SKDPNCDgUj2GZNokoCb5QAis8NUoHkYE61DIjqcG6LpGq3lp-akRVVv_WEbHAud_kcLFb2MyVEZnfkBOv8-CeOr_a7zB_HRi8rXQEYoI3NcYEONep7UYcP-SKw7HMPIiYPE-NB7TW8ngWx5wZ0HKC7_s-J0LhfKkRyhViBy3d5TfF2E7Vb9hrZdAHQx5MSIF3MgaAPWsQ83GjKlQtlwHNqEnQQHF-07AFCr_guVLvCmPZkAGoqUzwjJHhH_0aAdWG1LIFDK75QSUSEEbmLf7vMzcFt5LnfuZLpq6HiU&sig=Cg0ArKJSzFt328gQVNoOEAE&adurl=

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.22.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s18-in-f98.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 25 Jan 2021 12:04:14 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 abg_lite_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210120/r20110914/ Frame C1C7 18 KB
7 KB 127ms
126ms Script
text/javascript 172.217.22.98
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210120/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021011301.js?21069858

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.22.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s18-in-f98.1e100.net

Software

cafe /

Resource Hash

369a0a9bee9bcd21bd53660799900a66ebbd0a279919b0e2028440d4be7ee64f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 10:34:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5396
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 7335
x-xss-protection: 0
server: cafe
etag: 3078594226291102177
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 08 Feb 2021 10:34:18 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210120/r20110914/client/ Frame C1C7 3 KB
2 KB 137ms
136ms Script
text/javascript 172.217.22.98
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210120/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021011301.js?21069858

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.22.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s18-in-f98.1e100.net

Software

cafe /

Resource Hash

76dabcd9465d05cf69f06551b55987cf87b3e0aaa6de109158207c4be55143c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 24 Jan 2021 15:55:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 72537
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1533
x-xss-protection: 0
server: cafe
etag: 15947938921440589920
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 07 Feb 2021 15:55:17 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C1C7 107 KB
33 KB 138ms
137ms Script
text/javascript 172.217.22.98
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021011301.js?21069858

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.22.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s18-in-f98.1e100.net

Software

sffe /

Resource Hash

e2db0db0492984419389e4bfeca236bbbe527cd3ffcd626fab71d156a3b8a3bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 12:04:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611319194490518"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 33685
x-xss-protection: 0
expires: Mon, 25 Jan 2021 12:04:14 GMT

GET
H3-Q050 200 7226617833071096052
tpc.googlesyndication.com/simgad/ Frame C1C7 29 KB
29 KB 10ms
9ms Image
image/jpeg 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7226617833071096052

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021011301.js?21069858

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a983ad51efe8436d7838208f6bf22878e7b271ead555e87136ddf76ff917db61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 23 Jan 2021 13:52:21 GMT
x-content-type-options: nosniff
age: 166313
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29977
x-xss-protection: 0
last-modified: Wed, 24 Jun 2020 06:12:06 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 23 Jan 2022 13:52:21 GMT

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0688 74 KB
28 KB 134ms
129ms Script
text/javascript 172.217.22.98
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021011301.js?21069858

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.22.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s18-in-f98.1e100.net

Software

sffe /

Resource Hash

b1187995a6a31ed3a06d13bae8d36edcc63782f5764897a5a62703d2d6cb840c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 12:04:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611319200633513"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 28803
x-xss-protection: 0
expires: Mon, 25 Jan 2021 12:04:14 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 0688 9 KB
7 KB 280ms
270ms XHR
application/json 172.217.22.98
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021011301&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021011301.js?21069858

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.22.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s18-in-f98.1e100.net

Software

cafe /

Resource Hash

24b34b67bb853b15a2acceb1a8aa3f8f9553e001ef20b04c0a7815628301c8e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 25 Jan 2021 12:04:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 6859
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 5F40 210 B
0 Image
image/png

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 57ba136d3f6f87905ed03272ab2ef977c6fa7f09332a48d54b33a0709ba5171c

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 view
pagead2.googlesyndication.com/pcs/ Frame 5F40 0
0 183ms
182ms Fetch
image/gif 172.217.22.98
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjsvBXnE_0vXOFyGrxoZ73r1pW9dTVTWZtfvQDIxUHmfSbRFBazZeK3jg_wgYljKSADjqzR0frtKguRAa-Poc3-nrrn7qiqKvkbI1gxpwBxPgFw6CjzyMjWL_DwkktHXy7xtxKxhJ5WVJ9jjBm624Xtd-ABfQu3ywsAphoTpjCWUZoQ2HzmGvHLmAz0N8VlYUk2HafynFnwRzdHX3IdJi7LQWs8FZANPZnlzNPTFEDp5wmwh5fWQ5fvE55ibUhZoHsNA5IJBQiTpYezwHcfZzsbhXODsbIs3_HMIEzHr0jhOYbSxSKK6EhSavasm3P-7TP1GPepc&sig=Cg0ArKJSzNS0pN7PIc1lEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.22.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s18-in-f98.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 25 Jan 2021 12:04:14 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 001A 16 KB
6 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021012001.js?21069868

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

baf04ff369a96d4bb7228e99a65163de20845bf23826295dd3471afd3cee9ee5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 12:04:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607463675096825"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6146
x-xss-protection: 0
expires: Mon, 25 Jan 2021 12:04:14 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/220/ Frame 1803 0
0 7ms
6ms Document
text/html 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/220/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/220/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4868
date: Mon, 25 Jan 2021 10:23:53 GMT
expires: Tue, 25 Jan 2022 10:23:53 GMT
last-modified: Tue, 27 Oct 2020 18:37:37 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 6021
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame C1C7 212 B
0 Image
image/png

General

Check archive.org

Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1b01a53dd60eba9316f309089d0f7d769ce79e9b35856dd5588bc2c04d39ac45

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 view
pagead2.googlesyndication.com/pcs/ Frame C1C7 0
0 117ms
103ms Fetch
image/gif 172.217.22.98
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/view?xai=AKAOjstoUZX5K75Z7kROYrjAw7ukAnk19bEqaFOF_t8P6_ambJEZkEvZAmxLQL8qRCMsHFmaI1sOaEtErbRLjVFh_mRx0i99kL1e5cFx5PDhYFrVyrSGcpEsHSVPtLa5wGF5_tR7lXRrxT-UlPTZcWozcGp-F2Ld9RUcm1PbxokziZu-ZdJ9JWWWO1rgBj804Q2j5D4xQhLclKkSSrdg-e6bSg0570aM4pQEHUWw-jqQ8BlRgx0qdG-rEreo6jI0xBfSaJstoAIqdXOHeSgCbQqni_U3nzDjEtDkm7VAbwO3C4_BunZFhUjvNQYodA&sig=Cg0ArKJSzI-hzMSb5_kYEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.22.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s18-in-f98.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 25 Jan 2021 12:04:14 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

POST
H/1.1 204
No Content multitracking Show response
hb.spotim.market/adunit/ Frame 001A 0
209 B 124ms
123ms XHR
text/plain 23.227.137.155
24SHELLS

General

Check archive.org

Download Go to

Full URL: https://hb.spotim.market/adunit/multitracking
Requested by: Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/447660/wrapper_hb_270443_140.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 23.227.137.155 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www.denverpost.com
Date: Mon, 25 Jan 2021 12:04:14 GMT
Access-Control-Allow-Credentials: true
Server: VertaMedia 1.0
Connection: Keep-Alive

POST
H/1.1 204
No Content multitracking Show response
hb.spotim.market/adunit/ Frame 0688 0
209 B 104ms
104ms XHR
text/plain 23.227.137.155
24SHELLS

General

Check archive.org

Download Go to

Full URL: https://hb.spotim.market/adunit/multitracking
Requested by: Host: player.spotim.market
URL: https://player.spotim.market/prebidlink/447660/wrapper_hb_270443_140.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 23.227.137.155 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www.denverpost.com
Date: Mon, 25 Jan 2021 12:04:14 GMT
Access-Control-Allow-Credentials: true
Server: VertaMedia 1.0
Connection: Keep-Alive

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 0688 16 KB
6 KB 19ms
13ms Script
text/javascript 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021011301.js?21069858

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

baf04ff369a96d4bb7228e99a65163de20845bf23826295dd3471afd3cee9ee5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 12:04:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1607463675096825"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6146
x-xss-protection: 0
expires: Mon, 25 Jan 2021 12:04:15 GMT

GET
H2 200 self Show response
api-mg2.db-ip.com/v2/p14891b727f063924f0d86d8a8e5063678abd2ac/ 617 B
906 B 598ms
241ms Fetch
application/json 104.26.4.15
CLOUDFLARENET

General

Check archive.org

Download Go to

Full URL: https://api-mg2.db-ip.com/v2/p14891b727f063924f0d86d8a8e5063678abd2ac/self?_=1611576255380
Requested by: Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VW01XH7WBQ9cW5WHp4_89tSl8VcSh174mdXw-N2XT74t2-Hw7V1-WJV7CgLCjN2Ms-CnZQXNlW2slSdz51VgD_W8Jc4Ff6bQkfsW35hnmj3T_fq5V20KSQ81CX7FN6fls5N8CGXlW1Hghcm2TgqxTW8VcP022rm4m1W7R6rWN91lylNVlQhX85kDTbCVdDYzs61hpj3W2HvRTT8NLGC3Vch7_K7W7PNCW1nnGLH3tXfP-W8rYwwf43Rzy4W3x52b-7rprh6W2d839F1d9Tz8W3BVLq05H9RWKW7GyS5d7wm_mMW3ryMff5DPGS5W5QGzTT7gGkK4N7-Z3-ygRXn6W7r7bpv5BLQLnW3LgvwV4nx9Lz346T1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.4.15 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 135383ee0ad73c83af4c9196fd280c542c764ccf6ce383218e657c11a431eb49

