ktla.com Open in urlscan Pro
192.0.66.128 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ktla.com/news/california/nasa-employee-admits-to-defrauding-covid-19-programs-to-fund-illegal-weed-operat...
Submission: On July 25 via manual (July 25th 2023, 6:29:11 am UTC) from US — Scanned from US

Summary HTTP 118 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 37 IPs in 2 countries across 30 domains to perform 118 HTTP transactions. The main IP is 192.0.66.128, located in San Francisco, United States and belongs to AUTOMATTIC, US. The main domain is ktla.com. The Cisco Umbrella rank of the primary domain is 60333.
TLS certificate: Issued by R3 on June 1st 2023. Valid for: 3 months.

This is the only time ktla.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3	192.0.66.128 192.0.66.128	2635 (AUTOMATTIC) (AUTOMATTIC)
26	2607:f8b0:400... 2607:f8b0:4006:816::2001	15169 (GOOGLE) (GOOGLE)
1	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
3	2607:f8b0:400... 2607:f8b0:4006:824::2003	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:80d::2003	15169 (GOOGLE) (GOOGLE)
4	173.223.57.118 173.223.57.118	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2607:f8b0:400... 2607:f8b0:4006:80c::2002	15169 (GOOGLE) (GOOGLE)
8	34.107.213.183 34.107.213.183	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	108.138.126.121 108.138.126.121	16509 (AMAZON-02) (AMAZON-02)
1	44.240.52.117 44.240.52.117	16509 (AMAZON-02) (AMAZON-02)
2	104.19.149.54 104.19.149.54	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.1.200.9 52.1.200.9	14618 (AMAZON-AES) (AMAZON-AES)
1 2	18.164.96.18 18.164.96.18	16509 (AMAZON-02) (AMAZON-02)
1 1	100.21.234.211 100.21.234.211	16509 (AMAZON-02) (AMAZON-02)
1	18.211.18.109 18.211.18.109	14618 (AMAZON-AES) (AMAZON-AES)
1	100.24.76.129 100.24.76.129	14618 (AMAZON-AES) (AMAZON-AES)
1	35.241.9.51 35.241.9.51	15169 (GOOGLE) (GOOGLE)
1	68.67.179.87 68.67.179.87	29990 (ASN-APPNEX) (ASN-APPNEX)
1	34.107.254.252 34.107.254.252	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
7	2607:f8b0:400... 2607:f8b0:4006:820::2002	15169 (GOOGLE) (GOOGLE)
19	151.101.1.44 151.101.1.44	54113 (FASTLY) (FASTLY)
1	2620:100:a001::c 2620:100:a001::c	19750 (AS-CRITEO) (AS-CRITEO)
3	23.199.49.95 23.199.49.95	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2607:f8b0:400... 2607:f8b0:4006:80d::200a	15169 (GOOGLE) (GOOGLE)
3 8	23.201.24.168 23.201.24.168	16625 (AKAMAI-AS) (AKAMAI-AS)
1	141.226.124.48 141.226.124.48	200478 (TABOOLA-AS) (TABOOLA-AS)
2	2607:f8b0:400... 2607:f8b0:4006:80b::2002	15169 (GOOGLE) (GOOGLE)
1 2	142.250.72.98 142.250.72.98	15169 (GOOGLE) (GOOGLE)
2 2	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1 1	74.119.119.150 74.119.119.150	19750 (AS-CRITEO) (AS-CRITEO)
1 1	2600:1f18:4e9... 2600:1f18:4e9:5a01:7b32:ed2c:a71c:1e11	14618 (AMAZON-AES) (AMAZON-AES)
2 2	34.229.3.43 34.229.3.43	14618 (AMAZON-AES) (AMAZON-AES)
1	2a02:6ea0:c40... 2a02:6ea0:c400::11	60068 (CDN77 ^_^) (CDN77 ^_^)
1	173.223.57.84 173.223.57.84	16625 (AKAMAI-AS) (AKAMAI-AS)
1	35.190.60.146 35.190.60.146	15169 (GOOGLE) (GOOGLE)
1	13.225.214.50 13.225.214.50	16509 (AMAZON-02) (AMAZON-02)
1	52.71.200.83 52.71.200.83	14618 (AMAZON-AES) (AMAZON-AES)
1	34.193.236.118 34.193.236.118	14618 (AMAZON-AES) (AMAZON-AES)
1	100.24.249.94 100.24.249.94	14618 (AMAZON-AES) (AMAZON-AES)
2	2607:f8b0:400... 2607:f8b0:4006:81f::2003	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:81f::2002	15169 (GOOGLE) (GOOGLE)
118	37

3 192.0.66.128 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

ktla.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2607:f8b0:4006:816::2001 (Stony Point, United States)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
474b8a24e7e185dd989227e0109409ad.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:824::2003 (Stony Point, United States)

ASN15169 (GOOGLE, US)

d-3786596282526573553.ampproject.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:80d::2003 (Stony Point, United States)

ASN15169 (GOOGLE, US)

3p.ampproject.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 173.223.57.118 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a173-223-57-118.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80c::2002 (Stony Point, United States)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 34.107.213.183 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 183.213.107.34.bc.googleusercontent.com

nexstar.amp.permutive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 108.138.126.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-126-121.jfk50.r.cloudfront.net

aax.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.240.52.117 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-240-52-117.us-west-2.compute.amazonaws.com

api.segment.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.19.149.54 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.permutive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.1.200.9 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-1-200-9.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.164.96.18 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-18.jfk50.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 100.21.234.211 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-100-21-234-211.us-west-2.compute.amazonaws.com

uaid-linkage.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.211.18.109 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-211-18-109.compute-1.amazonaws.com

5326663b794e3aba0de57d9529c35a4c.redinuid.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 100.24.76.129 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-100-24-76-129.compute-1.amazonaws.com

cloudapi.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.9.51 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 51.9.241.35.bc.googleusercontent.com

3a6b0682-f3e1-4576-a706-5eb4101b9cc3.prmutv.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 68.67.179.87 (North Bergen, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.254.252 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 252.254.107.34.bc.googleusercontent.com

api.permutive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f8b0:4006:820::2002 (Stony Point, United States)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 151.101.1.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:100:a001::c (United States)

ASN19750 (AS-CRITEO, US)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.199.49.95 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-199-49-95.deploy.static.akamaitechnologies.com

t.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80d::200a (Stony Point, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 23.201.24.168 (New York, United States) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-201-24-168.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.124.48 (Chicago, United States)

ASN200478 (TABOOLA-AS, IL)

ch-trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:80b::2002 (Stony Point, United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.72.98 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s32-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.223.40.198 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 74.119.119.150 (United States) 1 redirects

ASN19750 (AS-CRITEO, US)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:4e9:5a01:7b32:ed2c:a71c:1e11 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.229.3.43 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-229-3-43.compute-1.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c400::11 (New York, United States)

ASN60068 (CDN77 ^_^, GB)

load77.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.223.57.84 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a173-223-57-84.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.214.50 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-214-50.ewr50.r.cloudfront.net

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.71.200.83 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-71-200-83.compute-1.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.193.236.118 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-193-236-118.compute-1.amazonaws.com

sync.springserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 100.24.249.94 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-100-24-249-94.compute-1.amazonaws.com

bob.dmpxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81f::2003 (Stony Point, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:81f::2002 (Stony Point, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 879 trc.taboola.com — Cisco Umbrella Rank: 611 ch-trc-events.taboola.com — Cisco Umbrella Rank: 3811 images.taboola.com — Cisco Umbrella Rank: 1806	663 KB
15	teads.tv 3 redirects a.teads.tv — Cisco Umbrella Rank: 1460 t.teads.tv — Cisco Umbrella Rank: 2468 sync.teads.tv — Cisco Umbrella Rank: 1361	267 KB
15	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 438	241 KB
13	googlesyndication.com 474b8a24e7e185dd989227e0109409ad.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 153 pagead2.googlesyndication.com — Cisco Umbrella Rank: 134	78 KB
11	permutive.com nexstar.amp.permutive.com — Cisco Umbrella Rank: 48976 cdn.permutive.com — Cisco Umbrella Rank: 2738 api.permutive.com — Cisco Umbrella Rank: 2013	266 KB
9	doubleclick.net 1 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 208 cm.g.doubleclick.net — Cisco Umbrella Rank: 242	114 KB
7	ampproject.net d-3786596282526573553.ampproject.net 3p.ampproject.net — Cisco Umbrella Rank: 6707	36 KB
4	amazon-adsystem.com aax.amazon-adsystem.com — Cisco Umbrella Rank: 460	2 KB
3	exelator.com 2 redirects loadm.exelator.com — Cisco Umbrella Rank: 1671 load77.exelator.com — Cisco Umbrella Rank: 4097	2 KB
3	imrworldwide.com 1 redirects uaid-linkage.imrworldwide.com — Cisco Umbrella Rank: 31085 5326663b794e3aba0de57d9529c35a4c.redinuid.imrworldwide.com cloudapi.imrworldwide.com — Cisco Umbrella Rank: 19116	934 B
3	ktla.com ktla.com — Cisco Umbrella Rank: 60333	241 KB
2	gstatic.com www.gstatic.com fonts.gstatic.com	48 KB
2	adsrvr.org 2 redirects match.adsrvr.org — Cisco Umbrella Rank: 384	936 B
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 207	113 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 82	2 KB
2	criteo.com 1 redirects gum.criteo.com — Cisco Umbrella Rank: 437 dis.criteo.com — Cisco Umbrella Rank: 607	820 B
2	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 154	1002 B
1	dmpxs.com bob.dmpxs.com — Cisco Umbrella Rank: 10773	255 B
1	springserve.com sync.springserve.com — Cisco Umbrella Rank: 3325	206 B
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 639	338 B
1	agkn.com aa.agkn.com — Cisco Umbrella Rank: 538	656 B
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 428
1	bluekai.com tags.bluekai.com — Cisco Umbrella Rank: 665	498 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 470	598 B
1	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 244	581 B
1	prmutv.co 3a6b0682-f3e1-4576-a706-5eb4101b9cc3.prmutv.co — Cisco Umbrella Rank: 22760	224 B
1	chartbeat.net ping.chartbeat.net — Cisco Umbrella Rank: 1215	201 B
1	segment.io api.segment.io — Cisco Umbrella Rank: 1078	166 B
1	google.com adservice.google.com — Cisco Umbrella Rank: 117	477 B
1	wp.com pixel.wp.com — Cisco Umbrella Rank: 2531	126 B
118	30

	Domain	Requested by
15	cdn.ampproject.org	ktla.com cdn.ampproject.org
12	images.taboola.com
8	tpc.googlesyndication.com	474b8a24e7e185dd989227e0109409ad.safeframe.googlesyndication.com
8	sync.teads.tv	3 redirects a.teads.tv sync.teads.tv
8	nexstar.amp.permutive.com	cdn.ampproject.org
7	securepubads.g.doubleclick.net	cdn.ampproject.org 474b8a24e7e185dd989227e0109409ad.safeframe.googlesyndication.com www.googletagservices.com
5	cdn.taboola.com	3p.ampproject.net d-3786596282526573553.ampproject.net cdn.taboola.com
4	aax.amazon-adsystem.com	cdn.ampproject.org
4	a.teads.tv	cdn.ampproject.org 3p.ampproject.net a.teads.tv
4	3p.ampproject.net	cdn.ampproject.org d-3786596282526573553.ampproject.net
3	t.teads.tv	d-3786596282526573553.ampproject.net
3	474b8a24e7e185dd989227e0109409ad.safeframe.googlesyndication.com	cdn.ampproject.org
3	d-3786596282526573553.ampproject.net	cdn.ampproject.org
3	ktla.com	ktla.com
2	pagead2.googlesyndication.com	ktla.com www.googletagservices.com
2	loadm.exelator.com	2 redirects
2	match.adsrvr.org	2 redirects
2	cm.g.doubleclick.net	1 redirects sync.teads.tv
2	www.googletagservices.com	474b8a24e7e185dd989227e0109409ad.safeframe.googlesyndication.com
2	fonts.googleapis.com	cdn.ampproject.org 474b8a24e7e185dd989227e0109409ad.safeframe.googlesyndication.com
2	trc.taboola.com	cdn.taboola.com
2	sb.scorecardresearch.com	1 redirects
2	cdn.permutive.com	nexstar.amp.permutive.com cdn.permutive.com
1	fonts.gstatic.com	fonts.googleapis.com
1	www.gstatic.com	474b8a24e7e185dd989227e0109409ad.safeframe.googlesyndication.com
1	bob.dmpxs.com	474b8a24e7e185dd989227e0109409ad.safeframe.googlesyndication.com
1	sync.springserve.com	sync.teads.tv
1	beacon.krxd.net	sync.teads.tv
1	aa.agkn.com	sync.teads.tv
1	idsync.rlcdn.com	sync.teads.tv
1	tags.bluekai.com	sync.teads.tv
1	load77.exelator.com	sync.teads.tv
1	pr-bh.ybp.yahoo.com	1 redirects
1	dis.criteo.com	1 redirects
1	ch-trc-events.taboola.com
1	gum.criteo.com	cdn.taboola.com
1	api.permutive.com	cdn.permutive.com
1	ib.adnxs.com	cdn.permutive.com
1	3a6b0682-f3e1-4576-a706-5eb4101b9cc3.prmutv.co	cdn.permutive.com
1	cloudapi.imrworldwide.com
1	5326663b794e3aba0de57d9529c35a4c.redinuid.imrworldwide.com
1	uaid-linkage.imrworldwide.com	1 redirects
1	ping.chartbeat.net
1	api.segment.io
1	adservice.google.com	cdn.ampproject.org
1	pixel.wp.com	ktla.com
118	46

This site contains links to these domains. Also see Links.

Domain
www.justice.gov

Subject Issuer	Validity	Valid
ktla.com R3	`2023-06-01` - `2023-08-30`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.wp.com Sectigo ECC Domain Validation Secure Server CA	`2022-11-14` - `2023-12-15`	a year	crt.sh
teads.tv R3	`2023-06-26` - `2023-09-24`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.amp.permutive.com R3	`2023-06-06` - `2023-09-04`	3 months	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01	`2023-03-16` - `2024-03-08`	a year	crt.sh
*.segment.io Amazon RSA 2048 M01	`2023-02-10` - `2024-02-10`	a year	crt.sh
permutive.com Cloudflare Inc ECC CA-3	`2023-01-26` - `2024-01-25`	a year	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2022-12-19` - `2023-12-30`	a year	crt.sh
*.imrworldwide.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-03` - `2024-02-03`	a year	crt.sh
*.prmutv.co R3	`2023-06-06` - `2023-09-04`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
api.permutive.com R3	`2023-06-17` - `2023-09-15`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-18`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
odc-pixel-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-07` - `2024-02-08`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
*.agkn.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2022-09-06` - `2023-09-21`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2023-04-14` - `2024-04-12`	a year	crt.sh
*.dmpxs.com Amazon RSA 2048 M01	`2023-02-28` - `2024-01-07`	10 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://ktla.com/news/california/nasa-employee-admits-to-defrauding-covid-19-programs-to-fund-illegal-weed-operation/amp/
Frame ID: 3FD3CD9C33A527649594C46502D0FB3D
Requests: 47 HTTP requests in this frame

Frame: https://nexstar.amp.permutive.com/amp-iframe.html?project=3a6b0682-f3e1-4576-a706-5eb4101b9cc3&key=fc894c11-5ec8-48d7-b952-0a3aefdb3968
Frame ID: 3DD3D3DD0FA01E4DBB00F2583B6E3FFC
Requests: 8 HTTP requests in this frame

Frame: https://d-3786596282526573553.ampproject.net/2307052224000/frame.html
Frame ID: 762A35660B640B90B41210D33F7B589F
Requests: 8 HTTP requests in this frame

Frame: https://d-3786596282526573553.ampproject.net/2307052224000/frame.html
Frame ID: B0D48C158E83070805891D5EE3CB12A2
Requests: 23 HTTP requests in this frame

Frame: data://truncated
Frame ID: 11CD52236DB3D7C68E909D6267FD49F3
Requests: 1 HTTP requests in this frame

Frame: https://sync.teads.tv/iframe?pid=148656&gdprIab={%22reason%22:250,%22status%22:25,%22consent%22:%22%22,%22apiVersion%22:null,%22cmpId%22:null}&fromFormat=true&env=js-amp&auctid=f32108e5-1d16-4c36-9116-be41df2f4e32&vid=cd3c203d-602f-4257-92c8-49a7fceca255&1690266546109
Frame ID: 3A9904FF387B1DC0F27A1752E73DF7AA
Requests: 12 HTTP requests in this frame

Frame: https://474b8a24e7e185dd989227e0109409ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: 04A389FD88EE5B83CA03EB142E72EAE9
Requests: 8 HTTP requests in this frame

Frame: https://474b8a24e7e185dd989227e0109409ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Frame ID: 127A175FEB55047964392538BD8BBA67
Requests: 16 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/jSb6HqOEQjzv91X74bVaduN6Su8C1pNfo89i8sAbrkg.js
Frame ID: 50BC86D37AC6837229A92D3063235F43
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

NASA employee admits to COVID-19 fraud to fund illegal cannabis cultivation

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

chartbeat\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Lightbox (JavaScript Libraries) Expand

Page Statistics

118
Requests

91 %
HTTPS

29 %
IPv6

30
Domains

46
Subdomains

37
IPs

2
Countries

2075 kB
Transfer

6844 kB
Size

30
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.justice.gov/disaster-fraud/ncdf-disaster-complaint-form
Title: online

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 34

https://sb.scorecardresearch.com/p?c1=2&c2=6036439&cs_ucfr=&cs_amp_consent=&cs_pv=2646&c12=amp-PrPPLQtFh8rksTLu6gea0A&rn=0.1008590229974804&c8=NASA%20employee%20admits%20to%20COVID-19%20fraud%20to%20fund%20illegal%20cannabis%20cultivation&c7=https%3A%2F%2Fktla.com%2Fnews%2Fcalifornia%2Fnasa-employee-admits-to-defrauding-covid-19-programs-to-fund-illegal-weed-operation%2F&c9=&cs_c7amp=https%3A%2F%2Fktla.com%2Fnews%2Fcalifornia%2Fnasa-employee-admits-to-defrauding-covid-19-programs-to-fund-illegal-weed-operation%2Famp%2F&comscorekw=amp HTTP 302
https://sb.scorecardresearch.com/p2?c1=2&c2=6036439&cs_ucfr=&cs_amp_consent=&cs_pv=2646&c12=amp-PrPPLQtFh8rksTLu6gea0A&rn=0.1008590229974804&c8=NASA%20employee%20admits%20to%20COVID-19%20fraud%20to%20fund%20illegal%20cannabis%20cultivation&c7=https%3A%2F%2Fktla.com%2Fnews%2Fcalifornia%2Fnasa-employee-admits-to-defrauding-covid-19-programs-to-fund-illegal-weed-operation%2F&c9=&cs_c7amp=https%3A%2F%2Fktla.com%2Fnews%2Fcalifornia%2Fnasa-employee-admits-to-defrauding-covid-19-programs-to-fund-illegal-weed-operation%2Famp%2F&comscorekw=amp

Request Chain 35

https://uaid-linkage.imrworldwide.com/cgi-bin/gn?prd=session&c13=asid,P8011D710-FB5F-4467-95AF-25731737F2EF&sessionId=amp-xF7eZTEhJdDp-l11RZ_Icg_2646&pingtype=4&enc=false&c61=createtm,1690266544742&rnd=0.6521127789074208 HTTP 302
https://5326663b794e3aba0de57d9529c35a4c.redinuid.imrworldwide.com/capi?url=

Request Chain 77

https://sync.teads.tv/um?eid=3&fp=1&uid=&vid=cd3c203d-602f-4257-92c8-49a7fceca255&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D&gdpr=0&gdpr_consent=&_t=1690266546298 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=Y2QzYzIwM2QtNjAyZi00MjU3LTkyYzgtNDlhN2ZjZWNhMjU1

Request Chain 78

https://match.adsrvr.org/track/cmf/generic?ttd_pid=teads&ttd_tpi=1&gdpr=0&gdpr_consent=&_t=1690266546298 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=teads&ttd_tpi=1&gdpr=0&gdpr_consent=&_t=1690266546298 HTTP 302
https://sync.teads.tv/um?eid=22&uid=0a438c29-0da2-460a-80f0-898143f551c4&gdpr=0&gdpr_consent=

Request Chain 79

https://dis.criteo.com/dis/usersync.aspx?r=79&p=145&cp=teads&cu=1&url=https%3A%2F%2Fsync.teads.tv%2Fum%3Ffp%3D1%26eid%3D80%26uid%3D%40%40CRITEO_USERID%40%40&gdpr=0&gdpr_consent=&_t=1690266546298 HTTP 302
https://sync.teads.tv/um?fp=1&eid=80&uid=745e32ad-29c8-474d-a43b-443d2f2e89ab&gdpr=0&gdpr_consent=

Request Chain 80

https://pr-bh.ybp.yahoo.com/sync/teads/cd3c203d-602f-4257-92c8-49a7fceca255?gdpr=0&gdpr_consent=&_t=1690266546298 HTTP 302
https://sync.teads.tv/um?eid=132&uid=y-V9C095JE2oSOuX0hlF_UuYg8Ebyxz4Ez33o-~A

