www.nbcwashington.com Open in urlscan Pro
96.16.128.69 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
Submission: On November 04 via api (November 4th 2022, 6:52:12 pm UTC) from US — Scanned from DE

Summary HTTP 312 Redirects Links 57 Behaviour Indicators

Summary

This website contacted 60 IPs in 6 countries across 46 domains to perform 312 HTTP transactions. The main IP is 96.16.128.69, located in Frankfurt am Main, Germany and belongs to AKAMAI-AS, US. The main domain is www.nbcwashington.com. The Cisco Umbrella rank of the primary domain is 233753.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on February 28th 2022. Valid for: a year.

This is the only time www.nbcwashington.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
41	96.16.128.69 96.16.128.69	16625 (AKAMAI-AS) (AKAMAI-AS)
15	2a02:26f0:170... 2a02:26f0:1700:385::507	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
9	2606:4700::68... 2606:4700::6810:9540	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2.19.107.55 2.19.107.55	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a02:26f0:170... 2a02:26f0:1700:494::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	108.138.7.41 108.138.7.41	16509 (AMAZON-02) (AMAZON-02)
1	18.66.147.70 18.66.147.70	16509 (AMAZON-02) (AMAZON-02)
1	104.18.12.76 104.18.12.76	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
5	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
6	2a02:26f0:350... 2a02:26f0:3500:589::5ac	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2606:4700:440... 2606:4700:4400::ac40:929e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:205... 2600:9000:2057:1000:18:1fcd:351:7bc1	16509 (AMAZON-02) (AMAZON-02)
4	18.66.147.86 18.66.147.86	16509 (AMAZON-02) (AMAZON-02)
35	151.101.129.44 151.101.129.44	54113 (FASTLY) (FASTLY)
4	151.101.1.44 151.101.1.44	54113 (FASTLY) (FASTLY)
1	18.65.39.27 18.65.39.27	16509 (AMAZON-02) (AMAZON-02)
4	99.81.236.184 99.81.236.184	16509 (AMAZON-02) (AMAZON-02)
1	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	34.202.126.101 34.202.126.101	14618 (AMAZON-AES) (AMAZON-AES)
3	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1	34.120.133.55 34.120.133.55	396982 () ()
16	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	52.215.141.21 52.215.141.21	16509 (AMAZON-02) (AMAZON-02)
1	52.44.88.224 52.44.88.224	14618 (AMAZON-AES) (AMAZON-AES)
1	3.250.251.255 3.250.251.255	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:205... 2600:9000:2057:e000:19:9934:6a80:93a1	16509 (AMAZON-02) (AMAZON-02)
3	15.236.176.210 15.236.176.210	16509 (AMAZON-02) (AMAZON-02)
3	13.36.218.177 13.36.218.177	16509 (AMAZON-02) (AMAZON-02)
4	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
1	2a04:4e42:200... 2a04:4e42:200::645	54113 (FASTLY) (FASTLY)
1	52.71.228.112 52.71.228.112	14618 (AMAZON-AES) (AMAZON-AES)
4	2a02:2638::24 2a02:2638::24	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
54	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
11	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
2	54.76.60.98 54.76.60.98	16509 (AMAZON-02) (AMAZON-02)
1 1	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
4	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a04:4e42::645 2a04:4e42::645	54113 (FASTLY) (FASTLY)
2	2600:9000:239... 2600:9000:2394:9400:11:f728:3040:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:170... 2a02:26f0:1700:1b4::507	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 1	212.82.100.182 212.82.100.182	34010 (YAHOO-IRD) (YAHOO-IRD)
1	104.18.8.110 104.18.8.110	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	3.83.210.131 3.83.210.131	14618 (AMAZON-AES) (AMAZON-AES)
3	3.69.181.162 3.69.181.162	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
1 2	216.58.212.134 216.58.212.134	15169 (GOOGLE) (GOOGLE)
3	2a02:26f0:350... 2a02:26f0:3500:5::17d8:4d0d	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	52.208.54.255 52.208.54.255	16509 (AMAZON-02) (AMAZON-02)
10	23.35.229.151 23.35.229.151	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2600:1f18:612... 2600:1f18:612b:4232:669d:1752:f0d7:2482	14618 (AMAZON-AES) (AMAZON-AES)
4 4	185.94.180.126 185.94.180.126	35220 (SPOTX-AMS) (SPOTX-AMS)
1	151.101.130.137 151.101.130.137	54113 (FASTLY) (FASTLY)
5	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1 2	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	162.247.241.14 162.247.241.14	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
1	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	3.94.178.28 3.94.178.28	14618 (AMAZON-AES) (AMAZON-AES)
312	60

41 96.16.128.69 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-128-69.deploy.static.akamaitechnologies.com

www.nbcwashington.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a02:26f0:1700:385::507 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

media.nbcwashington.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
media.nbcnewyork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700::6810:9540 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2.19.107.55 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-107-55.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:1700:494::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.7.41 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-41.fra56.r.cloudfront.net

native.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.70 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-70.fra60.r.cloudfront.net

ak.sail-horizon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.12.76 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (San Francisco, United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:26f0:3500:589::5ac (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

data.nbcstations.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::ac40:929e (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:1000:18:1fcd:351:7bc1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.66.147.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-86.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 151.101.129.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imprammp.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.1.44 (United States)

ASN54113 (FASTLY, US)

c2.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widget.perfectmarket.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vidstat.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.65.39.27 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-39-27.ams1.r.cloudfront.net

cdn.branch.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 99.81.236.184 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-236-184.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.202.126.101 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-202-126-101.compute-1.amazonaws.com

id.sv.rkdms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.133.55 (Kansas City, United States)

ASN396982 ()
PTR: 55.133.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.215.141.21 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-141-21.eu-west-1.compute.amazonaws.com

mb.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
geo.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.44.88.224 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-44-88-224.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.250.251.255 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-250-251-255.eu-west-1.compute.amazonaws.com

nbcuni.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:e000:19:9934:6a80:93a1 (United States)

ASN16509 (AMAZON-02, US)

app.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 15.236.176.210 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-236-176-210.eu-west-3.compute.amazonaws.com

nbcume.sc.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.36.218.177 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

nbcume.hb.omtrdc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.19.126 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

d37b9fecc705efde6d7194b5671993b6.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::645 (United States)

ASN54113 (FASTLY, US)

jssdkcdns.mparticle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.71.228.112 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-71-228-112.compute-1.amazonaws.com

link.theplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638::24 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

54 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-match.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
am-vid-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.76.60.98 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-60-98.eu-west-1.compute.amazonaws.com

nbcu.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.226 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.18.126 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)

as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a04:4e42::645 (United States)

ASN54113 (FASTLY, US)

identity.mparticle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
jssdks.mparticle.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2394:9400:11:f728:3040:93a1 (United States)

ASN16509 (AMAZON-02, US)

api2.branch.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:1700:1b4::507 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

media.nbcmiami.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.182 (Dublin, Ireland) 1 redirects

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.8.110 (Shahr, Iran, Islamic Republic Of)

ASN13335 (CLOUDFLARENET, US)

ds.reson8.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.83.210.131 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-83-210-131.compute-1.amazonaws.com

mid.rkdms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.69.181.162 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-181-162.eu-central-1.compute.amazonaws.com

5d4a1.v.fwmrm.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.212.134 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f134.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:3500:5::17d8:4d0d (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

nbclim-f.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.208.54.255 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-54-255.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 23.35.229.151 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-229-151.deploy.static.akamaitechnologies.com

nbcudisplay.s.moatpixel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:612b:4232:669d:1752:f0d7:2482 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

taboola-supply-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.94.180.126 (Amsterdam, Netherlands) 4 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::1c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.241.14 (United States)

ASN23467 (NEWRELIC-AS-1, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.94.178.28 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-94-178-28.compute-1.amazonaws.com

nbcu.track.securedvisit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
91	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 1049 c2.taboola.com — Cisco Umbrella Rank: 12652 trc.taboola.com — Cisco Umbrella Rank: 810 trc-events.taboola.com — Cisco Umbrella Rank: 1697 vidstat.taboola.com — Cisco Umbrella Rank: 3102 am-trc-events.taboola.com — Cisco Umbrella Rank: 16206 images.taboola.com — Cisco Umbrella Rank: 1595 imprammp.taboola.com — Cisco Umbrella Rank: 9990 am-match.taboola.com — Cisco Umbrella Rank: 9959 am-vid-events.taboola.com — Cisco Umbrella Rank: 9265 sync-t1.taboola.com — Cisco Umbrella Rank: 1438	947 KB
51	nbcwashington.com www.nbcwashington.com — Cisco Umbrella Rank: 233753 media.nbcwashington.com — Cisco Umbrella Rank: 513509	1 MB
19	doubleclick.net 2 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 264 cm.g.doubleclick.net — Cisco Umbrella Rank: 320 ad.doubleclick.net — Cisco Umbrella Rank: 208	183 KB
17	googlesyndication.com d37b9fecc705efde6d7194b5671993b6.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 167 pagead2.googlesyndication.com — Cisco Umbrella Rank: 131	303 KB
11	moatads.com z.moatads.com — Cisco Umbrella Rank: 598 mb.moatads.com — Cisco Umbrella Rank: 892 geo.moatads.com — Cisco Umbrella Rank: 862 px.moatads.com — Cisco Umbrella Rank: 620	534 KB
10	moatpixel.com nbcudisplay.s.moatpixel.com — Cisco Umbrella Rank: 23189	3 KB
9	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 635	150 KB
8	casalemedia.com htlb.casalemedia.com — Cisco Umbrella Rank: 743 as-sec.casalemedia.com — Cisco Umbrella Rank: 2125	3 KB
7	criteo.com 1 redirects bidder.criteo.com — Cisco Umbrella Rank: 866 gum.criteo.com — Cisco Umbrella Rank: 481 mug.criteo.com — Cisco Umbrella Rank: 1946	9 KB
7	google.com adservice.google.com — Cisco Umbrella Rank: 134 www.google.com — Cisco Umbrella Rank: 17	1 KB
7	demdex.net dpm.demdex.net — Cisco Umbrella Rank: 285 nbcuni.demdex.net — Cisco Umbrella Rank: 14413 nbcu.demdex.net — Cisco Umbrella Rank: 16103	11 KB
6	omtrdc.net nbcume.sc.omtrdc.net — Cisco Umbrella Rank: 18889 nbcume.hb.omtrdc.net — Cisco Umbrella Rank: 20409	2 KB
6	nbcstations.com data.nbcstations.com	42 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 223	216 KB
5	nbcnewyork.com media.nbcnewyork.com — Cisco Umbrella Rank: 183658	200 KB
4	spotxchange.com 4 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 799	3 KB
4	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 774	2 KB
4	mparticle.com jssdkcdns.mparticle.com — Cisco Umbrella Rank: 7367 identity.mparticle.com — Cisco Umbrella Rank: 2112 jssdks.mparticle.com — Cisco Umbrella Rank: 6888	46 KB
4	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 207	56 KB
3	akamaihd.net nbclim-f.akamaihd.net — Cisco Umbrella Rank: 232145	2 MB
3	fwmrm.net 5d4a1.v.fwmrm.net — Cisco Umbrella Rank: 213247	3 KB
3	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 457	922 B
3	rkdms.com 1 redirects id.sv.rkdms.com — Cisco Umbrella Rank: 5622 mid.rkdms.com — Cisco Umbrella Rank: 1905	242 B
3	branch.io cdn.branch.io — Cisco Umbrella Rank: 817 api2.branch.io — Cisco Umbrella Rank: 493	23 KB
3	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 467	82 KB
2	tremorhub.com taboola-supply-partners.tremorhub.com — Cisco Umbrella Rank: 3521	365 B
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 118	2 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 5594	914 B
2	perfectmarket.com widget.perfectmarket.com — Cisco Umbrella Rank: 4035	33 KB
2	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 1038	560 B
2	wp.com stats.wp.com — Cisco Umbrella Rank: 3367 pixel.wp.com — Cisco Umbrella Rank: 2816	3 KB
1	securedvisit.com nbcu.track.securedvisit.com — Cisco Umbrella Rank: 19461	24 KB
1	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 404	620 B
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 750	14 KB
1	reson8.com ds.reson8.com — Cisco Umbrella Rank: 4285	96 B
1	yahoo.com 1 redirects cms.analytics.yahoo.com — Cisco Umbrella Rank: 1577	675 B
1	nbcmiami.com media.nbcmiami.com — Cisco Umbrella Rank: 153189	24 KB
1	theplatform.com link.theplatform.com — Cisco Umbrella Rank: 11729	2 KB
1	app.link app.link — Cisco Umbrella Rank: 2492	594 B
1	chartbeat.net ping.chartbeat.net — Cisco Umbrella Rank: 1349	201 B
1	rlcdn.com api.rlcdn.com — Cisco Umbrella Rank: 1057	364 B
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 782	40 KB
1	chartbeat.com static.chartbeat.com — Cisco Umbrella Rank: 1610	15 KB
1	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 903	33 KB
1	sail-horizon.com ak.sail-horizon.com — Cisco Umbrella Rank: 3878	44 KB
1	sharethrough.com native.sharethrough.com — Cisco Umbrella Rank: 3234	77 KB
312	46

	Domain	Requested by
45	am-trc-events.taboola.com	www.nbcwashington.com
41	www.nbcwashington.com	www.nbcwashington.com
23	images.taboola.com	www.nbcwashington.com
16	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.nbcwashington.com
11	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
10	nbcudisplay.s.moatpixel.com	www.nbcwashington.com
10	media.nbcwashington.com	www.nbcwashington.com
9	cdn.taboola.com	www.nbcwashington.com cdn.taboola.com
9	cdn.cookielaw.org	www.nbcwashington.com cdn.cookielaw.org
6	data.nbcstations.com	www.nbcwashington.com data.nbcstations.com
6	z.moatads.com	www.nbcwashington.com securepubads.g.doubleclick.net
5	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
5	www.google.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
5	trc-events.taboola.com	www.nbcwashington.com
5	www.googletagservices.com	www.nbcwashington.com securepubads.g.doubleclick.net
5	media.nbcnewyork.com	www.nbcwashington.com data.nbcstations.com
4	sync.search.spotxchange.com	4 redirects
4	beacon.krxd.net	www.nbcwashington.com
4	as-sec.casalemedia.com	js-sec.indexww.com
4	bidder.criteo.com	static.criteo.net
4	htlb.casalemedia.com	js-sec.indexww.com
4	dpm.demdex.net	assets.adobedtm.com www.nbcwashington.com
4	sb.scorecardresearch.com	www.nbcwashington.com
3	px.moatads.com	www.nbcwashington.com
3	nbclim-f.akamaihd.net	www.nbcwashington.com
3	5d4a1.v.fwmrm.net	www.nbcwashington.com
3	nbcume.hb.omtrdc.net	www.nbcwashington.com
3	nbcume.sc.omtrdc.net	assets.adobedtm.com www.nbcwashington.com
3	match.adsrvr.org	js-sec.indexww.com imprammp.taboola.com am-match.taboola.com
3	assets.adobedtm.com	www.nbcwashington.com assets.adobedtm.com
2	gum.criteo.com	1 redirects static.criteo.net
2	sync-t1.taboola.com	imprammp.taboola.com am-match.taboola.com
2	taboola-supply-partners.tremorhub.com	imprammp.taboola.com am-match.taboola.com
2	ad.doubleclick.net	1 redirects www.nbcwashington.com
2	fonts.googleapis.com	data.nbcstations.com
2	mid.rkdms.com	1 redirects www.nbcwashington.com
2	api2.branch.io	cdn.branch.io
2	identity.mparticle.com	jssdkcdns.mparticle.com
2	nbcu.demdex.net	assets.adobedtm.com
2	trc.taboola.com	cdn.taboola.com
2	adservice.google.com	securepubads.g.doubleclick.net
2	adservice.google.de	securepubads.g.doubleclick.net
2	widget.perfectmarket.com	cdn.taboola.com widget.perfectmarket.com
2	geolocation.onetrust.com	cdn.cookielaw.org
1	jssdks.mparticle.com	jssdkcdns.mparticle.com
1	nbcu.track.securedvisit.com	www.nbcwashington.com
1	mug.criteo.com
1	bam.nr-data.net	js-agent.newrelic.com
1	js-agent.newrelic.com	www.nbcwashington.com
1	am-vid-events.taboola.com	www.nbcwashington.com
1	am-match.taboola.com	vidstat.taboola.com
1	imprammp.taboola.com	vidstat.taboola.com
1	geo.moatads.com	z.moatads.com
1	vidstat.taboola.com	cdn.taboola.com
1	ds.reson8.com	www.nbcwashington.com
1	cms.analytics.yahoo.com	1 redirects
1	media.nbcmiami.com	www.nbcwashington.com
1	cm.g.doubleclick.net	1 redirects
1	link.theplatform.com	www.nbcwashington.com
1	jssdkcdns.mparticle.com	www.nbcwashington.com
1	d37b9fecc705efde6d7194b5671993b6.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	app.link	cdn.branch.io
1	nbcuni.demdex.net	assets.adobedtm.com
1	ping.chartbeat.net	www.nbcwashington.com
1	mb.moatads.com	z.moatads.com
1	pixel.wp.com	www.nbcwashington.com
1	api.rlcdn.com	js-sec.indexww.com
1	id.sv.rkdms.com	js-sec.indexww.com
1	static.criteo.net	js-sec.indexww.com
1	cdn.branch.io	www.nbcwashington.com
1	c2.taboola.com	www.nbcwashington.com
1	static.chartbeat.com	www.nbcwashington.com
1	stats.wp.com	www.nbcwashington.com
1	js-sec.indexww.com	www.nbcwashington.com
1	ak.sail-horizon.com	www.nbcwashington.com
1	native.sharethrough.com	www.nbcwashington.com
312	76