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 12:04:15 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qw36ZwHJvr4chhedO7liA8uh3kQbKTS1SowoKZiczYAPdoXWY3U0cjJMkpdIs0pvudryxkHuFBvEXuSXt7QTcfDZMsScXv6Ijl8vK2KZS5at8g%3D%3D"}],"max_age":604800}
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=1800
cf-ray: 6171db0e7c18ee58-CDG
cf-request-id: 07db073d0b0000ee5811a19000000001

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 001A 0
61 B 481ms
481ms Image
image/gif 172.217.22.98
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=220&t=2&li=gpt_2021012001&jk=1891021212085103&bg=!Dg2lDU7NAAVwd1e1cDsAKQB2-DxaMg8cKdWcPl2SURoMAkMOMmpyulQhxUpFUEu6aj-Maocd63-PAgAAAOhSAAAAF2gBBwoAo8ObHrqESi6MVEOoEpWedEs7gKJ0vJKE31UI3h2MZKgkdFffEYt6Z3YNXVj7ZDdyNJycUxOVnjLry6rO7wZsSQCpVvR9sQ6Fei0ExmAyhFjzKEbI3ZRWeNC1OJ6b2gGAVsuTLbDnxlkZNgggYYVyoi5N4iAGkBdaaH14ME6PJ2hu5BYpEHhdgeKDpnNU7fmthsFxKU1bOrPNXQ0O93R6lODawdGZAfb728q0b8flBiogR0GCHg8AGmaR7bU3BzTIVueoyPYnpkAkGZkPU1TjxfNSA2_q1Z82uKj7Ysm59swNpr7rgztwgrD0Ejt_1vZ31r4i8BqgjCxhFFRGoGAoRKcTzn4s0Jg6rRbF0FE5ck2nXmsxwmPH5Uvbb-xsoGWD_CGWdWNyLmMZs7eyLVADMSDv41Bk1NNeD1zJaWKdGkmCHkT7HH4TNYkLqSbzFiC56B_08os1F7wxUM9NrtccRSVESnBU45S_9rEbU15wgpIr6UisHqMtpEupYyzkXQ6sXM0401Pb784blXKEJTUWn1oyKEZ3o-rclr0dSuUjr0DCWcq-bLsOvVn3xrcbfuBtJPOPOgUEfzEflfqn4kSdHejDhTchE6yJ7JgcN5kKKOmLwvex9dml1eu_jVRaVVbsrq8FC_cEeJcl3wlfKBYbzK_2QHnn6-0ENS4-lGaBlmB1gTEm-CjX37NTkeD6DbTLg9MLkuo_dfyYhOSJA-NIzJ3mbkEIeO2e0zoKzFwl94ETWsVErsGbKOSBK1TKxaReZe9gYXbaiTNkan-mWbQ20QP7juo8wNY7EjjeNgyqUNI8nKB6COP42buATeFxaXnDaWjTj7jVTVSQAJDJ2jRfHFEuRz3j5DOqTiEbJO1FyE9JoruhLz9Bp66-2yLf

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.22.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s18-in-f98.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Jan 2021 12:04:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 runner.html
tpc.googlesyndication.com/sodar/sodar2/220/ Frame 9197 0
0 10ms
9ms Document
text/html 2a00:1450:4001:814::2001
GOOGLE

General

Check archive.org

Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/220/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/220/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4868
date: Mon, 25 Jan 2021 10:23:53 GMT
expires: Tue, 25 Jan 2022 10:23:53 GMT
last-modified: Tue, 27 Oct 2020 18:37:37 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 6022
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H/1.1 200
OK metric
metrics-logger.spot.im/ 0
0 701ms
101ms Fetch 52.0.218.6
AMAZON-AES

General

Check archive.org

Download Go to

Full URL: https://metrics-logger.spot.im/metric
Requested by: Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_sXPv48AD
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.0.218.6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: fasthttp /
Resource Hash

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Mon, 25 Jan 2021 12:04:15 GMT
Server: fasthttp
Access-Control-Max-Age: 86400000
Access-Control-Allow-Methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
Access-Control-Allow-Origin: https://www.denverpost.com
Access-Control-Expose-Headers: x-spotim-token, x-spotim-networkid, x-access-token, x-spotim-device-v2
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type,x-user-token,x-spot-id,x-post-id,x-access-token,x-spotim-page-view-id,x-spotim-device-v2
Content-Length: 0

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0688 0
23 B 292ms
291ms Image
image/gif 172.217.22.98
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=220&t=2&li=gpt_2021011301&jk=3171909878396157&bg=!PD-lP3zNAAVwd1e1cDsAKQB2-DxaKdQAVlks7GZGKsHWGJ6pwpWxDG1ciUcobeQiohIAgdZ8-KLIAgAAAJFSAAAADmgBBwoAbIOeSmW6u8RuANQpFMzwJOeuYfc9TisMTo6PnY24U6TYOYbV3G-3agzadancR27Eh6xX2v6Xu4TU0mSUXFtmqp223oS3jBOxo3wGcVSlfmA_n55_yY573SH9pOvKnJkyB2dsDj8fiXk6vrpKxZkB-rM3Pffo7e43fOb_QxnnWVmE8m8g7jZPoAxKrHZiUohJJaB6TH_HWio7aF-odVs84-4fMFFDm8d2cVYyqZXe_ZXNPRUGoUde2NkW8dIsoEaGq7fhw3SQQIBJz-BIm4zkb_CI_ZbZR8cbh_KzQkAYYbFdDdNCYeiqF8Qn2UIF_DQ7-m5WI5C1nAlxA8iyz2G8qz3HRcRd1BK6s6Mn8wwpkS0-s-n9NLJFKx3URpkgGuNwqN0TQNDVy94mYj9B4fHPrAPPqxtzRaegl2FK9BprVBVZ2LKGlLpGjV5SaFqqkFrzoXCVB7Ak0HzpijJs8jlbNSfh7uikymEC9bQY_QmGmQ7XLyiPijPD7ha-CEv0oh065yHs87wUitbKWYHlP-l8vt_wtOVyjx_QxKrd4p3el0nDufJfgzus0vcBysTi7Oz7EuVEvByaIzqxl9QUy5k_QGan7_7oxwibVF0Kn_SfkxHm6-Ib6c6bmTyPvQuN-gq5qG4W-fx6D8IACz_nlFY5eNvfrjno1_GEiWxkgrT91hZ9guqEsX7SDwLyUbCKKpazqGCgTPoc5Whzs4QWJ1lMhRLYKi7HG47esf3UYO00YIB1vuIvLU4yHqg64dFfe0n_v60hiSG2TfdmHbvMikglyVC6EhY7_nkyWYXqfQJtjB-Mn0c55X29Dd2O

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

172.217.22.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s18-in-f98.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Jan 2021 12:04:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 cjs-logger
e.cdnwidget.com/ 0
68 B 477ms
122ms Image
image/png 34.107.221.36
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL: https://e.cdnwidget.com/cjs-logger?source=ID%20generation%20error&severity=Warning&error=Country%2520not%2520allowed&cookieID=&deviceID=&BXWID=3994&warpspeed=2%5EHIykD&loadID=8r2T86AfnbfKWbT&version=1.5.9
Requested by: Host: www.denverpost.com
URL: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.221.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 36.221.107.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 12:04:16 GMT
via: 1.1 google
alt-svc: clear
content-type: image/png

GET
H2 200 vendors~Auth0UniversalLoginAuthSystem.js Show response
cdn.ayc0zsm69431gfebd.xyz/prod/dfm/ 143 KB
42 KB 66ms
19ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Download Go to

Full URL: https://cdn.ayc0zsm69431gfebd.xyz/prod/dfm/vendors~Auth0UniversalLoginAuthSystem.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FC7) /
Resource Hash: 7936d1418d32945c9bed70884d751c790d2f73163d91c94ca0381837bacb2009

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 25 Jan 2021 12:04:16 GMT
content-encoding: gzip
content-md5: nVyxnVaDeiwLhNGk9ucSyA==
age: 42023
x-cache: HIT
content-length: 43200
x-ms-lease-status: unlocked
last-modified: Wed, 18 Nov 2020 10:43:07 GMT
server: ECAcc (frc/8FC7)
etag: 0x8D88BAEBC7CB48B
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: d31fe637-f01e-00d9-4cb0-f28053000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=43200
x-ms-version: 2009-09-19

GET
H2 200 Auth0UniversalLoginAuthSystem.js Show response
cdn.ayc0zsm69431gfebd.xyz/prod/dfm/ 10 KB
3 KB 54ms
31ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Download Go to

Full URL: https://cdn.ayc0zsm69431gfebd.xyz/prod/dfm/Auth0UniversalLoginAuthSystem.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F80) /
Resource Hash: b4c142fe4847fcb3771d185abeca6a24145dc26e2185b02d8b7288ba505abc82

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 25 Jan 2021 12:04:16 GMT
content-encoding: gzip
content-md5: Z/EW4WiO3W99UJHEuqU3Bw==
age: 42044
x-cache: HIT
content-length: 2916
x-ms-lease-status: unlocked
last-modified: Wed, 18 Nov 2020 10:43:05 GMT
server: ECAcc (frc/8F80)
etag: 0x8D88BAEBB1CD07C
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 3d281eef-a01e-00e3-10b0-f2c3f0000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=43200
x-ms-version: 2009-09-19

GET
H2 200 Auth0AuthSystem.js Show response
cdn.ayc0zsm69431gfebd.xyz/prod/dfm/ 6 KB
2 KB 52ms
29ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Download Go to

Full URL: https://cdn.ayc0zsm69431gfebd.xyz/prod/dfm/Auth0AuthSystem.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8E9E) /
Resource Hash: 431fbcbabd6e10d62d7803e60b0111ae8fa99047f3c7ff12593da2a157f6f652

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 25 Jan 2021 12:04:16 GMT
content-encoding: gzip
content-md5: qiDXrhKfxZbxh1aPZML5Lg==
age: 41872
x-cache: HIT
content-length: 1985
x-ms-lease-status: unlocked
last-modified: Wed, 18 Nov 2020 10:43:05 GMT
server: ECAcc (frc/8E9E)
etag: 0x8D88BAEBB1AFB50
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 00e24fb2-001e-000b-0cb0-f23e0b000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=43200
x-ms-version: 2009-09-19