Request Chain 81

https://loadm.exelator.com/load/?p=204&g=810&j=0&buid=cd3c203d-602f-4257-92c8-49a7fceca255_us_us&gdpr_consent=&_t=1690266546298 HTTP 302
https://loadm.exelator.com/load/?p=204&g=810&j=0&buid=cd3c203d-602f-4257-92c8-49a7fceca255_us_us&gdpr_consent=&_t=1690266546298&xl8blockcheck=1 HTTP 302
https://load77.exelator.com/pixel.gif

Request Chain 86

https://sync.teads.tv/um?fp=1&ssb_provider_id=1&uid=&vid=cd3c203d-602f-4257-92c8-49a7fceca255&fb=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000024%26uuid%3D%5BVID%5D&gdpr=0&gdpr_consent=&_t=1690266546298 HTTP 302
https://sync.springserve.com/usersync?aid=1000024&uuid=cd3c203d-602f-4257-92c8-49a7fceca255

Request Chain 87

https://sync.teads.tv/um?fp=1&ssb_provider_id=3&google_nid=teadstv_ab&uid=&vid=cd3c203d-602f-4257-92c8-49a7fceca255&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&gdpr=0&gdpr_consent=&_t=1690266546298 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=Y2QzYzIwM2QtNjAyZi00MjU3LTkyYzgtNDlhN2ZjZWNhMjU1 HTTP 302
https://sync.teads.tv/um/report?ssb_provider_id=3&google_nid=teadstv_ab&fp=1

118 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
ktla.com/news/california/nasa-employee-admits-to-defrauding-covid-19-programs-to-fund-illegal-weed-operation/amp/ 35 KB
10 KB 20ms
3ms Document
text/html 192.0.66.128
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://ktla.com/news/california/nasa-employee-admits-to-defrauding-covid-19-programs-to-fund-illegal-weed-operation/amp/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.128 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx / WordPress VIP <https://wpvip.com>
Resource Hash: ca7a3967ff9651151a28b3a5f270a56cde8283eb40a6686467183ba9f8fc829d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 351
cache-control: private, no-store
content-encoding: gzip
content-length: 9847
content-type: text/html; charset=UTF-8
date: Tue, 25 Jul 2023 06:29:04 GMT
host-header: a9130478a60e5f9135f765b23f26593b
link: <https://ktla.com/wp-json/>; rel="https://api.w.org/" <https://ktla.com/wp-json/wp/v2/posts/2489039>; rel="alternate"; type="application/json" <https://ktla.com/?p=2489039>; rel=shortlink
server: nginx
x-cache: hit
x-hacker: If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
x-powered-by: WordPress VIP <https://wpvip.com>
x-rq: jfk2 85 187 443

GET
H2 200 v0.js Show response
cdn.ampproject.org/ 277 KB
71 KB 44ms
26ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0.js

Requested by

Host: ktla.com
URL: https://ktla.com/news/california/nasa-employee-admits-to-defrauding-covid-19-programs-to-fund-illegal-weed-operation/amp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4c37f74951f66c1947f586a78cee7ee48211226ef5d7a75c5735c73dfb586c9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ktla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Tue, 25 Jul 2023 06:29:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72888
x-xss-protection: 0
server: sffe
etag: "03bc649404a9850f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3000, stale-while-revalidate=1206600
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 25 Jul 2023 06:29:04 GMT

GET
H2 200 amp-ad-0.1.js Show response
cdn.ampproject.org/v0/ 82 KB
24 KB 38ms
20ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-ad-0.1.js

Requested by

Host: ktla.com
URL: https://ktla.com/news/california/nasa-employee-admits-to-defrauding-covid-19-programs-to-fund-illegal-weed-operation/amp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c45a23bfb4219abac5d0b559dfe17a6b0243e76b10f1100e63009c4d8244d628

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ktla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Tue, 25 Jul 2023 06:29:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23120
x-xss-protection: 0
server: sffe
etag: "13e27c5c3e81d26b"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 25 Jul 2023 06:29:04 GMT

GET
H2 200 amp-sticky-ad-1.0.js Show response
cdn.ampproject.org/v0/ 40 KB
10 KB 40ms
22ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-sticky-ad-1.0.js

Requested by

Host: ktla.com
URL: https://ktla.com/news/california/nasa-employee-admits-to-defrauding-covid-19-programs-to-fund-illegal-weed-operation/amp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c41fc4288f7c6003f1456f50beeb30726aea3bba3655a3c0bf137c2899992288

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ktla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Tue, 25 Jul 2023 06:29:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10347
x-xss-protection: 0
server: sffe
etag: "59414361c8ed98c7"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 25 Jul 2023 06:29:04 GMT

GET
H2 200 amp-analytics-0.1.js Show response
cdn.ampproject.org/v0/ 110 KB
31 KB 46ms
29ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-analytics-0.1.js

Requested by

Host: ktla.com
URL: https://ktla.com/news/california/nasa-employee-admits-to-defrauding-covid-19-programs-to-fund-illegal-weed-operation/amp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9250fb90084aef46dd868212d4c01f29d250822859c2f57d59b19549a09767c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ktla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Tue, 25 Jul 2023 06:29:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32104
x-xss-protection: 0
server: sffe
etag: "fc5a7023b69babf1"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 25 Jul 2023 06:29:04 GMT

GET
H2 200 amp-iframe-0.1.js Show response
cdn.ampproject.org/v0/ 25 KB
9 KB 39ms
21ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/v0/amp-iframe-0.1.js

Requested by

Host: ktla.com
URL: https://ktla.com/news/california/nasa-employee-admits-to-defrauding-covid-19-programs-to-fund-illegal-weed-operation/amp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

342fa2269b0fe46d405b331bec919aa9e92b0caf56b784e9591091f73a8cfe91

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ktla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
date: Tue, 25 Jul 2023 06:29:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8931
x-xss-protection: 0
server: sffe
etag: "f61f908a379f0977"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=604800, stale-while-revalidate=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 25 Jul 2023 06:29:04 GMT

GET
DATA 200
OK truncated
/ 84 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 265b35d7c4b4b654a3104411cac5b64289bda6794a40acad59e2acc07e6923a6

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 favicon.png
ktla.com/wp-content/uploads/sites/4/2020/01/ 1 KB
1 KB 4ms
3ms Image
image/webp 192.0.66.128
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ktla.com/wp-content/uploads/sites/4/2020/01/favicon.png?w=32
Requested by: Host: ktla.com
URL: https://ktla.com/news/california/nasa-employee-admits-to-defrauding-covid-19-programs-to-fund-illegal-weed-operation/amp/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.128 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 672b995d583a6ee58d04fdf327d676ae2b4299092a5201e269774bd0d3d7c0ca

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ktla.com/news/california/nasa-employee-admits-to-defrauding-covid-19-programs-to-fund-illegal-weed-operation/amp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 06:29:04 GMT
x-rq: jfk2 102 117 443
last-modified: Sat, 06 May 2023 03:11:09 GMT
server: nginx
etag: "d95459b50206da6d"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1048

GET
H2 200 GettyImages-1138499981.jpg
ktla.com/wp-content/uploads/sites/4/2023/06/ 230 KB
230 KB 5ms
4ms Image
image/webp 192.0.66.128
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ktla.com/wp-content/uploads/sites/4/2023/06/GettyImages-1138499981.jpg?resize=1080,720
Requested by: Host: ktla.com
URL: https://ktla.com/news/california/nasa-employee-admits-to-defrauding-covid-19-programs-to-fund-illegal-weed-operation/amp/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.66.128 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 6bcbc4b8f648abcf614e8e01e6fee71a9a91bbd38443e515eb527a91979dce06

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ktla.com/news/california/nasa-employee-admits-to-defrauding-covid-19-programs-to-fund-illegal-weed-operation/amp/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 06:29:04 GMT
x-rq: jfk2 98 228 443
last-modified: Tue, 25 Jul 2023 01:41:19 GMT
server: nginx
etag: "d845aebb63d0190b"
vary: Accept
x-cache: HIT
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 235206

GET
H3 200 amp-auto-lightbox-0.1.js Show response
cdn.ampproject.org/rtv/012307052224000/v0/ 8 KB
3 KB 19ms
4ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307052224000/v0/amp-auto-lightbox-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d29f048afff7a94c65454d3488f2b6dbe7523683eeba57f0d1ea88bcd9e9a07c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ktla.com/
Origin: https://ktla.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 22 Jul 2023 11:53:16 GMT
age: 239748
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2966
x-xss-protection: 0
server: sffe
etag: "4e4cebbab06b5f09"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 21 Jul 2024 11:53:16 GMT

GET
H2 200 g.gif
pixel.wp.com/ 50 B
126 B 21ms
2ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&j=1%3A11.4&blog=171039071&post=2489039&tz=-7&srv=ktla.com&host=ktla.com&rand=0.33492669880241466&ref=
Requested by: Host: ktla.com
URL: https://ktla.com/news/california/nasa-employee-admits-to-defrauding-covid-19-programs-to-fund-illegal-weed-operation/amp/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ktla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 25 Jul 2023 06:29:04 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H3 200 amp-loader-0.1.js Show response
cdn.ampproject.org/rtv/012307052224000/v0/ 12 KB
4 KB 4ms
4ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307052224000/v0/amp-loader-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1314eecea89ff2884d72978ec67e3c83744fb115db7fcc74922ad65b8f5e186e

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ktla.com/
Origin: https://ktla.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 21 Jul 2023 17:45:13 GMT
age: 305031
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3939
x-xss-protection: 0
server: sffe
etag: "21ee47434b69c418"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 20 Jul 2024 17:45:13 GMT

GET
H3 200 amp-ad-network-doubleclick-impl-0.1.js Show response
cdn.ampproject.org/rtv/012307052224000/v0/ 239 KB
63 KB 5ms
4ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307052224000/v0/amp-ad-network-doubleclick-impl-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a43b9d216d5728ec7a1d9c4d8cc24ab230e88e0f9ac050cce915612ab631432

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ktla.com/
Origin: https://ktla.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 22 Jul 2023 13:48:20 GMT
age: 232844
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64641
x-xss-protection: 0
server: sffe
etag: "86e75884132b5d7c"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 21 Jul 2024 13:48:20 GMT

GET
H2 200 frame.html
d-3786596282526573553.ampproject.net/2307052224000/ 0
0 64ms
21ms Other
text/html 2607:f8b0:4006:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d-3786596282526573553.ampproject.net/2307052224000/frame.html
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:824::2003 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ktla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

GET
H2 200 teads.js
3p.ampproject.net/2307052224000/vendor/ 27 KB
9 KB 41ms
6ms Other
text/javascript 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3p.ampproject.net/2307052224000/vendor/teads.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7be40087e4a6c4ccb2ffc814fe83bd24a3e76fa267fb60ec0d8ec317228bb4f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ktla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 03:11:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 271054
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8947
x-xss-protection: 0
last-modified: Wed, 12 Jul 2023 18:18:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 21 Jul 2024 03:11:30 GMT

GET
H2 200 teads-format.min.js
a.teads.tv/media/format/v3/ 599 KB
131 KB 51ms
5ms Other
text/javascript 173.223.57.118
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/media/format/v3/teads-format.min.js
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.223.57.118 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a173-223-57-118.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d4d6a95e8dd6252c30717fa715d5007ea4c15aa078b6eea84fd74eb8ea5f3310

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ktla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 06:29:04 GMT
content-encoding: br
last-modified: Fri, 21 Jul 2023 09:08:01 GMT
x-amz-request-id: 1ZVPBMFFK4ADZCCR
etag: "3d22c2849c50b446789dabd396cb91fc"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: private, must-revalidate, max-age=1800, no-transform
x-bucket: 5
accept-ranges: bytes
content-length: 133767
x-amz-id-2: zLiWRM+h+SBvezpEdEWeazlUbdpdOMZBgLPIuXUIZwQN0IjQID21832rN880gQ5PFsL/NieMssg=
expires: Tue, 25 Jul 2023 06:59:04 GMT

GET
H2 200 taboola.js
3p.ampproject.net/2307052224000/vendor/ 27 KB
9 KB 36ms
4ms Other
text/javascript 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3p.ampproject.net/2307052224000/vendor/taboola.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3693c4f22cf371a66d7a0934dc60c49866b423a99130387ab07807c90ce41bba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ktla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 19:01:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 214031
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8886
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 21 Jul 2024 19:01:53 GMT

GET
H2 200 integrator.json Show response
adservice.google.com/adsid/ 86 B
477 B 44ms
23ms Fetch
application/json 2607:f8b0:4006:80c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.json?domain=ktla.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80c::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://ktla.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 06:29:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://ktla.com
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 83
x-xss-protection: 0

GET
H2 200 rtc Show response
nexstar.amp.permutive.com/ 31 B
94 B 143ms
82ms Fetch
application/json 34.107.213.183
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://nexstar.amp.permutive.com/rtc?type=doubleclick&__amp_source_origin=https%3A%2F%2Fktla.com
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.213.183 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 183.213.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 1758e90b6096391cb69e5ee54740e0c257885eff292eecec9eb0278d0dc4e1b3

Request headers

Accept: application/json
Referer: https://ktla.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 06:29:04 GMT
via: 1.1 google
amp-access-control-allow-source-origin: https://ktla.com
server: nginx
content-type: application/json
access-control-allow-origin: https://ktla.com
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31

GET
H2 200 rtc Show response
nexstar.amp.permutive.com/ 31 B
189 B 139ms
81ms Fetch
application/json 34.107.213.183
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://nexstar.amp.permutive.com/rtc?type=doubleclick&__amp_source_origin=https%3A%2F%2Fktla.com
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.213.183 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 183.213.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 1758e90b6096391cb69e5ee54740e0c257885eff292eecec9eb0278d0dc4e1b3

Request headers

Accept: application/json
Referer: https://ktla.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 06:29:04 GMT
via: 1.1 google
amp-access-control-allow-source-origin: https://ktla.com
server: nginx
content-type: application/json
access-control-allow-origin: https://ktla.com
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31

GET
H2 200 rtc Show response
nexstar.amp.permutive.com/ 31 B
94 B 141ms
82ms Fetch
application/json 34.107.213.183
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://nexstar.amp.permutive.com/rtc?type=doubleclick&__amp_source_origin=https%3A%2F%2Fktla.com
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.213.183 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 183.213.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 1758e90b6096391cb69e5ee54740e0c257885eff292eecec9eb0278d0dc4e1b3

Request headers

Accept: application/json
Referer: https://ktla.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 06:29:04 GMT
via: 1.1 google
amp-access-control-allow-source-origin: https://ktla.com
server: nginx
content-type: application/json
access-control-allow-origin: https://ktla.com
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 16 B
544 B 286ms
243ms Fetch
application/json 108.138.126.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=3410&pubid=PUB_UUID&amp=1&u=https%3A%2F%2Fktla.com%2Fnews%2Fcalifornia%2Fnasa-employee-admits-to-defrauding-covid-19-programs-to-fund-illegal-weed-operation%2F&slots=%5B%7B%22sd%22%3A%22%2F5678%2Fnx.ktla%2Fnews%2Fcalifornia%22%2C%22s%22%3A%5B%22320x50%22%5D%2C%22ms%22%3A%22320x50%22%7D%5D&pj=%7B%22amp%22%3A%221%22%7D&gdprc=&__amp_source_origin=https%3A%2F%2Fktla.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.126.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-126-121.jfk50.r.cloudfront.net

Software

Server /

Resource Hash

d399f9c8c92526fb78b76514e4071a337e24370882e9a3dbf1b649f5cc289716

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://ktla.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 06:29:04 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 c73892d3f4de40363aa07fd58a00ea50.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P4
x-cache: Miss from cloudfront
content-length: 16
amp-access-control-allow-source-origin: https://ktla.com
server: Server
x-amz-rid: 75R8SEND4A3YMBM6J1X2
vary: Accept-Encoding,User-Agent
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://ktla.com
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
access-control-allow-credentials: true
timing-allow-origin: *
x-amz-cf-id: 07ODSAIVAvSvhdKXYtjsIdUbSrBxUs0VTW88g9QIvoiS92ljvA20BA==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 16 B
545 B 305ms
263ms Fetch
application/json 108.138.126.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=3410&pubid=PUB_UUID&amp=1&u=https%3A%2F%2Fktla.com%2Fnews%2Fcalifornia%2Fnasa-employee-admits-to-defrauding-covid-19-programs-to-fund-illegal-weed-operation%2F&slots=%5B%7B%22sd%22%3A%22%2F5678%2Fnx.ktla%2Fnews%2Fcalifornia%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22ms%22%3A%22300x250%22%7D%5D&pj=%7B%22amp%22%3A%221%22%7D&gdprc=&__amp_source_origin=https%3A%2F%2Fktla.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.126.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-126-121.jfk50.r.cloudfront.net

Software

Server /

Resource Hash

d399f9c8c92526fb78b76514e4071a337e24370882e9a3dbf1b649f5cc289716

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://ktla.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 06:29:04 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 c73892d3f4de40363aa07fd58a00ea50.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P4
x-cache: Miss from cloudfront
content-length: 16
amp-access-control-allow-source-origin: https://ktla.com
server: Server
x-amz-rid: ATJ6MM4FD4PYYKVCH3TH
vary: Accept-Encoding,User-Agent
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://ktla.com
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
access-control-allow-credentials: true
timing-allow-origin: *
x-amz-cf-id: lvUmgR7OLSQhLAKn6ISUSikN3MlI9ND7J8XeYxJPzfSrqeDIZrJevw==

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 16 B
544 B 342ms
300ms Fetch
application/json 108.138.126.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax.amazon-adsystem.com/e/dtb/bid?src=3410&pubid=PUB_UUID&amp=1&u=https%3A%2F%2Fktla.com%2Fnews%2Fcalifornia%2Fnasa-employee-admits-to-defrauding-covid-19-programs-to-fund-illegal-weed-operation%2F&slots=%5B%7B%22sd%22%3A%22%2F5678%2Fnx.ktla%2Fnews%2Fcalifornia%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22ms%22%3A%22300x250%22%7D%5D&pj=%7B%22amp%22%3A%221%22%7D&gdprc=&__amp_source_origin=https%3A%2F%2Fktla.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.126.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-126-121.jfk50.r.cloudfront.net

Software

Server /

Resource Hash

d399f9c8c92526fb78b76514e4071a337e24370882e9a3dbf1b649f5cc289716

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://ktla.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 06:29:04 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 c73892d3f4de40363aa07fd58a00ea50.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P4
x-cache: Miss from cloudfront
content-length: 16
amp-access-control-allow-source-origin: https://ktla.com
server: Server
x-amz-rid: CT64GCYZ96BW0K84FXJK
vary: Accept-Encoding,User-Agent
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://ktla.com
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
access-control-allow-credentials: true
timing-allow-origin: *
x-amz-cf-id: 3Qr3tNenTNrh6dAHrTRT3nk5rdSJnDD0xzrTgqIHRn9n6xwxnTfVLg==

GET
H2 200 amp-iframe.html Show response
nexstar.amp.permutive.com/ Frame 3DD3 725 B
702 B 128ms
80ms Document
text/html 34.107.213.183
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://nexstar.amp.permutive.com/amp-iframe.html?project=3a6b0682-f3e1-4576-a706-5eb4101b9cc3&key=fc894c11-5ec8-48d7-b952-0a3aefdb3968
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-iframe-0.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.213.183 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 183.213.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 4364c5beedd0ad6b3fa73f64d3bcd58a80c52979612eb794475dc149f097250a

Request headers

Referer: https://ktla.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 25 Jul 2023 06:29:04 GMT
server: nginx
vary: Accept-Encoding Origin
via: 1.1 google

GET
H2 200 rtc Show response
nexstar.amp.permutive.com/ 31 B
94 B 105ms
81ms Fetch
application/json 34.107.213.183
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://nexstar.amp.permutive.com/rtc?type=doubleclick&__amp_source_origin=https%3A%2F%2Fktla.com
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.213.183 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 183.213.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 1758e90b6096391cb69e5ee54740e0c257885eff292eecec9eb0278d0dc4e1b3

Request headers

Accept: application/json
Referer: https://ktla.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 06:29:04 GMT
via: 1.1 google
amp-access-control-allow-source-origin: https://ktla.com
server: nginx
content-type: application/json
access-control-allow-origin: https://ktla.com
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31

GET
H2 200 bid Show response
aax.amazon-adsystem.com/e/dtb/ 16 B
546 B 216ms
205ms Fetch
application/json 108.138.126.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.126.121 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-126-121.jfk50.r.cloudfront.net

Software

Server /

Resource Hash

d399f9c8c92526fb78b76514e4071a337e24370882e9a3dbf1b649f5cc289716

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept: application/json
Referer: https://ktla.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 06:29:04 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 c73892d3f4de40363aa07fd58a00ea50.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P4
x-cache: Miss from cloudfront
content-length: 16
amp-access-control-allow-source-origin: https://ktla.com
server: Server
x-amz-rid: Q5350QK6JYE8PMETV537
vary: Accept-Encoding,User-Agent
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://ktla.com
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
access-control-allow-credentials: true
timing-allow-origin: *
x-amz-cf-id: JCD1vX0QyaR7fyJ1ExJNFlwyeYI44x7ZS4xQXoEP2ffKYVv1zevSJQ==