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.idtheftcenter.org
apps.apple.com
play.google.com
unit42.paloaltonetworks.com
www.paloaltonetworks.com
www.wegatech.de
popup.taboola.com
ccdb65.pzzqvpjlfkbmb.com
www.merkur24.com
signup.taboola.com
ad.doubleclick.net
www.thefounded.com
instagram.com
publicfiles.fcc.gov
www.nbcuniversal.com
together.nbcuni.com
nbcwashington.com
cozitv.com
support.google.com
support.apple.com
support.mozilla.org
support.microsoft.com
policies.google.com
tools.google.com
www.adobe.com
mixpanel.com
www.aboutads.info
youradchoices.ca
www.youronlinechoices.com
www.youronlinechoices.com.au
liveramp.com
www.onetrust.com

Subject Issuer	Validity	Valid
www.nbcnewyork.com DigiCert SHA2 Secure Server CA	`2022-02-28` - `2023-03-01`	a year	crt.sh
media.nbcnewyork.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-25` - `2023-09-27`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2022-05-01` - `2023-05-01`	a year	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-11-27` - `2022-11-29`	a year	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-19` - `2023-08-19`	a year	crt.sh
*.sharethrough.com Amazon	`2022-07-14` - `2023-08-12`	a year	crt.sh
ak.sail-horizon.com Amazon	`2022-01-06` - `2023-02-02`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-10-06` - `2023-10-05`	a year	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2022-06-11` - `2023-07-12`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-01-12` - `2023-01-12`	a year	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2022-05-06` - `2023-06-03`	a year	crt.sh
*.scorecardresearch.com Amazon	`2022-01-29` - `2023-02-27`	a year	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2021-11-28` - `2022-12-29`	a year	crt.sh
*.branch.io Amazon	`2022-10-11` - `2023-11-09`	a year	crt.sh
*.demdex.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-26` - `2023-10-27`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-01` - `2022-11-30`	3 months	crt.sh
securedvisit.com Amazon	`2022-10-29` - `2023-11-26`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.moatads.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-05`	a year	crt.sh
widget.perfectmarket.com GlobalSign Atlas R3 DV TLS CA 2022 Q3	`2022-09-27` - `2023-10-29`	a year	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2021-12-01` - `2022-12-30`	a year	crt.sh
appipv4.link Amazon	`2022-05-25` - `2023-06-23`	a year	crt.sh
*.sc.omtrdc.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-02-17` - `2023-03-07`	a year	crt.sh
*.hb.omtrdc.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-12-02` - `2023-01-02`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
jssdkcdns.mparticle.com R3	`2022-10-23` - `2023-01-21`	3 months	crt.sh
link.theplatform.com Entrust Certification Authority - L1K	`2022-03-02` - `2023-04-01`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-31` - `2023-01-26`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
identity.mparticle.com Go Daddy Secure Certificate Authority - G2	`2022-07-09` - `2023-07-07`	a year	crt.sh
*.v.fwmrm.net DigiCert TLS RSA SHA256 2020 CA1	`2021-11-29` - `2022-12-30`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-10-17` - `2023-01-09`	3 months	crt.sh
a248.e.akamai.net DigiCert TLS RSA SHA256 2020 CA1	`2022-06-28` - `2023-06-30`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2022-10-20` - `2023-10-19`	a year	crt.sh
*.tremorhub.com Amazon	`2022-03-24` - `2023-04-22`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2022 Q2	`2022-07-10` - `2023-08-11`	a year	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-01-10` - `2023-02-10`	a year	crt.sh
*.track.securedvisit.com Amazon	`2022-09-28` - `2023-10-27`	a year	crt.sh
jssdks.mparticle.com R3	`2022-10-23` - `2023-01-21`	3 months	crt.sh

This page contains 13 frames:

Primary Page: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
Frame ID: 22FFD35D619967393AB8CE2E2B83F12D
Requests: 271 HTTP requests in this frame

Frame: https://data.nbcstations.com/national/2022/DC/ransomware/
Frame ID: 67A2767753CF55A081BC71A77151B406
Requests: 12 HTTP requests in this frame

Frame: https://nbcuni.demdex.net/dest5.html?d_nsid=0
Frame ID: 6350DFAE7FC0ED9DC3AF5D89C2AB828D
Requests: 5 HTTP requests in this frame

Frame: https://d37b9fecc705efde6d7194b5671993b6.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html
Frame ID: 73D4829E8CAEFBA71A4FE53686D6B9EF
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss5c9hqmlfQq-c_5PP5oW5Ts1F7K2fRmNTPyxDAU1niTEB8fj7GHXKv7AlP3dY1LJu5HPgl0y0AB2wXWEypOYEw6sB3EqBLnmUOoLleEbhTdFqqnEceDrlFCQBLvnY9qla88Gzt7R39bRn7a_5dk7yNchUeIkToSjYCJBLgGpHY4jPv9w4jXvj_h6lb4HzElc2Ki5zRdNBXyN6ik7elfg39osXdvQBzsq_NcYG9Rd0mJ8Nk9yJH5fWmBeInKxZuE4oh_SHEvJWKKYNEloJD0sm1oiD0YK691MJi9lzlEokzazIGMgYpyQTkdy6b9s8WKsHTVSC_S9uD8nQhXH2bqtXy-_FKLuREBVjnSJS-YUei&sai=AMfl-YQQw9cBTf6GiZK5vCAFYItj8n9aDeppZ9CvA8glz80CwGoOHnfHNnnPCJWO4si3sSI6PgbEMyqVUfJjOR2uCu7OHtJLN1USaTbOPFopvjuuD9a7EAEKX-3Om7e9ZObvqXNjsw&sig=Cg0ArKJSzLW5ASQVUHXFEAE&uach_m=[UACH]&adurl=
Frame ID: C13BFC5E5DB88FAA2A329F0CB78B124D
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv3SD5Oy0rzEKYv8uE2IfyLgdgekR1Bcye2RNNtDvmDAqjpNXx9EktmS8X9NJaY2Kgd9mMBZ8EEE1YUZjreL8UuKZn34SndaxUzboQUsiaZyuiaWYrUiW0cIf-Wy52hGO2Qm8eM_gX5llNoTMPhAakISRf-RgTZbVcoxTFmOxSO5ZazOri0sCja-Q39aYdkHA_u2EasfCZwaJTwOFfnDU87IvoyvzL0RTYKHjVljod9pqHc7v1uSi8qeT6YZyaYTUmmWvvrcZcJCJKyEDKWhqfxgNr9xc5wIxwEwdJKPBqn1x9c3oeeqYjBnIJWOdzPD_EX14rolgvJDryej0EmfjS9Y9IHo6Y&sai=AMfl-YS2oqsj_W_bm_sNdMbHocjpi345cloTHWUXvh7zZS8m_L4cIQGY9dmtu9MVY8HUQ7XHMiVM2y5BZtjQmlnWFw1fv3HwQDhQGNwd7GlwFXXggHlf0mw4DAXQUx2vYJcpJA&sig=Cg0ArKJSzGHMJrjZnYYvEAE&uach_m=[UACH]&adurl=
Frame ID: D536E71CD37466D40B49B3C1A3FCDD58
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssq0S6EqKgt92Ro4y3p_a3drq2ctYudTTR-BnESBq_NWqcWv75m-8fT8dzwNCcv0Y34vb_CQCvIXzGILwMgEFtMa7cmYgVXNfZMzBSP5FO8z3XN3PqO8CwUKSxVE3XiDtEQv1cMS2l5B853mjXAqOvTwpzD3VpM1UIUD7i25eXOWbAwo4dZOpOTAodDS4k2DjZ6p4nPjVUjN4Fh-xRKz9b9kInEeuwu_YmGZaaTeR33UjEuTje43hyGh_MQ3ZxzJmmPAX8P3BjK9vFTsbnak9SFXtMpKWbqLMt1k0YSugxPdJe2z0FxP66pYh5OyrsRry9as6MqCOnUmrmsREn8ryy4&sai=AMfl-YRpMMNErs0ew6r1LjFLq4JmsN1rONgYRFmJSV0qarBeRI8923HrmhEovDtTT3VXX_wtCsS9qlYgOPzBPMuvZrj5aYlKDihXZ9K7FT5b_-1AHvCriV4IsBR-OS0dWeMBjQ&sig=Cg0ArKJSzB9m1tep0iCVEAE&uach_m=[UACH]&adurl=
Frame ID: 7047547C785E813D4DA11CFCEF1D4110
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu4QJaCWygwqKParKGKq-jDcP5lb5QHBhnX4OO6NAkn1Yc7zAuklJCCD0Tg2LLfkDG9Mf49OWFFyrY_EeBY-GGUFxCYyw5IsJ_EdvhpiIY1GlOtdm3WjhNdzicrHCS_3WkVgf9NeK8XyXIneOSwvtXPUT8IxY91GIXU9TR5mQxk8UhKrs5BtpHn6tiNNLj5_GjJWONToBlVDtNG-7nguCwlu6Ik5T_f9wQVpCtFcy4g-AzRsTtBcbYX3bJDSTQBUc4HPpxCDi12pYgjcjU4rI_4dB-YRYH1yIfznXHLWoxVoVFXwLr4RMstDfBZ7raN_e9OtbzCtaeGJ4g_yYwnqY52&sai=AMfl-YR0n-Z5twJUUBs8Zksc2FNbjDjgbgSAfqRxlugdzQgPBRDSxVZ0FFJY5MdxYZJPR_FLnVHIPAx2hkKV8s0N6QvlrlBu_3tiqL8jPgF6xKvMXOOAWmF_OzTSLjMKMSKBMQ&sig=Cg0ArKJSzHTLKSQyg43uEAE&uach_m=[UACH]&adurl=
Frame ID: 6C3A585C049373D1B72ECF9962E5CD59
Requests: 8 HTTP requests in this frame

Frame: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V79vsCFgPmaIha7nB_EATmaIha7nB_EAUAAAAGBvQHJLhczUa-1WQt8808btFiMlwrLIuNW2YbeYYTi8ewMbmGQILL1WzkW03WMt_M4xYtJsO1wrLYuGW2kWc4sXgMG5NrCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8bxNB0Onyue73u97vLLR7fw3N02n2mv92u8bv9Srvt5Tk9fQ7T02_3_JV2z9PkcouOLrfEYTqdXW6Fz-G0e05vycPu-bt9D8vLrTCdHh6v5y9Zzha7yW4vBwAAAICH____fwgAAACACAAAAAAJAAAAAIqAin8LgQsAAAAAjP___38NACgOhnPdrS-70eH6vOz-AAAAAAABAAAAIAEQeN8vAbAAyzn5_________48ZoM-8kfn___-_MegBePABeBACAAD4GEKA-osTzrv6JSq4LWIEAAAAICsafXg0qRMqi6r___9-K4ArAIAAwiH-s5ks3UGJtzAAAICBsQV6WPx-s8Ou8btd9v________9v9n_2jyZEZGaWFsQCAKD2CwgAsPYLCADApm4AAG8CcEFH0IrBYHUEMRstZwcAAABw9____68HkquRbzGYmDY203KzMKxcHotnubItB5OFY2NxWbyX-ZGxK2RiINIXIiyz33dQUE5Pj9llEBVdb4vd4TR7DuKDhmE5GQTzm7DFaDWZbJbD2XIxGQxHw9FofwMx2A1wIgbL5WSymOxWo9VoM9yNZoMFCsRgghQtGkxWo9FkMRmuRpPVbLnY7TZI0arVbLQZDFezyWy3Ww0Hw-VohBO2GK0mk81yOFsuJoPhaDgaDRHGZjaLaTRbrWWuyXItGm4sa-HEsHJrTJbJaLmYrSzO4Vr0-pgerpXLNHJtUTCgYi-Sp0U60VhcJpttN9qMNjaTbWVZLQeT0WRmWxhWvsHMsrCIJZqTRTqRXfbN1ci3GExMG5tpuVkYVi6PxbNc2ZaDycKxsbgs_trMZjGNZqu1zDVZrkXDjWUtnBhWbo3JMhktF7OVxTlci14f08O1cplGrn1jNtuthrvlZLVvzGa71XC3nKz2HTrDd_U5G3Wbs60j8-vEab_F5jAoXAaL9ycxLabd2cHz-x2dNvVLWdQZhZfv0WtQeA4e00v995mjz29NdFt7DwZFLBFcpBO5xeM3fd66y8ctul3EEqXpIp1IlrPFbrKbiCWC00U6Eb2Mp4v6jw-xG84Vs8lcMljOFZvVKgEAAAAAAAAALGHOvAkAAADAaRDLyWqwW-dBjGaz0WS1XICH3Q7dH1s_i3CekNZd6rolxeMrVsPixo8b3OLxmz5v3eXjFt2uDPCge8y8-TNBrNVqWQMAAAhgAwAABHDr5i0gzIr_____jwMAAJCRowcAAKDfB4JyoNALP3LlJ8jBaDM!&cmcv=&pix=undefined&cb=1667587927051&uv=3239&tms=1667587927051&abt=fuvClient1_vA!nrlc_vA!spa2_vA!t45!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=8956d752-f7fc-4128-a21c-f6d38bbc0cd5&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Frame ID: D327E3F5FDE31AAA93D0D1CB2122E02E
Requests: 4 HTTP requests in this frame

Frame: https://am-match.taboola.com/sync?dast=V79vsCFgPmaIha7nB_EATmaIha7nB_EAUAAAAGBvQHJLhczUa-1WQt8808btFiMlwrLIuNW2YbeYYTi8ewMbmGQILL1WzkW03WMt_M4xYtJsO1wrLYuGW2kWc4sXgMG5NrCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8bxNB0Onyue73u97vLLR7fw3N02n2mv92u8bv9Srvt5Tk9fQ7T02_3_JV2z9PkcouOLrfEYTqdXW6Fz-G0e05vycPu-bt9D8vLrTCdHh6v5y9Zzha7yW4vBwAAAICH____fwgAAACACAAAAAAJAAAAAIqAin8LgQsAAAAAjP___38NACgOhnPdrS-70eH6vOz-AAAAAAABAAAAIAEQeN8vAbAAyzn5_________48ZoM-8kfn___-_MegBePABeBACAAD4GEKA-osTzrv6JSq4LWIEAAAAICsafXg0qRMqi6r___9-K4ArAIAAwiH-s5ks3UGJtzAAAICBsQV6WPx-s8Ou8btd9v________9v9n_2jyZEZGaWFsQCAKD2CwgAsPYLCADApm4AAG8CcEFH0IrBYHUEMRstZwcAAABw9____68HkquRbzGYmDY203KzMKxcHotnubItB5OFY2NxWbyX-ZGxK2RiINIXIiyz33dQUE5Pj9llEBVdb4vd4TR7DuKDhmE5GQTzm7DFaDWZbJbD2XIxGQxHw9FofwMx2A1wIgbL5WSymOxWo9VoM9yNZoMFCsRgghQtGkxWo9FkMRmuRpPVbLnY7TZI0arVbLQZDFezyWy3Ww0Hw-VohBO2GK0mk81yOFsuJoPhaDgaDRHGZjaLaTRbrWWuyXItGm4sa-HEsHJrTJbJaLmYrSzO4Vr0-pgerpXLNHJtUTCgYi-Sp0U60VhcJpttN9qMNjaTbWVZLQeT0WRmWxhWvsHMsrCIJZqTRTqRXfbN1ci3GExMG5tpuVkYVi6PxbNc2ZaDycKxsbgs_trMZjGNZqu1zDVZrkXDjWUtnBhWbo3JMhktF7OVxTlci14f08O1cplGrn1jNtuthrvlZLVvzGa71XC3nKz2HTrDd_U5G3Wbs60j8-vEab_F5jAoXAaL9ycxLabd2cHz-x2dNvVLWdQZhZfv0WtQeA4e00v995mjz29NdFt7DwZFLBFcpBO5xeM3fd66y8ctul3EEqXpIp1IlrPFbrKbiCWC00U6Eb2Mp4v6jw-xG84Vs8lcMljOFZvVKgEAAAAAAAAALGHOvAkAAADAaRDLyWqwW-dBjGaz0WS1XICH3Q7dH1s_i3CekNZd6rolxeMrVsPixo8b3OLxmz5v3eXjFt2uDPCge8y8-TNBrNVqWQMAAAhgAwAABHDr5i0gzIr_____jwMAAJCRowcAAKDfB4JyoNALP3LlJ8jBaDM!&excid=22&docw=0&cijs=1&nlb=false
Frame ID: B8430AE500871FB555D5BD3259012F29
Requests: 4 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.nbcwashington.com
Frame ID: 8BFA245875DDDA213F3BF926ABB9FF8D
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9369F6472C6D42973B5B1F41C3FC088C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 727B525772C711EDACFEBDDC339DDA1B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