GET
H2 200 CustomAuthSystem.js Show response
cdn.ayc0zsm69431gfebd.xyz/prod/dfm/ 5 KB
2 KB 41ms
19ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Download Go to

Full URL: https://cdn.ayc0zsm69431gfebd.xyz/prod/dfm/CustomAuthSystem.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F12) /
Resource Hash: 4664f8ecc83b57e3b5d9e7878234b645d3febc234a7e6145c0daa2b8451ca756

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 25 Jan 2021 12:04:16 GMT
content-encoding: gzip
content-md5: R6uRZw+79CSlWrL4olBM7w==
age: 42023
x-cache: HIT
content-length: 1805
x-ms-lease-status: unlocked
last-modified: Wed, 18 Nov 2020 10:43:05 GMT
server: ECAcc (frc/8F12)
etag: 0x8D88BAEBB227727
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 6fefbb24-301e-0125-5db0-f2f899000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=43200
x-ms-version: 2009-09-19

GET
H2 200 JanrainAuthSystem.js Show response
cdn.ayc0zsm69431gfebd.xyz/prod/dfm/ 8 KB
2 KB 52ms
30ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Download Go to

Full URL: https://cdn.ayc0zsm69431gfebd.xyz/prod/dfm/JanrainAuthSystem.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F95) /
Resource Hash: a326b2c6a86790765d328c376b840ff9b5ada7314fe625e268f7a75cb6d76c75

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 25 Jan 2021 12:04:16 GMT
content-encoding: gzip
content-md5: ncca/KXpyvhHs0/O2YZLkQ==
age: 42045
x-cache: HIT
content-length: 2312
x-ms-lease-status: unlocked
last-modified: Wed, 18 Nov 2020 10:43:05 GMT
server: ECAcc (frc/8F95)
etag: 0x8D88BAEBB244C57
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: b0d2c47c-e01e-0082-47b0-f2872f000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=43200
x-ms-version: 2009-09-19

GET
H2 200 MG2AuthSystem.js Show response
cdn.ayc0zsm69431gfebd.xyz/prod/dfm/ 8 KB
2 KB 52ms
30ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Download Go to

Full URL: https://cdn.ayc0zsm69431gfebd.xyz/prod/dfm/MG2AuthSystem.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8FAB) /
Resource Hash: b790e0e178dbeece1b700c81d1bbce2f12f3d6bd41a8c728b7ed5674e4c54e13

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 25 Jan 2021 12:04:16 GMT
content-encoding: gzip
content-md5: X07KMaBrDcfilayL9hPqhQ==
age: 42045
x-cache: HIT
content-length: 2161
x-ms-lease-status: unlocked
last-modified: Wed, 18 Nov 2020 10:43:05 GMT
server: ECAcc (frc/8FAB)
etag: 0x8D88BAEBB2844EE
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 10d3fc65-a01e-0006-7ab0-f2d107000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=43200
x-ms-version: 2009-09-19

GET
H2 200 NewzwareAuthSystem.js Show response
cdn.ayc0zsm69431gfebd.xyz/prod/dfm/ 12 KB
4 KB 36ms
15ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Download Go to

Full URL: https://cdn.ayc0zsm69431gfebd.xyz/prod/dfm/NewzwareAuthSystem.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F8E) /
Resource Hash: 867648537d0d4c40c432f51192e4350e420d8787c35cb2cd27ab4ccce74cee27

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 25 Jan 2021 12:04:16 GMT
content-encoding: gzip
content-md5: bJo0MTE1s9hWASPPnhvlpw==
age: 42045
x-cache: HIT
content-length: 3750
x-ms-lease-status: unlocked
last-modified: Wed, 18 Nov 2020 10:43:05 GMT
server: ECAcc (frc/8F8E)
etag: 0x8D88BAEBB2A1A1A
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: f36c6784-401e-0007-02b0-f2d0fa000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=43200
x-ms-version: 2009-09-19

GET
H2 200 LikeButtons4.js Show response
cdn.ayc0zsm69431gfebd.xyz/prod/dfm/ 114 B
484 B 35ms
14ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Download Go to

Full URL: https://cdn.ayc0zsm69431gfebd.xyz/prod/dfm/LikeButtons4.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/osano.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F1E) /
Resource Hash: da676d4b5954b3c4c7c170151b9750e4289b4325caf7a92736d96a7f5d8394a0

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 25 Jan 2021 12:04:16 GMT
content-md5: dmOzUFUakSLjx2ecgldOyA==
age: 42045
x-cache: HIT
content-length: 114
x-ms-lease-status: unlocked
last-modified: Wed, 18 Nov 2020 10:43:05 GMT
server: ECAcc (frc/8F1E)
etag: 0x8D88BAEBB262187
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 5b237469-901e-004a-1eb0-f21618000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=43200
x-ms-version: 2009-09-19
accept-ranges: bytes

OPTIONS
H/1.1 200
OK views
prod-dfm-proxy-connext.azurewebsites.net/api/ Frame 0
0 151ms
150ms Other 13.85.16.224
MICROSOFT-CORP-MS...

General

Check archive.org

Download Go to

Full URL: https://prod-dfm-proxy-connext.azurewebsites.net/api/views?UserId=0f0654b9677d877e210fb39b8b42e748&ConfigCode=DENVERPRODWP&SiteCode=DFM&SettingsKey=PMP%2CDP
Protocol: HTTP/1.1
Server: 13.85.16.224 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: access-control-allow-origin,attr,authorization,autoqa,config-code,content-type,environment,location,settingskey,site-code,source-system,ssid,version
Origin: https://www.denverpost.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: access-control-allow-origin,attr,authorization,autoqa,config-code,content-type,environment,location,settingskey,site-code,source-system,ssid,version
X-Powered-By: ASP.NET
Date: Mon, 25 Jan 2021 12:04:16 GMT
Content-Length: 0

GET
H/1.1 200
OK views Show response
prod-dfm-proxy-connext.azurewebsites.net/api/ 65 B
1 KB 227ms
227ms Fetch
application/json 13.85.16.224
MICROSOFT-CORP-MS...

General

Check archive.org

Download Go to

Full URL: https://prod-dfm-proxy-connext.azurewebsites.net/api/views?UserId=0f0654b9677d877e210fb39b8b42e748&ConfigCode=DENVERPRODWP&SiteCode=DFM&SettingsKey=PMP%2CDP
Requested by: Host: info.silobreaker.com
URL: https://info.silobreaker.com/e2t/tc/VW01XH7WBQ9cW5WHp4_89tSl8VcSh174mdXw-N2XT74t2-Hw7V1-WJV7CgLCjN2Ms-CnZQXNlW2slSdz51VgD_W8Jc4Ff6bQkfsW35hnmj3T_fq5V20KSQ81CX7FN6fls5N8CGXlW1Hghcm2TgqxTW8VcP022rm4m1W7R6rWN91lylNVlQhX85kDTbCVdDYzs61hpj3W2HvRTT8NLGC3Vch7_K7W7PNCW1nnGLH3tXfP-W8rYwwf43Rzy4W3x52b-7rprh6W2d839F1d9Tz8W3BVLq05H9RWKW7GyS5d7wm_mMW3ryMff5DPGS5W5QGzTT7gGkK4N7-Z3-ygRXn6W7r7bpv5BLQLnW3LgvwV4nx9Lz346T1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 13.85.16.224 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET, ASP.NET
Resource Hash: b95b7840dd4e76f60f9b3d9c3a7dcff21135b740611568ab4044853964694fec

Request headers

authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1bmlxdWVfbmFtZSI6IkNvbm5lWHQiLCJleHAiOjE2MTE1OTA2NDd9.qJ8M7PGpM1hvMnfs4A9OmQ3clRsNpqiT90e3Chp2IDo
source-system: Plugin
site-code: DFM
autoqa: false
access-control-allow-origin: *
settingskey: PMP,DP
ssid: 89c257d2e77852a832423cffeaf46781
environment: prod
attr: DP
config-code: DENVERPRODWP
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
content-type: application/json
location: System
accept: application/json
Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
version: Version: 2.5.4.1

Response headers

Pragma: no-cache
Date: Mon, 25 Jan 2021 12:04:16 GMT
Content-Encoding: gzip
Expires: -1
Server: Microsoft-IIS/10.0
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET, ASP.NET
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Server-Time,Request-Context
Cache-Control: no-cache
Content-Length: 177
X-Server-Time: 1/25/2021 12:04:16 PM
Request-Context: appId=cid-v1:b3b1c194-8bfe-45e5-8168-866947d4f019

GET
H2 200 bx_suppress
events.bouncex.net/track.gif/ 42 B
230 B 118ms
42ms Image
image/gif 34.95.65.255
GOOGLE

General

Check archive.org

Download Go to Show image

Full URL: https://events.bouncex.net/track.gif/bx_suppress?reason=iab_cmp&websiteid=3994&source=web&agent=user
Requested by: Host: www.denverpost.com
URL: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.65.255 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: fasthttp /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 25 Jan 2021 12:04:17 GMT
via: 1.1 google
server: fasthttp
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: clear
content-length: 42
expires: Tue, 01 Jan 2001 00:00:00 GMT

GET
H2 200 fontawesome-webfont.woff2
cdn.mg2connext.com/prod/fonts/ 2 KB
2 KB 50ms
9ms Font
application/octet-stream 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Download Go to

Full URL: https://cdn.mg2connext.com/prod/fonts/fontawesome-webfont.woff2?98120622=
Requested by: Host: cdn.ayc0zsm69431gfebd.xyz
URL: https://cdn.ayc0zsm69431gfebd.xyz/prod/dfm/t8y9347t.min.css?v=20201027.3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/8F40) /
Resource Hash: c9438bf6c7a6122ea18edeb717850798c337311b634d1ab61c374f5e92e08a2a