GET
H3 200 permutive.json Show response
cdn.ampproject.org/rtv/012307052224000/v0/analytics-vendors/ 1 KB
495 B 5ms
4ms Fetch
application/json 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307052224000/v0/analytics-vendors/permutive.json

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

95c0c4a5c130416dc7d9fb76e4c65201429a0fe8f00e763fb325fe8c437f6612

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://ktla.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 22 Jul 2023 13:19:18 GMT
age: 234586
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 465
x-xss-protection: 0
server: sffe
etag: "b8b55baebc3978d8"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 21 Jul 2024 13:19:18 GMT

GET
H3 200 chartbeat.json Show response
cdn.ampproject.org/rtv/012307052224000/v0/analytics-vendors/ 942 B
457 B 9ms
8ms Fetch
application/json 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307052224000/v0/analytics-vendors/chartbeat.json

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee1f6e4fa5f44a944a23f3f894b45a5a7f321bb85db9e26a9523fb27b4e4d7b6

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://ktla.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 21 Jul 2023 17:55:02 GMT
age: 304442
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 427
x-xss-protection: 0
server: sffe
etag: "3f35f7ce8db6d8eb"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 20 Jul 2024 17:55:02 GMT

GET
H3 200 comscore.json Show response
cdn.ampproject.org/rtv/012307052224000/v0/analytics-vendors/ 559 B
311 B 10ms
9ms Fetch
application/json 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307052224000/v0/analytics-vendors/comscore.json

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b913d6f06cebe5484a2bf0de91fa809e331c5b4c7885a8bb67e971f1be57c48

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://ktla.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 22 Jul 2023 11:35:43 GMT
age: 240801
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 281
x-xss-protection: 0
server: sffe
etag: "371839488b00660b"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 21 Jul 2024 11:35:43 GMT

GET
H3 200 nielsen.json Show response
cdn.ampproject.org/rtv/012307052224000/v0/analytics-vendors/ 1 KB
558 B 7ms
6ms Fetch
application/json 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307052224000/v0/analytics-vendors/nielsen.json

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f4a932f340e5ef9be76dcff895116b4f8f8f6e8a71138cf62c7e51c3687e96

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: application/json
Referer: https://ktla.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 22 Jul 2023 07:57:40 GMT
age: 253884
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 528
x-xss-protection: 0
server: sffe
etag: "1e1ed818eee6e582"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 21 Jul 2024 07:57:40 GMT

GET
H2 200 page
api.segment.io/v1/pixel/ 42 B
166 B 271ms
90ms Image
image/gif 44.240.52.117
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://api.segment.io/v1/pixel/page?writeKey=oQ5JpLEBz0LFGpLV2DhGEAkBHoRpJnyX&context.library.name=amp&anonymousId=amp-jCPaO2l6YZJHH0f-Husqsg&context.locale=en-us&context.page.path=%2Fnews%2Fcalifornia%2Fnasa-employee-admits-to-defrauding-covid-19-programs-to-fund-illegal-weed-operation%2Famp%2F&context.page.url=https%3A%2F%2Fktla.com%2Fnews%2Fcalifornia%2Fnasa-employee-admits-to-defrauding-covid-19-programs-to-fund-illegal-weed-operation%2Famp%2F&context.page.referrer=&context.page.title=NASA%20employee%20admits%20to%20defrauding%20COVID-19%20programs%20to%20fund%20illegal%20weed%20operation&context.screen.width=1600&context.screen.height=1200&name=NASA%20employee%20admits%20to%20defrauding%20COVID-19%20programs%20to%20fund%20illegal%20weed%20operation&properties.call_sign=KTLA&properties.client_id=amp-jCPaO2l6YZJHH0f-Husqsg&properties.content_id=nxstrib-4-article-2489039&properties.local_id=nxstrib-4-article-2489039&properties.content_title=NASA%20employee%20admits%20to%20defrauding%20COVID-19%20programs%20to%20fund%20illegal%20weed%20operation&properties.content_type=amp&properties.content_source=Nexstar&properties.domain_name=ktla.com&properties.full_url=https%3A%2F%2Fktla.com%2Fnews%2Fcalifornia%2Fnasa-employee-admits-to-defrauding-covid-19-programs-to-fund-illegal-weed-operation%2Famp%2F&properties.image_count=0&properties.modification_timestamp_local=2023-07-24T18%3A06%3A30-07%3A00&properties.page_author=Travis%20Schlepp&properties.page_author_non_byline=&properties.page_type=amp&properties.paragraph_count=11&properties.platform=AMP&properties.post_id=2489039&properties.primary_category=California&properties.primary_category_id=427614841&properties.publish_date=07%2F24%2F2023&properties.publish_timestamp_UTC=2023-07-24T18%3A06%3A29-07%3A00&properties.referral_source=&properties.referrer=&properties.site_name=KTLA&properties.time_zone=Etc%2FUnknown&properties.title=NASA%20employee%20admits%20to%20COVID-19%20fraud%20to%20fund%20illegal%20cannabis%20cultivation&properties.tracking_id=&properties.unique_pageview_id=_6tu4V1WThoJ729B54wVSA&properties.userAgent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F115.0.5790.102%20Safari%2F537.36&properties.word_count=345&properties.word_count_range=301%20-%20400&properties.wp_categories=California&properties.wp_categories=Local%20News&properties.wp_categories=News&properties.wp_categories_stringified=California%2CLocal%20News%2CNews&properties.wp_topics_stringified=&properties.data_source=amp&properties.segment_schema_name=seg_ktla_com_amp&properties.subcategory1=&properties.subcategory2=&properties.meta_keywords=&properties.initial_creator=Travis%20Schlepp

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.240.52.117 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-240-52-117.us-west-2.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ktla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 06:29:04 GMT
cache-control: no-cache, max-age=0
strict-transport-security: max-age=31536000
content-length: 42
content-type: image/gif

GET
H2 200 3a6b0682-f3e1-4576-a706-5eb4101b9cc3-amp.js Show response
cdn.permutive.com/ Frame 3DD3 811 KB
205 KB 49ms
27ms Script
application/javascript 104.19.149.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.permutive.com/3a6b0682-f3e1-4576-a706-5eb4101b9cc3-amp.js
Requested by: Host: nexstar.amp.permutive.com
URL: https://nexstar.amp.permutive.com/amp-iframe.html?project=3a6b0682-f3e1-4576-a706-5eb4101b9cc3&key=fc894c11-5ec8-48d7-b952-0a3aefdb3968
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.149.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e42abf1d9a5316a864c88a2dd698e068f3cd14f67457a662ec2dc2de0c451e63

Request headers

accept-language: en-US,en;q=0.9
Referer: https://nexstar.amp.permutive.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 06:29:04 GMT
content-encoding: br
cf-cache-status: HIT
x-goog-meta-oid: 3a6b0682-f3e1-4576-a706-5eb4101b9cc3
age: 0
x-guploader-uploadid: ADPycdsI_AmDJZXggjd7lQTDXTvANKUJLLFv_CXvr8-OPDAXkqqga8XGYIB_Inawe0zn_nYyb_HLqpDCUfqyRKZHQowrcDJzK590
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
last-modified: Wed, 12 Jul 2023 22:02:52 GMT
server: cloudflare
etag: W/"aafce371ec8cf82dc2e795cbbeffa000"
vary: Accept-Encoding
x-goog-generation: 1689199372538655
content-type: application/javascript
x-goog-hash: crc32c=jfGKIw==, md5=qvzjceyM+C3C55XLvv+gAA==
cache-control: public, max-age=900
x-goog-stored-content-length: 259281
timing-allow-origin: *
cf-ray: 7ec258b09f98433d-EWR
expires: Tue, 25 Jul 2023 06:44:04 GMT

GET
H2 201 track
nexstar.amp.permutive.com/ 35 B
187 B 102ms
101ms Image
image/gif 34.107.213.183
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nexstar.amp.permutive.com/track?k=fc894c11-5ec8-48d7-b952-0a3aefdb3968&i=amp-jCPaO2l6YZJHH0f-Husqsg&it=amp&vid=_6tu4V1WThoJ729B54wVSA&s=_6tu4V1WThoJ729B54wVSA&e=Pageview&_ep_isp_info=%24ip_isp_info&_ep_geo_info=%24ip_geo_info&_ep_client.type=amp&_ep_client.title=NASA%20employee%20admits%20to%20COVID-19%20fraud%20to%20fund%20illegal%20cannabis%20cultivation&_ep_client.domain=ktla.com&_ep_client.url=https%3A%2F%2Fktla.com%2Fnews%2Fcalifornia%2Fnasa-employee-admits-to-defrauding-covid-19-programs-to-fund-illegal-weed-operation%2F&_ep_client.referrer=&_ep_client.user_agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F115.0.5790.102%20Safari%2F537.36&_ep_content.pageType=article&_ep_content.authorName=Travis%20Schlepp&_ep_content.providerName=Nexstar&_ep_content.categoryList!list%5Bstring%5D=%22California%2C%20Local%20News%2C%20News%22&_ep_content.primaryCategory=California&_ep_content.wordCount=345&_ep_content.paragraphCount=11&_ep_content.tagList!list%5Bstring%5D=&_ep_content.nlpCategories1=%2FLaw%20%26%20Government%2FPublic%20Safety&_ep_content.nlpCategories2=&_ep_content.nlpCategories3=&_ep_content.nlpConsumerGood=&_ep_content.nlpEvent=downturn&_ep_content.nlpLocation=Jet%20Propulsion%20Laboratory%2CPasadena&_ep_content.nlpOrganization=NASA%2Cbusiness%2Cgovernment%2CCOVID%2Cbusinesses&_ep_content.nlpPerson=Armen%20Hovanesian%2Cemployee%2Cindividuals%2Cbudget-planning%20resource%20analyst%2Cscammers&_ep_page.utmCampaign=&_ep_page.utmMedium=&_ep_page.utmSource=&_ep_content.nlpSentimentScore=-0.3&_ep_content.nlpSentimentMag=5.7
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.213.183 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 183.213.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ktla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 06:29:04 GMT
via: 1.1 google
server: nginx
vary: Origin
content-type: image/gif
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 38ms
10ms Image
image/gif 52.1.200.9
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=ktla.com&p=%2Fnews%2Fcalifornia%2Fnasa-employee-admits-to-defrauding-covid-19-programs-to-fund-illegal-weed-operation%2F&u=amp-IH8IqQ2tE2T2Q1M4jKxBOA&d=ktla.com&g=15066&g0=California&g1=Travis%20Schlepp&g2=&g3=&g4=amp&c=&x=0&m=&y=4217&o=1600&w=1200&j=30&R=1&W=0&I=0&E=0&r=&t=2646amp-IH8IqQ2tE2T2Q1M4jKxBOA&b=260&i=NASA%20employee%20admits%20to%20COVID-19%20fraud%20to%20fund%20illegal%20cannabis%20cultivation&T=1690266544732&tz=0&sn=1&C=2&&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.1.200.9 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-1-200-9.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ktla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 25 Jul 2023 06:29:04 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

GET
H2

200

p2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/p?c1=2&c2=6036439&cs_ucfr=&cs_amp_consent=&cs_pv=2646&c12=amp-PrPPLQtFh8rksTLu6gea0A&rn=0.1008590229974804&c8=NASA%20employee%20admits%20to%20COVID-19%20fraud%20to%...
https://sb.scorecardresearch.com/p2?c1=2&c2=6036439&cs_ucfr=&cs_amp_consent=&cs_pv=2646&c12=amp-PrPPLQtFh8rksTLu6gea0A&rn=0.1008590229974804&c8=NASA%20employee%20admits%20to%20COVID-19%20fraud%20to...

43 B
300 B

28ms
11ms

Image
image/gif

18.164.96.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p2?c1=2&c2=6036439&cs_ucfr=&cs_amp_consent=&cs_pv=2646&c12=amp-PrPPLQtFh8rksTLu6gea0A&rn=0.1008590229974804&c8=NASA%20employee%20admits%20to%20COVID-19%20fraud%20to%20fund%20illegal%20cannabis%20cultivation&c7=https%3A%2F%2Fktla.com%2Fnews%2Fcalifornia%2Fnasa-employee-admits-to-defrauding-covid-19-programs-to-fund-illegal-weed-operation%2F&c9=&cs_c7amp=https%3A%2F%2Fktla.com%2Fnews%2Fcalifornia%2Fnasa-employee-admits-to-defrauding-covid-19-programs-to-fund-illegal-weed-operation%2Famp%2F&comscorekw=amp
Protocol: H2
Server: 18.164.96.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-96-18.jfk50.r.cloudfront.net
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ktla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 06:29:04 GMT
via: 1.1 07f7cebee7fc49278f602ad96f5f6790.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: JFK50-P5
x-cache: Miss from cloudfront
content-type: image/gif
content-length: 43
x-amz-cf-id: Gr6vGGZNEx0rWUNys1xMZOOumjAkkmozk4AawWW20p3DBw_pNpvVVA==

Redirect headers

date: Tue, 25 Jul 2023 06:29:04 GMT
via: 1.1 07f7cebee7fc49278f602ad96f5f6790.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: JFK50-P5
x-cache: Miss from cloudfront
location: /p2?c1=2&c2=6036439&cs_ucfr=&cs_amp_consent=&cs_pv=2646&c12=amp-PrPPLQtFh8rksTLu6gea0A&rn=0.1008590229974804&c8=NASA%20employee%20admits%20to%20COVID-19%20fraud%20to%20fund%20illegal%20cannabis%20cultivation&c7=https%3A%2F%2Fktla.com%2Fnews%2Fcalifornia%2Fnasa-employee-admits-to-defrauding-covid-19-programs-to-fund-illegal-weed-operation%2F&c9=&cs_c7amp=https%3A%2F%2Fktla.com%2Fnews%2Fcalifornia%2Fnasa-employee-admits-to-defrauding-covid-19-programs-to-fund-illegal-weed-operation%2Famp%2F&comscorekw=amp
content-length: 0
x-amz-cf-id: OZoP3qW6zIwtmNA704TLOMPTL6fwH0S7hN8wyMmHWlPwZ3_g4HzaXQ==

GET
H2

200

capi
5326663b794e3aba0de57d9529c35a4c.redinuid.imrworldwide.com/
Redirect Chain

https://uaid-linkage.imrworldwide.com/cgi-bin/gn?prd=session&c13=asid,P8011D710-FB5F-4467-95AF-25731737F2EF&sessionId=amp-xF7eZTEhJdDp-l11RZ_Icg_2646&pingtype=4&enc=false&c61=createtm,1690266544742...
https://5326663b794e3aba0de57d9529c35a4c.redinuid.imrworldwide.com/capi?url=

0
70 B

73ms
9ms

Image
text/plain

18.211.18.109
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://5326663b794e3aba0de57d9529c35a4c.redinuid.imrworldwide.com/capi?url=
Protocol: H2
Server: 18.211.18.109 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-211-18-109.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 06:29:05 GMT
content-length: 0
cross-origin-resource-policy: cross-origin

Redirect headers

pragma: no-cache
date: Tue, 25 Jul 2023 06:29:05 GMT
strict-transport-security: max-age=31536000
max-age: 0
accept-ch: Sec-Ch-Ua-Model, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version
p3p: P3P policyref="http://uaid-linkage.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
location: https://5326663b794e3aba0de57d9529c35a4c.redinuid.imrworldwide.com/capi?url=
access-control-allow-origin: *
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cross-origin-resource-policy: cross-origin
content-length: 0
expires: 0

GET
H2 200 a
cloudapi.imrworldwide.com/nmapi/v2/8011D710-FB5F-4467-95AF-25731737F2EF/amp-xF7eZTEhJdDp-l11RZ_Icg_2646/ 35 B
427 B 54ms
9ms Image
image/gif 100.24.76.129
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cloudapi.imrworldwide.com/nmapi/v2/8011D710-FB5F-4467-95AF-25731737F2EF/amp-xF7eZTEhJdDp-l11RZ_Icg_2646/a?b=%7B%22devInfo%22%3A%7B%22devId%22%3A%22amp-xF7eZTEhJdDp-l11RZ_Icg_2646%22%2C%22apn%22%3A%22%22%2C%22apv%22%3A%221.0%22%2C%22apid%22%3A%228011D710-FB5F-4467-95AF-25731737F2EF%22%7D%2C%22metadata%22%3A%7B%22static%22%3A%7B%22type%22%3A%22static%22%2C%22section%22%3A%22news%22%2C%22assetid%22%3A%222646%22%2C%22segA%22%3A%22%22%2C%22segB%22%3A%22%22%2C%22segC%22%3A%22Google%20AMP%22%2C%22adModel%22%3A%220%22%2C%22dataSrc%22%3A%22cms%22%7D%2C%22content%22%3A%7B%7D%2C%22ad%22%3A%7B%7D%7D%2C%22event%22%3A%22playhead%22%2C%22position%22%3A%221690266544743%22%2C%22data%22%3A%7B%22hidden%22%3A%220%22%2C%22blur%22%3A%220%22%2C%22position%22%3A%221690266544743%22%7D%2C%22type%22%3A%22static%22%2C%22utc%22%3A%221690266544743%22%2C%22index%22%3A%222%22%2C%22pageURL%22%3A%22https%3A%2F%2Fktla.com%2Fnews%2Fcalifornia%2Fnasa-employee-admits-to-defrauding-covid-19-programs-to-fund-illegal-weed-operation%2Famp%2F%22%7D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

100.24.76.129 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-100-24-76-129.compute-1.amazonaws.com

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jul 2023 06:29:04 GMT
strict-transport-security: max-age=31536000
max-age: 0
accept-ch: Sec-Ch-Ua-Model, Sec-Ch-Ua-Platform, Sec-Ch-Ua-Platform-Version
content-type: image/gif
p3p: P3P policyref="http://cloudapi.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cross-origin-resource-policy: cross-origin
content-length: 35
expires: 0

GET
H3 201 track
nexstar.amp.permutive.com/ 0
14 B 81ms
81ms Image
text/plain 34.107.213.183
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nexstar.amp.permutive.com/track?k=fc894c11-5ec8-48d7-b952-0a3aefdb3968&i=amp-jCPaO2l6YZJHH0f-Husqsg&it=amp&vid=_6tu4V1WThoJ729B54wVSA&s=_6tu4V1WThoJ729B54wVSA&e=PageviewEngagement&_ep_completion=0.25&_ep_client.type=amp&_ep_client.title=NASA%20employee%20admits%20to%20COVID-19%20fraud%20to%20fund%20illegal%20cannabis%20cultivation&_ep_client.domain=ktla.com&_ep_client.url=https%3A%2F%2Fktla.com%2Fnews%2Fcalifornia%2Fnasa-employee-admits-to-defrauding-covid-19-programs-to-fund-illegal-weed-operation%2F&_ep_client.referrer=&_ep_client.user_agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F115.0.5790.102%20Safari%2F537.36&_ep_content.pageType=article&_ep_content.authorName=Travis%20Schlepp&_ep_content.providerName=Nexstar&_ep_content.categoryList!list%5Bstring%5D=%22California%2C%20Local%20News%2C%20News%22&_ep_content.primaryCategory=California&_ep_content.wordCount=345&_ep_content.paragraphCount=11&_ep_content.tagList!list%5Bstring%5D=&_ep_content.nlpCategories1=%2FLaw%20%26%20Government%2FPublic%20Safety&_ep_content.nlpCategories2=&_ep_content.nlpCategories3=&_ep_content.nlpConsumerGood=&_ep_content.nlpEvent=downturn&_ep_content.nlpLocation=Jet%20Propulsion%20Laboratory%2CPasadena&_ep_content.nlpOrganization=NASA%2Cbusiness%2Cgovernment%2CCOVID%2Cbusinesses&_ep_content.nlpPerson=Armen%20Hovanesian%2Cemployee%2Cindividuals%2Cbudget-planning%20resource%20analyst%2Cscammers&_ep_page.utmCampaign=&_ep_page.utmMedium=&_ep_page.utmSource=&_ep_content.nlpSentimentScore=-0.3&_ep_content.nlpSentimentMag=5.7
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.213.183 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 183.213.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ktla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 06:29:04 GMT
via: 1.1 google
server: nginx
content-type: text/plain; charset=utf-8
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 pxid Show response
3a6b0682-f3e1-4576-a706-5eb4101b9cc3.prmutv.co/v2.0/ Frame 3DD3 12 B
224 B 99ms
80ms XHR
application/json 35.241.9.51
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://3a6b0682-f3e1-4576-a706-5eb4101b9cc3.prmutv.co/v2.0/pxid?k=fc894c11-5ec8-48d7-b952-0a3aefdb3968
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/3a6b0682-f3e1-4576-a706-5eb4101b9cc3-amp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.9.51 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 51.9.241.35.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 481d77f5d1a9c24f102bb6af246ecbff595011e0d73e70b652c39d702565d47d

Request headers

Referer: https://nexstar.amp.permutive.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
content-type: text/plain

Response headers

date: Tue, 25 Jul 2023 06:29:04 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://nexstar.amp.permutive.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32