An Inside Look At the Battle Against Ransomware Attacks – NBC4 WashingtonBack ButtonSearch IconFilter IconGroup 3Group 3Group 3Group 3

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/
wp-embed\.min\.js\?ver=([\d.]+)

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

chartbeat\.js

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Lodash (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

lodash.*\.js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Zepto (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

zepto.*\.js

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Page Statistics

312
Requests

97 %
HTTPS

40 %
IPv6

46
Domains

76
Subdomains

60
IPs

6
Countries

6416 kB
Transfer

14107 kB
Size

38
Cookies

57 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.nbcwashington.com%2Finvestigations%2Finside-the-battle-against-ransomware-attacks%2F2961727%2F&Inside%20the%20Battle%20Against%20Ransomware%20Attacks?_osource=db_npd_nbc_wrc_fb_shr

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?text=Inside%20the%20Battle%20Against%20Ransomware%20Attacks&url=https%3A%2F%2Fwww.nbcwashington.com%2Finvestigations%2Finside-the-battle-against-ransomware-attacks%2F2961727%2F?_osource=db_npd_nbc_wrc_twt_shr

Search URL Search Domain Scan URL

URL: https://www.idtheftcenter.org/post/identity-theft-resource-center-2021-annual-data-breach-report-sets-new-record-for-number-of-compromises/
Title: a new report from the nonprofit group Identity Theft Resource Center

Search URL Search Domain Scan URL

URL: https://apps.apple.com/app/id331810768
Title: iOS

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.nbcuni.nbcots.nbcwashington.android&&
Title: Android

Search URL Search Domain Scan URL

URL: https://unit42.paloaltonetworks.com/about-unit-42/
Title: Unit 42 by Palo Alto Networks

Search URL Search Domain Scan URL

URL: https://www.paloaltonetworks.com/
Title: Palo Alto Networks

Search URL Search Domain Scan URL

URL: https://www.wegatech.de/news/energiekosten-langfristig-senken/?utm_source=taboola&utm_medium=cpc&utm_campaign=PV-d-Bayern&tblci=GiBAaMSa3GU5ZbGwTnmAH7o5xcGk75GKS9EjNSueXZW_biCp8lUoyLaElbT1kbnxAQ#tblciGiBAaMSa3GU5ZbGwTnmAH7o5xcGk75GKS9EjNSueXZW_biCp8lUoyLaElbT1kbnxAQ
Title: Wegatech

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=nbcots-wrc-tv&utm_medium=referral&utm_content=thumbs-feed-03-hero-01:Below%20Article%20Thumbnails%20|%20Card%201:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://ccdb65.pzzqvpjlfkbmb.com/?subid1=20714493&subid2=3560575508&subid3=1030941---delimjuwe---nbcots-wrc-tv&subid4=taboola-GiBAaMSa3GU5ZbGwTnmAH7o5xcGk75GKS9EjNSueXZW_biCHy1oojej9tJ3D-9cJ&network=taboola&site=nbcots-wrc-tv&adtitle=Neue+mobile+Treppenlifte+erfordern+keine+Installation+%28hier+suchen%29&click_id=GiBAaMSa3GU5ZbGwTnmAH7o5xcGk75GKS9EjNSueXZW_biCHy1oojej9tJ3D-9cJ&dpco=1&tblci=GiBAaMSa3GU5ZbGwTnmAH7o5xcGk75GKS9EjNSueXZW_biCHy1oojej9tJ3D-9cJ#tblciGiBAaMSa3GU5ZbGwTnmAH7o5xcGk75GKS9EjNSueXZW_biCHy1oojej9tJ3D-9cJ
Title: Treppenlift | Suchanzeigen

Search URL Search Domain Scan URL

URL: https://www.merkur24.com/de/lp/slotgames9gbonus-de?aid=whow-m24-tbl-de&utm_source=nbcots-wrc-tv&utm_medium=native&utm_campaign=DE_1121&utm_content=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F6112cd5658f16b34d7a9aa69b9fddc72.jpg&utm_term=3051123972&tblci=GiBAaMSa3GU5ZbGwTnmAH7o5xcGk75GKS9EjNSueXZW_biC8rVIojOr3sP64g-1c#tblciGiBAaMSa3GU5ZbGwTnmAH7o5xcGk75GKS9EjNSueXZW_biC8rVIojOr3sP64g-1c
Title: Merkur24

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=nbcots-wrc-tv&utm_medium=referral&utm_content=thumbs-feed-03-hero-02:Below%20Article%20Thumbnails%20|%20Card%202:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://signup.taboola.com/join?utm_source=taboola&utm_medium=referral&tblci=GiBAaMSa3GU5ZbGwTnmAH7o5xcGk75GKS9EjNSueXZW_biCE0Eko2ouL2-_T7bbKAQ#tblciGiBAaMSa3GU5ZbGwTnmAH7o5xcGk75GKS9EjNSueXZW_biCE0Eko2ouL2-_T7bbKAQ
Title: Taboola

Search URL Search Domain Scan URL

URL: https://ad.doubleclick.net/ddm/trackclk/N297201.2069703TABOOLA/B28360616.343678768;dc_trk_aid=535112177;dc_trk_cid=176040241;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;ltd=?https://www.ionos.de/smb?view=seo1&utm_source=taboola&utm_medium=native-advertising&utm_campaign=DIS-DE-MIX-MIXX-TAB-CON-SMB_ContentActivation_Desktop---&utm_term=DIS-DE-MIX-MIXX-TAB-CON-SMB_ContentActivation_Desktop-overview-seovssea-&utm_content=DIS-DE-MIX-MIXX-TAB-CON-SMB_ContentActivation_Desktop---&ac=OM.PU.PUo55K426585T7073a&itc=JGSXAO1E-5ICVBT-L122D9V#overview
Title: ionos.de

Search URL Search Domain Scan URL

URL: https://www.thefounded.com/de/de/c/frauen/sale-541955/?utm_source=taboola&utm_medium=display&utm_campaign=DE_Display_Purchases_Desktop_0822&utm_content=1030941&utm_term=3571532255&tblci=GiBAaMSa3GU5ZbGwTnmAH7o5xcGk75GKS9EjNSueXZW_biC-pVgoqsSA1sTQnpaBAQ#tblciGiBAaMSa3GU5ZbGwTnmAH7o5xcGk75GKS9EjNSueXZW_biC-pVgoqsSA1sTQnpaBAQ
Title: The Founded

Search URL Search Domain Scan URL

URL: https://www.wegatech.de/news/energiekosten-langfristig-senken/?utm_source=taboola&utm_medium=cpc&utm_campaign=PV-d-Bayern&tblci=GiBAaMSa3GU5ZbGwTnmAH7o5xcGk75GKS9EjNSueXZW_biCp8lUov46Mo9qzwJK7AQ#tblciGiBAaMSa3GU5ZbGwTnmAH7o5xcGk75GKS9EjNSueXZW_biCp8lUov46Mo9qzwJK7AQ
Title: Wegatech

Search URL Search Domain Scan URL

URL: http://www.facebook.com/nbcwashington
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/nbcwashington
Title: Twitter

Search URL Search Domain Scan URL

URL: https://instagram.com/nbcwashington
Title: Instagram

Search URL Search Domain Scan URL

URL: https://publicfiles.fcc.gov/tv-profile/WRC-TV
Title: WRC Public Inspection File

Search URL Search Domain Scan URL

URL: https://www.nbcuniversal.com/privacy/?brandA=Owned_Stations&intake=NBC4_Washington/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://together.nbcuni.com/advertise/?utm_source=nbcwashington&utm_medium=referral&utm_campaign=property_ad_pages
Title: Advertise with us

Search URL Search Domain Scan URL

URL: https://www.nbcuniversal.com/privacy/california-consumer-privacy-act?intake=NBC4_Washington
Title: CA Notice

Search URL Search Domain Scan URL

URL: https://www.nbcuniversal.com/privacy/cookies#accordionheader2
Title: Ad Choices

Search URL Search Domain Scan URL

URL: http://nbcwashington.com/vote
Title: Vote: Polls & Trivia

Search URL Search Domain Scan URL

URL: https://cozitv.com/
Title: Cozi TV

Search URL Search Domain Scan URL

URL: https://www.nbcuniversal.com/privacy/cookies
Title: Cookie Policy

Search URL Search Domain Scan URL

URL: https://www.nbcuniversal.com/brands
Title: its affiliates

Search URL Search Domain Scan URL

URL: https://www.nbcuniversal.com/privacy
Title: here

Search URL Search Domain Scan URL

URL: https://support.google.com/chrome/answer/95647?hl=en&p=cpn_cookies
Title: Google Chrome

Search URL Search Domain Scan URL

URL: https://support.apple.com/en-gb/HT201265
Title: Apple Safari

Search URL Search Domain Scan URL

URL: https://support.mozilla.org/en-US/kb/enable-and-disable-cookies-website-preferences?redirectlocale=en-US&redirectslug=Enabling+and+disabling+cookies
Title: Mozila Firefox

Search URL Search Domain Scan URL

URL: https://support.microsoft.com/en-us/help/17442/windows-internet-explorer-delete-manage-cookies
Title: Microsoft Internet Explorer

Search URL Search Domain Scan URL

URL: https://policies.google.com/privacy
Title: Google’s Privacy Policy

Search URL Search Domain Scan URL

URL: https://tools.google.com/dlpage/gaoptout
Title: Google Analytics Opt-Out

Search URL Search Domain Scan URL

URL: http://www.adobe.com/privacy/analytics.html
Title: Omniture’s Privacy Policy

Search URL Search Domain Scan URL

URL: http://www.adobe.com/privacy/opt-out.html
Title: Omniture’s Opt-Out

Search URL Search Domain Scan URL

URL: https://mixpanel.com/privacy/
Title: Mixpanel’s Privacy Policy

Search URL Search Domain Scan URL

URL: https://mixpanel.com/optout/
Title: Mixpanel’s Opt-Out

Search URL Search Domain Scan URL

URL: http://www.aboutads.info/choices/
Title: Digital Advertising Alliance in the US

Search URL Search Domain Scan URL

URL: https://youradchoices.ca/choices/
Title: Digital Advertising Alliance of Canada

Search URL Search Domain Scan URL

URL: http://www.youronlinechoices.com/
Title: European Interactive Digital Advertising Alliance

Search URL Search Domain Scan URL

URL: http://www.youronlinechoices.com.au/your-ad-choices/
Title: Australian Digital Advertising Alliance

Search URL Search Domain Scan URL

URL: https://www.facebook.com/privacy/explanation
Title: Facebook Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.facebook.com/ads/preferences/?entry_product=ad_settings_screen
Title: Facebook’s Opt-Out Page

Search URL Search Domain Scan URL

URL: https://twitter.com/en/privacy
Title: Twitter Privacy Policy

Search URL Search Domain Scan URL

URL: https://twitter.com/personalization
Title: Twitter’s Opt-Out Page

Search URL Search Domain Scan URL

URL: https://liveramp.com/privacy/
Title: Liveramp’s Privacy Policy

Search URL Search Domain Scan URL

URL: https://liveramp.com/opt_out/
Title: Liveramp Opt-Out Page

Search URL Search Domain Scan URL

URL: https://www.onetrust.com/products/cookie-consent/

Search URL Search Domain Scan URL

URL: https://www.wegatech.de/news/energiekosten-langfristig-senken/?utm_source=taboola&utm_medium=cpc&utm_campaign=PV-d-Bayern&tblci=GiBAaMSa3GU5ZbGwTnmAH7o5xcGk75GKS9EjNSueXZW_biCp8lUoy7rHh8PBt4BX#tblciGiBAaMSa3GU5ZbGwTnmAH7o5xcGk75GKS9EjNSueXZW_biCp8lUoy7rHh8PBt4BX
Title: Wegatech

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=nbcots-wrc-tv&utm_medium=referral&utm_content=thumbs-feed-01-y-delta:Explore%20More%20|%20Card%203:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://ccdb65.pzzqvpjlfkbmb.com/?subid1=20714493&subid2=3560575508&subid3=1030941---delimjuwe---nbcots-wrc-tv&subid4=taboola-GiBAaMSa3GU5ZbGwTnmAH7o5xcGk75GKS9EjNSueXZW_biCHy1ookO_2w_a0xKgr&network=taboola&site=nbcots-wrc-tv&adtitle=Neue+mobile+Treppenlifte+erfordern+keine+Installation+%28hier+suchen%29&click_id=GiBAaMSa3GU5ZbGwTnmAH7o5xcGk75GKS9EjNSueXZW_biCHy1ookO_2w_a0xKgr&dpco=1&tblci=GiBAaMSa3GU5ZbGwTnmAH7o5xcGk75GKS9EjNSueXZW_biCHy1ookO_2w_a0xKgr#tblciGiBAaMSa3GU5ZbGwTnmAH7o5xcGk75GKS9EjNSueXZW_biCHy1ookO_2w_a0xKgr
Title: Treppenlift | Suchanzeigen

Search URL Search Domain Scan URL

URL: https://www.merkur24.com/de/lp/slotgames9gbonus-de?aid=whow-m24-tbl-de&utm_source=nbcots-wrc-tv&utm_medium=native&utm_campaign=DE_1121&utm_content=http%3A%2F%2Fcdn.taboola.com%2Flibtrc%2Fstatic%2Fthumbnails%2F6112cd5658f16b34d7a9aa69b9fddc72.jpg&utm_term=3051123972&tblci=GiBAaMSa3GU5ZbGwTnmAH7o5xcGk75GKS9EjNSueXZW_biC8rVIo-_i21--7-N54#tblciGiBAaMSa3GU5ZbGwTnmAH7o5xcGk75GKS9EjNSueXZW_biC8rVIo-_i21--7-N54
Title: Merkur24

Search URL Search Domain Scan URL

URL: https://popup.taboola.com/en/?template=colorbox&utm_source=nbcots-wrc-tv&utm_medium=referral&utm_content=thumbs-feed-01-y-em-delta:Explore%20More%20|%20Card%205:
Title: Sponsored

Search URL Search Domain Scan URL

URL: https://signup.taboola.com/join?utm_source=taboola&utm_medium=referral&tblci=GiBAaMSa3GU5ZbGwTnmAH7o5xcGk75GKS9EjNSueXZW_biCE0Eko5PysjLTMnceXAQ#tblciGiBAaMSa3GU5ZbGwTnmAH7o5xcGk75GKS9EjNSueXZW_biCE0Eko5PysjLTMnceXAQ
Title: Taboola

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 149

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=ODIxNzA5NTM0OTY5NjY3ODIxNDE3NDE0MDgxMjU3NTc0NTgwNDk= HTTP 302
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESELOMPyn2tldp98LJiDz56xY&google_cver=1?gdpr=0&gdpr_consent=

Request Chain 177

https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=82170953496966782141741408125757458049&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-rrVbwjRE2pFYxzRiRzYyonr.fWotJTUSgio-~A