Request headers

Origin: https://www.denverpost.com
Referer: https://cdn.ayc0zsm69431gfebd.xyz/prod/dfm/t8y9347t.min.css?v=20201027.3
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 25 Jan 2021 12:04:19 GMT
content-md5: 4KZHfCb3p1RwzI0cUtcF7g==
age: 603747
x-cache: HIT
content-length: 1720
x-ms-lease-status: unlocked
last-modified: Thu, 17 Dec 2020 10:16:38 GMT
server: ECAcc (frc/8F40)
etag: 0x8D8A274D72F017A
content-type: application/octet-stream
access-control-allow-origin: *
x-ms-request-id: b494b293-401e-00ad-7c94-ed0615000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version: 2009-09-19
accept-ranges: bytes

GET
H2 403 The_Denver_Post_logo_black_small.png
extras.denverpost.com/connext_assets/ 60 B
60 B 121ms
37ms Image
text/plain 151.101.113.53
FASTLY

General

Check archive.org

Download Go to Show image

Full URL: https://extras.denverpost.com/connext_assets/The_Denver_Post_logo_black_small.png
Requested by: Host: www.denverpost.com
URL: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.53 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: 22519c331f98f78a8070a9ed0bac29e412bdfa5a8fee592ef885c94e256bbfab

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 12:04:19 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1611576260.517946,VS0,VE0
x-served-by: cache-hhn4024-HHN
x-cache: MISS
content-type: text/plain
accept-ranges: bytes
content-length: 60
retry-after: 0
x-cache-hits: 0

GET
H2 403 denver-animation-css.svg
extras.denverpost.com/connext_assets/ 60 B
60 B 120ms
37ms Image
text/plain 151.101.113.53
FASTLY

General

Check archive.org

Download Go to Show image

Full URL: https://extras.denverpost.com/connext_assets/denver-animation-css.svg?1
Requested by: Host: www.denverpost.com
URL: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.53 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: 22519c331f98f78a8070a9ed0bac29e412bdfa5a8fee592ef885c94e256bbfab

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 12:04:19 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1611576260.517929,VS0,VE0
x-served-by: cache-hhn4024-HHN
x-cache: MISS
content-type: text/plain
accept-ranges: bytes
content-length: 60
retry-after: 0
x-cache-hits: 0

GET
H/1.1 200
OK i
www.i.matheranalytics.com/ 43 B
245 B 109ms
109ms Image
image/gif 54.198.41.31
AMAZON-AES

General

Check archive.org

Download Go to Show image

Full URL: https://www.i.matheranalytics.com/i?e=pv&page=Ramifications%20of%20unemployment%20insurance%20fraud%20run%20deep%20in%20Colorado&metered=1%7C2&metername=DENVER%20PROD%20CONVERSATION%20v1.1&tv=js-3.0.112&tna=Mather&aid=v1&p=web&tz=Europe%2FBerlin&tzoff=-60&lang=en-US&cs=UTF-8&navt=link&res=1600x1200&cd=24&cookie=1&f_jquery=1&tvltm=14&tvcfg=wp&tid=ad45f530-3b99-48ff-8b29-bb6718c634e7&pid=add01440-71e6-43d5-8107-29f4f47668bd&dtm=1611576259276&qnm=_matherq&visible=1&tabid=f215b869-0607-4f02-a786-9b1c0bbbd1cf&url=https%3A%2F%2Fwww.denverpost.com%2F2021%2F01%2F24%2Fcolorado-unemployment-insurance-fraud%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk&vp=1600x1200&ds=1600x11730&tofa=1611576259&vid=1&lvidt=1611576259&duid=52262c2a81af2572&fp=606422418&cid=ma23578&mrk=239876503&cx=eyJhY3Rpb24iOnsiY2F0ZWdvcnkiOiJkaXNwbGF5IiwiYWN0aW9uIjoiU21hbGxJbmZvQm94IiwiZGF0YSI6eyJtZXRlciI6eyJpZCI6IjIiLCJuYW1lIjoiTWV0ZXJlZCIsIm1ldGhvZCI6IkRlZmF1bHQifSwiY2FtcGFpZ24iOnsiaWQiOiIxMDEzNTIiLCJuYW1lIjoiZGVudmVyIHBvc3QgY29ubmV4dCB2MS4xIn0sImNvbnZlcnNhdGlvbiI6eyJuYW1lIjoiREVOVkVSIFBST0QgQ09OVkVSU0FUSU9OIHYxLjEiLCJvcmRlciI6IjEifSwiYWN0aW9uIjp7Im5hbWUiOiJhLXNtYWxsaW5mby1zdWItYS1wdjEtcGlkMjE1MSIsInR5cGVJZCI6IjYiLCJ0eXBlTmFtZSI6IlNtYWxsSW5mb0JveCIsIm9yZGVyIjoiMTcifX0sInZlbmRvciI6Ik1HMiIsInR5cGUiOiJ1bmtub3duIn0sImlkZW50aXRpZXMiOlt7InR5cGUiOiJtZzIiLCJpZCI6IjBmMDY1NGI5Njc3ZDg3N2UyMTBmYjM5YjhiNDJlNzQ4IiwicmVmVGltZSI6IjE2MTE1NzYyNTkyNTgifV0sIm1nMkRhdGEiOnsidmVyc2lvbiI6IlZlcnNpb246IDIuNS40LjEiLCJlbnZpcm9ubWVudCI6InByb2QiLCJhdXRoU3lzdGVtIjoiQXV0aDBVbml2ZXJzYWxMb2dpbiIsImNhbXBhaWduTmFtZSI6ImRlbnZlciBwb3N0IGNvbm5leHQgdjEuMSIsInN1YnNjcmlwdGlvbnMiOltdLCJjYW1wYWlnbklkIjoiMTAxMzUyIn0sInVzZXJEYXRhIjp7Im1nMkRhdGEiOnsiT3duZWRTdWJzY3JpcHRpb25zIjpbXSwiQXV0aFN5c3RlbSI6IkF1dGgwVW5pdmVyc2FsTG9naW4iLCJEaWdpdGFsQWNjZXNzIjp7IkFjY2Vzc0xldmVsIjp7fSwiU3Vic2NyaXB0aW9uIjp7fX0sIklnbVJlZ0lEIjpudWxsLCJFbWFpbCI6IiIsIk56d0xpZCI6bnVsbCwiTWFzdGVySWQiOm51bGx9fX0
Requested by: Host: www.denverpost.com
URL: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.198.41.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-198-41-31.compute-1.amazonaws.com
Software: /
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 25 Jan 2021 12:04:19 GMT
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK connext-user-check.php Show response
uploads.denverpost.com/pax/ 28 B
424 B 620ms
153ms XHR
application/json 63.147.65.174
CENTURYLINK-US-LE...

General

Check archive.org

Download Go to

Full URL: https://uploads.denverpost.com/pax/connext-user-check.php?key=null
Requested by: Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 63.147.65.174 Waldorf, United States, ASN209 (CENTURYLINK-US-LEGACY-QWEST, US),
Reverse DNS
Software: Apache/2.4.37 (centos) OpenSSL/1.1.1c / PHP/7.2.24
Resource Hash: 8075a7a142a8797313394bdf757c4d028aeea271fff5ed41deeb02b38fa4a66b

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 25 Jan 2021 12:04:19 GMT
Server: Apache/2.4.37 (centos) OpenSSL/1.1.1c
X-Powered-By: PHP/7.2.24
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100

GET
H/1.1 200
OK i
www.i.matheranalytics.com/ 43 B
245 B 111ms
110ms Image
image/gif 54.198.41.31
AMAZON-AES

General

Check archive.org

Download Go to Show image

Full URL: https://www.i.matheranalytics.com/i?e=pe&tv=js-3.0.112&tna=Mather&aid=v1&p=web&tz=Europe%2FBerlin&tzoff=-60&lang=en-US&cs=UTF-8&navt=link&res=1600x1200&cd=24&cookie=1&f_jquery=1&tvltm=14&tvcfg=wp&f_privb=0&tid=8aaf7103-ed9b-4d51-a654-2709cde1091a&pid=add01440-71e6-43d5-8107-29f4f47668bd&dtm=1611576259446&qnm=_matherq&visible=1&tabid=f215b869-0607-4f02-a786-9b1c0bbbd1cf&url=https%3A%2F%2Fwww.denverpost.com%2F2021%2F01%2F24%2Fcolorado-unemployment-insurance-fraud%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk&vp=1600x1200&ds=1600x11730&tofa=1611576259&vid=1&lvidt=1611576259&duid=52262c2a81af2572&fp=606422418&cid=ma23578&mrk=239876503&cx=eyJwZXJmIjp7InN0YXJ0IjoiMTYxMTU3NjIzOTE0NCIsInJlZGlyQ250IjoiMCIsIm5hdlR5cGUiOiJsaW5rIiwiaGVhcFUiOiI2NS43NDk2bWIiLCJoZWFwVCI6IjgwLjA5NDcybWIiLCJmc3RQYWludCI6IjI0NjQiLCJmZXRjaFMiOiIyMzQiLCJkb21haW5TIjoiMjQ3IiwiZG9tYWluRSI6IjI2MiIsImNvbm5TIjoiMjYyIiwiY29ubkUiOiIzNjEiLCJzc2xTIjoiMjkyIiwicmVxdVMiOiIzNjIiLCJyZXNwUyI6Ijc3MiIsInJlc3BFIjoiOTAzIiwiZG9tTG9hZCI6Ijc4NyIsImRvbUludGVyIjoiNTIxNyIsImRvbUxvYWRTIjoiNTMzOSIsImRvbUxvYWRFIjoiNTQ0MSJ9fQ
Requested by: Host: www.denverpost.com
URL: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.198.41.31 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-198-41-31.compute-1.amazonaws.com
Software: /
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Mon, 25 Jan 2021 12:04:19 GMT
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Content-Length: 43
Content-Type: image/gif