GET
H2 200 getuidj Show response
ib.adnxs.com/ Frame 3DD3 11 B
581 B 17ms
5ms XHR
application/json 68.67.179.87
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/getuidj

Requested by

Host: cdn.permutive.com
URL: https://cdn.permutive.com/3a6b0682-f3e1-4576-a706-5eb4101b9cc3-amp.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

68.67.179.87 North Bergen, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://nexstar.amp.permutive.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
content-type: text/plain

Response headers

pragma: no-cache
date: Tue, 25 Jul 2023 06:29:04 GMT
an-x-request-uuid: e8c14b6e-5432-43f5-bcff-dc54db94bfd3
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://nexstar.amp.permutive.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 5.181.234.134; 5.181.234.134; 585.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 11
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 3a6b0682-f3e1-4576-a706-5eb4101b9cc3-models.bin Show response
cdn.permutive.com/models/v2/ Frame 3DD3 86 KB
59 KB 26ms
16ms XHR
application/x-binary 104.19.149.54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.permutive.com/models/v2/3a6b0682-f3e1-4576-a706-5eb4101b9cc3-models.bin
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/3a6b0682-f3e1-4576-a706-5eb4101b9cc3-amp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.19.149.54 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a084be63d0bb214c1239d602332cfa9c12d7094ee5e35e184f4d93e37d0c07a

Request headers

Referer: https://nexstar.amp.permutive.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
content-type: text/plain

Response headers

date: Tue, 25 Jul 2023 06:29:04 GMT
content-encoding: gzip
cf-cache-status: HIT
x-goog-meta-oid: 3a6b0682-f3e1-4576-a706-5eb4101b9cc3
age: 0
x-guploader-uploadid: ADPycdsUY4u_RpGCNoxFzgnbHPL0VDXmoajzrw4D9E5lgo1C7U_oIKXSgJtg4ZP1Xr-hvtCJ9PLnL12oiDjVJrRu7dSgxWnHWAio
x-goog-storage-class: REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
content-length: 60088
last-modified: Tue, 25 Jul 2023 06:02:10 GMT
server: cloudflare
etag: "5f9caf8d8cbd602a389012d7bb8524a1"
vary: Accept-Encoding
x-goog-generation: 1690264930361534
content-type: application/x-binary
access-control-allow-origin: *
x-goog-hash: crc32c=QuQPvQ==, md5=X5yvjYy9YCo4kBLXu4UkoQ==
access-control-expose-headers: Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=900, no-transform
x-goog-stored-content-length: 60088
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7ec258b17f6a9e05-EWR
expires: Tue, 25 Jul 2023 06:06:57 GMT

GET
H2 200 geoip Show response
api.permutive.com/v2.0/ Frame 3DD3 283 B
379 B 118ms
79ms XHR
application/json 34.107.254.252
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.permutive.com/v2.0/geoip?include=geo&include=isp&include=ip_hash&k=fc894c11-5ec8-48d7-b952-0a3aefdb3968
Requested by: Host: cdn.permutive.com
URL: https://cdn.permutive.com/3a6b0682-f3e1-4576-a706-5eb4101b9cc3-amp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.254.252 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 252.254.107.34.bc.googleusercontent.com
Software: Permutive /
Resource Hash: 44f8db9dea006b836013439ae18ad01343ca533e1457074d0b6c38dc69e5ceed

Request headers

Referer: https://nexstar.amp.permutive.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
content-type: text/plain

Response headers

date: Tue, 25 Jul 2023 06:29:04 GMT
content-encoding: gzip
via: 1.1 google
server: Permutive
vary: Origin
content-type: application/json
access-control-allow-origin: https://nexstar.amp.permutive.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 186

GET
BLOB 200
OK 668a75dd-d350-4ca6-9eeb-2d45c134e6e0
https://nexstar.amp.permutive.com/ Frame 3DD3 547 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://nexstar.amp.permutive.com/668a75dd-d350-4ca6-9eeb-2d45c134e6e0
Requested by: Host: nexstar.amp.permutive.com
URL: https://nexstar.amp.permutive.com/amp-iframe.html?project=3a6b0682-f3e1-4576-a706-5eb4101b9cc3&key=fc894c11-5ec8-48d7-b952-0a3aefdb3968
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 817ba010914030ce923641e0b18060d6cf1da6355d7837cbef1f7b5f9ab70b60

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Length: 559622
Content-Type

GET
BLOB 200
OK dc360701-0491-436f-891c-ec280738ee12
https://nexstar.amp.permutive.com/ Frame 3DD3 547 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://nexstar.amp.permutive.com/dc360701-0491-436f-891c-ec280738ee12
Requested by: Host: nexstar.amp.permutive.com
URL: https://nexstar.amp.permutive.com/amp-iframe.html?project=3a6b0682-f3e1-4576-a706-5eb4101b9cc3&key=fc894c11-5ec8-48d7-b952-0a3aefdb3968
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 817ba010914030ce923641e0b18060d6cf1da6355d7837cbef1f7b5f9ab70b60

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Length: 559622
Content-Type

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 149 KB
42 KB 383ms
365ms Fetch
text/html 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F5678%2Fnx.ktla%2Fnews%2Fcalifornia&adk=3826070687&sz=320x50%7C320x50&output=html&impl=ifr&ifi=1&msz=0x-1&psz=0x-1&fws=4&scp=pos%3Dadhesion%26kw%3Dnasa-employee-admits-to-defrauding-covid-19-programs-to-fund-illegal-weed-operation%26fold%3Datf%26hlmeta%3Dnasa%2520employee%2520admits%2520to%2520defrauding%2520covid%252019%2520programs%2520to%2520fund%2520illegal%2520weed%2520operation%26pagetype%3Damp%26pgid%3D2489039%26pers_cid%3Dnxstrib-4-article-2489039%26permutive%3D&adf=2336969238&nhd=0&adx=640&ady=1150&oid=2&act=sa&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&artc=146%2C334&ati=2%2C2&ard=nexstar.amp.permutive.com%2Frtc%2Caps&is_amp=3&amp_v=2307052224000&d_imp=1&c=260002646&ga_cid=amp-jCPaO2l6YZJHH0f-Husqsg&ga_hid=2646&dt=1690266544579&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fktla.com%2Fnews%2Fcalifornia%2Fnasa-employee-admits-to-defrauding-covid-19-programs-to-fund-illegal-weed-operation%2F&loc=https%3A%2F%2Fktla.com%2Fnews%2Fcalifornia%2Fnasa-employee-admits-to-defrauding-covid-19-programs-to-fund-illegal-weed-operation%2Famp%2F&bdt=263&dtd=393&__amp_source_origin=https%3A%2F%2Fktla.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0412ef2076b179b58e98f706cd96705e144c72900b96988f2841c33f25cfee2e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ktla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 06:29:05 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42603
x-xss-protection: 0
google-lineitem-id: -1
x-qqid: CIP298edqYADFf8ciAkdUC4PFA
amp-access-control-allow-source-origin: https://ktla.com
server: cafe
google-creative-id: -1
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://ktla.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Tue, 25 Jul 2023 06:29:05 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 150 KB
42 KB 1545ms
1529ms Fetch
text/html 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F5678%2Fnx.ktla%2Fnews%2Fcalifornia&adk=3014809764&sz=320x50%7C320x50&output=html&impl=ifr&ifi=2&msz=320x-1&psz=320x-1&fws=4&scp=pos%3Dbillboard1%26kw%3Dnasa-employee-admits-to-defrauding-covid-19-programs-to-fund-illegal-weed-operation%26fold%3Datf%26hlmeta%3Dnasa%2520employee%2520admits%2520to%2520defrauding%2520covid%252019%2520programs%2520to%2520fund%2520illegal%2520weed%2520operation%26pagetype%3Damp%26pgid%3D2489039%26pers_cid%3Dnxstrib-4-article-2489039%26permutive%3D&adf=408638189&nhd=0&adx=640&ady=80&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&artc=191%2C390&ati=2%2C2&ard=nexstar.amp.permutive.com%2Frtc%2Caps&is_amp=3&amp_v=2307052224000&d_imp=1&c=260002646&ga_cid=amp-jCPaO2l6YZJHH0f-Husqsg&ga_hid=2646&dt=1690266544534&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fktla.com%2Fnews%2Fcalifornia%2Fnasa-employee-admits-to-defrauding-covid-19-programs-to-fund-illegal-weed-operation%2F&loc=https%3A%2F%2Fktla.com%2Fnews%2Fcalifornia%2Fnasa-employee-admits-to-defrauding-covid-19-programs-to-fund-illegal-weed-operation%2Famp%2F&bdt=218&dtd=442&__amp_source_origin=https%3A%2F%2Fktla.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dabecd6b2a4e1aeedaa12cf3fd3a0c74face6777338d09ff23a882d74c9e6be6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ktla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 06:29:06 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42833
x-xss-protection: 0
google-lineitem-id: -1
x-qqid: CKW7wsidqYADFRnZswodDBUBGQ
amp-access-control-allow-source-origin: https://ktla.com
server: cafe
google-creative-id: -1
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://ktla.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Tue, 25 Jul 2023 06:29:06 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 41 KB
16 KB 1284ms
1275ms Fetch
text/html 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F5678%2Fnx.ktla%2Fnews%2Fcalifornia&adk=4238219893&sz=300x250%7C300x250&output=html&impl=ifr&ifi=3&msz=808x-1&psz=808x-1&fws=4&scp=pos%3Dmr1_ab%26kw%3Dnasa-employee-admits-to-defrauding-covid-19-programs-to-fund-illegal-weed-operation%26fold%3Datf%26hlmeta%3Dnasa%2520employee%2520admits%2520to%2520defrauding%2520covid%252019%2520programs%2520to%2520fund%2520illegal%2520weed%2520operation%26pagetype%3Damp%26pgid%3D2489039%26pers_cid%3Dnxstrib-4-article-2489039%26permutive%3D&adf=1922710204&nhd=0&adx=650&ady=1413&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&artc=186%2C428&ati=2%2C2&ard=nexstar.amp.permutive.com%2Frtc%2Caps&is_amp=3&amp_v=2307052224000&d_imp=1&c=260002646&ga_cid=amp-jCPaO2l6YZJHH0f-Husqsg&ga_hid=2646&dt=1690266544535&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fktla.com%2Fnews%2Fcalifornia%2Fnasa-employee-admits-to-defrauding-covid-19-programs-to-fund-illegal-weed-operation%2F&loc=https%3A%2F%2Fktla.com%2Fnews%2Fcalifornia%2Fnasa-employee-admits-to-defrauding-covid-19-programs-to-fund-illegal-weed-operation%2Famp%2F&bdt=219&dtd=447&__amp_source_origin=https%3A%2F%2Fktla.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8e050f7ab773ceaab04e4fbc4fdb10ce2514b39d1a2b006a2f03079941cd4c07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ktla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 06:29:06 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16443
x-xss-protection: 0
google-lineitem-id: 6342684383
x-qqid: CPad98edqYADFdHwswod5e8KEw
amp-access-control-allow-source-origin: https://ktla.com
server: cafe
google-mediationtag-id: -2
google-creative-id: 138413368376
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://ktla.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Tue, 25 Jul 2023 06:29:06 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 40 KB
12 KB 955ms
947ms Fetch
text/html 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F5678%2Fnx.ktla%2Fnews%2Fcalifornia&adk=1178596660&sz=300x250%7C300x250&output=html&impl=ifr&ifi=4&msz=808x-1&psz=808x-1&fws=4&scp=pos%3Dmr2_ab%26kw%3Dnasa-employee-admits-to-defrauding-covid-19-programs-to-fund-illegal-weed-operation%26fold%3Datf%26hlmeta%3Dnasa%2520employee%2520admits%2520to%2520defrauding%2520covid%252019%2520programs%2520to%2520fund%2520illegal%2520weed%2520operation%26pagetype%3Damp%26pgid%3D2489039%26pers_cid%3Dnxstrib-4-article-2489039%26permutive%3D&adf=687366141&nhd=0&adx=650&ady=1963&oid=2&ptt=13&gdfp_req=1&sfv=1-0-37&u_sd=1&artc=186%2C430&ati=2%2C2&ard=nexstar.amp.permutive.com%2Frtc%2Caps&is_amp=3&amp_v=2307052224000&d_imp=1&c=260002646&ga_cid=amp-jCPaO2l6YZJHH0f-Husqsg&ga_hid=2646&dt=1690266544535&biw=1600&bih=1200&u_aw=1600&u_ah=1200&u_cd=24&u_w=1600&u_h=1200&u_tz=0&u_his=2&vis=1&scr_x=0&scr_y=0&bc=7&url=https%3A%2F%2Fktla.com%2Fnews%2Fcalifornia%2Fnasa-employee-admits-to-defrauding-covid-19-programs-to-fund-illegal-weed-operation%2F&loc=https%3A%2F%2Fktla.com%2Fnews%2Fcalifornia%2Fnasa-employee-admits-to-defrauding-covid-19-programs-to-fund-illegal-weed-operation%2Famp%2F&bdt=219&dtd=448&__amp_source_origin=https%3A%2F%2Fktla.com

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d17c2e04908716de74d6e8bd4c4b3957802077a2f9601bee32611280546cae26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ktla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 06:29:05 GMT
content-encoding: br
x-content-type-options: nosniff
x-ampsafeframeversion: 1-0-40
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
x-ampanalytics: {"url":["https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvxmyKS9zDn_DXzxdEJrGEl6MrnC464YxQqUchDTwQCJ7iUzhB2mEXh4MvpH-WE0SWdjDeRydFpEx1KpaLTuyDfhhZ7KniTxBdWIgAyLbVlaggcBJM34qlEuhgAUN_NO5arBMjiPY2gWg\u0026sai=AMfl-YSNp1nUE5z7j0rQ0HbfBA24ihioEyPFl2F3avTESHnvLdg7Vtunsny6nc4mmSMq8tzS8q1V2Ddb5KEB\u0026sig=Cg0ArKJSzCIi3bTnNh6rEAE\u0026cid=CAQSGwBpAlJWgDI_Bpc9zME8VNeq6tPKzehWpAtOixgB\u0026id=ampim\u0026o=${elementX},${elementY}\u0026d=${elementWidth},${elementHeight}\u0026ss=${screenWidth},${screenHeight}\u0026bs=${viewportWidth},${viewportHeight}\u0026mcvt=${maxContinuousVisibleTime}\u0026mtos=0,0,${maxContinuousVisibleTime},${maxContinuousVisibleTime},${maxContinuousVisibleTime}\u0026tos=0,0,${totalVisibleTime},0,0\u0026tfs=${firstSeenTime}\u0026tls=${lastSeenTime}\u0026g=${minVisiblePercentage}\u0026h=${maxVisiblePercentage}\u0026tt=${totalTime}\u0026r=v\u0026avms=ampa\u0026uap=${uach(platform)}\u0026uapv=${uach(platformVersion)}\u0026uaa=${uach(architecture)}\u0026uam=${uach(model)}\u0026uafv=${uach(uaFullVersion)}\u0026uab=${uach(bitness)}\u0026uafvl=${uach(fullVersionList)}\u0026uaw=${uach(wow64)}\u0026adk=1178596660"],"btrUrl":[]}
x-ampadrender: safeframe
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10498
x-xss-protection: 0
amp-fast-fetch-signature: google:1:TotJaulwWjfi3gr4wwUJfB1kXUganNt92d/p/eUqk9zy9pDWyL3EsaiCSWt4dWzPGtOj7v7bU2tDoU+xj6byUbOrUukIoPyspj4WN7LeEd4dGiGKj3OJuiVxFDy0RC4GDDKxBe2CIaYOSOZyylNq32ETd16dzQ6oSPReKPOhc0r0jH90Sr2/2OvKmLgxqsXKGlw4FHs3zurv4xHlILEe7yLMN7v5inHq1mEHKNWddUfQmaF9KbImnOKJi3Ghp+KOSrhNLzR+US0EOAbA5A1L31whmnBkWqzDpIyIguY82bOryd1lm8Xn2/psWRth7fRjpgibAv99iKBnCP8lMY8RnQ==
google-lineitem-id: -1
x-qqid: CLnEiMidqYADFT4TiAkdFLcNAA
amp-access-control-allow-source-origin: https://ktla.com
server: cafe
google-creative-id: -1
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://ktla.com
access-control-expose-headers: Google-Creative-Id,Google-LineItem-Id,AMP-Access-Control-Allow-Source-Origin,X-AmpAnalytics,X-QQID,amp-ff-sandbox,X-AmpSafeFrameVersion,X-AmpAdRender,x-google-amp-ad-validated-version,AMP-Fast-Fetch-Signature
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
amp-ff-sandbox: true
expires: Tue, 25 Jul 2023 06:29:05 GMT

GET
H2 200 container.html
474b8a24e7e185dd989227e0109409ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/ 0
0 67ms
20ms Other
text/html 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://474b8a24e7e185dd989227e0109409ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by: Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:816::2001 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ktla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

GET
H2 200 frame.html Show response
d-3786596282526573553.ampproject.net/2307052224000/ Frame 762A 507 B
278 B 14ms
4ms Document
text/html 2607:f8b0:4006:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d-3786596282526573553.ampproject.net/2307052224000/frame.html

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2003 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

037ef0fd4314aa8be67b325bc6e8024b2fba3ebe968282e7df0fc210cc3798e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ktla.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 215
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
cross-origin-resource-policy: cross-origin
date: Tue, 25 Jul 2023 06:29:04 GMT
expires: Wed, 24 Jul 2024 06:29:04 GMT
last-modified: Wed, 12 Jul 2023 18:18:00 GMT
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 frame.html Show response
d-3786596282526573553.ampproject.net/2307052224000/ Frame B0D4 507 B
276 B 13ms
5ms Document
text/html 2607:f8b0:4006:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d-3786596282526573553.ampproject.net/2307052224000/frame.html

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2003 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

037ef0fd4314aa8be67b325bc6e8024b2fba3ebe968282e7df0fc210cc3798e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ktla.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 215
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
cross-origin-resource-policy: cross-origin
date: Tue, 25 Jul 2023 06:29:04 GMT
expires: Wed, 24 Jul 2024 06:29:04 GMT
last-modified: Wed, 12 Jul 2023 18:18:00 GMT
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 teads.js Show response
3p.ampproject.net/2307052224000/vendor/ Frame 762A 27 KB
9 KB 4ms
3ms Script
text/javascript 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3p.ampproject.net/2307052224000/vendor/teads.js

Requested by

Host: d-3786596282526573553.ampproject.net
URL: https://d-3786596282526573553.ampproject.net/2307052224000/frame.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7be40087e4a6c4ccb2ffc814fe83bd24a3e76fa267fb60ec0d8ec317228bb4f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d-3786596282526573553.ampproject.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 03:11:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 271055
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8947
x-xss-protection: 0
last-modified: Wed, 12 Jul 2023 18:18:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 21 Jul 2024 03:11:30 GMT

GET
H2 200 taboola.js Show response
3p.ampproject.net/2307052224000/vendor/ Frame B0D4 27 KB
9 KB 3ms
3ms Script
text/javascript 2607:f8b0:4006:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3p.ampproject.net/2307052224000/vendor/taboola.js

Requested by

Host: d-3786596282526573553.ampproject.net
URL: https://d-3786596282526573553.ampproject.net/2307052224000/frame.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::2003 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3693c4f22cf371a66d7a0934dc60c49866b423a99130387ab07807c90ce41bba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d-3786596282526573553.ampproject.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 19:01:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 214032
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8886
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 21 Jul 2024 19:01:53 GMT

GET
H2 200 tag Show response
a.teads.tv/page/135455/ Frame 762A 386 B
614 B 200ms
200ms Script
application/javascript 173.223.57.118
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/page/135455/tag
Requested by: Host: 3p.ampproject.net
URL: https://3p.ampproject.net/2307052224000/vendor/teads.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.223.57.118 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a173-223-57-118.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 9ca52c50c0fc668c4cea3b3c14749411f1dcb3a4b0feac1ed9b20c7b231964ee

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d-3786596282526573553.ampproject.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 06:29:05 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, must-revalidate, max-age=3600
access-control-allow-credentials: true
content-length: 282
expires: Tue, 25 Jul 2023 07:29:05 GMT

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/nexstar-network/ Frame B0D4 188 KB
45 KB 40ms
10ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/nexstar-network/loader.js
Requested by: Host: 3p.ampproject.net
URL: https://3p.ampproject.net/2307052224000/vendor/taboola.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e015e222890d6e392101d338d689853c302c2fd59fe35966f9ed17af10f489bb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d-3786596282526573553.ampproject.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

x-amz-version-id: IkSwoujybKnfTtg0UNEl3LQ4f3vLiQ1z
content-encoding: gzip
via: 1.1 varnish
date: Tue, 25 Jul 2023 06:29:05 GMT
x-amz-request-id: 9142S97ARA54HH0S
age: 2590
x-amz-server-side-encryption: AES256
x-cache: HIT
x-from-cache: 1
x-envoy-upstream-service-time: 6
x-amz-replication-status: FAILED
content-length: 45946
x-amz-id-2: p89Ip6sPjZfuWelsIJaKoHEs/oysbmmxvyvQsDGDTfu7wWus6CHjGTouLUKq3NENb5vrD+qZyXk=
x-served-by: cache-lga21926-LGA
last-modified: Mon, 24 Jul 2023 19:44:58 UTC
server: nginx
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1690266546.616928,VS0,VE6
etag: "fe3c1b4dad389117a2f0e18e1194142bc67224d5"
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
abp: 9
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 tr5
cdn.taboola.com/libtrc/ Frame B0D4 3 B
79 B 3ms
3ms Image
text/html 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/tr5?abgroup=google-vigentte-opportunity_var
Requested by: Host: d-3786596282526573553.ampproject.net
URL: https://d-3786596282526573553.ampproject.net/2307052224000/frame.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d-3786596282526573553.ampproject.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

x-served-by: cache-lga21926-LGA
date: Tue, 25 Jul 2023 06:29:05 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1690266546.636562,VS0,VE0
x-cache: HIT
content-type: text/html
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
content-length: 3
retry-after: 0
x-cache-hits: 0