Request Chain 188

https://mid.rkdms.com/bct?pid=8bc436aa-e0fc-4baa-9c9a-06fbeca87826&puid=82170953496966782141741408125757458049&_ct=img HTTP 302
https://mid.rkdms.com/restricted

Request Chain 213

https://ad.doubleclick.net/ddm/trackimp/N297201.2069703TABOOLA/B28360616.343678768;dc_trk_aid=535112177;dc_trk_cid=176040241;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?;dc_ref=nbcwashington.com HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N297201.2069703TABOOLA/B28360616.343678768;dc_pre=CP2x-Y-ZlfsCFUYm4Aod9w0MsA;dc_trk_aid=535112177;dc_trk_cid=176040241;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?;dc_ref=nbcwashington.com

Request Chain 304

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP 302
https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=c7cd7b9e-5c71-11ed-bffe-1a7ccaea0506 HTTP 302
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=c7cd7b62-5c71-11ed-bffe-1a7ccaea0506&orig=video&us_privacy=1---gdpr=1&

Request Chain 307

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26 HTTP 302
https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3Dvideo%26us_privacy%3D1---gdpr%3D1%26&__user_check__=1&sync_id=c7cf7dc4-5c71-11ed-a0d3-16877d160106 HTTP 302
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=c7cf7d80-5c71-11ed-a0d3-16877d160106&orig=video&us_privacy=1---gdpr=1&

Request Chain 316

https://gum.criteo.com/sid/json?origin=publishertag&domain=nbcwashington.com&sn=ChromeSyncframe&so=0&topUrl=www.nbcwashington.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=XnQ0-XxFTnhnV3FoUWhqVjNwSjhHSmlQZmNWVndzZ0U3dHNoMTBNZzFEYW00ZUs3OGR5K1UvSjJvSUxBMXhiT0tCVm1nREdlMXcrMDArK3hib1ZGbkpVYlJPV2F3M3pXZWdxdnlPTE5HUm9GNnlkL0tINUIxeGMxZEN3VHlEWk9rTktKL0xpSi9PeTFadFBHL28wdzJIVVNibkxQMGpjbDZ1VTVTUEtRaWpRNGwrOUg4emYvM2xzNXpDZlRMUWRjVHAxMTN4SFExRVdJa0lWRlFOZDJRc05RVHVyRzBXVjY4L21ZeCs4eEw1M2F0U2JiWjFNSk9XTjNNRDhWWXJVaVd3eGlrVFNoMk5Bd2hmU09IRUR4OTB3eWNGeWZSaGZJTkM0R015NWN4aGpGRFlGST18&cppv=2

312 HTTP transactions
26 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/ 417 KB
84 KB 1709ms
1639ms Document
text/html 96.16.128.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.16.128.69 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-128-69.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

30bcd8fa5d73028dab381818a8311cfcb32431c2e2294ee4eecedec69e017fcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=300
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 04 Nov 2022 18:52:04 GMT
host-header: a9130478a60e5f9135f765b23f26593b
link: <https://www.nbcwashington.com/wp-json/>; rel="https://api.w.org/" <https://www.nbcwashington.com/?p=2961727>; rel=shortlink
server: nginx
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-hacker: If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
x-rq: hhn2 0 2 9980

GET
H2 200 ad-layers-dfp.js Show response
www.nbcwashington.com/wp-content/plugins/ad-layers-nbc/js/ 3 KB
1 KB 49ms
49ms Script
application/javascript 96.16.128.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nbcwashington.com/wp-content/plugins/ad-layers-nbc/js/ad-layers-dfp.js?ver=0.0.9

Requested by

Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.16.128.69 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-128-69.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

35e18a403ab9bdda0eaed7c63ca5643a247d385bf255ca02ae699290e1b01080

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-rq: hhn2 0 2 9980
content-encoding: gzip
date: Fri, 04 Nov 2022 18:52:04 GMT
last-modified: Mon, 17 Oct 2022 07:03:47 GMT
server: nginx
strict-transport-security: max-age=31536000 ; includeSubDomains
etag: W/"634cfe53-d3b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1237
expires: Sat, 04 Nov 2023 18:24:33 GMT

GET
H2 200 ad-layers.js Show response
www.nbcwashington.com/wp-content/plugins/ad-layers-nbc/js/ 1 KB
808 B 46ms
46ms Script
application/javascript 96.16.128.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nbcwashington.com/wp-content/plugins/ad-layers-nbc/js/ad-layers.js?ver=0.0.9

Requested by

Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.16.128.69 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-128-69.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

5e47b7e4a55a0823c4933823fe45f77486f509c194d670d37432b670546d52ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-rq: hhn2 0 2 9980
content-encoding: gzip
date: Fri, 04 Nov 2022 18:52:04 GMT
last-modified: Mon, 17 Oct 2022 16:06:58 GMT
server: nginx
strict-transport-security: max-age=31536000 ; includeSubDomains
etag: W/"634d7da2-5a0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 566
expires: Sat, 04 Nov 2023 17:52:56 GMT

GET
H2 200 DC_On_Dark@3x-1.png
media.nbcwashington.com/2019/09/ 2 KB
2 KB 271ms
239ms Image
image/webp 2a02:26f0:1700:385::507
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.nbcwashington.com/2019/09/DC_On_Dark@3x-1.png?fit=558%2C120&quality=85&strip=all&w=186&h=40

Requested by

Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:385::507 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

d9d73dee2b493bdc2014177826ffc9c43e0e4d099473a051780ca5833b96f8a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 04 Nov 2022 18:52:05 GMT
content-length: 2070
x-rq: hhn1 109 144 443
last-modified: Tue, 22 Feb 2022 15:28:16 GMT
server: nginx
etag: "8603ffea22850346"
vary: Accept
access-control-max-age: 86400
content-type: image/webp
access-control-allow-origin: *
access-control-allow-methods: GET,POST
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 22 Feb 2023 15:28:16 GMT

GET
H2 200 OTT-Washington-DC.png
media.nbcwashington.com/2019/09/ 104 KB
104 KB 313ms
226ms Image
image/webp 2a02:26f0:1700:385::507
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.nbcwashington.com/2019/09/OTT-Washington-DC.png?fit=1920%2C1080&quality=85&strip=all&w=1300&h=144&crop=1

Requested by

Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:385::507 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

8b226c4bac8d2758f178084578562a01a0a47ae51d8d0f0e82e020df96adf31e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 04 Nov 2022 18:52:05 GMT
content-length: 106182
x-rq: hhn1 109 139 443
last-modified: Thu, 29 Sep 2022 19:02:23 GMT
server: nginx
etag: "0eccf4bf8d999e47"
vary: Accept
access-control-max-age: 86400
content-type: image/webp
access-control-allow-origin: *
access-control-allow-methods: GET,POST
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
expires: Fri, 29 Sep 2023 19:02:23 GMT

GET
H2 200 mm-embeds-head-foot.css
media.nbcnewyork.com/assets/editorial/national/common/css/ 719 B
1021 B 144ms
28ms Stylesheet
text/css 2a02:26f0:1700:385::507
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://media.nbcnewyork.com/assets/editorial/national/common/css/mm-embeds-head-foot.css
Requested by: Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:385::507 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: d224b56d2a4dca561789cbebfef8fc511047304e1f849a71cb86a343c97fad1e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:52:04 GMT
last-modified: Thu, 02 Jun 2022 23:03:49 GMT
server: AkamaiNetStorage
content-md5: yXjn+9m+zYqYfVnJnQb7IQ==
etag: "c978e7fbd9becd8a987d59c99d06fb21:1654211029.664745"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/css
access-control-allow-origin: *
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
content-length: 719

GET
H2 200 otCCPAiab.js Show response
cdn.cookielaw.org/opt-out/ 22 KB
6 KB 61ms
31ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/opt-out/otCCPAiab.js

Requested by

Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a7b7120dffd25546c93c1367b9c86a3dc87e71d2c89ebb39163a71eb3b659f01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 04 Nov 2022 18:52:04 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: ERttG9+iQk1LCPjR495NRw==
age: 12604
x-ms-lease-status: unlocked
last-modified: Tue, 22 Feb 2022 22:01:18 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: efc86d65-c01e-0100-49a9-2c9eb3000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
cf-ray: 764f8b71ec479118-FRA

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/consent/a4ab8b1a-9be6-49ad-a4a2-40f17adfc9f9/ 19 KB
7 KB 66ms
36ms Script
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/a4ab8b1a-9be6-49ad-a4a2-40f17adfc9f9/otSDKStub.js

Requested by

Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a33482fe3d5b22877feb14ddd6ceb1a1e9d9e09ff21e85aa319f9b7ece3421d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nbcwashington.com/
Origin: https://www.nbcwashington.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 04 Nov 2022 18:52:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: Oc3BjYKzsi6QaKn2AeHoiw==
age: 2361
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 6525
x-ms-lease-status: unlocked
last-modified: Thu, 07 Jul 2022 18:25:17 GMT
server: cloudflare
etag: 0x8DA60460B2887C3
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 4c4c1481-f01e-006a-197e-9d844d000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 764f8b71ee5468ec-FRA
expires: Fri, 04 Nov 2022 22:52:04 GMT

GET
H2 200 DC_On_Light@3x.png
media.nbcwashington.com/2019/09/ 6 KB
7 KB 64ms
32ms Image
image/webp 2a02:26f0:1700:385::507
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.nbcwashington.com/2019/09/DC_On_Light@3x.png?fit=558%2C120&quality=85&strip=all

Requested by

Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:385::507 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

48c09e6be0a5640a1c6fed123ab9ae219780afd6f2dc72834e1321e09143812e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 04 Nov 2022 18:52:04 GMT
content-length: 6560
x-rq: hhn1 109 84 443
last-modified: Tue, 22 Feb 2022 15:28:16 GMT
server: nginx
etag: "4de9e1990ebdd936"
vary: Accept
access-control-max-age: 86400
content-type: image/webp
access-control-allow-origin: *
access-control-allow-methods: GET,POST
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
expires: Wed, 22 Feb 2023 15:28:16 GMT

GET
H2 200 mostPopular.f58524ab569a30c1fff2.min.css
www.nbcwashington.com/wp-content/themes/nbc-station/client/build/css/ 2 KB
1019 B 119ms
109ms Stylesheet
text/css 96.16.128.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nbcwashington.com/wp-content/themes/nbc-station/client/build/css/mostPopular.f58524ab569a30c1fff2.min.css?ver=1.0.2

Requested by

Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.16.128.69 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-128-69.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

b12316c521b84fe9a4d2792fb0a2c1824d0a53ad4ef4bc8969715f90033a890b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-rq: hhn1 0 2 9980
content-encoding: gzip
date: Fri, 04 Nov 2022 18:52:04 GMT
last-modified: Fri, 21 Oct 2022 18:10:19 GMT
server: nginx
strict-transport-security: max-age=31536000 ; includeSubDomains
etag: W/"6352e08b-9ba"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 787
expires: Sat, 04 Nov 2023 18:42:59 GMT

GET
H2 200 footer.20b28205d164f6506379.min.css
www.nbcwashington.com/wp-content/themes/nbc-station/client/build/css/ 8 KB
2 KB 124ms
115ms Stylesheet
text/css 96.16.128.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nbcwashington.com/wp-content/themes/nbc-station/client/build/css/footer.20b28205d164f6506379.min.css?ver=1.0.2

Requested by

Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.16.128.69 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-128-69.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

cbc67007d847bf746349ff3584a31f9aea791c80d92b746ac53f01e848edf012

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-rq: hhn1 0 2 9980
content-encoding: gzip
date: Fri, 04 Nov 2022 18:52:04 GMT
last-modified: Thu, 20 Oct 2022 18:31:00 GMT
server: nginx
strict-transport-security: max-age=31536000 ; includeSubDomains
etag: W/"635193e4-21b7"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1426
expires: Sat, 04 Nov 2023 18:02:13 GMT

GET
H2 200 flyoutNav.79cc3b49e53bd7cab3d1.min.css
www.nbcwashington.com/wp-content/themes/nbc-station/client/build/css/ 6 KB
2 KB 127ms
118ms Stylesheet
text/css 96.16.128.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nbcwashington.com/wp-content/themes/nbc-station/client/build/css/flyoutNav.79cc3b49e53bd7cab3d1.min.css?ver=1.0.2

Requested by

Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.16.128.69 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-128-69.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

6da2aa058bdcf08ce40a70190acccb9fa77aa7509153f0f4ac6b30273ca87de9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-rq: hhn1 0 2 9980
content-encoding: gzip
date: Fri, 04 Nov 2022 18:52:04 GMT
last-modified: Wed, 19 Oct 2022 02:59:09 GMT
server: nginx
strict-transport-security: max-age=31536000 ; includeSubDomains
etag: W/"634f67fd-172e"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1776
expires: Sat, 04 Nov 2023 18:34:24 GMT

GET
H2 200 weatherIcons.04ad80f6dd854170fd37.min.css
www.nbcwashington.com/wp-content/themes/nbc-station/client/build/css/ 3 KB
762 B 163ms
154ms Stylesheet
text/css 96.16.128.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nbcwashington.com/wp-content/themes/nbc-station/client/build/css/weatherIcons.04ad80f6dd854170fd37.min.css?ver=1.0.2

Requested by

Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.16.128.69 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-128-69.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

da8b96246cd43f76f8ac5d77f7fee9b278b454cc32f060f5720e5993afe1a812

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-rq: hhn2 0 2 9980
content-encoding: gzip
date: Fri, 04 Nov 2022 18:52:04 GMT
last-modified: Fri, 21 Oct 2022 18:10:19 GMT
server: nginx
strict-transport-security: max-age=31536000 ; includeSubDomains
etag: W/"6352e08b-c93"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 530
expires: Sat, 04 Nov 2023 18:00:33 GMT

GET
H2 200 player_smooth.css
www.nbcwashington.com/wp-content/themes/nbc-station/static/css/ 112 KB
29 KB 135ms
126ms Stylesheet
text/css 96.16.128.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nbcwashington.com/wp-content/themes/nbc-station/static/css/player_smooth.css?ver=1.0.2

Requested by

Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.16.128.69 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-128-69.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

ffe8ff80eb054f37fdc4c961a4fbf814ce86c50028f10c66679178b01fb8cfe9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-rq: hhn2 0 2 9980
content-encoding: gzip
date: Fri, 04 Nov 2022 18:52:04 GMT
last-modified: Mon, 17 Oct 2022 16:06:59 GMT
server: nginx
strict-transport-security: max-age=31536000 ; includeSubDomains
etag: W/"634d7da3-1c051"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 29523
expires: Sat, 04 Nov 2023 18:25:57 GMT

GET
H2 200 moatheader.js Show response
z.moatads.com/nbcuyieldheader7581548001/ 220 KB
78 KB 84ms
10ms Script
application/x-javascript 2.19.107.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/nbcuyieldheader7581548001/moatheader.js?ver=1.0.0
Requested by: Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.107.55 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-107-55.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 78fb6a6ce8170b6f508e7c8e4821323e73a5cd84a0f69da6de0d4164aa04440b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:52:04 GMT
content-encoding: gzip
last-modified: Wed, 02 Nov 2022 15:29:10 GMT
server: AmazonS3
x-amz-request-id: KJSNY7H74D17EE3J
etag: "f74dd2d6b32810736b9203d684ca5711"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=15569
accept-ranges: bytes
content-length: 79359
x-amz-id-2: kttfWIW2cBRKPctN5m/aLpBwK4LcMtHzjlQuPUQO0XAolrRYeYO6Sq2x00AP18zm8ZQfrG/eXa4=

GET
H2 200 regenerator-runtime.min.js Show response
www.nbcwashington.com/wp-includes/js/dist/vendor/ 6 KB
3 KB 136ms
128ms Script
application/javascript 96.16.128.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nbcwashington.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.7

Requested by

Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.16.128.69 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-128-69.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

e87a1c5e24f9a7c7dcb437417f0b05b0a3c12947ce32d65c990c988a8b5ed4d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-rq: hhn1 0 2 9980
content-encoding: gzip
date: Fri, 04 Nov 2022 18:52:04 GMT
last-modified: Mon, 17 Oct 2022 21:41:15 GMT
server: nginx
strict-transport-security: max-age=31536000 ; includeSubDomains
etag: W/"634dcbfb-1906"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 2398
expires: Sat, 04 Nov 2023 18:23:13 GMT

GET
H2 200 wp-polyfill.min.js Show response
www.nbcwashington.com/wp-includes/js/dist/vendor/ 16 KB
6 KB 137ms
129ms Script
application/javascript 96.16.128.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nbcwashington.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0

Requested by

Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.16.128.69 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-128-69.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