POST
H2 200 pixels
pix.spot.im/api/v1/ 0
0 205ms
205ms Other
application/json 72.247.178.33
AKAMAI-ASN1

General

Check archive.org

Download Go to

Full URL: https://pix.spot.im/api/v1/pixels
Requested by: Host: launcher.spot.im
URL: https://launcher.spot.im/spot/sp_sXPv48AD
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 72.247.178.33 , Netherlands, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 001A 81 KB
26 KB 53ms
23ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 2616735e4a72622e770658b4837cb2d6258456c3358f8ebec83b1fd88ed93ada

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 25 Jan 2021 12:04:24 GMT
content-encoding: gzip
last-modified: Thu, 07 Jan 2021 11:16:36 GMT
server: nginx
etag: W/"5ff6ed94-14284"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Tue, 26 Jan 2021 12:04:24 GMT

OPTIONS
H2 200 /
tattle.api.osano.com/ Frame 0
0 213ms
131ms Other
application/json 65.9.67.38
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://tattle.api.osano.com/
Protocol: H2
Server: 65.9.67.38 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.denverpost.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/json
content-length: 0
date: Mon, 25 Jan 2021 12:04:30 GMT
x-amzn-requestid: 8dc0ee48-e85d-43e3-b5ad-352424ae2e91
access-control-allow-origin: *
access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
x-amz-apigw-id: ZtEIVFNXIAMFr-A=
access-control-allow-methods: OPTIONS,POST
x-cache: Miss from cloudfront
via: 1.1 1c5b98f7bd5001d6fe1040daa237afc6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: iiHRZXutKHcpjGhGgZ4bvSRXoB85MeZvIAKlnxeQxOfM4MqSl4CVHw==

POST
H2 200 / Show response
tattle.api.osano.com/ 3 B
363 B 412ms
412ms XHR
application/json 65.9.67.38
AMAZON-02

General

Check archive.org

Download Go to

Full URL: https://tattle.api.osano.com/
Requested by: Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.67.38 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 257c1be96ae69f4b01c2c69bdb6d78605f59175819fb007d0bf245bf48444c4a

Request headers

Accept: application/json
Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 25 Jan 2021 12:04:31 GMT
via: 1.1 1c5b98f7bd5001d6fe1040daa237afc6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amzn-requestid: 151f32e5-a505-41ed-80ff-e53c822f9836
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-600eb3cf-76280ed8694ba2eb5f30794b
x-amz-apigw-id: ZtEIZHmtIAMF8FA=
content-length: 3
x-amz-cf-id: 2kBLbVTQSuPaekR5xBUHoaSEPv7V3KrXixAa8XduqIjuVmcXQA8bxQ==

OPTIONS
H2 200 track
dc.services.visualstudio.com/v2/ Frame 0
0 196ms
53ms Other 51.107.59.180
MICROSOFT-CORP-MS...

General

Check archive.org

Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Protocol

Server

51.107.59.180 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,sdk-context
Origin: https://www.denverpost.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

access-control-allow-methods: POST
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-origin: *
access-control-max-age: 3600
x-content-type-options: nosniff
date: Mon, 25 Jan 2021 12:04:31 GMT
content-length: 0

POST
H2 206 track Show response
dc.services.visualstudio.com/v2/ 671 B
789 B 124ms
124ms XHR
application/json 51.107.59.180
MICROSOFT-CORP-MS...

General

Check archive.org

Download Go to

Full URL

https://dc.services.visualstudio.com/v2/track

Requested by

Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

51.107.59.180 Zurich, Switzerland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

d863a47b3033692aa415151ecf5350f2c83ddbc984cac07e774df97ccddc0975

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.denverpost.com/2021/01/24/colorado-unemployment-insurance-fraud/?_hsmi=88974744&_hsenc=p2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk
Sdk-Context: appId
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/json

Response headers

x-ms-session-id: 7094B633-291B-4A6F-BDCB-14DAA1D9E9AF
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
date: Mon, 25 Jan 2021 12:04:31 GMT
access-control-max-age: 3600
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
content-length: 671

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cmp.osano.com
URL: https://cmp.osano.com/16A1AnRt2Fn8i1unj/1edc45d9-1a78-48b2-9035-037b31df744a/vendor-list.json

Domain: ap.lijit.com
URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.15.0-pre

Domain: htlb.casalemedia.com
URL: https://htlb.casalemedia.com/cygnus?s=356568&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%221483b92b0606dab%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.denverpost.com%2F2021%2F01%2F24%2Fcolorado-unemployment-insurance-fraud%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A2%2C%22msi%22%3A2%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22spotim.market%22%2C%22sid%22%3A%22sp_sXPv48AD%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A1%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22CPAkwVYPAkwVYEXABBENA3CwAAAAAH_AAAYgGggBIAJEQABAIAAEAIAEAAAAQBAAAEAgAAAAAAAAAAAABAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAIAAAAAAgXmAAAAkQAAEAAAAAAAAQAAABAEAAAAAAAAAAAAAAAAAAECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAA.YAAAAAAAAAAA%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2215f5752e724ae7d%22%2C%22ext%22%3A%7B%22siteID%22%3A356568%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%22163eeb4e904ee17%22%2C%22ext%22%3A%7B%22siteID%22%3A%22494467%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%22174f2027097c445%22%2C%22ext%22%3A%7B%22siteID%22%3A%22532859%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%221816f69cce7b9b4%22%2C%22ext%22%3A%7B%22siteID%22%3A%22581365%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%2215f5752e724ae7d%22%2C%22ext%22%3A%7B%22siteID%22%3A356568%2C%22sid%22%3A%22336x280%22%7D%2C%22banner%22%3A%7B%22w%22%3A336%2C%22h%22%3A280%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%2215f5752e724ae7d%22%2C%22ext%22%3A%7B%22siteID%22%3A356568%2C%22sid%22%3A%22320x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A320%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%5D%7D

Domain: bidder.criteo.com
URL: https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.15.0-pre&cb=4134580581

Domain: lockerdome.com
URL: https://lockerdome.com/ladbid/prebid

Domain: spot-im-d.openx.net
URL: https://spot-im-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.denverpost.com%2F2021%2F01%2F24%2Fcolorado-unemployment-insurance-fraud%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-60&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=8c0d6438-63b8-4981-938a-965fd6197e8a%2C8c0d6438-63b8-4981-938a-965fd6197e8a%2C8c0d6438-63b8-4981-938a-965fd6197e8a&nocache=1611576252073&gdpr_consent=CPAkwVYPAkwVYEXABBENA3CwAAAAAH_AAAYgGggBIAJEQABAIAAEAIAEAAAAQBAAAEAgAAAAAAAAAAAABAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAIAAAAAAgXmAAAAkQAAEAAAAAAAAQAAABAEAAAAAAAAAAAAAAAAAAECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAA.YAAAAAAAAAAA&gdpr=1&schain=1.0%2C1!spotim.market%2Csp_sXPv48AD%2C1%2C%2C%2C&aus=300x250%2C336x280%2C320x250%7C300x250%2C336x280%2C320x250%7C300x250%2C336x280%2C320x250&divIds=div-gpt-ad-1579006100744-0%2Cdiv-gpt-ad-1579006100744-0%2Cdiv-gpt-ad-1579006100744-0&auid=540934835%2C541192057%2C543856208

Domain: ib.adnxs.com
URL: https://ib.adnxs.com/ut/v3/prebid

Domain: lockerdome.com
URL: https://lockerdome.com/ladbid/prebid

Domain: ap.lijit.com
URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.15.0-pre

Domain: ib.adnxs.com
URL: https://ib.adnxs.com/ut/v3/prebid

Domain: htlb.casalemedia.com
URL: https://htlb.casalemedia.com/cygnus?s=356568&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%222728bc35a95e46d%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.denverpost.com%2F2021%2F01%2F24%2Fcolorado-unemployment-insurance-fraud%2F%3F_hsmi%3D88974744%26_hsenc%3Dp2ANqtz-9cLv8SJb_7JW6okmejYjNpp3eT_v48Khuf1XzX7xjUcPREFj7JCzoYxy7M2wyFbO0TWESO-dJ_Sa_2rWzGfU-fm1BtJIYWPIIFH6nmrp7QEeIbTDk%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A2%2C%22msi%22%3A2%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22spotim.market%22%2C%22sid%22%3A%22sp_sXPv48AD%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A1%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22CPAkwVaPAkwVaEXABBENA3CwAAAAAH_AAAYgGggBIAJEQABAIAAEAIAEAAAAQBAAAEAgAAAAAAAAAAAABAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAAAAAAAAAAAAAAAAAAAAAAAAAAgAAAAAIAAAAAAgXmAAAAkQAAEAAAAAAAAQAAABAEAAAAAAAAAAAAAAAAAAECAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAA.YAAAAAAAAAAA%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2228e132f9d01c9a1%22%2C%22ext%22%3A%7B%22siteID%22%3A356568%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%2229eea7f84e52a19%22%2C%22ext%22%3A%7B%22siteID%22%3A%22494467%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%2230b2763f7bc6722%22%2C%22ext%22%3A%7B%22siteID%22%3A%22581365%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%2228e132f9d01c9a1%22%2C%22ext%22%3A%7B%22siteID%22%3A356568%2C%22sid%22%3A%22336x280%22%7D%2C%22banner%22%3A%7B%22w%22%3A336%2C%22h%22%3A280%2C%22topframe%22%3A0%7D%7D%2C%7B%22id%22%3A%2228e132f9d01c9a1%22%2C%22ext%22%3A%7B%22siteID%22%3A356568%2C%22sid%22%3A%22320x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A320%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%7D%5D%7D

Domain: bidder.criteo.com
URL: https://bidder.criteo.com/cdb?profileId=207&av=32&wv=4.15.0-pre&cb=15243203613