GET
H2 200 impl.20230720-1_b1-PR-59176-DEV-138063-trigger-vignette-on-taboola-oc-clicks-regardless-of-google-vigne-63ba223f201.js Show response
cdn.taboola.com/libtrc/ Frame B0D4 788 KB
163 KB 5ms
4ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20230720-1_b1-PR-59176-DEV-138063-trigger-vignette-on-taboola-oc-clicks-regardless-of-google-vigne-63ba223f201.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/nexstar-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 4a7746d4b5f8bb89b2ae9d3dba3cbd141b8234465f8c88f0ddf66b6650ad3c08

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d-3786596282526573553.ampproject.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

x-amz-version-id: OuziS4saZyv40v8RS2dsUh54QvVvas_T
content-encoding: br
via: 1.1 varnish
date: Tue, 25 Jul 2023 06:29:05 GMT
x-amz-request-id: R6ACDHFQZQDS83X8
age: 27192
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 166711
x-amz-id-2: 0JJyt29WZJG4f0KUWmy5Gb9tD/ezafhGf0T/sE4wGpv0rhfAGYiAS5asGuCqWWZTxU9JOB2i278=
x-served-by: cache-lga21926-LGA
last-modified: Thu, 20 Jul 2023 06:50:13 GMT
server: AmazonS3-br
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1690266546.644410,VS0,VE1
etag: "edccc875adc2e7bebf8fa25195d278c3"
vary: Accept-Encoding
content-type: application/javascript
abp: 97
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 sync Show response
gum.criteo.com/ Frame B0D4 46 B
288 B 29ms
9ms Script
text/javascript 2620:100:a001::c
AS-CRITEO

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230720-1_b1-PR-59176-DEV-138063-trigger-vignette-on-taboola-oc-clicks-regardless-of-google-vigne-63ba223f201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),

Reverse DNS

Software

Kestrel /

Resource Hash

189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d-3786596282526573553.ampproject.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 06:29:04 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 404697
expires: 60

GET
H2 200 json Show response
trc.taboola.com/nexstar-ktla/trc/3/ Frame B0D4 16 KB
6 KB 428ms
407ms XHR
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/nexstar-ktla/trc/3/json?tim=06%3A29%3A05.731&lti=google-vigentte-opportunity_var&data=%7B%22id%22%3A590%2C%22ii%22%3A%22%2Fnews%2Fcalifornia%2Fnasa-employee-admits-to-defrauding-covid-19-programs-to-fund-illegal-weed-operation%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1690209731985%2C%22vi%22%3A1690266545727%2C%22cv%22%3A%2220230720-1_b1-PR-59176-DEV-138063-trigger-vignette-on-taboola-oc-clicks-regardless-of-google-vigne-63ba223f201%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fktla.com%2Fnews%2Fcalifornia%2Fnasa-employee-admits-to-defrauding-covid-19-programs-to-fund-illegal-weed-operation%2F%22%2C%22bv%22%3A%221%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22pev%22%3A12397%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22ack_exm%22%3Atrue%7D%2C%22bu%22%3A%22https%3A%2F%2Fktla.com%2Fnews%2Fcalifornia%2Fnasa-employee-admits-to-defrauding-covid-19-programs-to-fund-illegal-weed-operation%2Famp%2F%22%2C%22vpi%22%3A%22%2Fnews%2Fcalifornia%2Fnasa-employee-admits-to-defrauding-covid-19-programs-to-fund-illegal-weed-operation%2Famp%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1600%2C%22dw%22%3A1600%2C%22dh%22%3A1600%2C%22nsid%22%3A%22nexstar-network%22%2C%22ad%22%3A%7B%22sdkd%22%3A%7B%22os%22%3A%22AMP%22%2C%22osv%22%3A%221%22%2C%22sdkt%22%3A%22Taboola%20AMP%20Driver%22%2C%22sdkv%22%3A%221%22%7D%7D%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22thumbnails-a%3Apub%3Dnexstar-network%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%20AMP%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%20AMP%22%2C%22cd%22%3A0%2C%22mw%22%3A1600%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fnews%2Fcalifornia%2Fnasa-employee-admits-to-defrauding-covid-19-programs-to-fund-illegal-weed-operation%2CBelow%20Article%20Thumbnails%20AMP%3Dthumbnails-a%3Apub%3Dnexstar-network%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22google-vigentte-opportunity_var%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230720-1_b1-PR-59176-DEV-138063-trigger-vignette-on-taboola-oc-clicks-regardless-of-google-vigne-63ba223f201.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 54777297dedac74ef851b30da601cbc4039c938d776e4ea0f00d05980af761d7

Request headers

Referer: https://d-3786596282526573553.ampproject.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 403
date: Tue, 25 Jul 2023 06:29:06 GMT
content-encoding: gzip
via: 1.1 varnish
x-fastly-to-nlb-rtt: 21510
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-lga21926-LGA
server: nginx
x-timer: S1690266546.754585,VS0,VE403
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://d-3786596282526573553.ampproject.net
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 teads-format.min.js Show response
a.teads.tv/media/format/v3/ Frame 762A 599 KB
131 KB 7ms
6ms Script
text/javascript 173.223.57.118
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/media/format/v3/teads-format.min.js
Requested by: Host: a.teads.tv
URL: https://a.teads.tv/page/135455/tag
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.223.57.118 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a173-223-57-118.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d4d6a95e8dd6252c30717fa715d5007ea4c15aa078b6eea84fd74eb8ea5f3310

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d-3786596282526573553.ampproject.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 06:29:05 GMT
content-encoding: br
last-modified: Fri, 21 Jul 2023 09:08:01 GMT
x-amz-request-id: 1ZVPBMFFK4ADZCCR
etag: "3d22c2849c50b446789dabd396cb91fc"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: private, must-revalidate, max-age=1800, no-transform
x-bucket: 5
accept-ranges: bytes
content-length: 133767
x-amz-id-2: zLiWRM+h+SBvezpEdEWeazlUbdpdOMZBgLPIuXUIZwQN0IjQID21832rN880gQ5PFsL/NieMssg=
expires: Tue, 25 Jul 2023 06:59:05 GMT

GET
H2 200 track
t.teads.tv/ Frame 762A 23 B
104 B 58ms
21ms Image
image/gif 23.199.49.95
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=placementCall&env=js-amp&auctid=f32108e5-1d16-4c36-9116-be41df2f4e32&pageId=135455&pid=148656&debug_metadata=GIboSuSjq3&fv=1223&ts=1690266545856&f=1&referer=https%3A%2F%2Fktla.com%2Fnews%2Fcalifornia%2Fnasa-employee-admits-to-defrauding-covid-19-programs-to-fund-illegal-weed-operation%2Famp%2F
Requested by: Host: d-3786596282526573553.ampproject.net
URL: https://d-3786596282526573553.ampproject.net/2307052224000/frame.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.199.49.95 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-199-49-95.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d-3786596282526573553.ampproject.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 06:29:05 GMT
cache-control: private, max-age=3666
content-length: 23
content-type: image/gif

GET
H2 200 track
t.teads.tv/ Frame 762A 23 B
134 B 58ms
21ms Image
image/gif 23.199.49.95
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=slotAvailable&env=js-amp&auctid=f32108e5-1d16-4c36-9116-be41df2f4e32&pageId=135455&pid=148656&slot=native&fv=1223&ts=1690266545863&f=1&referer=https%3A%2F%2Fktla.com%2Fnews%2Fcalifornia%2Fnasa-employee-admits-to-defrauding-covid-19-programs-to-fund-illegal-weed-operation%2Famp%2F
Requested by: Host: d-3786596282526573553.ampproject.net
URL: https://d-3786596282526573553.ampproject.net/2307052224000/frame.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.199.49.95 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-199-49-95.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d-3786596282526573553.ampproject.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

expires: Sat, 26 Jul 1997 05:00:00 GMT
date: Tue, 25 Jul 2023 06:29:05 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 23
content-type: image/gif

POST
H2 200 ad Show response
a.teads.tv/page/135455/ Frame 762A 556 B
861 B 219ms
218ms XHR
application/json 173.223.57.118
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/page/135455/ad?windowWidth=808&windowHeight=3&windowDepth=1&windowReferrerUrl=https%3A%2F%2Fktla.com%2Fnews%2Fcalifornia%2Fnasa-employee-admits-to-defrauding-covid-19-programs-to-fund-illegal-weed-operation%2Famp%2F&auctid=f32108e5-1d16-4c36-9116-be41df2f4e32&formatVersion=1223&env=js-amp&netBw=10&ttfb=4
Requested by: Host: a.teads.tv
URL: https://a.teads.tv/media/format/v3/teads-format.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.223.57.118 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a173-223-57-118.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 40eb66503bd43a0d8f708d53ceb4d192c8f29c8351ebef1d492ad8f831fea511

Request headers

Accept: application/json; charset=UTF-8
Referer: https://d-3786596282526573553.ampproject.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 25 Jul 2023 06:29:06 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://d-3786596282526573553.ampproject.net
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 391
expires: Tue, 25 Jul 2023 06:29:06 GMT

GET
H3 200 amp-ad-exit-0.1.js Show response
cdn.ampproject.org/rtv/012307052224000/v0/ 19 KB
7 KB 12ms
11ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307052224000/v0/amp-ad-exit-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b4c69f19139e33465fa431faa4b2279fbe824ad4c2034cb1a2c9fbf109ec6a1

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ktla.com/
Origin: https://ktla.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 21 Jul 2023 23:18:59 GMT
age: 285006
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6631
x-xss-protection: 0
server: sffe
etag: "44c26bb4e43d7b8c"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 20 Jul 2024 23:18:59 GMT

GET
H3 200 amp-fit-text-0.1.js Show response
cdn.ampproject.org/rtv/012307052224000/v0/ 7 KB
2 KB 22ms
22ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307052224000/v0/amp-fit-text-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa86df1d4cf007753ba47f56c8e26305ea29bc3898c97ba6c433b85a3f33ba64

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ktla.com/
Origin: https://ktla.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 21 Jul 2023 19:25:12 GMT
age: 299033
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2508
x-xss-protection: 0
server: sffe
etag: "6ca9e96e41871d01"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sat, 20 Jul 2024 19:25:12 GMT

GET
H3 200 amp-form-0.1.js Show response
cdn.ampproject.org/rtv/012307052224000/v0/ 49 KB
15 KB 31ms
30ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012307052224000/v0/amp-form-0.1.js

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4098b51f0f26740421fb034a87afbad74205a1969703b3be9908962067187bf9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ktla.com/
Origin: https://ktla.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 22 Jul 2023 13:44:06 GMT
age: 233099
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14980
x-xss-protection: 0
server: sffe
etag: "c15df7f2cdb55579"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Sun, 21 Jul 2024 13:44:06 GMT

GET
H2 200 css
fonts.googleapis.com/ 6 KB
1 KB 92ms
19ms Other
text/css 2607:f8b0:4006:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::200a Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ktla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 25 Jul 2023 06:29:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 25 Jul 2023 06:27:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 25 Jul 2023 06:29:06 GMT

GET
DATA 200
OK truncated
/ Frame 11CD 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 00ac66c3c07aa0dec44496dddeb2e4c2238be13dd36bb152a22b4a55a9867eed

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 iframe Show response
sync.teads.tv/ Frame 3A99 2 KB
1 KB 193ms
53ms Document
text/html 23.201.24.168
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.teads.tv/iframe?pid=148656&gdprIab={%22reason%22:250,%22status%22:25,%22consent%22:%22%22,%22apiVersion%22:null,%22cmpId%22:null}&fromFormat=true&env=js-amp&auctid=f32108e5-1d16-4c36-9116-be41df2f4e32&vid=cd3c203d-602f-4257-92c8-49a7fceca255&1690266546109
Requested by: Host: a.teads.tv
URL: https://a.teads.tv/media/format/v3/teads-format.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.201.24.168 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-24-168.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 14e37dece6eba256348b4edd9f3eddce0eec7e3681e48ba721701181c2127f6e

Request headers

Referer: https://d-3786596282526573553.ampproject.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: max-age=0, no-cache, no-store
content-encoding: gzip
content-length: 740
content-type: text/html; charset=UTF-8
date: Tue, 25 Jul 2023 06:29:06 GMT
expires: Tue, 25 Jul 2023 06:29:06 GMT
pragma: no-cache
server: akka-http/10.2.10
vary: Accept-Encoding

GET
H2 200 track
t.teads.tv/ Frame 762A 23 B
134 B 19ms
19ms Image
image/gif 23.199.49.95
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.teads.tv/track?action=adCall&pid=148656&pageId=135455&auctid=f32108e5-1d16-4c36-9116-be41df2f4e32&vid=cd3c203d-602f-4257-92c8-49a7fceca255&env=js-amp&gtc=1&gdpr_apply=false&gdpr_status=25&gdpr_reason=250&gac=1&gap=1&ca=false&bsg=unsafe&bsias=unsafe&rpm_reason=2&ut=1&p=FufjCRomKisYPfpICPTOwahVEScX4GNFHt8vTr-CR_JbHg&cts=1690266546071&cs=-118130706377557292905&fv=1223&ts=1690266546114&referer=https%3A%2F%2Fktla.com%2Fnews%2Fcalifornia%2Fnasa-employee-admits-to-defrauding-covid-19-programs-to-fund-illegal-weed-operation%2Famp%2F
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.199.49.95 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-199-49-95.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d-3786596282526573553.ampproject.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

expires: Sat, 26 Jul 1997 05:00:00 GMT
date: Tue, 25 Jul 2023 06:29:06 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 23
content-type: image/gif

GET
H2 200 userx.20230720-1_b1-PR-59176-DEV-138063-trigger-vignette-on-taboola-oc-clicks-regardless-of-google-vigne-63ba223f201.es6.js Show response
cdn.taboola.com/libtrc/ Frame B0D4 18 KB
6 KB 10ms
4ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20230720-1_b1-PR-59176-DEV-138063-trigger-vignette-on-taboola-oc-clicks-regardless-of-google-vigne-63ba223f201.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/nexstar-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f26fdcb17f393c3089e111ad89932f60c188e2c1d6f7e4ec87bf00debe5fc009

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d-3786596282526573553.ampproject.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

x-amz-version-id: cT2sG9P0LJubr02IYhrTJ2QY9QtWs_yB
content-encoding: gzip
via: 1.1 varnish
date: Tue, 25 Jul 2023 06:29:06 GMT
x-amz-request-id: 1E51ZZMMKDAKEDBQ
age: 6
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: FAILED
content-length: 5464
x-amz-id-2: sV9S4eNCSfe4qrnFFSm5ZdM1lGVRkVZsYitRgFzyHf+kot24DdFiaedUrYdPwYuV+x1/ePHaKlE=
x-served-by: cache-lga21926-LGA
last-modified: Thu, 20 Jul 2023 06:50:47 GMT
server: AmazonS3
x-tbl-debug: bestatus=200,beresp=OK
x-timer: S1690266546.197749,VS0,VE1
etag: "671ff97eda8a78517ea27eeab3f4b03a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 31
access-control-allow-origin: *
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 1

GET
H2 204 abtests
ch-trc-events.taboola.com/nexstar-ktla/log/3/ Frame B0D4 0
363 B 82ms
21ms Image
text/plain 141.226.124.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ch-trc-events.taboola.com/nexstar-ktla/log/3/abtests?route=US:CH:V&lti=google-vigentte-opportunity_var&ri=757b0f0282d52014996c94013ea94dfd&sd=v2_effc89ebc0a7c6b7c03c500489eb1192_dec1eddc-3f39-4f46-8701-567fe1f04138-tuctbb8f131_1690266545_1690266545_CNawjgYQ-NxeGL_c8t2YMSABKAEw4QE4kaQOQKm8DkjNy9sDUJUEWABgAGjVmdKK47T5ueQBcAE&ui=dec1eddc-3f39-4f46-8701-567fe1f04138-tuctbb8f131&pi=/news/california/nasa-employee-admits-to-defrauding-covid-19-programs-to-fund-illegal-weed-operation&wi=209628867959220184&pt=text&vi=1690266545727&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1690266546176%7D&tim=06%3A29%3A06.176&id=2964&llvl=2&cv=20230720-1_b1-PR-59176-DEV-138063-trigger-vignette-on-taboola-oc-clicks-regardless-of-google-vigne-63ba223f201&
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.124.48 Chicago, United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d-3786596282526573553.ampproject.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 25 Jul 2023 06:29:06 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 container.html Show response
474b8a24e7e185dd989227e0109409ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 04A3 6 KB
3 KB 20ms
18ms Document
text/html 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://474b8a24e7e185dd989227e0109409ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ktla.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 25 Jul 2023 06:29:06 GMT
expires: Wed, 24 Jul 2024 06:29:06 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/ Frame 04A3 3 KB
1 KB 20ms
4ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/window_focus_fy2021.js

Requested by

Host: 474b8a24e7e185dd989227e0109409ad.safeframe.googlesyndication.com
URL: https://474b8a24e7e185dd989227e0109409ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://474b8a24e7e185dd989227e0109409ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 16:19:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50989
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 07 Aug 2023 16:19:17 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 04A3 179 KB
57 KB 68ms
33ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 474b8a24e7e185dd989227e0109409ad.safeframe.googlesyndication.com
URL: https://474b8a24e7e185dd989227e0109409ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06d05e25d5735fd4968f4db173509082b3c907133c6178b914fdd44bb4dbf50d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://474b8a24e7e185dd989227e0109409ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 06:29:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57333
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689766554590483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 25 Jul 2023 06:29:06 GMT

GET
H2 200 16746813733318065263
tpc.googlesyndication.com/simgad/ Frame 04A3 34 KB
35 KB 20ms
5ms Image
image/jpeg 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16746813733318065263

Requested by

Host: 474b8a24e7e185dd989227e0109409ad.safeframe.googlesyndication.com
URL: https://474b8a24e7e185dd989227e0109409ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04fad234975a198a280549aeeb4dd5067fcaa6b7c8abce5aabdbada01d44d1a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://474b8a24e7e185dd989227e0109409ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 04:00:07 GMT
x-content-type-options: nosniff
age: 440939
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35011
x-xss-protection: 0
last-modified: Thu, 01 Sep 2022 13:31:32 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 19 Jul 2024 04:00:07 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 04A3 0
438 B 26ms
22ms Image
image/gif 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssZCOKv_PQqbT66VOd5T1s6dTK-TzPYIIIK2Ec6-I4i074PCpGTiLLqn3YFyeln0ujwrO66sn0j7foUbwWUjUY3yq7325rq4IC7hO9NpfvoJOnS79sFmch5BTacpBjgQeqORKq1yxx66iBNs-uj04iQchwduzKU45xjg7E42iAIT5rKxHcNVnCeJ81GI4gjt8uxopKfHfRQGrDOvfJFbnsUFDiCbjTYOqconMWuQiqfpyFpRCP45kay0alXMzT5VUbjsMEZD5BqVQIBUNAlktYJ1yg_EEy2yXyjiUEgCsa3Q9f4UXYg0ZfjS-Fty0e57Q5RMWo&sai=AMfl-YTsoxtu2yxtUWgpfnVTA9Y264SfaRGnPEHKWy9y8slvpUw4ctkfiW3CEojwhLFoXYYx7bzLEi4CenINLKk&sig=Cg0ArKJSzI2aWFpihJ3IEAE&uach_m=[UACH]&adurl=

Requested by

Host: 474b8a24e7e185dd989227e0109409ad.safeframe.googlesyndication.com
URL: https://474b8a24e7e185dd989227e0109409ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://474b8a24e7e185dd989227e0109409ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 06:29:06 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 25 Jul 2023 06:29:06 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 3A99
Redirect Chain

https://sync.teads.tv/um?eid=3&fp=1&uid=&vid=cd3c203d-602f-4257-92c8-49a7fceca255&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D&gdpr=0&gdpr_co...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=Y2QzYzIwM2QtNjAyZi00MjU3LTkyYzgtNDlhN2ZjZWNhMjU1

170 B
409 B

49ms
22ms

Image
image/png

142.250.72.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=Y2QzYzIwM2QtNjAyZi00MjU3LTkyYzgtNDlhN2ZjZWNhMjU1