293913879d30bab7499013e935009f5183facbddd63bfc9656a859622590b80b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-rq: hhn2 0 2 9980
content-encoding: gzip
date: Fri, 04 Nov 2022 18:52:04 GMT
last-modified: Mon, 17 Oct 2022 21:41:15 GMT
server: nginx
strict-transport-security: max-age=31536000 ; includeSubDomains
etag: W/"634dcbfb-4056"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 6031
expires: Sat, 04 Nov 2023 18:20:40 GMT

GET
H2 200 hooks.min.js Show response
www.nbcwashington.com/wp-includes/js/dist/ 5 KB
2 KB 145ms
137ms Script
application/javascript 96.16.128.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nbcwashington.com/wp-includes/js/dist/hooks.min.js?ver=a7edae857aab69d69fa10d5aef23a5de

Requested by

Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.16.128.69 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-128-69.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

04e6fb814fccce3a0aecb83be0bc24665cf3e6a5e993f296471a63708f63e138

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-rq: hhn2 0 2 9980
content-encoding: gzip
date: Fri, 04 Nov 2022 18:52:04 GMT
last-modified: Mon, 17 Oct 2022 21:41:16 GMT
server: nginx
strict-transport-security: max-age=31536000 ; includeSubDomains
etag: W/"634dcbfc-1540"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1790
expires: Sat, 04 Nov 2023 18:28:37 GMT

GET
H2 200 i18n.min.js Show response
www.nbcwashington.com/wp-includes/js/dist/ 10 KB
4 KB 147ms
139ms Script
application/javascript 96.16.128.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nbcwashington.com/wp-includes/js/dist/i18n.min.js?ver=5f1269854226b4dd90450db411a12b79

Requested by

Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.16.128.69 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-128-69.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

dceda745a0fb58233a95eff6d10796026df6792cb960cdf675eb7b8a6750a2d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-rq: hhn2 0 2 9980
content-encoding: gzip
date: Fri, 04 Nov 2022 18:52:04 GMT
last-modified: Mon, 17 Oct 2022 21:41:16 GMT
server: nginx
strict-transport-security: max-age=31536000 ; includeSubDomains
etag: W/"634dcbfc-268a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 3858
expires: Sat, 04 Nov 2023 18:28:37 GMT

GET
H2 200 lodash.min.js Show response
www.nbcwashington.com/wp-includes/js/dist/vendor/ 71 KB
26 KB 148ms
141ms Script
application/javascript 96.16.128.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nbcwashington.com/wp-includes/js/dist/vendor/lodash.min.js?ver=4.17.19

Requested by

Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.16.128.69 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-128-69.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

a9705dfc47c0763380d851ab1801be6f76019f6b67e40e9b873f8b4a0603f7a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-rq: hhn2 0 2 9980
content-encoding: gzip
date: Fri, 04 Nov 2022 18:52:04 GMT
last-modified: Mon, 17 Oct 2022 21:41:15 GMT
server: nginx
strict-transport-security: max-age=31536000 ; includeSubDomains
etag: W/"634dcbfb-11d37"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 25927
expires: Sat, 04 Nov 2023 18:17:14 GMT

GET
H2 200 url.min.js Show response
www.nbcwashington.com/wp-includes/js/dist/ 5 KB
2 KB 161ms
154ms Script
application/javascript 96.16.128.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nbcwashington.com/wp-includes/js/dist/url.min.js?ver=9e623834b7667b522230408f099fc05f

Requested by

Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.16.128.69 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-128-69.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

7710e756fcf5f568d87fa8c2ee6f4e52f1d2f264554a7218946d867f3cc772e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-rq: hhn1 0 2 9980
content-encoding: gzip
date: Fri, 04 Nov 2022 18:52:04 GMT
last-modified: Mon, 17 Oct 2022 23:26:40 GMT
server: nginx
strict-transport-security: max-age=31536000 ; includeSubDomains
etag: W/"634de4b0-13e3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 2032
expires: Sat, 04 Nov 2023 18:34:23 GMT

GET
H2 200 api-fetch.min.js Show response
www.nbcwashington.com/wp-includes/js/dist/ 6 KB
3 KB 161ms
154ms Script
application/javascript 96.16.128.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nbcwashington.com/wp-includes/js/dist/api-fetch.min.js?ver=134e23b5f88ba06a093f9f92520a98df

Requested by

Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.16.128.69 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-128-69.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

5dc89846fca2c8051e0c805735e48d3b31f23359dbd47f6b9c47b6ae41969236

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-rq: hhn2 0 2 9980
content-encoding: gzip
date: Fri, 04 Nov 2022 18:52:04 GMT
last-modified: Mon, 17 Oct 2022 21:41:15 GMT
server: nginx
strict-transport-security: max-age=31536000 ; includeSubDomains
etag: W/"634dcbfb-167c"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 2483
expires: Sat, 04 Nov 2023 18:34:24 GMT

GET
H2 200 common.0d2c16bf3bc07e9e65f3.bundle.min.js Show response
www.nbcwashington.com/wp-content/themes/nbc-station/client/build/js/ 816 KB
207 KB 62ms
56ms Script
application/javascript 96.16.128.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nbcwashington.com/wp-content/themes/nbc-station/client/build/js/common.0d2c16bf3bc07e9e65f3.bundle.min.js

Requested by

Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.16.128.69 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-128-69.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

9602d7d5d50bad3592475ef669f734a9cab3a11cfa9e51ad67e48f69134af727

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-rq: hhn2 0 2 9980
content-encoding: gzip
date: Fri, 04 Nov 2022 18:52:04 GMT
last-modified: Thu, 03 Nov 2022 20:57:08 GMT
server: nginx
strict-transport-security: max-age=31536000 ; includeSubDomains
etag: W/"63642b24-cbebc"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 211134
expires: Sat, 04 Nov 2023 16:32:28 GMT

GET
H2 200 global.5619476906892270277d.bundle.min.js Show response
www.nbcwashington.com/wp-content/themes/nbc-station/client/build/js/ 18 KB
5 KB 175ms
170ms Script
application/javascript 96.16.128.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nbcwashington.com/wp-content/themes/nbc-station/client/build/js/global.5619476906892270277d.bundle.min.js

Requested by

Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.16.128.69 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-128-69.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

ec67b0d6d3e138800d3b15568885ea4255e7cebaa480422594372f73123e0242

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-rq: hhn2 0 2 9980
content-encoding: gzip
date: Fri, 04 Nov 2022 18:52:04 GMT
last-modified: Fri, 21 Oct 2022 18:10:19 GMT
server: nginx
strict-transport-security: max-age=31536000 ; includeSubDomains
etag: W/"6352e08b-4680"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 4397
expires: Sat, 04 Nov 2023 18:38:58 GMT

GET
H2 200 article.6e848bb44e24c9693bdf.bundle.min.js Show response
www.nbcwashington.com/wp-content/themes/nbc-station/client/build/js/ 35 KB
11 KB 81ms
76ms Script
application/javascript 96.16.128.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nbcwashington.com/wp-content/themes/nbc-station/client/build/js/article.6e848bb44e24c9693bdf.bundle.min.js

Requested by

Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.16.128.69 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-128-69.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

a551816438cad97982fe6ecb1d9335e3910908328bf14ab95d0584aded57fdda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-rq: hhn1 0 2 9980
content-encoding: gzip
date: Fri, 04 Nov 2022 18:52:04 GMT
last-modified: Thu, 03 Nov 2022 20:57:08 GMT
server: nginx
strict-transport-security: max-age=31536000 ; includeSubDomains
etag: W/"63642b24-8db6"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 10692
expires: Sat, 04 Nov 2023 16:35:02 GMT

GET
H2 200 zepto.min.js Show response
www.nbcwashington.com/wp-content/themes/nbc-station/static/js/ 26 KB
10 KB 161ms
155ms Script
application/javascript 96.16.128.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nbcwashington.com/wp-content/themes/nbc-station/static/js/zepto.min.js?ver=1.0.2

Requested by

Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.16.128.69 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-128-69.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

beb9f5e32ed61fbce010497242a9b6b8219242b5ffc636038e7891510c773725

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-rq: hhn1 0 2 9980
content-encoding: gzip
date: Fri, 04 Nov 2022 18:52:04 GMT
last-modified: Mon, 17 Oct 2022 18:29:36 GMT
server: nginx
strict-transport-security: max-age=31536000 ; includeSubDomains
etag: W/"634d9f10-6712"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 9784
expires: Sat, 04 Nov 2023 18:12:43 GMT

GET
H2 200 player.6.1.3.js Show response
www.nbcwashington.com/wp-content/themes/nbc-station/static/js/ 880 KB
240 KB 159ms
153ms Script
application/javascript 96.16.128.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nbcwashington.com/wp-content/themes/nbc-station/static/js/player.6.1.3.js?ver=1.0.2

Requested by

Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.16.128.69 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-128-69.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

285cea5b8e3e40a96191cbb561cd074d277805bb314110dd4480d8042632f7e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-rq: hhn2 0 2 9980
content-encoding: gzip
date: Fri, 04 Nov 2022 18:52:04 GMT
last-modified: Mon, 17 Oct 2022 16:06:59 GMT
server: nginx
strict-transport-security: max-age=31536000 ; includeSubDomains
etag: W/"634d7da3-dc137"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 245428
expires: Sat, 04 Nov 2023 18:22:27 GMT

GET
H2 200 videoPlayer.7467d724b220d207aaa8.bundle.min.js Show response
www.nbcwashington.com/wp-content/themes/nbc-station/client/build/js/ 2 KB
1 KB 160ms
155ms Script
application/javascript 96.16.128.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nbcwashington.com/wp-content/themes/nbc-station/client/build/js/videoPlayer.7467d724b220d207aaa8.bundle.min.js

Requested by

Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.16.128.69 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-128-69.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

08cf5f0f53253de103d4ecdc15d8f1caef5316313de073461733bd2e31bbb939

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-rq: hhn2 0 2 9980
content-encoding: gzip
date: Fri, 04 Nov 2022 18:52:04 GMT
last-modified: Fri, 21 Oct 2022 18:10:19 GMT
server: nginx
strict-transport-security: max-age=31536000 ; includeSubDomains
etag: W/"6352e08b-96b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1170
expires: Sat, 04 Nov 2023 17:59:01 GMT

GET
H2 200 electionsBlock.b706fc186140ad5b70a7.bundle.min.js Show response
www.nbcwashington.com/wp-content/themes/nbc-station/client/build/js/ 6 KB
3 KB 82ms
77ms Script
application/javascript 96.16.128.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nbcwashington.com/wp-content/themes/nbc-station/client/build/js/electionsBlock.b706fc186140ad5b70a7.bundle.min.js

Requested by

Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.16.128.69 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-128-69.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

ba014750573ae4b66c0c476eb1da0aa977ecb2cef297077c4ee71474c31e48eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-rq: hhn1 0 2 9980
content-encoding: gzip
date: Fri, 04 Nov 2022 18:52:04 GMT
last-modified: Thu, 03 Nov 2022 20:57:08 GMT
server: nginx
strict-transport-security: max-age=31536000 ; includeSubDomains
etag: W/"63642b24-1846"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 2592
expires: Sat, 04 Nov 2023 16:34:19 GMT

GET
H2 200 responsiveIframe.da4fed1eac56dd020c95.bundle.min.js Show response
www.nbcwashington.com/wp-content/themes/nbc-station/client/build/js/ 977 B
823 B 82ms
77ms Script
application/javascript 96.16.128.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nbcwashington.com/wp-content/themes/nbc-station/client/build/js/responsiveIframe.da4fed1eac56dd020c95.bundle.min.js

Requested by

Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.16.128.69 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-128-69.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

24d95cd21a79bf7fc2804c21ab4c78799d4e01701024bd27ba12b09250212fff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-rq: hhn1 0 2 9980
content-encoding: gzip
date: Fri, 04 Nov 2022 18:52:04 GMT
last-modified: Thu, 03 Nov 2022 20:57:08 GMT
server: nginx
strict-transport-security: max-age=31536000 ; includeSubDomains
etag: W/"63642b24-3d1"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 581
expires: Sat, 04 Nov 2023 14:28:43 GMT

GET
H2 200 flyoutNav.f7b6eab132d19d0ea6aa.bundle.min.js Show response
www.nbcwashington.com/wp-content/themes/nbc-station/client/build/js/ 5 KB
2 KB 160ms
155ms Script
application/javascript 96.16.128.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nbcwashington.com/wp-content/themes/nbc-station/client/build/js/flyoutNav.f7b6eab132d19d0ea6aa.bundle.min.js

Requested by

Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.16.128.69 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-128-69.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

87f9ab9b18b15d6eef1720f92841057c001a336ad922f4c037225573f967b0ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-rq: hhn2 0 2 9980
content-encoding: gzip
date: Fri, 04 Nov 2022 18:52:04 GMT
last-modified: Fri, 21 Oct 2022 18:10:19 GMT
server: nginx
strict-transport-security: max-age=31536000 ; includeSubDomains
etag: W/"6352e08b-154e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 2161
expires: Sat, 04 Nov 2023 18:12:51 GMT

GET
H2 200 articleContent.f77e906ed74b9bbb768b.bundle.min.js Show response
www.nbcwashington.com/wp-content/themes/nbc-station/client/build/js/ 0
208 B 160ms
156ms Script
application/javascript 96.16.128.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nbcwashington.com/wp-content/themes/nbc-station/client/build/js/articleContent.f77e906ed74b9bbb768b.bundle.min.js

Requested by

Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.16.128.69 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-128-69.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-rq: hhn2 0 2 9980
date: Fri, 04 Nov 2022 18:52:04 GMT
strict-transport-security: max-age=31536000 ; includeSubDomains
last-modified: Fri, 21 Oct 2022 18:10:19 GMT
server: nginx
etag: "6352e08b-0"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 0
expires: Sat, 04 Nov 2023 17:40:18 GMT

GET
H2 200 weatherConditions.a03d9a5aa4bb98e8cbd8.bundle.min.js Show response
www.nbcwashington.com/wp-content/themes/nbc-station/client/build/js/ 8 KB
3 KB 160ms
156ms Script
application/javascript 96.16.128.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nbcwashington.com/wp-content/themes/nbc-station/client/build/js/weatherConditions.a03d9a5aa4bb98e8cbd8.bundle.min.js

Requested by

Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.16.128.69 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-128-69.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

03672d47613f5c19502577d4c8668ea0d854cee559be85dcd14207a97d806db6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-rq: hhn1 0 2 9980
content-encoding: gzip
date: Fri, 04 Nov 2022 18:52:04 GMT
last-modified: Fri, 21 Oct 2022 18:10:19 GMT
server: nginx
strict-transport-security: max-age=31536000 ; includeSubDomains
etag: W/"6352e08b-1e41"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 3232
expires: Sat, 04 Nov 2023 18:52:04 GMT

GET
H2 200 launch-6a742ce4ddf5.min.js Show response
assets.adobedtm.com/a2ef59fba8e9/3ba8c6b033ff/ 241 KB
68 KB 92ms
6ms Script
application/x-javascript 2a02:26f0:1700:494::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/a2ef59fba8e9/3ba8c6b033ff/launch-6a742ce4ddf5.min.js
Requested by: Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:494::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 4150d571d0ad505dd6c1987a542a04e5f9676f30549aaab58be044007df0dca4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:52:04 GMT
content-encoding: gzip
last-modified: Tue, 07 Jun 2022 14:06:19 GMT
server: AkamaiNetStorage
etag: "588e3d4410f9a7282eb1b5aa7643e243:1654610779.532617"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.nbcwashington.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 69631
expires: Fri, 04 Nov 2022 19:52:04 GMT

GET
H2 200 sfp.js Show response
native.sharethrough.com/assets/ 299 KB
77 KB 76ms
8ms Script
application/javascript 108.138.7.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://native.sharethrough.com/assets/sfp.js
Requested by: Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.138.7.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-138-7-41.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3c917803eec203f6b2d0069cb4f89f40abc555e04d4caca4fb793e40a294c5e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:15:03 GMT
content-encoding: gzip
via: 1.1 f61953901038b0c4b4c82c311140f1b8.cloudfront.net (CloudFront)
last-modified: Thu, 03 Nov 2022 15:14:57 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P6
age: 2222
etag: W/"32fb61c22ae1c29dba6fb7a4a4295523"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: jnmByIzJwJfOoH5zP8NPktZ-BDVcgaO0DXSSq1RUl6-OW7vJgfIrng==
expires: Thu, 03 Nov 2022 16:14:56 GMT