Verdicts & Comments Add Verdict or Comment

253 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

34 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	debug	URL: https://info.silobreaker.com/e2t/tc/VW01XH7WBQ9cW5WHp4_89tSl8VcSh174mdXw-N2XT74t2-Hw7V1-WJV7CgLCjN2Ms-CnZQXNlW2slSdz51VgD_W8Jc4Ff6bQkfsW35hnmj3T_fq5V20KSQ81CX7FN6fls5N8CGXlW1Hghcm2TgqxTW8VcP022rm4m1W7R6rWN91lylNVlQhX85kDTbCVdDYzs61hpj3W2HvRTT8NLGC3Vch7_K7W7PNCW1nnGLH3tXfP-W8rYwwf43Rzy4W3x52b-7rprh6W2d839F1d9Tz8W3BVLq05H9RWKW7GyS5d7wm_mMW3ryMff5DPGS5W5QGzTT7gGkK4N7-Z3-ygRXn6W7r7bpv5BLQLnW3LgvwV4nx9Lz346T1(Line 13) Message: toS
console-api	log	(Line 1) Message: Noelle Phillips
console-api	log	(Line 1) Message: Noelle Phillips
console-api	info	URL: https://c.go-fet.ch/a/embed.js?ver=1.0.0(Line 2) Message: Powered by DML ⚡ : 20210123-sra-roadblock-ads_prod_master
console-api	info	URL: https://c.go-fet.ch/a/embed.js?ver=1.0.0(Line 2) Message: DML Host : denverpost.com
console-api	log	URL: https://launcher.spot.im/spot/sp_sXPv48AD(Line 10) Message: [OpenWeb Launcher] v2.46.7
console-api	info	URL: https://c.go-fet.ch/a/embed.js?ver=1.0.0(Line 2) Message: DML.gpt.refresh slotsToRefreshQueue
console-api	log	URL: https://medianewsgroup.blueconic.net/plugin/library/d11a1add16ec5bfd57837c1ca63f340a(Line 26) Message: JQMIGRATE: Migrate is installed, version 3.3.2
console-api	log	URL: https://cdn.blueconic.net/medianewsgroup.js(Line 132) Message: [BC]DataLayer available
console-api	log	(Line 14) Message: enter exclusiveCheck
console-api	log	(Line 10) Message: in exclusiveCheck
console-api	log	(Line 11) Message: exclusiveCheck boolfalse
console-api	log	(Line 1) Message: Noelle Phillips
console-api	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021012001.js?21069868(Line 6) Message: Exception in queued GPT command TypeError: Cannot read property 'setTargeting' of null
console-api	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021012001.js?21069868(Line 6) Message: Exception in queued GPT command TypeError: Cannot read property 'setTargeting' of null
console-api	error	URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021012001.js?21069868(Line 6) Message: Exception in queued GPT command TypeError: Cannot read property 'setTargeting' of null
console-api	log	(Line 1) Message: [object Object] Utf8
console-api	log	URL: https://cdn.blueconic.net/medianewsgroup.js(Line 132) Message: [BC]Pushing event: BlueConic.VIEW
console-api	log	(Line 1) Message: Noelle Phillips
console-api	log	(Line 1) Message: CMD function(){googletag.cmd.unshift=function(cb){if(ready){return exec(cb);}cmds.unshift(cb);if(cb._startgpt){ready=true;for(var k=0;k<cmds.length;k++){exec(cmds[k]);}}};googletag.cmd.push=function(cb){if(ready){return exec(cb);}cmds.push(cb);};}
console-api	warning	URL: https://player.spotim.market/prebidlink/447660/hb_270443_140.js(Line 3) Message: fun-hooks: referenced 'registerAdserver' but it was never created
console-api	warning	URL: https://player.spotim.market/prebidlink/447660/hb_270443_140.js(Line 3) Message: fun-hooks: referenced 'registerAdserver' but it was never created
console-api	log	(Line 1) Message: Regular browsing
console-api	log	URL: https://www.denverpost.com/wp-content/client-mu-plugins/src/SSO/assets/js/connext-events.min.js?m=1607866681g(Line 1) Message: DEBUG: onFinish payload: {"event":"setTimer","actionName":"Timer","onInitTimer":15669,"onFinishTimer":18729}
console-api	log	URL: https://www.denverpost.com/wp-content/client-mu-plugins/src/SSO/assets/js/connext-events.min.js?m=1607866681g(Line 1) Message: DEBUG: MG2DL object available; payload to push: {"event":"setTimer","actionName":"Timer","onInitTimer":15669,"onFinishTimer":18729}
console-api	log	URL: https://www.denverpost.com/wp-content/client-mu-plugins/src/SSO/assets/js/connext-events.min.js?m=1607866681g(Line 1) Message: DEBUG: onFinish payload pushed
console-api	log	URL: https://www.denverpost.com/wp-content/client-mu-plugins/src/SSO/assets/js/connext-events.min.js?m=1607866681g(Line 1) Message: DEBUG: events pushed with the onFinish event listener
console-api	log	URL: https://www.denverpost.com/wp-content/client-mu-plugins/src/SSO/assets/js/connext-events.min.js?m=1607866681g(Line 1) Message: DEBUG: onLoggedInTimer is not available
console-api	log	URL: https://www.denverpost.com/wp-content/client-mu-plugins/src/SSO/assets/js/connext-events.min.js?m=1607866681g(Line 1) Message: DEBUG: onInitTimer 15 seconds - ( 15669 )
console-api	log	URL: https://www.denverpost.com/wp-content/client-mu-plugins/src/SSO/assets/js/connext-events.min.js?m=1607866681g(Line 1) Message: DEBUG: onFinishTimer 18 seconds - ( 18729 )
console-api	log	(Line 1) Message: Noelle Phillips
console-api	log	(Line 1) Message: Noelle Phillips
console-api	log	(Line 1) Message: loading content
console-api	log	(Line 1) Message: [object Object]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