Requested by

Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=148656&gdprIab={%22reason%22:250,%22status%22:25,%22consent%22:%22%22,%22apiVersion%22:null,%22cmpId%22:null}&fromFormat=true&env=js-amp&auctid=f32108e5-1d16-4c36-9116-be41df2f4e32&vid=cd3c203d-602f-4257-92c8-49a7fceca255&1690266546109

Protocol

Server

142.250.72.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s32-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sync.teads.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jul 2023 06:29:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 25 Jul 2023 06:29:06 GMT
server: akka-http/10.2.10
content-type: text/html; charset=UTF-8
location: https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=Y2QzYzIwM2QtNjAyZi00MjU3LTkyYzgtNDlhN2ZjZWNhMjU1
cache-control: max-age=0, no-cache, no-store
content-length: 189
expires: Tue, 25 Jul 2023 06:29:06 GMT

GET
H2

200

um
sync.teads.tv/ Frame 3A99
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=teads&ttd_tpi=1&gdpr=0&gdpr_consent=&_t=1690266546298
https://match.adsrvr.org/track/cmb/generic?ttd_pid=teads&ttd_tpi=1&gdpr=0&gdpr_consent=&_t=1690266546298
https://sync.teads.tv/um?eid=22&uid=0a438c29-0da2-460a-80f0-898143f551c4&gdpr=0&gdpr_consent=

23 B
163 B

50ms
49ms

Image
image/gif

23.201.24.168
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=22&uid=0a438c29-0da2-460a-80f0-898143f551c4&gdpr=0&gdpr_consent=
Requested by: Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=148656&gdprIab={%22reason%22:250,%22status%22:25,%22consent%22:%22%22,%22apiVersion%22:null,%22cmpId%22:null}&fromFormat=true&env=js-amp&auctid=f32108e5-1d16-4c36-9116-be41df2f4e32&vid=cd3c203d-602f-4257-92c8-49a7fceca255&1690266546109
Protocol: H2
Server: 23.201.24.168 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-24-168.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sync.teads.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

expires: Tue, 25 Jul 2023 06:29:06 GMT
pragma: no-cache
date: Tue, 25 Jul 2023 06:29:06 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 25 Jul 2023 06:29:06 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://sync.teads.tv/um?eid=22&uid=0a438c29-0da2-460a-80f0-898143f551c4&gdpr=0&gdpr_consent=
content-type: text/html
cache-control: private,no-cache, must-revalidate
content-length: 217

GET
H2

200

um
sync.teads.tv/ Frame 3A99
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=79&p=145&cp=teads&cu=1&url=https%3A%2F%2Fsync.teads.tv%2Fum%3Ffp%3D1%26eid%3D80%26uid%3D%40%40CRITEO_USERID%40%40&gdpr=0&gdpr_consent=&_t=1690266546298
https://sync.teads.tv/um?fp=1&eid=80&uid=745e32ad-29c8-474d-a43b-443d2f2e89ab&gdpr=0&gdpr_consent=

23 B
163 B

55ms
55ms

Image
image/gif

23.201.24.168
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?fp=1&eid=80&uid=745e32ad-29c8-474d-a43b-443d2f2e89ab&gdpr=0&gdpr_consent=
Requested by: Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=148656&gdprIab={%22reason%22:250,%22status%22:25,%22consent%22:%22%22,%22apiVersion%22:null,%22cmpId%22:null}&fromFormat=true&env=js-amp&auctid=f32108e5-1d16-4c36-9116-be41df2f4e32&vid=cd3c203d-602f-4257-92c8-49a7fceca255&1690266546109
Protocol: H2
Server: 23.201.24.168 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-24-168.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sync.teads.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

expires: Tue, 25 Jul 2023 06:29:06 GMT
pragma: no-cache
date: Tue, 25 Jul 2023 06:29:06 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 25 Jul 2023 06:29:05 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://sync.teads.tv/um?fp=1&eid=80&uid=745e32ad-29c8-474d-a43b-443d2f2e89ab&gdpr=0&gdpr_consent=
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1727569
content-length: 0
expires: Tue, 25 Jul 2023 00:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame 3A99
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/teads/cd3c203d-602f-4257-92c8-49a7fceca255?gdpr=0&gdpr_consent=&_t=1690266546298
https://sync.teads.tv/um?eid=132&uid=y-V9C095JE2oSOuX0hlF_UuYg8Ebyxz4Ez33o-~A

23 B
163 B

51ms
50ms

Image
image/gif

23.201.24.168
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=132&uid=y-V9C095JE2oSOuX0hlF_UuYg8Ebyxz4Ez33o-~A
Requested by: Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=148656&gdprIab={%22reason%22:250,%22status%22:25,%22consent%22:%22%22,%22apiVersion%22:null,%22cmpId%22:null}&fromFormat=true&env=js-amp&auctid=f32108e5-1d16-4c36-9116-be41df2f4e32&vid=cd3c203d-602f-4257-92c8-49a7fceca255&1690266546109
Protocol: H2
Server: 23.201.24.168 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-24-168.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sync.teads.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

expires: Tue, 25 Jul 2023 06:29:06 GMT
pragma: no-cache
date: Tue, 25 Jul 2023 06:29:06 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

date: Tue, 25 Jul 2023 06:29:06 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://sync.teads.tv/um?eid=132&uid=y-V9C095JE2oSOuX0hlF_UuYg8Ebyxz4Ez33o-~A
content-length: 0

GET
H2

200

pixel.gif
load77.exelator.com/ Frame 3A99
Redirect Chain

https://loadm.exelator.com/load/?p=204&g=810&j=0&buid=cd3c203d-602f-4257-92c8-49a7fceca255_us_us&gdpr_consent=&_t=1690266546298
https://loadm.exelator.com/load/?p=204&g=810&j=0&buid=cd3c203d-602f-4257-92c8-49a7fceca255_us_us&gdpr_consent=&_t=1690266546298&xl8blockcheck=1
https://load77.exelator.com/pixel.gif

43 B
366 B

48ms
4ms

Image
image/gif

2a02:6ea0:c400::11
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://load77.exelator.com/pixel.gif
Requested by: Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=148656&gdprIab={%22reason%22:250,%22status%22:25,%22consent%22:%22%22,%22apiVersion%22:null,%22cmpId%22:null}&fromFormat=true&env=js-amp&auctid=f32108e5-1d16-4c36-9116-be41df2f4e32&vid=cd3c203d-602f-4257-92c8-49a7fceca255&1690266546109
Protocol: H2
Server: 2a02:6ea0:c400::11 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sync.teads.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

x-77-pop: newyorkUSNY
date: Tue, 25 Jul 2023 06:29:06 GMT
x-cache: HIT
x-77-cache: HIT
x-age: 602249
x-accel-date: 1689664297
content-length: 43
x-77-nzt: AZySJBYJZD//iTAJAA
x-accel-expires: @1690701097
last-modified: Wed, 25 Oct 2017 17:03:56 GMT
server: CDN77-Turbo
etag: "59f0c3fc-2b"
x-77-nzt-ray: 1e192d085a750f46b26bbf64b3c5821a
content-type: image/gif
access-control-allow-origin: *
accept-ranges: bytes

Redirect headers

date: Tue, 25 Jul 2023 06:29:06 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://load77.exelator.com/pixel.gif
content-type: image/gif
cache-control: no-cache
access-control-allow-credentials: true
content-length: 0

GET
H2 200 44858
tags.bluekai.com/site/ Frame 3A99 62 B
498 B 536ms
509ms Image
image/gif 173.223.57.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/44858?id=cd3c203d-602f-4257-92c8-49a7fceca255_us_us&limit=1&gdpr_consent=&_t=1690266546298
Requested by: Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=148656&gdprIab={%22reason%22:250,%22status%22:25,%22consent%22:%22%22,%22apiVersion%22:null,%22cmpId%22:null}&fromFormat=true&env=js-amp&auctid=f32108e5-1d16-4c36-9116-be41df2f4e32&vid=cd3c203d-602f-4257-92c8-49a7fceca255&1690266546109
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.223.57.84 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a173-223-57-84.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sync.teads.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Tue, 25 Jul 2023 06:29:06 GMT
content-length: 62
content-type: image/gif

GET
H2 400 474599.gif
idsync.rlcdn.com/ Frame 3A99 0
0 57ms
32ms Image
text/plain 35.190.60.146
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/474599.gif?partner_uid=cd3c203d-602f-4257-92c8-49a7fceca255_us&cv=&_t=1690266546298
Requested by: Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=148656&gdprIab={%22reason%22:250,%22status%22:25,%22consent%22:%22%22,%22apiVersion%22:null,%22cmpId%22:null}&fromFormat=true&env=js-amp&auctid=f32108e5-1d16-4c36-9116-be41df2f4e32&vid=cd3c203d-602f-4257-92c8-49a7fceca255&1690266546109
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 146.60.190.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sync.teads.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

GET
H2 200 g.pixel
aa.agkn.com/adscores/ Frame 3A99 43 B
656 B 39ms
14ms Image
image/gif 13.225.214.50
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aa.agkn.com/adscores/g.pixel?sid=9212301178&puid=cd3c203d-602f-4257-92c8-49a7fceca255_us&_tid=cd3c203d-602f-4257-92c8-49a7fceca255&gdpr_consent=&_t=1690266546298
Requested by: Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=148656&gdprIab={%22reason%22:250,%22status%22:25,%22consent%22:%22%22,%22apiVersion%22:null,%22cmpId%22:null}&fromFormat=true&env=js-amp&auctid=f32108e5-1d16-4c36-9116-be41df2f4e32&vid=cd3c203d-602f-4257-92c8-49a7fceca255&1690266546109
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.214.50 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-214-50.ewr50.r.cloudfront.net
Software: AAWebServer /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sync.teads.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jul 2023 06:29:06 GMT
via: 1.1 c5e0ddd115d9893ade353cf085d11dba.cloudfront.net (CloudFront)
server: AAWebServer
x-amz-cf-pop: EWR50-C1
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-cache: Miss from cloudfront
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length: 43
x-amz-cf-id: Ph1nfwLgKgXtJb-jrRq2okKF4wngG7abJ9Pc37PfBgueo67uattKYQ==
expires: 0

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame 3A99 0
338 B 51ms
9ms Image
text/plain 52.71.200.83
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=teadspartner&partner_uid=cd3c203d-602f-4257-92c8-49a7fceca255_us&gdpr_consent=&_t=1690266546298
Requested by: Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=148656&gdprIab={%22reason%22:250,%22status%22:25,%22consent%22:%22%22,%22apiVersion%22:null,%22cmpId%22:null}&fromFormat=true&env=js-amp&auctid=f32108e5-1d16-4c36-9116-be41df2f4e32&vid=cd3c203d-602f-4257-92c8-49a7fceca255&1690266546109
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.71.200.83 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-71-200-83.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sync.teads.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

x-served-by: beacon-n004-ash-prod.krxd.net
date: Tue, 25 Jul 2023 06:29:06 GMT
cache-control: private, no-cache, no-store
x-request-time: D=35 t=1690266546
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

usersync
sync.springserve.com/ Frame 3A99
Redirect Chain

https://sync.teads.tv/um?fp=1&ssb_provider_id=1&uid=&vid=cd3c203d-602f-4257-92c8-49a7fceca255&fb=https%3A%2F%2Fsync.springserve.com%2Fusersync%3Faid%3D1000024%26uuid%3D%5BVID%5D&gdpr=0&gdpr_consent...
https://sync.springserve.com/usersync?aid=1000024&uuid=cd3c203d-602f-4257-92c8-49a7fceca255

43 B
206 B

52ms
9ms

Image
image/gif

34.193.236.118
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.springserve.com/usersync?aid=1000024&uuid=cd3c203d-602f-4257-92c8-49a7fceca255
Requested by: Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=148656&gdprIab={%22reason%22:250,%22status%22:25,%22consent%22:%22%22,%22apiVersion%22:null,%22cmpId%22:null}&fromFormat=true&env=js-amp&auctid=f32108e5-1d16-4c36-9116-be41df2f4e32&vid=cd3c203d-602f-4257-92c8-49a7fceca255&1690266546109
Protocol: H2
Server: 34.193.236.118 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-193-236-118.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sync.teads.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 25 Jul 2023 06:29:06 GMT
access-control-allow-credentials: true
server: nginx
content-length: 43
access-control-allow-methods: GET, OPTIONS
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 25 Jul 2023 06:29:06 GMT
server: akka-http/10.2.10
content-type: text/html; charset=UTF-8
location: https://sync.springserve.com/usersync?aid=1000024&uuid=cd3c203d-602f-4257-92c8-49a7fceca255
cache-control: max-age=0, no-cache, no-store
content-length: 164
expires: Tue, 25 Jul 2023 06:29:06 GMT

GET
H2

200

report
sync.teads.tv/um/ Frame 3A99
Redirect Chain

https://sync.teads.tv/um?fp=1&ssb_provider_id=3&google_nid=teadstv_ab&uid=&vid=cd3c203d-602f-4257-92c8-49a7fceca255&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=Y2QzYzIwM2QtNjAyZi00MjU3LTkyYzgtNDlhN2ZjZWNhMjU1
https://sync.teads.tv/um/report?ssb_provider_id=3&google_nid=teadstv_ab&fp=1

23 B
163 B

50ms
50ms

Image
image/gif

23.201.24.168
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?ssb_provider_id=3&google_nid=teadstv_ab&fp=1
Requested by: Host: sync.teads.tv
URL: https://sync.teads.tv/iframe?pid=148656&gdprIab={%22reason%22:250,%22status%22:25,%22consent%22:%22%22,%22apiVersion%22:null,%22cmpId%22:null}&fromFormat=true&env=js-amp&auctid=f32108e5-1d16-4c36-9116-be41df2f4e32&vid=cd3c203d-602f-4257-92c8-49a7fceca255&1690266546109
Protocol: H2
Server: 23.201.24.168 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-201-24-168.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://sync.teads.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

expires: Tue, 25 Jul 2023 06:29:06 GMT
pragma: no-cache
date: Tue, 25 Jul 2023 06:29:06 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 25 Jul 2023 06:29:06 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?ssb_provider_id=3&google_nid=teadstv_ab&fp=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 04A3 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2a6e3c8497dc1fcc4c3318ee1c6fcd88cbaa89c76fad2a3ddcdadfeb46a9dac1

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 04A3 0
0 33ms
22ms Fetch
image/gif 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssN16Zd-wZIHN3vi5YaCcZsfRxko7-slFU8b5fYSxmT4uRC8bK0edgNmRroa0me2KVjlAn9MIDJhzLquo9K7S_rGnZHgdcJwoLME9xgtJbdbq0Dqe2IonZF6hghborJtjmdrWx6bg7okoTe-hGuC2Vio-E8BASuMZKdcRz9u5INJBotGM3_uBuCsZlfYZ-r7Vqm5j8Beg4iyPod0SAnsspxCuGOD2Y8QWtIEpv_KQY9L_YlSVqq--BdGRcBaVhfDIRP5pm0nuSt5oSXG_-eknjmWqHFonHvAHqqWAmIDtoOwT5bn4EtRYVmViLjodoA6KRocq0G9g&sai=AMfl-YRkG-zb4UFTVskUeqc2F2iiuKZXCD59BSVuLIhwYCeh1ogaPhyeJ8xiQ42-l8gGDAGKOGaUOEaQ63o9EsY&sig=Cg0ArKJSzH85x0c1bS5PEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://474b8a24e7e185dd989227e0109409ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 06:29:06 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 25 Jul 2023 06:29:06 GMT

GET
H2 200 bob_006.gif
bob.dmpxs.com/ Frame 04A3 35 B
255 B 67ms
10ms Image
image/gif 100.24.249.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bob.dmpxs.com/bob_006.gif?dfpid=5678&c_orderid=2971101524&c_lineid=6342684383&c_adunit=21932450433&c_adunithigh=21894867005&c_bannerid=138413368376&c_adsize=300x250&dcode=&imp_hash=&persistent_id=nxstrib-4-article-2489039&page_url=https://ktla.com/news/california/nasa-employee-admits-to-defrauding-covid-19-programs-to-fund-illegal-weed-operation/&cb_hash=1690266546479-4801058774
Requested by: Host: 474b8a24e7e185dd989227e0109409ad.safeframe.googlesyndication.com
URL: https://474b8a24e7e185dd989227e0109409ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 100.24.249.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-100-24-249-94.compute-1.amazonaws.com
Software: / Express
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-US,en;q=0.9
Referer: https://474b8a24e7e185dd989227e0109409ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 06:29:06 GMT
x-powered-by: Express

GET
H3 200 container.html Show response
474b8a24e7e185dd989227e0109409ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 127A 6 KB
3 KB 5ms
4ms Document
text/html 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://474b8a24e7e185dd989227e0109409ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/v0/amp-ad-0.1.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ktla.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 25 Jul 2023 06:29:06 GMT
expires: Wed, 24 Jul 2024 06:29:06 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 127A 14 KB
1 KB 21ms
20ms Stylesheet
text/css 2607:f8b0:4006:80d::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: 474b8a24e7e185dd989227e0109409ad.safeframe.googlesyndication.com
URL: https://474b8a24e7e185dd989227e0109409ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80d::200a Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://474b8a24e7e185dd989227e0109409ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 25 Jul 2023 06:29:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 25 Jul 2023 06:23:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 25 Jul 2023 06:29:06 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/ Frame 127A 2 KB
892 B 7ms
6ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: 474b8a24e7e185dd989227e0109409ad.safeframe.googlesyndication.com
URL: https://474b8a24e7e185dd989227e0109409ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://474b8a24e7e185dd989227e0109409ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 17:22:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47182
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 07 Aug 2023 17:22:44 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/ Frame 127A 23 KB
9 KB 7ms
6ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/abg_lite_fy2021.js

Requested by

Host: 474b8a24e7e185dd989227e0109409ad.safeframe.googlesyndication.com
URL: https://474b8a24e7e185dd989227e0109409ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

463947d0709c9f435ed523b82dd8bbccf1ea8c25dc8f08900c90c51948210665

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://474b8a24e7e185dd989227e0109409ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 16:19:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50989
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9071
x-xss-protection: 0
server: cafe
etag: 4587423269125806604
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 07 Aug 2023 16:19:17 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/ Frame 127A 3 KB
1 KB 7ms
7ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/window_focus_fy2021.js

Requested by

Host: 474b8a24e7e185dd989227e0109409ad.safeframe.googlesyndication.com
URL: https://474b8a24e7e185dd989227e0109409ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://474b8a24e7e185dd989227e0109409ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 16:19:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50989
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 07 Aug 2023 16:19:17 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/ Frame 127A 20 KB
8 KB 8ms
7ms Script
text/javascript 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 474b8a24e7e185dd989227e0109409ad.safeframe.googlesyndication.com
URL: https://474b8a24e7e185dd989227e0109409ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a778ebcae153771e99dd12d32647dc138e5c624303806b95f2563975c401d7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://474b8a24e7e185dd989227e0109409ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 16:19:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50995
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8309
x-xss-protection: 0
server: cafe
etag: 1379281626718990200
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 07 Aug 2023 16:19:11 GMT

GET
H3 200 nessie_icon_tiamat_white.png
tpc.googlesyndication.com/pagead/images/ Frame 127A 225 B
249 B 8ms
7ms Image
image/png 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/nessie_icon_tiamat_white.png

Requested by

Host: 474b8a24e7e185dd989227e0109409ad.safeframe.googlesyndication.com
URL: https://474b8a24e7e185dd989227e0109409ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://474b8a24e7e185dd989227e0109409ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 08:26:51 GMT
x-content-type-options: nosniff
server: cafe
age: 79335
etag: 14085932017949564970
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 225
x-xss-protection: 0
expires: Tue, 25 Jul 2023 08:26:51 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 127A 179 KB
56 KB 31ms
21ms Script
text/javascript 2607:f8b0:4006:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 474b8a24e7e185dd989227e0109409ad.safeframe.googlesyndication.com
URL: https://474b8a24e7e185dd989227e0109409ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06d05e25d5735fd4968f4db173509082b3c907133c6178b914fdd44bb4dbf50d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://474b8a24e7e185dd989227e0109409ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 06:29:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57333
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689766554590483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 25 Jul 2023 06:29:06 GMT

GET
H2 200 39d4397462e2693449f221f9915f9e59.js Show response
www.gstatic.com/mysidia/ Frame 127A 33 KB
14 KB 24ms
4ms Script
text/javascript 2607:f8b0:4006:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/39d4397462e2693449f221f9915f9e59.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: 474b8a24e7e185dd989227e0109409ad.safeframe.googlesyndication.com
URL: https://474b8a24e7e185dd989227e0109409ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2003 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

67edbe1fe2a38ebf16fc36b42cc267e37f18629ec79feae7a177178bf6e24d89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://474b8a24e7e185dd989227e0109409ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 20:25:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36191
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14179
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 20:41:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 22 Oct 2023 20:25:55 GMT

GET
H3 200 16738058743478341264
tpc.googlesyndication.com/simgad/ Frame 127A 2 KB
2 KB 11ms
4ms Image
image/png 2607:f8b0:4006:816::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16738058743478341264?w=100&h=100&tw=1&q=75