GET
H2 200 spm.v1.min.js Show response
ak.sail-horizon.com/spm/ 124 KB
44 KB 82ms
9ms Script
application/javascript 18.66.147.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ak.sail-horizon.com/spm/spm.v1.min.js
Requested by: Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-70.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a8236998816487aa6623e3626d7cd50f395e3deee0732c33b150bec3cb81f9a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:42:31 GMT
content-encoding: gzip
via: 1.1 12e62b05f63a1a2118cca20014b15012.cloudfront.net (CloudFront)
last-modified: Thu, 15 Sep 2022 23:20:31 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 574
etag: W/"97dd801dd26ae0172c7875245d92f506"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=600; must-revalidate
x-amz-cf-id: a51VE7rgStyK181kPXdT3wOYg1jquYpNOZBKumSthpvR8H-XcC3kJQ==

GET
H2 200 185796-256714881512110.js Show response
js-sec.indexww.com/ht/p/ 108 KB
33 KB 137ms
66ms Script
text/javascript 104.18.12.76
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/p/185796-256714881512110.js
Requested by: Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.12.76 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cc5a824b335fb27ef0c20eb4361fdd3e6bf05d432805939e78c920a6322a1aa3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:52:04 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 04 Nov 2022 18:36:48 GMT
server: cloudflare
age: 810
etag: W/"da4cbc-1b02f-5eca95b43d5c6"
vary: Accept-Encoding
content-type: text/javascript
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=14400
cf-ray: 764f8b723ed1698b-FRA
expires: Fri, 04 Nov 2022 22:52:04 GMT

GET
H2 200 wp-embed.min.js Show response
www.nbcwashington.com/wp-includes/js/ 1 KB
1007 B 161ms
155ms Script
application/javascript 96.16.128.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nbcwashington.com/wp-includes/js/wp-embed.min.js?ver=5.8.6

Requested by

Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.16.128.69 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-128-69.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-rq: hhn2 0 2 9980
content-encoding: gzip
date: Fri, 04 Nov 2022 18:52:04 GMT
last-modified: Tue, 01 Nov 2022 19:35:04 GMT
server: nginx
strict-transport-security: max-age=31536000 ; includeSubDomains
etag: W/"636174e8-592"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 765
expires: Fri, 03 Nov 2023 02:52:23 GMT

GET
H2 200 e-202244.js Show response
stats.wp.com/ 9 KB
3 KB 47ms
6ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202244.js
Requested by: Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-nc: HIT hhn
date: Fri, 04 Nov 2022 18:52:04 GMT
content-encoding: br
server: nginx
etag: W/"6197c5cf-3508"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Sat, 21 Oct 2023 06:38:30 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 79 KB
27 KB 115ms
20ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

358b3eb517aa9a092a9e99bdbdd77aed0d06488781101c6b7acaf40e8de4973e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:52:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27413
x-xss-protection: 0
server: sffe
etag: "1384 / 508 of 1000 / last-modified: 1667560199"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 04 Nov 2022 18:52:04 GMT

GET
DATA 200
OK truncated
/ 178 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 001ddcc6f10fe9de9074dcd3f09ca6a8a62201b8eadf585ea618c532405ad565

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 488 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 658c7c6c6ca3966abb8e05d4b3d6acdb4f75d31903e90d58c1bff31d581e676c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 ArthouseOwned-Medium.woff2
www.nbcwashington.com/wp-content/themes/nbc-station/client/build/media/ 51 KB
52 KB 87ms
86ms Font
font/woff2 96.16.128.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nbcwashington.com/wp-content/themes/nbc-station/client/build/media/ArthouseOwned-Medium.woff2

Requested by

Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.16.128.69 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-128-69.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

e970076927edd20deaa79b96fbfa750a66592690e2fcdebfd62ac0a12b92a664

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains

Request headers

Referer: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
Origin: https://www.nbcwashington.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-rq: hhn1 0 2 9980
content-encoding: gzip
date: Fri, 04 Nov 2022 18:52:04 GMT
last-modified: Thu, 03 Nov 2022 20:57:08 GMT
server: nginx
strict-transport-security: max-age=31536000 ; includeSubDomains
etag: W/"63642b24-cc80"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 52364
expires: Fri, 03 Nov 2023 20:59:40 GMT

GET
H2 200 ArthouseOwned-Bold.woff2
www.nbcwashington.com/wp-content/themes/nbc-station/client/build/media/ 52 KB
52 KB 90ms
90ms Font
font/woff2 96.16.128.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nbcwashington.com/wp-content/themes/nbc-station/client/build/media/ArthouseOwned-Bold.woff2

Requested by

Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.16.128.69 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-128-69.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

51fccaf84a833109409acfec09e7c66755a3ba6fbc5f098a17ecba48b8ddfb1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains

Request headers

Referer: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
Origin: https://www.nbcwashington.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-rq: hhn2 0 2 9980
content-encoding: gzip
date: Fri, 04 Nov 2022 18:52:04 GMT
last-modified: Thu, 03 Nov 2022 20:57:08 GMT
server: nginx
strict-transport-security: max-age=31536000 ; includeSubDomains
etag: W/"63642b24-cee4"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 53002
expires: Fri, 03 Nov 2023 21:01:45 GMT

GET
DATA 200
OK truncated
/ 298 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 74bc3815b4077f743c8c0e49b55a16f2e7ce15bcdaf8262f42cc325f34bd1be3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 252 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d907cc0c4954f89fcdaf9ae17505474d44d1ba3f279fb04c09e7a76d49b78ddf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 871 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 082f579d2670dd6302b31a7be61ece128710bf84b8f46b6b7208967ed883a390

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 544 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7b5e7285786c817aa1bb66afb1d3d9b28fe82cf82f346270d2f5694f5940a3e6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 312 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9f41f12b99ca3b53367cbb974af11d5aa9eaa6a5133bfc8816d9f885aa5d6d27

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 Roboto-Regular.woff2
www.nbcwashington.com/wp-content/themes/nbc-station/client/build/media/ 11 KB
11 KB 132ms
131ms Font
font/woff2 96.16.128.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nbcwashington.com/wp-content/themes/nbc-station/client/build/media/Roboto-Regular.woff2

Requested by

Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.16.128.69 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-128-69.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains

Request headers

Referer: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
Origin: https://www.nbcwashington.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-rq: hhn2 0 2 9980
content-encoding: gzip
date: Fri, 04 Nov 2022 18:52:04 GMT
last-modified: Thu, 03 Nov 2022 20:57:08 GMT
server: nginx
strict-transport-security: max-age=31536000 ; includeSubDomains
etag: W/"63642b24-2b08"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 11039
expires: Fri, 03 Nov 2023 21:09:07 GMT

GET
H2 200 ArthouseOwned-Black.woff2
www.nbcwashington.com/wp-content/themes/nbc-station/client/build/media/ 47 KB
48 KB 132ms
132ms Font
font/woff2 96.16.128.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nbcwashington.com/wp-content/themes/nbc-station/client/build/media/ArthouseOwned-Black.woff2

Requested by

Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.16.128.69 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-128-69.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

7085f3cd641ed3383b2aefc1fca82a30ccf27818fbce4e7db66dda88e55ae25a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains

Request headers

Referer: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
Origin: https://www.nbcwashington.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-rq: hhn2 0 2 9980
content-encoding: gzip
date: Fri, 04 Nov 2022 18:52:04 GMT
last-modified: Thu, 03 Nov 2022 20:57:08 GMT
server: nginx
strict-transport-security: max-age=31536000 ; includeSubDomains
etag: W/"63642b24-bcb8"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 48345
expires: Fri, 03 Nov 2023 21:11:43 GMT

GET
H2 200 NBC4-1200x675-SharetheWarmth.png
media.nbcwashington.com/2022/11/ 4 KB
4 KB 80ms
67ms Image
image/webp 2a02:26f0:1700:385::507
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.nbcwashington.com/2022/11/NBC4-1200x675-SharetheWarmth.png?fit=1200%2C675&quality=85&strip=all&w=170&h=96&crop=1

Requested by

Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:385::507 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

ee977fc9637c2b47a1564834a56b4638cedbef87df4d454db64889b54a2a3b57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 04 Nov 2022 18:52:04 GMT
content-length: 3628
x-rq: hhn1 109 88 443
last-modified: Fri, 04 Nov 2022 18:52:04 GMT
server: nginx
etag: "fb35caedbe971b15"
vary: Accept
access-control-max-age: 86400
content-type: image/webp
access-control-allow-origin: *
access-control-allow-methods: GET,POST
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
expires: Sat, 04 Nov 2023 18:52:04 GMT

GET
H2 200 nov-4-grocery-store-shooting.jpg
media.nbcwashington.com/2022/11/ 3 KB
4 KB 34ms
21ms Image
image/webp 2a02:26f0:1700:385::507
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.nbcwashington.com/2022/11/nov-4-grocery-store-shooting.jpg?quality=85&strip=all&fit=4032%2C3024&w=170&h=96&crop=1

Requested by

Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:385::507 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

abb1564b7faef7ce9cc7e96e9b88d4d932d998eb6f3dfdec4048b5f60ed8e4c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 04 Nov 2022 18:52:04 GMT
content-length: 3326
x-rq: hhn1 109 83 443
last-modified: Fri, 04 Nov 2022 16:29:45 GMT
server: nginx
etag: "0b379dd0b00e0ea0"
vary: Accept
access-control-max-age: 86400
content-type: image/webp
access-control-allow-origin: *
access-control-allow-methods: GET,POST
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
expires: Sat, 04 Nov 2023 16:29:45 GMT

GET
H/1.1 200
OK / Show response
data.nbcstations.com/national/2022/DC/ransomware/ Frame 67A2 8 KB
2 KB 1405ms
1246ms Document
text/html 2a02:26f0:3500:589::5ac
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://data.nbcstations.com/national/2022/DC/ransomware/
Requested by: Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:589::5ac Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 43923a9741e5894f4547101700f7303f91a609aa76f64f63d6da0d6b1ce06702

Request headers

Referer: https://www.nbcwashington.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1766
Content-Type: text/html
Date: Fri, 04 Nov 2022 18:52:06 GMT
ETag: "2172-5d734d0bcf3ce-gzip"
Last-Modified: Fri, 04 Feb 2022 17:45:23 GMT
Server: nginx
Vary: Accept-Encoding,User-Agent

GET
DATA 200
OK truncated
/ 222 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7f5be9193f5443e364cc12cc4bcac4bd329730f890288921b41d16b0ce1b142a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1002 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e58b529d0358a268a829d1a81346ddd9b081d0936fe8ad776a9196389491e7b2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 ArthouseOwned-BlackItalic.woff2
www.nbcwashington.com/wp-content/themes/nbc-station/client/build/media/ 52 KB
52 KB 19ms
18ms Font
font/woff2 96.16.128.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nbcwashington.com/wp-content/themes/nbc-station/client/build/media/ArthouseOwned-BlackItalic.woff2

Requested by

Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.16.128.69 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-128-69.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

4332c884ec3750287d10ad254e9f86df95698154b80ca213d665e19ef970ecb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains

Request headers

Referer: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
Origin: https://www.nbcwashington.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-rq: hhn1 0 2 9980
content-encoding: gzip
date: Fri, 04 Nov 2022 18:52:04 GMT
last-modified: Thu, 03 Nov 2022 20:57:08 GMT
server: nginx
strict-transport-security: max-age=31536000 ; includeSubDomains
etag: W/"63642b24-cf80"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 53158
expires: Fri, 03 Nov 2023 21:03:12 GMT

GET
H2 200 dnsfeed Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/location/ 81 B
250 B 68ms
38ms Script
text/javascript 2606:4700:4400::ac40:929e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location/dnsfeed

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:929e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8518882d24d5c83caa6bb6ae8f88b2f89524037f9bebc83d2f0741c5d6d1c7ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:52:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
cf-ray: 764f8b733c20bb9b-FRA
vary: Accept-Encoding
content-type: text/javascript

GET
H2 200 a4ab8b1a-9be6-49ad-a4a2-40f17adfc9f9.json Show response
cdn.cookielaw.org/consent/a4ab8b1a-9be6-49ad-a4a2-40f17adfc9f9/ 4 KB
2 KB 30ms
30ms XHR
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/a4ab8b1a-9be6-49ad-a4a2-40f17adfc9f9/a4ab8b1a-9be6-49ad-a4a2-40f17adfc9f9.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/consent/a4ab8b1a-9be6-49ad-a4a2-40f17adfc9f9/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

943e812c6b9018cfca4cbac405a38934fadbd9a7b5b4c314b509de89ee5f3cf3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 04 Nov 2022 18:52:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: G4IFLQC6pHTTtkyNYvt+gQ==
age: 14262
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 1604
x-ms-lease-status: unlocked
last-modified: Thu, 07 Jul 2022 18:25:18 GMT
server: cloudflare
etag: 0x8DA60460B61DF75
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 90e05371-301e-0092-717e-9d4f50000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 764f8b7308a068ec-FRA
expires: Fri, 04 Nov 2022 22:52:04 GMT

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 37 KB
15 KB 62ms
8ms Script
application/x-javascript 2600:9000:2057:1000:18:1fcd:351:7bc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:1000:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 300706e57de1a7af148bd670379c4b39bb36dda8160e42d92747a3139af37816

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:49:19 GMT
content-encoding: gzip
via: 1.1 62dc260e32d7b9197a4511447f6a264a.cloudfront.net (CloudFront)
last-modified: Wed, 20 Jul 2022 00:50:34 GMT
server: nginx
x-amz-cf-pop: FRA6-C1
age: 166
etag: W/"62d7515a-933f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-id: 4mHYpaZpBrGoO9N8gTfG8gJVGlfWGIK_c-CoVrU7RrE_sld97wpUFw==
expires: Fri, 04 Nov 2022 20:49:19 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 40ms
10ms Script
application/javascript 18.66.147.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-86.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 11:46:35 GMT
content-encoding: gzip
via: 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
last-modified: Tue, 28 Jun 2022 13:19:23 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 49326
x-amz-server-side-encryption: AES256
etag: W/"eaf85c1c6758e84acfe134efd70e9373"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: HBp_MJ1ooTt8KF8ZRSA-HABjuoL56UQR0uBTe7uDM3zfDgASKT-5oA==

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/nbcots-network/ 628 KB
45 KB 44ms
9ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/nbcots-network/loader.js
Requested by: Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 41cc6337900eece09cac31f2b023c363cd2a723245b008788a943ff03d875f6a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id: qH3S0Obk.8DgUKJR4TLuZrbNdu0yIZNq
content-encoding: gzip
via: 1.1 varnish
date: Fri, 04 Nov 2022 18:52:05 GMT
x-amz-request-id: 9AS9KNH07ME81MY3
age: 106
x-cache: HIT
content-length: 45229
x-amz-id-2: nbdEE8tSRkprFGATLSCN3zyUwdoRx5iRc83rcUwyKh8+pmPe54Ru2QiqREEeh+21+KNJUF+Wot4=
x-served-by: cache-fra-eddf8230022-FRA
last-modified: Thu, 03 Nov 2022 13:24:55 GMT
server: AmazonS3
x-timer: S1667587925.011758,VS0,VE1
etag: "f68a7ab4a140c0cb4d8cb08a086481b6"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 43
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 1

GET
H2 204 newsroom.js Show response
c2.taboola.com/nr/nbcots-wrc/ 0
272 B 239ms
208ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://c2.taboola.com/nr/nbcots-wrc/newsroom.js
Requested by: Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-served-by: cache-fra-eddf8230031-FRA
date: Fri, 04 Nov 2022 18:52:05 GMT
via: 1.1 varnish
server: AmazonS3
x-amz-request-id: 3J15AGAW6SR86W3B
x-timer: S1667587925.007908,VS0,VE202
x-cache: MISS
content-type: application/javascript
accept-ranges: bytes
x-amz-id-2: p0VboQjCWoCXDROTj1l06BIMeK5Dg+XfyHzySBJjdOvpn+9txBJpwCpTBQ3ysKLEUYJzDXTs784=
x-cache-hits: 0

GET
DATA 200
OK truncated
/ 318 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d6a343d1f22a917f6cd12624a677162451fa8c0f9059b5b8abbf06eab46b793a

Request headers

Referer
Origin: https://www.nbcwashington.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 495 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 19adad8c96fb9028c466ecab6e6ed081c2bd70cd8655a78c03e3bee6c7d9ac2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 nov-4-grocery-store-shooting.jpg
media.nbcwashington.com/2022/11/ 1 KB
2 KB 15ms
15ms Image
image/webp 2a02:26f0:1700:385::507
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.nbcwashington.com/2022/11/nov-4-grocery-store-shooting.jpg?quality=85&strip=all&resize=100%2C56