76546244d1c81ae3d677fce14e9439d7.safeframe.googlesyndication.com
ad.doubleclick.net
ads.pubmatic.com
adserver-us.adtech.advertising.com
ajax.googleapis.com
ap.lijit.com
api-2-0.spot.im
api-mg2.db-ip.com
assets.bounceexchange.com
at1.listrakbi.com
ats.rlcdn.com
az416426.vo.msecnd.net
bidder.criteo.com
c.amazon-adsystem.com
c.go-fet.ch
c.go-mpulse.net
cdc58d79a088552000be8f8c42c7127e.safeframe.googlesyndication.com
cdn.ayc0zsm69431gfebd.xyz
cdn.blueconic.net
cdn.listrakbi.com
cdn.mg2connext.com
cdn.p-n.io
cdn3.optimizely.com
certify.alexametrics.com
cmp.osano.com
connect.facebook.net
cs.choozle.com
d1eoo1tco6rr5e.cloudfront.net
d1wa9546y9kg0n.cloudfront.net
d1z2jf7jlzjs58.cloudfront.net
d2lv4zbk7v5f93.cloudfront.net
d31qbv1cthcecs.cloudfront.net
data.cdnbasket.net
dc.services.visualstudio.com
di.rlcdn.com
direct-events-collector.spot.im
e.cdnwidget.com
emojipedia-us.s3.dualstack.us-west-1.amazonaws.com
eus.rubiconproject.com
events-collector.spot.im
events.bouncex.net
extras.denverpost.com
fastlane.rubiconproject.com
ff8cb082fb3e0ae250f80b898f6fae3d.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
fp-cdn.azureedge.net
g2insights-cdn.azureedge.net
geo.rlcdn.com
ghb.ads.152media.com
ghb.adtelligent.com
hb-api.omnitagjs.com
hb.spotim.market
hbopenbid.pubmatic.com
htlb.casalemedia.com
i2.wp.com
ib.adnxs.com
ids.cdnwidget.com
info.silobreaker.com
insight.adsrvr.org
js-sec.indexww.com
js.matheranalytics.com
launcher.spot.im
loader-cdn.azureedge.net
lockerdome.com
medianewsgroup.blueconic.net
metrics-logger.spot.im
nexus.ensighten.com
onescript-recscont.listrakbi.com
p.delivercdn.com
p.kfmlax.com
page.cdnbasket.net
pagead2.googlesyndication.com
paywall-ad-bucket.s3.amazonaws.com
pix.spot.im
pixel-sync.sitescout.com
pixel.advertising.com
pixel.wp.com
player.adtelligent.com
player.spotim.market
polyfill.io
prebid-us.creativecdn.com
prod-dfm-proxy-connext.azurewebsites.net
prodmg2.blob.core.windows.net
publisher-assets.spot.im
recirculation.spot.im
rumcdn.geoedge.be
s.go-mpulse.net
s1.listrakbi.com
sb.scorecardresearch.com
scripts.webcontentassessor.com
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
spot-im-d.openx.net
ssum.casalemedia.com
static-cdn.spot.im
static.criteo.net
stats.wp.com
sync.ads.152media.com
sync.search.spotxchange.com
sync.spotim.market
tag.wknd.ai
tattle.api.osano.com
tpc.googlesyndication.com
track1.aniview.com
uploads.denverpost.com
view.cdnbasket.net
www.denverpost.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.i.matheranalytics.com
ap.lijit.com
bidder.criteo.com
cmp.osano.com
htlb.casalemedia.com
ib.adnxs.com
lockerdome.com
spot-im-d.openx.net
104.108.50.124
104.108.58.15
104.108.64.33
104.26.4.15
107.178.250.234
13.224.102.102
13.224.102.21
13.224.102.52
13.224.102.86
13.224.103.105
13.224.89.166
13.224.89.182
13.224.96.8
13.225.84.48
13.82.152.48
13.85.16.224
130.211.19.253
130.211.47.17
151.101.113.53
151.101.114.217
172.217.18.162
172.217.21.230
172.217.22.98
185.184.10.30
185.255.84.151
185.33.220.241
185.33.221.52
185.64.189.112
185.94.180.126
192.0.66.2
192.0.76.3
192.0.77.2
199.60.103.2
213.174.135.1
213.174.135.2
23.210.249.164
23.210.249.92
23.227.137.155
23.37.42.132
2600:1fa0:c020:281:34db:74f9::
2600:9000:206f:3c00:3:b7e:8940:93a1
2600:9000:2190:5000:c:2267:880:93a1
2600:9000:2190:ec00:4:b37b:9440:93a1
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:2800:233:97b6:26be:138a:cba8:bb01
2a00:1450:4001:801::2003
2a00:1450:4001:806::2002
2a00:1450:4001:808::2008
2a00:1450:4001:80b::2001
2a00:1450:4001:80b::200a
2a00:1450:4001:80b::200e
2a00:1450:4001:814::2001
2a00:1450:4001:815::2001
2a00:1450:4001:819::2002
2a00:1450:4001:819::2013
2a00:1450:4001:81a::200a
2a00:1450:4001:820::2001
2a00:1450:4001:820::2004
2a00:1450:4001:821::2002
2a02:2638:1::3
2a02:26f0:6c00:19a::11a6
2a02:26f0:6c00:291::11a6
2a02:26f0:6c00::210:ba20
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:400::621
2a0c:5c81:5026:0:ae1f:6bff:fe5a:4696
2a0c:5c81:5052::2
3.17.209.243
3.88.253.15
34.107.221.36
34.120.207.148
34.120.253.250
34.225.175.99
34.251.61.210
34.95.65.255
34.98.72.95
35.201.86.85
35.227.224.17
35.244.220.155
51.107.59.180
52.0.218.6
52.1.162.64
52.203.214.114
52.207.51.121
52.217.98.4
52.28.239.147
54.160.201.253
54.192.232.170
54.198.41.31
54.80.13.234
62.149.0.72
63.147.65.174
65.9.67.38
66.155.71.150
69.173.144.141
72.247.178.11
72.247.178.33
72.247.178.42
72.247.178.49
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0859f5f9bf49348ef81d01f953d520c10a2a857961ef1bfad4a7903609889de5
08687d88ebc422f13a006771c948ba493a429e7ca18cd21a53b8abc9c56d5fb0
0895b9bcff73ef694de9672ecceaad056b04b4d6381428d1a7ca79c08f5b56ed
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4
0ab8bb0bff4647bf446f50e9c09b5081319d875a89635061fbf6c69dc369a26a
0cb121c2b3ff60543105fd6b5baefa3517e2515635407647d023909f496172fe
0d4b6a8f3b8e470fd5830f143130d580ef5919d1b8761cbda43702038892ab9e
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2
0f4ec9b423f653cfb9d1e9b0cd6db63cd134f4426762dee082071a9e2d20ca25
10d066d09cf27504d732f13d784528bddcc63629bb8c2b6c23ed3fae1c090310
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
135383ee0ad73c83af4c9196fd280c542c764ccf6ce383218e657c11a431eb49
182abb62bdb40059dbda691bf6631cf6b471499a85971a5fd04832453d7b4141
186d8db4abc377ab4b51889dd2144960383b7ef8da7fb1372d0fd187d8d00eac
19fc82a8534ba02abc18bebd99ffabf7684d931a3d87198ef0c0ddadc684b587
1b01a53dd60eba9316f309089d0f7d769ce79e9b35856dd5588bc2c04d39ac45
1cc9e0ac0ff231ba3fc0c9c42b40ebcc6c5a3058722ca99eeb0fed41f3efb997
1db3632994c4b0349befef9708623ec0f2583436e0817855e7dbc6cee503a1b1
1dce75d4e25bcc1fcc55050c2aabfe460464f05e90f67f1cefe3fb54fb012309
1e4805959cfd7ddb635dc0336bc4fdcf74ec90cde0eca240efd081c2935ba629
22519c331f98f78a8070a9ed0bac29e412bdfa5a8fee592ef885c94e256bbfab
24b34b67bb853b15a2acceb1a8aa3f8f9553e001ef20b04c0a7815628301c8e5
257c1be96ae69f4b01c2c69bdb6d78605f59175819fb007d0bf245bf48444c4a
2590d66919bcebebcab8820a8e98a672c795c718f39f53d1c62cdd26ced8660b
2616735e4a72622e770658b4837cb2d6258456c3358f8ebec83b1fd88ed93ada
26392c221bad1bf32478ca20c7565489e32074875f7ed72615be36cb56222872
285c8bfcdd64cef21a9fec68980705eb4bd8116beeb8764deafbeaf5cecbe384
2ab2ee6c6698b57f2f3c79839a574a6808197ac57b7fbc6295b1be3ab8a4d279
2b73fa1e440eb874bc2ad5cc05d82e19b7ee59a353e8013c7ec37e2916bdd8a5
2bb2133a02340dfcf536c60236214d414dfcbd9162ffffda0909804a0b5c8fef
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e826d9af287405ebd0dfd43fbd58f3ee502970bb3590771dbef0440d216806b
2f7c27148d0d40433fdc58480eb53706587114517254d6b2318b5b34b36af34d
323075a1922843a6c7f5371bc7fa55500b77944f1268d83461964e3906942141
345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1
35b2f0b3d5b3e137933923617954edd447ff0eb10d7d44f6ff8a55a9d0d2f5c0
3685c3818240f5f390073c7d04f944a5cb5d848093224f3a7888034e8c050eb4
369a0a9bee9bcd21bd53660799900a66ebbd0a279919b0e2028440d4be7ee64f
36e14c51aae1aebf9430c406541b11d1b6f2c12a13d771cafedc93d4b97063dd
3dc5abd42494c5478a3790a3721fd082077689db3e8a124921b01d0b48c58fa7
3fa54e29f88aee644eaaac38e11681ea07858eb1ea76b1baae12597aae83fe82
431fbcbabd6e10d62d7803e60b0111ae8fa99047f3c7ff12593da2a157f6f652
4664f8ecc83b57e3b5d9e7878234b645d3febc234a7e6145c0daa2b8451ca756
486e7061a989cf1c6834390c0fdc9a8d181f9179efe68fe8c35c254ff2d49de6
4907bbcf5f0b81bb78857770341d43e9634c9c9498e637a442771813b7aba010
4c78e1c09099107a82796834fb2f99112c97883053b2fa5565325ed60c672bd1
4d44f0b7afad99a1982df9a35143769afd51a028df9afbd181dce9cb42b8a98b
4d5f2c09a690b52d4d5aacf685ce7e137ef476f335b705223373f6a986bcb287
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e
52a86d4b4b4d717c2876cf04c6af2d7ceb7a7d587b749f99ead0b26bca09a3c0
52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0
53c6c96f062c045609d9c40f923d2fb9bc14d7d67b246cf60a94eceff7a8e714
57ba136d3f6f87905ed03272ab2ef977c6fa7f09332a48d54b33a0709ba5171c
59b46a686e590a4543c08b260964e58877806d23668a959b4d2b46898e2a581a
5c764ba1ccecd6b069fa3af48c26616aa22fd6076413d7d3585172ca50df6af4
5d2224ca29d8b6f9b56bff863843287704ffbbc80c9db432229b19e8c803054c
5d37638ca8c572b3a95105601f702819ed42929a00e083bb6779fc79cf226ff5
5e8e5fe8bda51e143511122e4296e652c905e0e7445cad6e3b79365eafaa7f0d
5ed23f980d797bea902aa18ce23428b78abaed0a34a8b812399f18e8f37b2aa7
60ae6a4bb71a75329fc3c3e5616989c9f855c27dbbc9c5c2f1e05523f3fdd579
60e23c4314a7ee70ef63dea783dbd82bdec94cb16e7b2f9f16cd87d69eddb1c4
627c7e9b49b30fbb960cb98a768dea6a9bac5ef49579dd439bf9f277b0e3cb9f