Requested by

Host: 474b8a24e7e185dd989227e0109409ad.safeframe.googlesyndication.com
URL: https://474b8a24e7e185dd989227e0109409ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:816::2001 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0314c69e4c651acdc1d9234a1f203c43f15e650f6625d53729e397b74f8a911e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://474b8a24e7e185dd989227e0109409ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 22:28:15 GMT
x-content-type-options: nosniff
age: 288051
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2166
x-xss-protection: 0
last-modified: Wed, 01 Mar 2023 20:46:10 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 20 Jul 2024 22:28:15 GMT

GET
DATA 200
OK truncated
/ Frame 127A 195 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9e34975a0a58f4262f18fc35a4a9efb9f9b3962b87772f8fa5c006d5b7bc3f57

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 127A 336 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 127A 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f6989df08ea454d239d1995075c11729e6b506375b3e71e803d9e86c99be1551

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 127A 0
0 29ms
28ms Image
text/html 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CzeuAsmu_ZKWaD5myzwWMqoTIAaj3sbJwyKSgkIsRqtu_oNQBEAEgx5jNV2ChAqABi9zAywLIAQngAgCoAwHIA9sEqgTvAk_QTqe5IT5vT561Ef9b-mLVabYvhFu-47-3CniqhM1T07tAj-yU2UwD72QGQY5Y93_SsStgItxv3e1Mk1Jws-Z_iYUlVA3HBlclnAbjbLEphaJtMchznVCuD9Fs6ACFnhBbQUChHpf8snhxcQ5vuIo2RomA0cr0zn53aV2kWmD4b9FPCusZP9UHeyInxeUn92hqGZTIVrewArCUmt2SBllMb5P3p3jXHQ8E04axNsrieC11LddsA4a_7h0cxZeYrdM3esfOkJ69GSOfjwOh-3TKeybg-5JRz--b49zBb-zWzhlQrKpOjXVlxhyV_WegveExHHGTb-z8XcbdPE5e9A9MN32uBXW6bjScy2-y3Ic9U4Fkcz4S9PfZgkmdismfsEHEtf5-4hyMLQ9dbROjEdHP7dHrWceu-npHgyDpZeVQbXIajZnkQtuwRvKHpxZc21jZhr3TAX9UnzRmSkxu2vDgTGbm0BOresQoorebrADABO-Ti92nBOAEAZIFBAgEGAGSBQQIBRgEoAYugAf2h5AnqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwMQ8C7SCBQIgGEQARgdMgKKAjoCgEBIvf3BOoAKA8gLAZgM8Y-Z4qcEuBODBNgTDtAVAYAXAbIXHgocCAASFHB1Yi00NDExNjc1OTYwODkxNTYxGMavEw&sigh=SsKSvEWOW8o&uach_m=[UACH]&cid=CAQSGwBpAlJWsP-PJaJvVB5i84yksgD-L7ZY39VpmBgB&template_id=515&cbvp=2&vis=1
Requested by: Host: 474b8a24e7e185dd989227e0109409ad.safeframe.googlesyndication.com
URL: https://474b8a24e7e185dd989227e0109409ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:820::2002 Stony Point, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://474b8a24e7e185dd989227e0109409ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 127A 33 KB
34 KB 23ms
5ms Font
font/woff2 2607:f8b0:4006:81f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2003 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://474b8a24e7e185dd989227e0109409ad.safeframe.googlesyndication.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 04:45:59 GMT
x-content-type-options: nosniff
age: 351787
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 20 Jul 2024 04:45:59 GMT

GET
H2 200 jSb6HqOEQjzv91X74bVaduN6Su8C1pNfo89i8sAbrkg.js Show response
pagead2.googlesyndication.com/bg/ Frame 50BC 37 KB
15 KB 37ms
7ms Script
text/javascript 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/jSb6HqOEQjzv91X74bVaduN6Su8C1pNfo89i8sAbrkg.js

Requested by

Host: ktla.com
URL: https://ktla.com/news/california/nasa-employee-admits-to-defrauding-covid-19-programs-to-fund-illegal-weed-operation/amp/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d26fa1ea384423ceff755fbe1b55a76e37a4aef02d6935fa3cf62f2c01bae48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://474b8a24e7e185dd989227e0109409ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 02:44:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 99855
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14598
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 23 Jul 2024 02:44:51 GMT

GET
H2 200 fbf6cfa7a94e79b836ff829409ec604c.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_517%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame B0D4 23 KB
24 KB 6ms
4ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_517%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fbf6cfa7a94e79b836ff829409ec604c.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: bf0e5c07efb096d022318ee0ce8a34c01fb0f491f737eb41557121d759b0c010

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d-3786596282526573553.ampproject.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Tue, 25 Jul 2023 06:29:07 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_517%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fbf6cfa7a94e79b836ff829409ec604c.png
age: 857706
edge-cache-tag: 563423710147843622780524711784830886326,604574479198665476732506774197548977405,29ecf9b93bbf306179626feeda1fab70
cache-tag: 563423710147843622780524711784830886326,604574479198665476732506774197548977405,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 178
req-referer: https://www.wunderground.com/
content-length: 23214
x-request-id: 35952ef11cf78e94b923c6395a92dc36
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by: cache-iad-kjyo7100107-IAD, cache-iad-kiad7000136-IAD, cache-chi-klot8100142-CHI, cache-iad-kjyo7100038-IAD, cache-lga21926-LGA
last-modified: Wed, 12 Jul 2023 19:44:21 GMT
server: nginx
x-timer: S1690266547.195398,VS0,VE1
etag: "1525c3af4e9aeb586a295729055caab2"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0, 22, 1

GET
H2 200 cb2bbbae250e087d7fab93c37fc7faff.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_517%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame B0D4 36 KB
36 KB 6ms
5ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_517%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/cb2bbbae250e087d7fab93c37fc7faff.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b4c1f73001e11af5c6fa8d8cdd3f5f383e9bdd45f4c6cde223ee3507a0b547cc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d-3786596282526573553.ampproject.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Tue, 25 Jul 2023 06:29:07 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_517%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/cb2bbbae250e087d7fab93c37fc7faff.jpg
age: 1195427
edge-cache-tag: 332513200906919717486775217017304432928,604574479198665476732506774197548977405,29ecf9b93bbf306179626feeda1fab70
cache-tag: 332513200906919717486775217017304432928,604574479198665476732506774197548977405,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 252
expiration: expiry-date="Sun, 16 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.worldjournal.com/
content-length: 36452
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kcgs7200047-IAD, cache-iad-kiad7000168-IAD, cache-sna10729-LGB, cache-iad-kcgs7200134-IAD, cache-lga21926-LGA
last-modified: Thu, 15 Jun 2023 13:54:41 GMT
server: nginx
x-timer: S1690266547.195413,VS0,VE1
etag: "370f8f89683610b3f5491a6df920d008"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2, 1, 146, 1

GET
H2 200 54c0170007e079951b9f66d84c079ac8.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_517%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame B0D4 30 KB
31 KB 6ms
6ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_517%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/54c0170007e079951b9f66d84c079ac8.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d5172cc3f70bf0421a1b083941bdc7cb790dda2fa3434e62d155093f95efdd5e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d-3786596282526573553.ampproject.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Tue, 25 Jul 2023 06:29:07 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_517%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/54c0170007e079951b9f66d84c079ac8.jpg
age: 4020685
edge-cache-tag: 489363724588034879350832503657521031558,604574479198665476732506774197548977405,29ecf9b93bbf306179626feeda1fab70
cache-tag: 489363724588034879350832503657521031558,604574479198665476732506774197548977405,29ecf9b93bbf306179626feeda1fab70
x-cache: HIT, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 276
expiration: expiry-date="Sun, 11 Jun 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.worldjournal.com/
content-length: 30436
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by: cache-iad-kiad7000145-IAD, cache-iad-kcgs7200082-IAD, cache-sna10741-LGB, cache-iad-kcgs7200078-IAD, cache-lga21926-LGA
last-modified: Thu, 11 May 2023 19:32:33 GMT
server: nginx
x-timer: S1690266547.195597,VS0,VE1
etag: "ec7510b7fccb7d76e2710cc573cb28fa"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1, 386, 1

GET
H2 200 173842f9cd2a9bf41e435a724c10b792.jpeg
images.taboola.com/taboola/image/fetch/h_517,w_620,c_fill,g_xy_center,x_637,y_366/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame B0D4 61 KB
62 KB 7ms
7ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/h_517,w_620,c_fill,g_xy_center,x_637,y_366/http%3A//cdn.taboola.com/libtrc/static/thumbnails/173842f9cd2a9bf41e435a724c10b792.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 2c556174531444778363fb59c56f47515d913bf4f6d206366776f80922147627

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d-3786596282526573553.ampproject.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

x-vcl-time-ms: 3
date: Tue, 25 Jul 2023 06:29:07 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/h_517,w_620,c_fill,g_xy_center,x_637,y_366/http%3A//cdn.taboola.com/libtrc/static/thumbnails/173842f9cd2a9bf41e435a724c10b792.jpeg
age: 2996103
edge-cache-tag: 420982242347283116989711341843836928198,610228076642905867087348058792953554915,29ecf9b93bbf306179626feeda1fab70
cache-tag: 420982242347283116989711341843836928198,610228076642905867087348058792953554915,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 275
expiration: expiry-date="Sat, 08 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.worldjournal.com/
content-length: 62352
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by: cache-iad-kjyo7100170-IAD, cache-iad-kjyo7100096-IAD, cache-sna10745-LGB, cache-iad-kjyo7100120-IAD, cache-lga21926-LGA
last-modified: Wed, 07 Jun 2023 20:44:56 GMT
server: nginx
x-timer: S1690266547.197545,VS0,VE3
etag: "c63db79f8f37106b975f4db94178b703"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 80, 1

GET
H2 200 eb891789c5b3832e450e56fb99014cbc.jpeg
images.taboola.com/taboola/image/fetch/h_517,w_620,c_fill,g_xy_center,x_643,y_347/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame B0D4 48 KB
49 KB 6ms
5ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/h_517,w_620,c_fill,g_xy_center,x_643,y_347/http%3A//cdn.taboola.com/libtrc/static/thumbnails/eb891789c5b3832e450e56fb99014cbc.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 160831a70c1ab2c23b5ec0277c44451aff1c8f07f3d15a6c05b7b96e30cc0e9c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d-3786596282526573553.ampproject.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Tue, 25 Jul 2023 06:29:07 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/h_517,w_620,c_fill,g_xy_center,x_643,y_347/http%3A//cdn.taboola.com/libtrc/static/thumbnails/eb891789c5b3832e450e56fb99014cbc.jpeg
age: 4047571
edge-cache-tag: 576823364446798118423071175955765086187,619049618640794777854886532876995114701,29ecf9b93bbf306179626feeda1fab70
cache-tag: 576823364446798118423071175955765086187,619049618640794777854886532876995114701,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 183
expiration: expiry-date="Fri, 23 Jun 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.worldjournal.com/
content-length: 49146
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by: cache-iad-kcgs7200085-IAD, cache-iad-kcgs7200085-IAD, cache-chi-klot8100104-CHI, cache-iad-kcgs7200175-IAD, cache-lga21926-LGA
last-modified: Tue, 23 May 2023 04:01:18 GMT
server: nginx
x-timer: S1690266547.198476,VS0,VE2
etag: "13c8cdde144675dc4983f8fd2c9f0a22"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 4, 1, 3268, 1

GET
H2 200 9c808e68d62fbd57648df4b1955ee373.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_517%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame B0D4 19 KB
19 KB 7ms
4ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_517%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9c808e68d62fbd57648df4b1955ee373.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 88d4c12293f6937d07ec5c3e3cf48cb793ef59f4233bc43adbe71cb6b0aa77b2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d-3786596282526573553.ampproject.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Tue, 25 Jul 2023 06:29:07 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_517%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9c808e68d62fbd57648df4b1955ee373.jpg
age: 1862047
edge-cache-tag: 297392513620392391292804494349902584102,604574479198665476732506774197548977405,29ecf9b93bbf306179626feeda1fab70
cache-tag: 297392513620392391292804494349902584102,604574479198665476732506774197548977405,29ecf9b93bbf306179626feeda1fab70
x-cache: HIT, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 217
expiration: expiry-date="Fri, 21 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://footballitarin.com/
content-length: 19244
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by: cache-iad-kcgs7200033-IAD, cache-iad-kjyo7100136-IAD, cache-lga21980-LGA, cache-iad-kjyo7100036-IAD, cache-lga21926-LGA
last-modified: Tue, 20 Jun 2023 05:20:42 GMT
server: nginx
x-timer: S1690266547.201297,VS0,VE1
etag: "56e2ae1658dd4967bb5edff2756fcf20"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 0, 0, 6516, 1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_517%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fbf6cfa7a94e79b836ff829409ec604c.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: bf0e5c07efb096d022318ee0ce8a34c01fb0f491f737eb41557121d759b0c010

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d-3786596282526573553.ampproject.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Tue, 25 Jul 2023 06:29:07 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_517%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/fbf6cfa7a94e79b836ff829409ec604c.png
age: 857706
edge-cache-tag: 563423710147843622780524711784830886326,604574479198665476732506774197548977405,29ecf9b93bbf306179626feeda1fab70
cache-tag: 563423710147843622780524711784830886326,604574479198665476732506774197548977405,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time: 178
req-referer: https://www.wunderground.com/
content-length: 23214
x-request-id: 35952ef11cf78e94b923c6395a92dc36
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by: cache-iad-kjyo7100107-IAD, cache-iad-kiad7000136-IAD, cache-chi-klot8100142-CHI, cache-iad-kjyo7100038-IAD, cache-lga21926-LGA
last-modified: Wed, 12 Jul 2023 19:44:21 GMT
server: nginx
x-timer: S1690266547.219530,VS0,VE0
etag: "1525c3af4e9aeb586a295729055caab2"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 0, 22, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_517%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/cb2bbbae250e087d7fab93c37fc7faff.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: b4c1f73001e11af5c6fa8d8cdd3f5f383e9bdd45f4c6cde223ee3507a0b547cc

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d-3786596282526573553.ampproject.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Tue, 25 Jul 2023 06:29:07 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_517%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/cb2bbbae250e087d7fab93c37fc7faff.jpg
age: 1195427
edge-cache-tag: 332513200906919717486775217017304432928,604574479198665476732506774197548977405,29ecf9b93bbf306179626feeda1fab70
cache-tag: 332513200906919717486775217017304432928,604574479198665476732506774197548977405,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 252
expiration: expiry-date="Sun, 16 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.worldjournal.com/
content-length: 36452
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kcgs7200047-IAD, cache-iad-kiad7000168-IAD, cache-sna10729-LGB, cache-iad-kcgs7200134-IAD, cache-lga21926-LGA
last-modified: Thu, 15 Jun 2023 13:54:41 GMT
server: nginx
x-timer: S1690266547.220312,VS0,VE0
etag: "370f8f89683610b3f5491a6df920d008"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2, 1, 146, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_517%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/54c0170007e079951b9f66d84c079ac8.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d5172cc3f70bf0421a1b083941bdc7cb790dda2fa3434e62d155093f95efdd5e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d-3786596282526573553.ampproject.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Tue, 25 Jul 2023 06:29:07 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_517%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/54c0170007e079951b9f66d84c079ac8.jpg
age: 4020685
edge-cache-tag: 489363724588034879350832503657521031558,604574479198665476732506774197548977405,29ecf9b93bbf306179626feeda1fab70
cache-tag: 489363724588034879350832503657521031558,604574479198665476732506774197548977405,29ecf9b93bbf306179626feeda1fab70
x-cache: HIT, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 276
expiration: expiry-date="Sun, 11 Jun 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.worldjournal.com/
content-length: 30436
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by: cache-iad-kiad7000145-IAD, cache-iad-kcgs7200082-IAD, cache-sna10741-LGB, cache-iad-kcgs7200078-IAD, cache-lga21926-LGA
last-modified: Thu, 11 May 2023 19:32:33 GMT
server: nginx
x-timer: S1690266547.220248,VS0,VE0
etag: "ec7510b7fccb7d76e2710cc573cb28fa"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 1, 1, 386, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/h_517,w_620,c_fill,g_xy_center,x_637,y_366/http%3A//cdn.taboola.com/libtrc/static/thumbnails/173842f9cd2a9bf41e435a724c10b792.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 2c556174531444778363fb59c56f47515d913bf4f6d206366776f80922147627

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d-3786596282526573553.ampproject.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Tue, 25 Jul 2023 06:29:07 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/h_517,w_620,c_fill,g_xy_center,x_637,y_366/http%3A//cdn.taboola.com/libtrc/static/thumbnails/173842f9cd2a9bf41e435a724c10b792.jpeg
age: 2996103
edge-cache-tag: 420982242347283116989711341843836928198,610228076642905867087348058792953554915,29ecf9b93bbf306179626feeda1fab70
cache-tag: 420982242347283116989711341843836928198,610228076642905867087348058792953554915,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 275
expiration: expiry-date="Sat, 08 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.worldjournal.com/
content-length: 62352
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by: cache-iad-kjyo7100170-IAD, cache-iad-kjyo7100096-IAD, cache-sna10745-LGB, cache-iad-kjyo7100120-IAD, cache-lga21926-LGA
last-modified: Wed, 07 Jun 2023 20:44:56 GMT
server: nginx
x-timer: S1690266547.220221,VS0,VE0
etag: "c63db79f8f37106b975f4db94178b703"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 80, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/h_517,w_620,c_fill,g_xy_center,x_643,y_347/http%3A//cdn.taboola.com/libtrc/static/thumbnails/eb891789c5b3832e450e56fb99014cbc.jpeg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 160831a70c1ab2c23b5ec0277c44451aff1c8f07f3d15a6c05b7b96e30cc0e9c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d-3786596282526573553.ampproject.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Tue, 25 Jul 2023 06:29:07 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/h_517,w_620,c_fill,g_xy_center,x_643,y_347/http%3A//cdn.taboola.com/libtrc/static/thumbnails/eb891789c5b3832e450e56fb99014cbc.jpeg
age: 4047571
edge-cache-tag: 576823364446798118423071175955765086187,619049618640794777854886532876995114701,29ecf9b93bbf306179626feeda1fab70
cache-tag: 576823364446798118423071175955765086187,619049618640794777854886532876995114701,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 183
expiration: expiry-date="Fri, 23 Jun 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.worldjournal.com/
content-length: 49146
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by: cache-iad-kcgs7200085-IAD, cache-iad-kcgs7200085-IAD, cache-chi-klot8100104-CHI, cache-iad-kcgs7200175-IAD, cache-lga21926-LGA
last-modified: Tue, 23 May 2023 04:01:18 GMT
server: nginx
x-timer: S1690266547.220207,VS0,VE0
etag: "13c8cdde144675dc4983f8fd2c9f0a22"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 4, 1, 3268, 2

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_517%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9c808e68d62fbd57648df4b1955ee373.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 88d4c12293f6937d07ec5c3e3cf48cb793ef59f4233bc43adbe71cb6b0aa77b2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d-3786596282526573553.ampproject.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

x-vcl-time-ms: 0
date: Tue, 25 Jul 2023 06:29:07 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_517%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/9c808e68d62fbd57648df4b1955ee373.jpg
age: 1862047
edge-cache-tag: 297392513620392391292804494349902584102,604574479198665476732506774197548977405,29ecf9b93bbf306179626feeda1fab70
cache-tag: 297392513620392391292804494349902584102,604574479198665476732506774197548977405,29ecf9b93bbf306179626feeda1fab70
x-cache: HIT, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 217
expiration: expiry-date="Fri, 21 Jul 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://footballitarin.com/
content-length: 19244
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by: cache-iad-kcgs7200033-IAD, cache-iad-kjyo7100136-IAD, cache-lga21980-LGA, cache-iad-kjyo7100036-IAD, cache-lga21926-LGA
last-modified: Tue, 20 Jun 2023 05:20:42 GMT
server: nginx
x-timer: S1690266547.220488,VS0,VE0
etag: "56e2ae1658dd4967bb5edff2756fcf20"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 0, 0, 6516, 2