Requested by

Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:385::507 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

2e9f88df02cc6433b5e0b4ff85534f5a011d3b55a85bbb1e2835b0a396af53fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 04 Nov 2022 18:52:04 GMT
content-length: 1432
x-rq: hhn1 109 83 443
last-modified: Fri, 04 Nov 2022 16:40:36 GMT
server: nginx
etag: "8a8ac6c5cb9df625"
vary: Accept
access-control-max-age: 86400
content-type: image/webp
access-control-allow-origin: *
access-control-allow-methods: GET,POST
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
expires: Sat, 04 Nov 2023 16:40:36 GMT

GET
H2 200 GettyImages-1244399239.jpg
media.nbcwashington.com/2022/11/ 2 KB
2 KB 33ms
33ms Image
image/webp 2a02:26f0:1700:385::507
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.nbcwashington.com/2022/11/GettyImages-1244399239.jpg?quality=85&strip=all&resize=100%2C56

Requested by

Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:385::507 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

40547a1b3593bd9873e0bdb7e4840f6eb4c56b33a27f57653a55b3f708b93009

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 04 Nov 2022 18:52:05 GMT
content-length: 1984
x-rq: hhn1 109 83 443
last-modified: Wed, 02 Nov 2022 10:08:41 GMT
server: nginx
etag: "7b05ecd25bb2d33c"
vary: Accept
access-control-max-age: 86400
content-type: image/webp
access-control-allow-origin: *
access-control-allow-methods: GET,POST
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
expires: Thu, 02 Nov 2023 10:08:41 GMT

GET
H2 200 POWERBALL-1B.jpg
media.nbcwashington.com/2022/10/ 3 KB
3 KB 24ms
24ms Image
image/webp 2a02:26f0:1700:385::507
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.nbcwashington.com/2022/10/POWERBALL-1B.jpg?quality=85&strip=all&resize=100%2C56

Requested by

Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:385::507 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

1a4c8b6d2ae9966e21cf323b1ec200267c57a31d938ebfdc482f6d8d251c3599

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 04 Nov 2022 18:52:04 GMT
content-length: 2774
x-rq: hhn1 109 32 443
last-modified: Wed, 02 Nov 2022 16:53:10 GMT
server: nginx
etag: "d78902527353f85b"
vary: Accept
access-control-max-age: 86400
content-type: image/webp
access-control-allow-origin: *
access-control-allow-methods: GET,POST
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
expires: Thu, 02 Nov 2023 16:53:10 GMT

GET
H2 200 tlmd-ganadores-powerball.jpg
media.nbcwashington.com/2022/10/ 2 KB
2 KB 24ms
24ms Image
image/webp 2a02:26f0:1700:385::507
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.nbcwashington.com/2022/10/tlmd-ganadores-powerball.jpg?quality=85&strip=all&resize=100%2C56

Requested by

Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:385::507 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

7c3b97969857993e9fce96afdc4f34f6b63ff110e681be5acf6b55f8afb11f60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 04 Nov 2022 18:52:04 GMT
content-length: 2050
x-rq: hhn1 109 28 443
last-modified: Thu, 03 Nov 2022 16:55:24 GMT
server: nginx
etag: "6cdeacdb7515ea6d"
vary: Accept
access-control-max-age: 86400
content-type: image/webp
access-control-allow-origin: *
access-control-allow-methods: GET,POST
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
expires: Fri, 03 Nov 2023 16:55:24 GMT

GET
H2 200 Maryland-Teacher-Leaves-School-With-27-Kids.jpg
media.nbcwashington.com/2022/11/ 2 KB
2 KB 1027ms
1027ms Image
image/webp 2a02:26f0:1700:385::507
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://media.nbcwashington.com/2022/11/Maryland-Teacher-Leaves-School-With-27-Kids.jpg?quality=85&strip=all&resize=100%2C56

Requested by

Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:1700:385::507 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

058531a130cd22a620b2348073c12e21691b59840f51d60f478082473b809452

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 04 Nov 2022 18:52:06 GMT
content-length: 1742
x-rq: hhn1 109 195 443
last-modified: Fri, 04 Nov 2022 00:44:45 GMT
server: nginx
etag: "8dbda9162b66bb20"
vary: Accept
access-control-max-age: 86400
content-type: image/webp
access-control-allow-origin: *
access-control-allow-methods: GET,POST
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
expires: Sat, 04 Nov 2023 00:44:45 GMT

GET
DATA 200
OK truncated
/ 495 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e8b4b0aa6c6f247658c8821e74e67ed1681b80eb6417952b431b594c78ff32f5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 branch-latest.min.js Show response
cdn.branch.io/ 72 KB
22 KB 54ms
14ms Script
text/javascript 18.65.39.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.branch.io/branch-latest.min.js
Requested by: Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.27 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-27.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a2b8e33b3bd7963b17d4e00a1762ecdf16a098ac11003187de037f5bde432470

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id: 7LwDFOrChE_IOhoTmyDJFpE5s1gY2Pad
content-encoding: gzip
via: 1.1 a4583a5b47f0a64ec35be32f95ac1b46.cloudfront.net (CloudFront)
date: Fri, 04 Nov 2022 18:49:51 GMT
last-modified: Wed, 19 Oct 2022 18:08:15 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-P1
age: 135
etag: "55e1fd55faa41d65d95b6c225c07a55f"
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=300
content-length: 22021
x-amz-cf-id: JcFIXN-kveZYfU-ddgJ28abvnOgqeChelVPs__Np3tm9RJh6E5dEDw==

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 988 B
1 KB 298ms
37ms XHR
application/json 99.81.236.184
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=A8AB776A5245B4220A490D44%40AdobeOrg&d_nsid=0&ts=1667587925148

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a2ef59fba8e9/3ba8c6b033ff/launch-6a742ce4ddf5.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.81.236.184 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-81-236-184.eu-west-1.compute.amazonaws.com

Software

Resource Hash

cebf3e8225847788fe4831794866864d3dfa406b1e302a1caae64cabf840c5fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.nbcwashington.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-2-v045-017f03edc.edge-irl1.demdex.com 4 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: yzb63OBrRjM=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.nbcwashington.com
Content-Type: application/json;charset=utf-8
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 551
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 AppMeasurement.min.js Show response
assets.adobedtm.com/extensions/EPb56e12d7054b4acea984e91c910051cc/ 33 KB
12 KB 7ms
7ms Script
application/x-javascript 2a02:26f0:1700:494::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPb56e12d7054b4acea984e91c910051cc/AppMeasurement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a2ef59fba8e9/3ba8c6b033ff/launch-6a742ce4ddf5.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:494::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 04d439e000eb278a036c741b3a0b3ddb4b22087ff0bbb9342a6be5dc7d1ab60a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

unused62: 8096267
date: Fri, 04 Nov 2022 18:52:05 GMT
content-encoding: gzip
last-modified: Mon, 18 Oct 2021 21:37:16 GMT
server: AkamaiNetStorage
etag: "820eb42f3120ddf65e303b24a8285815:1634593036.305122"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.nbcwashington.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 12200
expires: Fri, 04 Nov 2022 19:52:05 GMT

GET
H2 200 AppMeasurement_Module_ActivityMap.min.js Show response
assets.adobedtm.com/extensions/EPb56e12d7054b4acea984e91c910051cc/ 3 KB
2 KB 8ms
8ms Script
application/x-javascript 2a02:26f0:1700:494::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPb56e12d7054b4acea984e91c910051cc/AppMeasurement_Module_ActivityMap.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a2ef59fba8e9/3ba8c6b033ff/launch-6a742ce4ddf5.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:494::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 99affd7a1c868ecf15a0789fc85e87ca23ae783e7916aee316e6282d9777369c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

unused62: 8096267
date: Fri, 04 Nov 2022 18:52:05 GMT
content-encoding: gzip
last-modified: Mon, 18 Oct 2021 21:37:16 GMT
server: AkamaiNetStorage
etag: "abbe69e5c8f385f00652c3d0c2bba347:1634593036.557115"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.nbcwashington.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 1594
expires: Fri, 04 Nov 2022 19:52:05 GMT

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ 121 KB
40 KB 65ms
30ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/185796-256714881512110.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

87f31cded62015a1d11cce6be7a32b77405de2fb36f4b8a7c2c5a4ccabd6a403

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:52:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Mon, 24 Oct 2022 11:21:19 GMT
server: nginx
etag: W/"6356752f-1e444"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 05 Nov 2022 18:52:05 GMT

GET
H2 200 / Show response
id.sv.rkdms.com/identity/ 2 B
171 B 341ms
123ms XHR
application/json 34.202.126.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://id.sv.rkdms.com/identity/?vendor=idsv2&sv_cid=5274_04512&sv_pubid=NBCLOCAL&sv_domain=www.nbcwashington.com
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/185796-256714881512110.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.202.126.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-202-126-101.compute-1.amazonaws.com
Software: nginx/1.22.0 /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.nbcwashington.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: https://www.nbcwashington.com
date: Fri, 04 Nov 2022 18:52:05 GMT
access-control-allow-credentials: true
server: nginx/1.22.0
content-length: 2
vary: Origin
content-type: application/json

GET
H2 200 rid Show response
match.adsrvr.org/track/ 63 B
394 B 229ms
31ms XHR
application/json 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=185796
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/185796-256714881512110.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 222117d34dd32a4b971bc241cb2639dd304de7134d5c09642626b623e649af46

Request headers

Referer: https://www.nbcwashington.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 04 Nov 2022 18:52:05 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.nbcwashington.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 63
expires: Sun, 04 Dec 2022 18:52:05 GMT

GET
H2 451 identity Show response
api.rlcdn.com/api/ 44 B
364 B 220ms
23ms XHR
text/plain 34.120.133.55

General

Check archive.org

Show headers Download Go to

Full URL

https://api.rlcdn.com/api/identity?pid=2&rt=envelope

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/185796-256714881512110.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.133.55 Kansas City, United States, ASN396982 (),

Reverse DNS

55.133.120.34.bc.googleusercontent.com

Software

Resource Hash

da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nbcwashington.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 04 Nov 2022 18:52:05 GMT
via: 1.1 google
x-content-type-options: nosniff
access-control-allow-methods: GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.nbcwashington.com
access-control-allow-credentials: true
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length: 44
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 g.gif
pixel.wp.com/ 50 B
116 B 12ms
6ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&j=1%3A10.9&blog=165596213&post=2961727&tz=-4&srv=www.nbcwashington.com&hp=vip&host=www.nbcwashington.com&ref=&fcp=2422&rand=0.9648428278005075
Requested by: Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 04 Nov 2022 18:52:05 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H2 200 pubads_impl_2022110201.js Show response
securepubads.g.doubleclick.net/gpt/ 380 KB
129 KB 169ms
13ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110201.js?cb=31070732

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d726276ed26c9cee416eb8c7c8205d7984a3075d4507301e002a60bd64cdc90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Thu, 03 Nov 2022 10:46:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 115512
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131066
x-xss-protection: 0
last-modified: Wed, 02 Nov 2022 08:35:34 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 03 Nov 2023 10:46:53 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 142 B
725 B 179ms
24ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.nbcwashington.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0d245890f21fc25bc4cbea250cba106e6bfe4efb98328476036597926a19f26f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:52:05 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 90
x-xss-protection: 0
expires: Fri, 04 Nov 2022 18:52:05 GMT

GET
H2 200 location Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/ 72 B
310 B 56ms
35ms XHR
application/json 2606:4700:4400::ac40:929e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/consent/a4ab8b1a-9be6-49ad-a4a2-40f17adfc9f9/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:929e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6bd5068ee3f41ad2ed4f003c13c4e939021c77f7a69ac82d25211c72868b520e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept: application/json
Referer: https://www.nbcwashington.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:52:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/json
access-control-allow-origin: *
cf-ray: 764f8b74cbf390fb-FRA
access-control-allow-headers: Content-Type

GET
DATA 200
OK truncated
/ 602 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7268811aec102a2a5629fe970de1104d0fe3c26fbd3f6aaee0a86afeb83463eb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 836 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7fdca3b256a891e7750a3ef41a8cdedb3f8b1ea71c62d9aa43e68400ea95b9fc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 68307e0844d10272b324f7128e0fdaa14e6ed997127c84aef763450493cd96e8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 748baf8cf04ae0964028f44b61896a87f1192a505281d66c4cb9f6ad5bd36ac1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4b91c05036678091c0030fbe505d5fd21c57fd0594ec9dee55170d01dcdd5977

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 61a24d2b5c4eaadc8bee81696a4534fee8a6c43bd2b291ce52df6821ef2c7db2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 current.js Show response
sb.scorecardresearch.com/plugins/streaming-theplatform/v2/ 211 KB
54 KB 14ms
13ms Script
application/javascript 18.66.147.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/plugins/streaming-theplatform/v2/current.js
Requested by: Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/wp-content/themes/nbc-station/static/js/player.6.1.3.js?ver=1.0.2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-86.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c8ee725acb9b5e7f9b47cfe186b2fd300241912e7b2bc0e725cca2018c4d5619

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:45:38 GMT
content-encoding: gzip
via: 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
last-modified: Fri, 26 Feb 2021 14:39:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 393
x-amz-server-side-encryption: AES256
etag: W/"d66a3a4675b852d43a4b63cac8eff1aa"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: UR2zf-pJIdQrMBtNdsiX3dS_jvdOMY6BkRk2WZoI4Tm2dmjcEGfKrA==

GET
H2 200 MoatPlugIn.js Show response
z.moatads.com/the_platform_pdk_029384908/ 5 KB
2 KB 13ms
12ms Script
application/x-javascript 2.19.107.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/the_platform_pdk_029384908/MoatPlugIn.js
Requested by: Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/wp-content/themes/nbc-station/static/js/player.6.1.3.js?ver=1.0.2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.107.55 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-107-55.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: a3bbc289bf959e8e83fa74f6f922f827cf7cea8596e2d87800d258c7642d6ab5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

unused62: 8096267
date: Fri, 04 Nov 2022 18:52:05 GMT
content-encoding: gzip
last-modified: Wed, 02 Dec 2020 15:09:30 GMT
server: AmazonS3
x-amz-request-id: 78F7BD127CD81AB1
etag: "565c54c8f052a6fd51524ec6233c87af"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=17696
accept-ranges: bytes
content-length: 2237
x-amz-id-2: frAmb6dxjsfOVE3XmCnlYu3hodlUpHQ9hlaMKbbHLy8brYWzMgb5adB8OQIwhzp7fXA7DVpaISk=

GET
H2 200 VideoHeartbeat.1.0.js Show response
www.nbcwashington.com/wp-content/themes/nbc-station/static/video/videoHeartbeat/ 273 KB
65 KB 37ms
37ms Script
application/javascript 96.16.128.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nbcwashington.com/wp-content/themes/nbc-station/static/video/videoHeartbeat/VideoHeartbeat.1.0.js

Requested by

Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/wp-content/themes/nbc-station/static/js/player.6.1.3.js?ver=1.0.2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.16.128.69 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-128-69.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

dedb8d16bcb79e6b0c1bed21f6f32493a32f09d2ace418343fbedcbbaa777313

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-rq: hhn2 0 2 9980
content-encoding: gzip
date: Fri, 04 Nov 2022 18:52:05 GMT
last-modified: Mon, 17 Oct 2022 15:47:18 GMT
server: nginx
strict-transport-security: max-age=31536000 ; includeSubDomains
etag: W/"634d7906-44504"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 66399
expires: Sat, 04 Nov 2023 18:20:00 GMT

GET
H2 200 videos Show response
www.nbcwashington.com/wp-json/nbc/v1/template/ 743 KB
85 KB 780ms
780ms Fetch
application/json 96.16.128.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nbcwashington.com/wp-json/nbc/v1/template/videos?_locale=user

Requested by

Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/wp-includes/js/dist/api-fetch.min.js?ver=134e23b5f88ba06a093f9f92520a98df

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.16.128.69 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-128-69.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

1507a904689c100821bb8cf277ed9fd6e8efbc1d60c1d0dd917d81bddc879ec1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, */*;q=0.1
Referer: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
accept-language: de-DE,de;q=0.9
X-WP-Nonce: b6f7524c98
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:52:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000 ; includeSubDomains
x-rq: hhn1 0 2 9980
server: nginx
allow: GET
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
cache-control: max-age=60
accept-ranges: bytes
x-robots-tag: noindex
link: <https://www.nbcwashington.com/wp-json/>; rel="https://api.w.org/"
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
x-wp-nonce: b6f7524c98