62d9dd790ecf0e613f9675fb2870fc437a39ac6978afdfbad86c92eb0cf2010f
62f586be8571b23584eb4a60a45a3157ff7c8388b1b1e3b4e8890e243b3e47de
6627c5ab36fa407f18fc9b6987e359eccef005ae6d35b370d2142b7daa770324
68c886e13e3f8d1632a3bd2a0572d66f8a69cea1df3fa277ca6504950afe7a11
68db56694a535862ad3cf1a48b77e46792eebc2a8fb5de03536af5225c3872c8
6a52dd58d7afae1b6bb657cbe920e39e8bad4b789b9f7a726bb499ffa34c966b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6e551d131eeec66f83636c0c145ffffc17c1f360d7c983553e1d4b0040ff499e
6eb37b20488927e3fcce743122c1922e6a87a2c6aa3be6c2d5a35e4615bb39a0
6fda9f9bd1fd7d841d00a5a81f0c3c1ead0a1aa207dcc4fc46fb7a0c990aeb7f
7265ff1176257749a6a740d77ba4ef758f675b8e606636baf8c4a1321331aad6
73bab331f32e9f7c9119b041a1e57138effe0d5b675d8830a63f4a61dc505ce3
76d24fe2a04cda554a4f2205582e7e4e0261dee22017e701d6ab78757082f536
76dabcd9465d05cf69f06551b55987cf87b3e0aaa6de109158207c4be55143c7
76db8eaafd56a116fa9f722f596da45b0ef936a6975861fe6b481fe3bccd2398
77eed0056cd7e2c43bfc9c23198628c4a0a396807feb3e97e6b8958d4e25aec1
79297cf1e36e4e293f4c1d0d7a2761cef47e79c6696c56449ea6e6461f0059ab
7936d1418d32945c9bed70884d751c790d2f73163d91c94ca0381837bacb2009
7ae1459d3342efa79e04c534cf0a447e0c2dc68b89bc8f94aa74943e3ff23d11
7b6ba525cf92a2c989611639dd4d593bb898b6a4028d1b385e28fac5a3baf69d
7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551
7db451749b00f969e3891c8a04d4ff6db363eaed48749ddfc6d956e7632fd1d2
8075a7a142a8797313394bdf757c4d028aeea271fff5ed41deeb02b38fa4a66b
80fcbd06bbf276b74b41aa77405ffd52243587afb254d1efa88027c33fbba932
814aeb7e502572c5bd7a51b23b2e6a71c86cffb040621c4fa7dfe11f4a9d4499
834be1b4f54d76d208b8c39a6f039a82077dfefaf4ab90b23c05c3d312550a0b
8431f4973d02bcceeadba217953b9a058dad0b1d958f9ba25f9fccfe95d7ae42
85eb44416cc1c0c3312fc9bf0e6bb210a105a9dab0534cc376529084bebdafdf
867648537d0d4c40c432f51192e4350e420d8787c35cb2cd27ab4ccce74cee27
870fdd4f125f70d7ae5384fa882f0a8f2a592795e511d6ac9af0b1fc332752ca
8716edfd746386aa5c49a0e03af716e21389f30483b1ee0db9be3badb6f9d5f9
884c4cba946fc8a2c5479e4abb423711013a05af259ac7a7a31cafdb9d0e7dd1
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8ae04937b6b02b73852788c552bc016bd0c8deaa219d39b935e03c30bce61b51
8cdc9df7424edf2a019314a902d6433a6976bcda21040cf187bbe30116622675
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
90451ba3e82cd9db02f0ca76bd45d0ab5ef7e90a49da4215903cb7f08471e2e7
90f036d54f7b60cd96d4ee3f09c04957c7ccd5140c1131f7b75d947c02da4b16
911c88016cb7ca3086754b998282fb807dba429f740f05704a0dbc6d3b1c18cc
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
9529e4846128a014cca063f29a81415d01e1c326cfb81969f0d517db5b7e320f
9793005511de088264cc93f17db86dc7f015180f3fd67ee584c956e2c3753598
98c46f91bb0d2b1658a9651e858bb2dcccc58eb337b9b76aa4c357889b648978
9a617ad74b82f44bc7ec6ac1adefd54840009de92c1fa3214e32f5d631027dc9
9c41ba408efaf3a7a36099370bc814e38b0afd42229fa9e0e6040740620c85c0
9d7ae5b7196c72a8c09f3a766e06e61b2ef1d6192076016838b479136435b678
9e314a4fc391de1006c05d42d614ed2aabc5a1632c822413351e336842e08898
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
a13f3c3dcb44fb06ebef144bdcab443dfa3caf927312b3b2273f209c5ac69723
a2a8b48415cbae7e8cd24426b36c823726c634ad4b9a1eddac7f8c2a27012590
a2d901cca4fffbae43e7ba04da2a3332d9389493d008a90fc0f2705a500d1f46
a326b2c6a86790765d328c376b840ff9b5ada7314fe625e268f7a75cb6d76c75
a36a064a814fccc47471689efa2d0828f15f5035210044696f4cc118f29e46a5
a7193b4a580e14658a91dd634cc0ef32ebccae115e311886a993b5e07ca5102d
a7cdda380c16b607ff32de8509e79209a1675b1e0a88643570040366249fcf8e
a933c89b2505034026bcb7ef5e61486c81fe28a4b1c55e893965e61d6a9cce1c
a983ad51efe8436d7838208f6bf22878e7b271ead555e87136ddf76ff917db61
aaecd144d2b8763b2fa5c91f09778294363cef363c10504205f4203922644d11
abd7f3961a0bbdfd9823fa142302d437c7181f22b58864f98b01d932f5f8684b
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
b003b4bb9f910d93e4f42f609cc96dff2fe12888d3caaf9dea8b17c6b0901c9a
b1187995a6a31ed3a06d13bae8d36edcc63782f5764897a5a62703d2d6cb840c
b14701931e145ec735d777345c0ece29b81ffcd16d3faa1157e66b203422b42a
b1b87559ce34030ea79b41e9b7e03c709aa204d626d2a84af70e166e0c85ae32
b35b2be4ec32c5e6207efcb232e5a61c1235a81e1a770c0467e24340c9b55415
b36d838681171ab6906d3206d2fd6cc17a7a7a5867213c7595fe0865aeb9e969
b4c142fe4847fcb3771d185abeca6a24145dc26e2185b02d8b7288ba505abc82
b790e0e178dbeece1b700c81d1bbce2f12f3d6bd41a8c728b7ed5674e4c54e13
b7ad0804b9b70dc7ce4fe127a9eacad4a75d7918759ce8d47a88bf574b0a2ed5
b89869c69a0a9dff0bf334cbbe511c2c8aaafc1d64f9f4a1507699212dcdcccb
b95b7840dd4e76f60f9b3d9c3a7dcff21135b740611568ab4044853964694fec
baf04ff369a96d4bb7228e99a65163de20845bf23826295dd3471afd3cee9ee5
bcef5f4b2cd26bcee39e750e042a629af71e04bd3f591bcdd75bf969d45bccbf
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6
bd33ffebb82d0e70371aedd27d79a993c98b29fb0d5e3d8c99c376cc9d57414d
bedd1d8dae422fb1a6366f3ab4f2f556bc61cba7171af40662ca80a710e14234
c074da4fbf0575ebc8ef7221e0d7748b97ec7cda5b8b43de7506be913800557a
c12ad48662df927beeef1d9e57a7e9e8055ea2c578cedc962441858481879656
c3cf6b27b670f815b99dd0213928c7cb69f4af0a50e237e24e1c2b0b7b0d88f6
c5ba89766067fcb53558dff3208b4fe427dafacb18b42d9e748bb76fd9884c8b
c8cb742dbb60decab090cf738bfef2d8a780141573e9a2a3854bf3f78919faed
c91e2af7df1a9d8a403108592949a68b78ccbb50c38561aeb4cd1d107ebed276
c9438bf6c7a6122ea18edeb717850798c337311b634d1ab61c374f5e92e08a2a
c9afd43fdd55149ce4095d4755bc6f9c18148b9823ff0bdb8719920e9b3689e0
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cca29113cd10c5921e1f09aa4a3f224b50a2dd4b0937222de5dd0a759f164ea1
cca8adf06f9a3f619c20df56302170ecc928c4f3f54c82b6765fb6e2a2e4919f
cdc896b90d2fe7be561b62ba541584a2505aabc80a8f5e14180b61c60bfa9432
cdf3f88beb166e98d2656e957b247c886d1702027559a290e74a02d58d950c8c
cf6325a39372b1807ddab19a616181ec30db1eb8960ee8bf86d50cc92c1c60d8
d09e06781c7912d734e3626706742a4052e41c1614a21e05f085213764700dec
d16858f057b587a1f2c36ab965d15872711796ff79c2520fd84003fd8d303f2f
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
d3110f199d22d9d122a62c288cca3b3c80edccdb2979c02bcbfa0602a7b88039
d55ea5e4e837c0fc271ecc5fa3500b8d6c283bef9fcea0e1c9f58e5249568fc3
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc
d82439f1cc267511ad24334015165ee5a382a7e6ba8164d6de02404664be324a
d8367202cbdf6d9122d43ac2b69a31aca40c9b5a9219894891a78f5fd63898ca
d863a47b3033692aa415151ecf5350f2c83ddbc984cac07e774df97ccddc0975
d9f2778c47db32b56109a39c8c3393b7e213095aa043df32153367708a50dcd0
da676d4b5954b3c4c7c170151b9750e4289b4325caf7a92736d96a7f5d8394a0
da9002923af8cb51f30fcf38f9a6d4836d59cd8f77b8387652f21eb9a0273804
dde5dcb02f349d5cd1f36d6afe709ddfd5713b27129dbae727f456cde6582883
deb10458d1857757ff3e3539a7f16c22125c8cac0fc88a541958228d841aecd0
e175230f4b01fe10db90b19b9893d3ee21f6cca46da1aca166983aff7ff6fc7d
e2729d784506f6776f8b94c8046ee6a7b2eb409d48f26c9c6609bfa3e64bdfe4
e2db0db0492984419389e4bfeca236bbbe527cd3ffcd626fab71d156a3b8a3bf
e36c7ea599f1f0c2c2eab3832e151605e0d86c04ce9bf63688ba75414aa5524c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e4fb9ec457f5cd0e37f85568514d1554a70269c025f082921d24b851e55f175d
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5e5484e32e75103eddb9c2a422c43c74b6323d90cf438d5f4e09271d6e4c982
e6663a15ba588e2aefc9628eaa5755e740f7a31c3caff63430d14248f53281ff
e725f24120d6f9c0523d6dbf68876df32ffb2e17d08334beacdaac05d39e2977
e7f029ecf0a7e7531e5275c903bfdff12dc144ee767aea3603965d9cbbc98b33
eee5613d4b9ac3edb6c2c077c33e5581ba17109038e562c907d0eb4b24f10e58
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f000df796debd07faa29d809c48dee602de4144bec3dc1384e58da1ab5ac21cd
f27b4cdbd821100765224a52c7c8d544fa9fdd6d0aba21015eb66c11735e0989
f300e3e74fd9be18039e3869d57d0e12e42f53a5ca542a14e75b459e1252af80
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f4273d1ea3b52e8569b674627874e66e4807ae16e7eb16ac770863a68d23753f
f73eb3f58480204fb870966c8f80760bfed6205ea8d28f5774ece87037b5d49e
f8055ce309652266d3e3930cdb3b624fa03263a362e03976fd83bc6f7bdf9222
f883ac1ff4bb4a60ccf481ff2f9231b07dcb0bb82c64b8c6f96f5b91e152da9c
fa266a03f44fb0e6632bf588915b9a5f3447fec5cad3e198f250685bab7214dc

www.denverpost.com 192.0.66.2 Public Scan Open in urlscan Pro

Internal

Effective Hostname

Submitted URL

Effective URL Pivot

Effective IP

Summary

urlscan.io Verdict: No classification

Domain & IP information

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

ASN Lookup

IP Lookup

www.denverpost.com
192.0.66.2 Public Scan Open in urlscan Pro