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 127A 42 B
64 B 32ms
21ms Fetch
image/gif 2607:f8b0:4006:81f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstEApUzDXlwgsXkzIGrG48k0e9ukW2DwUWEG_T8LpdiC-Vukf8HMk7Ph91M-9nyXmmBytkW0Nn7nmG_UFH-NjoHJ08oYRiC9DTva2Kgm21xTwPWj1Xo9uo5Lbrq8BdbjIcPEI2KEzOvI55pwrgl0OajgJF0fw4AIt4zsuUEiBbJQZVyQDDT7rR7qfUO6A7QEyx0kktK28c4gDHI-N5FBIUYrbrZcQdDUaMbhAizL5itGvtYWKZVbu1tpNDNYucC4NxtQ17O8cBV87virNfg3IXbzk1GVCbpeGdCibVzLfhMG4NsO439Lm7Kp6vrSb995j0F-VQhka3_2JlVi5YzbodX8VYmX_ckejTXSXGPxrLI2HNO-D6M5LMZ8OPre1ZGgIotDJvWxMK-0O_NTDDY-ZDXCLTEO_gUzzkvaHU8fx5Ff5JzvGCIG9ky6dVb4kkeEZFf9Iu7_22VaoH9y6d0MAP5SkY6VKWv_uQGPrv6rRvcutJyZV3yDRtgYmwgm4wQbln-mGl7m7hGdlH5n1Q91mpQdU0mwWpGynhlS2V8bOYch9nRaEXbmqcHnjvNKU0JOn76BfMpT0_CBW_wCnRu-qqxWS6S-LRBur4eHIDkFTpmlNOCrNN8rKjvec8uKhXm9wFfy2qY-3EkUbDv_-hAirjycLtonT5JRWLH_SbeZtoWNUHUWahhRKjzNQnuy4ps1OEcOvPQRTp2jBDM8dU3LelfppENb4ZL6_SCiGB2gAkjVca2TNFqk78f84j2WNF04NbvVWWUo1CMP6VeJJkC-2XxTwG2B1zoRBc0MjjeQIedFXN3BmNm-UZXyNO7cPInILT_xpteqHtRSrD4x2DEB8agRsg4T6yP-eMf77ZaHePjewV9CWAA4UquhJljplC5dOSXnkjtYu5O8lEOb1miEXVNaROcvk-YlE_WpSQE7nDhPltmeJa_7CZGZG1t2f57hB1V-ei8YZHxg62o4Lv-xtrZRgchyknbthixYNd93Pf41g68B7WFw1-LKwk8sstb2stgmqPW4Fp30DcbCYtEPg3PE1Xz_mpE5epAEvbNq3yyaN7LfYLaYT8yjXYgte8LFWr-VXP2MKJJGYL34l7J4Tq-KYiZXHS5clWZ5mMIlsh84M03i3EUSY1HKu-5blz-OCnE5KdINVQ7OJ5k7rkMeh9dg-d6_RxOFNYn8_w_aOAyt7VUzw3KitVEsxS8E_SOR8bSpi4CKrmM1aJdC-99zspbAAtFCPuG1KYlwZAAHH2uP0SAAtajyuvhmIuHMoZlNMwCu2pbSUmsRaIsns8MIlWeyW69X5hVfzg7RzvcEH4LaQ&sai=AMfl-YTMl4m7FtZ_SwxNAfAaZxisHTUxcy1JVb64AdwK1eT1CLH4CQYKqatw5pFyI04LJUp_d-pkg9dlApmIOMD1UbXvpUawCrYJ6A&sig=Cg0ArKJSzPxQkWJKkIIjEAE&cid=CAQSGwBpAlJWsP-PJaJvVB5i84yksgD-L7ZY39VpmBgB&id=lidar2&mcvt=1001&p=0,0,50,320&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20230719&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3014809764&rs=1&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1690266546536&rpt=152&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81f::2002 Stony Point, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://474b8a24e7e185dd989227e0109409ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jul 2023 06:29:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ Frame B0D4 254 B
765 B 3ms
3ms Image
image/png 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://d-3786596282526573553.ampproject.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date: Tue, 25 Jul 2023 06:29:08 GMT
via: 1.1 varnish
x-amz-request-id: P8PSAVRZHT7YRZRF
age: 15349
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: KQJ329eRjgJVVnDZFeVZG4nc/m+c1tWcipV7e6ImwtogPm0dN3g9TKzTG9+Pkfq340NoZZoTb+s=
x-served-by: cache-lga21926-LGA
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1690266548.208089,VS0,VE0
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
content-type: image/png
abp: 26
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 1306

POST
H2 204 bulk Show response
trc.taboola.com/nexstar-ktla/log/3/ Frame B0D4 0
469 B 25ms
25ms XHR
image/gif 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/nexstar-ktla/log/3/bulk?route=US%3ACH%3AV&lti=google-vigentte-opportunity_var&bulkSize=1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230720-1_b1-PR-59176-DEV-138063-trigger-vignette-on-taboola-oc-clicks-regardless-of-google-vigne-63ba223f201.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://d-3786596282526573553.ampproject.net/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 21
date: Tue, 25 Jul 2023 06:29:09 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 19652
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-lga21926-LGA
pragma: no-cache
server: nginx
x-timer: S1690266549.192292,VS0,VE21
content-type: image/gif
access-control-allow-origin: https://d-3786596282526573553.ampproject.net
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H3 201 track
nexstar.amp.permutive.com/ 0
14 B 81ms
81ms Image
text/plain 34.107.213.183
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nexstar.amp.permutive.com/track?k=fc894c11-5ec8-48d7-b952-0a3aefdb3968&i=amp-jCPaO2l6YZJHH0f-Husqsg&it=amp&vid=_6tu4V1WThoJ729B54wVSA&s=_6tu4V1WThoJ729B54wVSA&e=PageviewEngagement&_ep_engaged_time=5&_ep_client.type=amp&_ep_client.title=NASA%20employee%20admits%20to%20COVID-19%20fraud%20to%20fund%20illegal%20cannabis%20cultivation&_ep_client.domain=ktla.com&_ep_client.url=https%3A%2F%2Fktla.com%2Fnews%2Fcalifornia%2Fnasa-employee-admits-to-defrauding-covid-19-programs-to-fund-illegal-weed-operation%2F&_ep_client.referrer=&_ep_client.user_agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F115.0.5790.102%20Safari%2F537.36&_ep_content.pageType=article&_ep_content.authorName=Travis%20Schlepp&_ep_content.providerName=Nexstar&_ep_content.categoryList!list%5Bstring%5D=%22California%2C%20Local%20News%2C%20News%22&_ep_content.primaryCategory=California&_ep_content.wordCount=345&_ep_content.paragraphCount=11&_ep_content.tagList!list%5Bstring%5D=&_ep_content.nlpCategories1=%2FLaw%20%26%20Government%2FPublic%20Safety&_ep_content.nlpCategories2=&_ep_content.nlpCategories3=&_ep_content.nlpConsumerGood=&_ep_content.nlpEvent=downturn&_ep_content.nlpLocation=Jet%20Propulsion%20Laboratory%2CPasadena&_ep_content.nlpOrganization=NASA%2Cbusiness%2Cgovernment%2CCOVID%2Cbusinesses&_ep_content.nlpPerson=Armen%20Hovanesian%2Cemployee%2Cindividuals%2Cbudget-planning%20resource%20analyst%2Cscammers&_ep_page.utmCampaign=&_ep_page.utmMedium=&_ep_page.utmSource=&_ep_content.nlpSentimentScore=-0.3&_ep_content.nlpSentimentMag=5.7
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.107.213.183 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 183.213.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://ktla.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 06:29:09 GMT
via: 1.1 google
server: nginx
content-type: text/plain; charset=utf-8
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

30 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.taboola.com/nexstar-ktla/	1969-12-31 23:59:59	Name: taboola_session_id Value: v2_effc89ebc0a7c6b7c03c500489eb1192_dec1eddc-3f39-4f46-8701-567fe1f04138-tuctbb8f131_1690266545_1690266545_CNawjgYQ-NxeGL_c8t2YMSABKAEw4QE4kaQOQKm8DkjNy9sDUJUEWABgAGjVmdKK47T5ueQBcAE
.ktla.com/	1970-01-20 22:16:42	Name: _ga Value: amp-jCPaO2l6YZJHH0f-Husqsg
.ktla.com/	1970-01-20 22:16:42	Name: _cb Value: amp-IH8IqQ2tE2T2Q1M4jKxBOA
.ktla.com/	1970-01-20 22:16:42	Name: comScore Value: amp-PrPPLQtFh8rksTLu6gea0A
.ktla.com/	1970-01-20 22:16:42	Name: imrworldwide Value: amp-xF7eZTEhJdDp-l11RZ_Icg
.scorecardresearch.com/	1970-01-20 23:07:06	Name: UID Value: 1F983c93e067241a7a704d51690266544
nexstar.amp.permutive.com/	1969-12-31 23:59:59	Name: AMP_CLIENT_ID Value: amp-jCPaO2l6YZJHH0f-Husqsg
.nexstar.amp.permutive.com/	1970-01-20 17:56:04	Name: permutive-id Value: 06cd8c36-e0d3-4c64-a20b-fec39b5aea9e
cdn.taboola.com/	1970-01-20 13:31:17	Name: abLdr Value: 9
.teads.tv/	1970-01-20 22:15:16	Name: tt_viewer Value: cd3c203d-602f-4257-92c8-49a7fceca255
.taboola.com/	1970-01-20 22:16:42	Name: t_gid Value: dec1eddc-3f39-4f46-8701-567fe1f04138-tuctbb8f131
.teads.tv/	1970-01-20 13:32:32	Name: tt_exelate Value:
.teads.tv/	1970-01-20 13:32:32	Name: tt_bluekai Value:
.teads.tv/	1970-01-20 13:32:32	Name: tt_liveramp Value:
.teads.tv/	1970-01-20 13:32:32	Name: tt_neustar Value:
.teads.tv/	1970-01-20 13:32:32	Name: tt_salesforce Value:
.doubleclick.net/	1970-01-20 23:07:06	Name: IDE Value: AHWqTUlTu_9JfAeyLSarOr1eae_HkMz0vjl4uJ-rU_Vu-gPgAdFXIHX9CWHJjeAx8Aw
.adsrvr.org/	1970-01-20 22:18:08	Name: TDID Value: 0a438c29-0da2-460a-80f0-898143f551c4
.agkn.com/	1970-01-20 22:16:42	Name: ab Value: 0001%3ATvnmCBDK9FlGx9GC0FnlRINPjVbl%2Be63
.criteo.com/	1970-01-20 22:52:42	Name: uid Value: 745e32ad-29c8-474d-a43b-443d2f2e89ab
.krxd.net/	1970-01-20 17:50:18	Name: _kuid_ Value: PseFOs4V
.exelator.com/	1970-01-20 16:23:54	Name: EE Value: "3f80f5d599566c543e8fdee02790edf6"
.adsrvr.org/	1970-01-20 22:18:08	Name: TDCPM Value: CAEYBSABKAIyCwiOl8bY5biGPBAFOAE.
.yahoo.com/	1970-01-20 22:17:04	Name: A3 Value: d=AQABBLJrv2QCEEk6TBRC2tg9jtmNh5vjifUFEgEBAQG9wGTJZAAAAAAA_eMAAA&S=AQAAAhwwVS-7z5GA7Drv853ox9A
.exelator.com/	1970-01-20 16:23:54	Name: ud Value: "eJxrXxzq6XKLQcE4zcIgzTTF1NLS1Mws2dTEONUiLSU11cDI3NIgNSXNbHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDQdEl%252BUWb6otDgxUUpaQyLSopPBR85eg8AqssrOQ%253D%253D"
.doubleclick.net/	1970-01-20 13:31:07	Name: test_cookie Value: CheckForPermission
bob.dmpxs.com/	1970-01-20 23:07:06	Name: bob_c_id Value: 198526364d9d5bcabfd1f6782846d8f6b1c5f0a1047466dffdc10da2e4b4dad04561a4e44fc7
.bluekai.com/	1970-01-20 17:56:04	Name: bku Value: m3X99nJgFtHtVR9l
.bluekai.com/	1970-01-20 17:56:04	Name: bkpa Value: KJy9R9Y4d02pSUHknpx6meDTwtkAwVBA1t101eBAnERy1ZR+Be/NB0681Z1TnEx8RE5ZRtPMRE/NBP2NzN2Nz0jLSVNo5e6hJZ5AzcJ4Rt2rztPr5e6ZUlx21ER81e/tBMD6BM/8m919PmAzqx==
.nexstar.amp.permutive.com/	1970-01-20 17:56:04	Name: _pdfps Value: %5B%5D

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://cdn.ampproject.org/rtv/012307052224000/v0/amp-ad-network-doubleclick-impl-0.1.js(Line 1) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
other	warning	URL: https://a.teads.tv/media/format/v3/teads-format.min.js Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
network	error	URL: https://idsync.rlcdn.com/474599.gif?partner_uid=cd3c203d-602f-4257-92c8-49a7fceca255_us&cv=&_t=1690266546298 Message: Failed to load resource: the server responded with a status of 400 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3a6b0682-f3e1-4576-a706-5eb4101b9cc3.prmutv.co
3p.ampproject.net
474b8a24e7e185dd989227e0109409ad.safeframe.googlesyndication.com
5326663b794e3aba0de57d9529c35a4c.redinuid.imrworldwide.com
a.teads.tv
aa.agkn.com
aax.amazon-adsystem.com
adservice.google.com
api.permutive.com
api.segment.io
beacon.krxd.net
bob.dmpxs.com
cdn.ampproject.org
cdn.permutive.com
cdn.taboola.com
ch-trc-events.taboola.com
cloudapi.imrworldwide.com
cm.g.doubleclick.net
d-3786596282526573553.ampproject.net
dis.criteo.com
fonts.googleapis.com
fonts.gstatic.com
gum.criteo.com
ib.adnxs.com
idsync.rlcdn.com
images.taboola.com
ktla.com
load77.exelator.com
loadm.exelator.com
match.adsrvr.org
nexstar.amp.permutive.com
pagead2.googlesyndication.com
ping.chartbeat.net
pixel.wp.com
pr-bh.ybp.yahoo.com
sb.scorecardresearch.com
securepubads.g.doubleclick.net
sync.springserve.com
sync.teads.tv
t.teads.tv
tags.bluekai.com
tpc.googlesyndication.com
trc.taboola.com
uaid-linkage.imrworldwide.com
www.googletagservices.com
www.gstatic.com
100.21.234.211
100.24.249.94
100.24.76.129
104.19.149.54
108.138.126.121
13.225.214.50
141.226.124.48
142.250.72.98
151.101.1.44
173.223.57.118
173.223.57.84
18.164.96.18
18.211.18.109
192.0.66.128
192.0.76.3
23.199.49.95
23.201.24.168
2600:1f18:4e9:5a01:7b32:ed2c:a71c:1e11
2607:f8b0:4006:80b::2002
2607:f8b0:4006:80c::2002
2607:f8b0:4006:80d::2003
2607:f8b0:4006:80d::200a
2607:f8b0:4006:816::2001
2607:f8b0:4006:81f::2002
2607:f8b0:4006:81f::2003
2607:f8b0:4006:820::2002
2607:f8b0:4006:824::2003
2620:100:a001::c
2a02:6ea0:c400::11
34.107.213.183
34.107.254.252
34.193.236.118
34.229.3.43
35.190.60.146
35.241.9.51
44.240.52.117
52.1.200.9
52.223.40.198
52.71.200.83
68.67.179.87
74.119.119.150
00ac66c3c07aa0dec44496dddeb2e4c2238be13dd36bb152a22b4a55a9867eed
0314c69e4c651acdc1d9234a1f203c43f15e650f6625d53729e397b74f8a911e
037ef0fd4314aa8be67b325bc6e8024b2fba3ebe968282e7df0fc210cc3798e6
0412ef2076b179b58e98f706cd96705e144c72900b96988f2841c33f25cfee2e
04fad234975a198a280549aeeb4dd5067fcaa6b7c8abce5aabdbada01d44d1a9
06d05e25d5735fd4968f4db173509082b3c907133c6178b914fdd44bb4dbf50d
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
1314eecea89ff2884d72978ec67e3c83744fb115db7fcc74922ad65b8f5e186e
14cfb5058acaf3af2f07088f1582f29941d7a4cc74fd1cea5050cecad862d154
14e37dece6eba256348b4edd9f3eddce0eec7e3681e48ba721701181c2127f6e
160831a70c1ab2c23b5ec0277c44451aff1c8f07f3d15a6c05b7b96e30cc0e9c
1758e90b6096391cb69e5ee54740e0c257885eff292eecec9eb0278d0dc4e1b3
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
265b35d7c4b4b654a3104411cac5b64289bda6794a40acad59e2acc07e6923a6
2a6e3c8497dc1fcc4c3318ee1c6fcd88cbaa89c76fad2a3ddcdadfeb46a9dac1
2c556174531444778363fb59c56f47515d913bf4f6d206366776f80922147627
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
342fa2269b0fe46d405b331bec919aa9e92b0caf56b784e9591091f73a8cfe91
3693c4f22cf371a66d7a0934dc60c49866b423a99130387ab07807c90ce41bba
3a43b9d216d5728ec7a1d9c4d8cc24ab230e88e0f9ac050cce915612ab631432
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
4098b51f0f26740421fb034a87afbad74205a1969703b3be9908962067187bf9
40eb66503bd43a0d8f708d53ceb4d192c8f29c8351ebef1d492ad8f831fea511
4364c5beedd0ad6b3fa73f64d3bcd58a80c52979612eb794475dc149f097250a
44f8db9dea006b836013439ae18ad01343ca533e1457074d0b6c38dc69e5ceed
463947d0709c9f435ed523b82dd8bbccf1ea8c25dc8f08900c90c51948210665
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
481d77f5d1a9c24f102bb6af246ecbff595011e0d73e70b652c39d702565d47d
4a084be63d0bb214c1239d602332cfa9c12d7094ee5e35e184f4d93e37d0c07a
4a7746d4b5f8bb89b2ae9d3dba3cbd141b8234465f8c88f0ddf66b6650ad3c08
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
54777297dedac74ef851b30da601cbc4039c938d776e4ea0f00d05980af761d7
5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
672b995d583a6ee58d04fdf327d676ae2b4299092a5201e269774bd0d3d7c0ca
67edbe1fe2a38ebf16fc36b42cc267e37f18629ec79feae7a177178bf6e24d89
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b913d6f06cebe5484a2bf0de91fa809e331c5b4c7885a8bb67e971f1be57c48
6bcbc4b8f648abcf614e8e01e6fee71a9a91bbd38443e515eb527a91979dce06
7a778ebcae153771e99dd12d32647dc138e5c624303806b95f2563975c401d7e
7b4c69f19139e33465fa431faa4b2279fbe824ad4c2034cb1a2c9fbf109ec6a1
7be40087e4a6c4ccb2ffc814fe83bd24a3e76fa267fb60ec0d8ec317228bb4f4
817ba010914030ce923641e0b18060d6cf1da6355d7837cbef1f7b5f9ab70b60
87f4a932f340e5ef9be76dcff895116b4f8f8f6e8a71138cf62c7e51c3687e96
88d4c12293f6937d07ec5c3e3cf48cb793ef59f4233bc43adbe71cb6b0aa77b2
8d26fa1ea384423ceff755fbe1b55a76e37a4aef02d6935fa3cf62f2c01bae48
8e050f7ab773ceaab04e4fbc4fdb10ce2514b39d1a2b006a2f03079941cd4c07
95c0c4a5c130416dc7d9fb76e4c65201429a0fe8f00e763fb325fe8c437f6612
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9ca52c50c0fc668c4cea3b3c14749411f1dcb3a4b0feac1ed9b20c7b231964ee
9e34975a0a58f4262f18fc35a4a9efb9f9b3962b87772f8fa5c006d5b7bc3f57
a9250fb90084aef46dd868212d4c01f29d250822859c2f57d59b19549a09767c
aa86df1d4cf007753ba47f56c8e26305ea29bc3898c97ba6c433b85a3f33ba64
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4c1f73001e11af5c6fa8d8cdd3f5f383e9bdd45f4c6cde223ee3507a0b547cc
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e
bf0e5c07efb096d022318ee0ce8a34c01fb0f491f737eb41557121d759b0c010
c41fc4288f7c6003f1456f50beeb30726aea3bba3655a3c0bf137c2899992288
c45a23bfb4219abac5d0b559dfe17a6b0243e76b10f1100e63009c4d8244d628
ca7a3967ff9651151a28b3a5f270a56cde8283eb40a6686467183ba9f8fc829d
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d17c2e04908716de74d6e8bd4c4b3957802077a2f9601bee32611280546cae26
d29f048afff7a94c65454d3488f2b6dbe7523683eeba57f0d1ea88bcd9e9a07c
d399f9c8c92526fb78b76514e4071a337e24370882e9a3dbf1b649f5cc289716
d4d6a95e8dd6252c30717fa715d5007ea4c15aa078b6eea84fd74eb8ea5f3310
d5172cc3f70bf0421a1b083941bdc7cb790dda2fa3434e62d155093f95efdd5e
dabecd6b2a4e1aeedaa12cf3fd3a0c74face6777338d09ff23a882d74c9e6be6
e015e222890d6e392101d338d689853c302c2fd59fe35966f9ed17af10f489bb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e42abf1d9a5316a864c88a2dd698e068f3cd14f67457a662ec2dc2de0c451e63
ee1f6e4fa5f44a944a23f3f894b45a5a7f321bb85db9e26a9523fb27b4e4d7b6
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f26fdcb17f393c3089e111ad89932f60c188e2c1d6f7e4ec87bf00debe5fc009
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f4c37f74951f66c1947f586a78cee7ee48211226ef5d7a75c5735c73dfb586c9
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f6989df08ea454d239d1995075c11729e6b506375b3e71e803d9e86c99be1551

ktla.com Open in urlscan Pro 192.0.66.128 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

118 Requests

91 %HTTPS

29 %IPv6

30 Domains

46 Subdomains

37 IPs

2 Countries

2075 kBTransfer

6844 kBSize

30 Cookies

1 Outgoing links

Redirected requests

118 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

ktla.com Open in urlscan Pro
192.0.66.128 Public Scan

Screenshot
Live screenshot

Full Image

118
Requests

91 %
HTTPS

29 %
IPv6

30
Domains

46
Subdomains

37
IPs

2
Countries

2075 kB
Transfer

6844 kB
Size

30
Cookies

118 HTTP transactions
6 data transactions