GET
DATA 200
OK truncated
/ 46 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8228c5284b96616b8873d2985b9c7cf4f25e38c8e40237a01a7bb80c74ab114b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf8

GET
H2 200 v2 Show response
mb.moatads.com/yi/ 530 B
704 B 189ms
55ms Script
text/html 52.215.141.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mb.moatads.com/yi/v2?ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CE%24%3D!!t*8Wi_lOfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-HQPfcs6wZ10QbMk%2BqjMratT%2F8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-3wQSTAc2oUtvHw%3D%3D&sc=1&os=1-fg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&url=https%3A%2F%2Fwww.nbcwashington.com%2Finvestigations%2Finside-the-battle-against-ransomware-attacks%2F2961727%2F&pcode=nbcuyieldheader7581548001&rx=865697338925&callback=MoatNadoAllJsonpRequest_95895563
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/nbcuyieldheader7581548001/moatheader.js?ver=1.0.0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.141.21 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-141-21.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/6.0 /
Resource Hash: f8f2c33fb7386ff63d909399b7399d9132329bb53de31fcf2d331a7f0fb4aab2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:52:05 GMT
cache-control: max-age=900
server: Microsoft-IIS/6.0
timing-allow-origin: *
etag: "76db8a19abd5c01235a690da07d1c5632685c933"
content-length: 530
content-type: text/html; charset=UTF-8

GET
H2 200 load.js Show response
widget.perfectmarket.com/nbcots-network/ 3 KB
2 KB 34ms
16ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.perfectmarket.com/nbcots-network/load.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/nbcots-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 05e37121df175bdbdfbc618c01958bd0c8e18974e8d25e3c16af77ae0a5c91ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id: byo28npJpbqRTLB6eGEzYJO4CMyElLJ9
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Fri, 04 Nov 2022 18:52:05 GMT
x-amz-request-id: ATKA7MNGCYHKX0Z1
age: 248
x-cache: HIT, HIT
content-length: 1175
x-amz-id-2: U71l96L+9LvQ1DHhYr6JeVjQ/PMcx0WV4SeGMlETbwqy870ljYVHkPQU6SAo5xvUWhB8MkWH7hg=
x-served-by: cache-lax10638-LGB, cache-fra-eddf8230033-FRA
last-modified: Fri, 25 Sep 2020 02:01:37 GMT
server: AmazonS3
x-timer: S1667587925.468078,VS0,VE0
etag: "bc91bbea15a36ca07775156ae644d275"
vary: Accept-Encoding,,
content-type: application/javascript; charset=utf-8
cache-control: max-age=300
accept-ranges: bytes
x-cache-hits: 1, 2

GET
H2 200 impl.20221102-48-RELEASE.js Show response
cdn.taboola.com/libtrc/ 689 KB
143 KB 7ms
7ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20221102-48-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/nbcots-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 3b1044254817db82db11bf0042705a826b4428aa2c4480a5f4816da7a55b682f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id: zGjbwkAtTEujdKILUafmK9ADN6cNwrNr
content-encoding: br
via: 1.1 varnish
date: Fri, 04 Nov 2022 18:52:05 GMT
x-amz-request-id: 3HHV27BYH5ENHRDH
age: 4356
x-cache: HIT
content-length: 145832
x-amz-id-2: F3w+NCyP7z4Zt3nqhJ4IkT/b0E4s6rmEh/5f0GFxSD81RJwLTrK6uD4dul0JEJcbfeZjgq3PZqQ=
x-served-by: cache-fra-eddf8230022-FRA
last-modified: Thu, 03 Nov 2022 09:32:11 GMT
server: AmazonS3-br
x-timer: S1667587925.450413,VS0,VE0
etag: "2cb70b33b089c62b26eb96d94e7848bd"
vary: Accept-Encoding
content-type: application/javascript
abp: 15
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 13151

GET
H2 200 / Show response
www.nbcwashington.com/weather/latest.json/ 46 KB
5 KB 32ms
31ms Fetch
application/json 96.16.128.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nbcwashington.com/weather/latest.json/?zipCode=20001

Requested by

Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/wp-content/themes/nbc-station/client/build/js/common.0d2c16bf3bc07e9e65f3.bundle.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.16.128.69 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-128-69.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

de731d31fc3dc248dbea8fc7b6e96571cc96cad021793b2e0b051326d22cf8bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-hacker: If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
x-rq: hhn1 0 2 9980
content-encoding: gzip
date: Fri, 04 Nov 2022 18:52:05 GMT
server: nginx
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
content-type: application/json;charset=utf-8
cache-control: max-age=300, must-revalidate
host-header: a9130478a60e5f9135f765b23f26593b
accept-ranges: bytes
content-length: 4335

GET
H2 200 / Show response
www.nbcwashington.com/weather/latest.json/ 46 KB
5 KB 22ms
21ms Fetch
application/json 96.16.128.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nbcwashington.com/weather/latest.json/?zipCode=20001

Requested by

Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/wp-content/themes/nbc-station/client/build/js/common.0d2c16bf3bc07e9e65f3.bundle.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.16.128.69 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-128-69.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

de731d31fc3dc248dbea8fc7b6e96571cc96cad021793b2e0b051326d22cf8bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-hacker: If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
x-rq: hhn1 0 2 9980
content-encoding: gzip
date: Fri, 04 Nov 2022 18:52:05 GMT
server: nginx
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
content-type: application/json;charset=utf-8
cache-control: max-age=300, must-revalidate
host-header: a9130478a60e5f9135f765b23f26593b
accept-ranges: bytes
content-length: 4335

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 303ms
99ms Image
image/gif 52.44.88.224
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=nbcwashington.com&p=nbcwashington.com%2Finvestigations%2Finside-the-battle-against-ransomware-attacks%2F2961727%2F&u=BFqrMjCPYzFDDCsn_t&d=nbcwashington.com&g=15527&g0=investigations&g1=Jodie%20Fleischer%2C%20Rick%20Yarborough%2C%20Steve%20Jones&n=1&f=00001&c=0&x=0&m=0&y=5394&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=3141&t=mCysJnkCxSCJhB1LDM2vQ1BzgB9G&V=136&i=Inside%20the%20Battle%20Against%20Ransomware%20Attacks&tz=0&sn=1&sv=BP0VdvDutPJdBjJk_8BAYmmuBiXRVc&sd=1&im=06670ff0&_
Requested by: Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.44.88.224 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-44-88-224.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 04 Nov 2022 18:52:05 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-length: 43
expires: 0

GET
H2 204 b
sb.scorecardresearch.com/ 0
190 B 10ms
10ms Image
text/plain 18.66.147.86
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=6035083&cs_ucfr=&cs_it=b3&cv=3.8.0.210223&ns__t=1667587925509&ns_c=UTF-8&c7=https%3A%2F%2Fwww.nbcwashington.com%2Finvestigations%2Finside-the-battle-against-ransomware-attacks%2F2961727%2F&c8=An%20Inside%20Look%20At%20the%20Battle%20Against%20Ransomware%20Attacks%20%E2%80%93%20NBC4%20Washington&c9=
Requested by: Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-86.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:52:05 GMT
via: 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-cf-id: KOnSOhBw-_NQcq0Qm4IJaWvhcVq2As1MWW1yAJHxT2ldk1gZUP4ISQ==
x-cache: Miss from cloudfront

GET
H2 204 b
sb.scorecardresearch.com/ 0
190 B 9ms
9ms Image
text/plain 18.66.147.86
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=7&c2=34354936&c3=1&cs_it=b3&cv=3.8.0.210223&ns__t=1667587925509&ns_c=UTF-8&c7=https%3A%2F%2Fwww.nbcwashington.com%2Finvestigations%2Finside-the-battle-against-ransomware-attacks%2F2961727%2F&c8=An%20Inside%20Look%20At%20the%20Battle%20Against%20Ransomware%20Attacks%20%E2%80%93%20NBC4%20Washington&c9=
Requested by: Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-86.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:52:05 GMT
via: 1.1 e65c822edea04e16936bdb4537763dd4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-amz-cf-id: VF4GsUxK3mb6zHMiywpUzun79bBKjA7Lelzbho1V7-6z8ixLAwvpsg==
x-cache: Miss from cloudfront

GET
H/1.1 200
OK dest5.html Show response
nbcuni.demdex.net/ Frame 6350 7 KB
3 KB 189ms
36ms Document
text/html 3.250.251.255
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://nbcuni.demdex.net/dest5.html?d_nsid=0

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a2ef59fba8e9/3ba8c6b033ff/launch-6a742ce4ddf5.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.250.251.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-250-251-255.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.nbcwashington.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 2791
Content-Type: text/html;charset=UTF-8
DCS: dcs-prod-irl1-2-v045-0b398da67.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: 3TVgTM26QEo=
content-encoding: gzip
date: Fri, 4 Nov 2022 18:52:05 GMT
last-modified: Fri, 28 Oct 2022 11:22:24 GMT
vary: accept-encoding

GET
H2 200 / Show response
www.nbcwashington.com/weather/latest.json/ 46 KB
5 KB 11ms
11ms Fetch
application/json 96.16.128.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nbcwashington.com/weather/latest.json/?zipCode=20001

Requested by

Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/wp-content/themes/nbc-station/client/build/js/common.0d2c16bf3bc07e9e65f3.bundle.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.16.128.69 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-128-69.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

de731d31fc3dc248dbea8fc7b6e96571cc96cad021793b2e0b051326d22cf8bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-hacker: If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
x-rq: hhn1 0 2 9980
content-encoding: gzip
date: Fri, 04 Nov 2022 18:52:05 GMT
server: nginx
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
content-type: application/json;charset=utf-8
cache-control: max-age=300, must-revalidate
host-header: a9130478a60e5f9135f765b23f26593b
accept-ranges: bytes
content-length: 4335

GET
H2 200 / Show response
www.nbcwashington.com/weather/latest.json/ 46 KB
5 KB 19ms
19ms Fetch
application/json 96.16.128.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nbcwashington.com/weather/latest.json/?zipCode=20001

Requested by

Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/wp-content/themes/nbc-station/client/build/js/common.0d2c16bf3bc07e9e65f3.bundle.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.16.128.69 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-128-69.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

de731d31fc3dc248dbea8fc7b6e96571cc96cad021793b2e0b051326d22cf8bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-hacker: If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
x-rq: hhn1 0 2 9980
content-encoding: gzip
date: Fri, 04 Nov 2022 18:52:05 GMT
server: nginx
strict-transport-security: max-age=31536000 ; includeSubDomains
vary: Accept-Encoding
content-type: application/json;charset=utf-8
cache-control: max-age=300, must-revalidate
host-header: a9130478a60e5f9135f765b23f26593b
accept-ranges: bytes
content-length: 4335

GET
H2 200 otBannerSdk.js Show response
cdn.cookielaw.org/scripttemplates/6.32.0/ 335 KB
80 KB 31ms
31ms Script
application/javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.32.0/otBannerSdk.js

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/consent/a4ab8b1a-9be6-49ad-a4a2-40f17adfc9f9/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8bd28fee94c800df636a486d42ed91d2df89db1fd3e223d5e89ce3d9dd107fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.nbcwashington.com/
Origin: https://www.nbcwashington.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 04 Nov 2022 18:52:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: ryfZhYsqLisJEnBsOqgVsQ==
age: 14379
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 81095
x-ms-lease-status: unlocked
last-modified: Fri, 18 Mar 2022 16:29:23 GMT
server: cloudflare
etag: 0x8DA08FC76466F7A
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 9cb26840-b01e-0044-4f3f-9d048a000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 764f8b768fc368ec-FRA

GET
H2 200 _r Show response
app.link/ 91 B
594 B 222ms
179ms Script
text/javascript 2600:9000:2057:e000:19:9934:6a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.link/_r?sdk=web2.68.0&branch_key=key_live_neXT1FwqOYOu29K1bYTfrdieDBknvXdw&callback=branch_callback__0

Requested by

Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2057:e000:19:9934:6a80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

openresty /

Resource Hash

e441ee295ad7b48279eedcc69697711ad1a202fe30b0ba53bbb5a224e7f3b812

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:52:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
server: openresty
x-amz-cf-pop: FRA6-C1
etag: W/"5b-NBOtMDiX93YHEgcG6YWSTU6VtD8"
x-cache: Miss from cloudfront
content-type: text/javascript; charset=utf-8
content-length: 91
x-amz-cf-id: duQ0bvlw8PHxF9Z9101RHrgt9QUHjG2x3VwyhDoYceynA9Y07cl_Dg==

GET
H2 200 id Show response
nbcume.sc.omtrdc.net/ 42 B
436 B 66ms
18ms XHR
application/x-javascript 15.236.176.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://nbcume.sc.omtrdc.net/id?d_visid_ver=5.3.0&d_fieldgroup=A&mcorgid=A8AB776A5245B4220A490D44%40AdobeOrg&mid=82384461950396243241762757879631090499&ts=1667587925568

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a2ef59fba8e9/3ba8c6b033ff/launch-6a742ce4ddf5.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.236.176.210 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-236-176-210.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

2234a64fbdd5acd8549163f238955fc82dbf2a03c842e34508b4d63dfa22ced1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.nbcwashington.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 04 Nov 2022 18:52:05 GMT
x-content-type-options: nosniff
server: jag
vary: Origin
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: https://www.nbcwashington.com
p3p: CP="This is not a P3P policy"
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-length: 42
x-xss-protection: 1; mode=block

GET
H2 200 a8ab776a5245b4220a490d44-adobeorg.xml Show response
nbcume.hb.omtrdc.net/settings/ 228 B
522 B 177ms
100ms XHR
application/xml 13.36.218.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://nbcume.hb.omtrdc.net/settings/a8ab776a5245b4220a490d44-adobeorg.xml?r=1667587925575

Requested by

Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/wp-content/themes/nbc-station/static/video/videoHeartbeat/VideoHeartbeat.1.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

0e4e46fa1aa04c24e793912d7aabaa2f2b0f7dc03d73cf74fbe12cb84f062554

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:52:04 GMT
x-content-type-options: nosniff
last-modified: Thu, 13 Oct 2022 09:00:16 GMT
server: jag
etag: "27000183d092a900"
access-control-allow-methods: GET, OPTIONS
content-type: application/xml; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
accept-ranges: bytes
access-control-allow-headers: Content-Type
content-length: 228
x-xss-protection: 1; mode=block

POST
H2 200 cygnus Show response
htlb.casalemedia.com/ 30 B
305 B 189ms
151ms XHR
application/json 104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=248326
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/185796-256714881512110.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd7c00b01f969e8ac08345cd6e9c5bf609dc92de4ddf7c54f88dd78f7b549079

Request headers

Referer: https://www.nbcwashington.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 18:52:05 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vq2dPGZgV47m4S2Trj2Lv4QndYoPPWdvRSCBhNJ9NkAPEDf0SaGA8VwfXFqjJ1kvagdvgz4wkQw%2FbK4BGLSDVYZWcmvQDXqK9JktChEqilsp5%2BFQztLzcE%2FH0n%2FNQML3N985B471"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.nbcwashington.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 764f8b773d899191-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 30
expires: 0

POST
H2 200 cygnus Show response
htlb.casalemedia.com/ 30 B
311 B 279ms
242ms XHR
application/json 104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=248326
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/185796-256714881512110.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e0a5ac83948f3e3452af42c7621ebd3076d2738a371ccde99684bf7a88b13ad0

Request headers

Referer: https://www.nbcwashington.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 18:52:05 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GNtB6lGwK9bu%2BSfTpPRzqwhD5ctvVDbdjDhWidGieZ8YgAXaTTS%2FeA1qVLhCEOkajz5y7fw%2FPdO3IHP%2FOC4KMSh4sWq%2BgKMx7kjHDpYyGJ%2FPK3odcNz8%2FJS%2BPZhCj0psZUyLqygG"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.nbcwashington.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 764f8b773d919191-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 30
expires: 0

POST
H2 200 cygnus Show response
htlb.casalemedia.com/ 30 B
569 B 167ms
131ms XHR
application/json 104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=248326
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/185796-256714881512110.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a698184d62366acbed562640fe3d9fb325a76faed856f9c6a7fe9a6f809ae2ec

Request headers

Referer: https://www.nbcwashington.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 18:52:05 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jJzKaCRlHevpsrWBKIckX5cB%2FKJwXgEqV%2Fz5nZP4nqUyjRAY%2B%2Bxn2Gk0DqJ3ZQwVXIq93iKE1QDgv0sEEA7dGA1KvdfITSOr09c%2ByZ26CM%2FAeCeAlmSAAiY3URc9NqhnG%2BJgva2P"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.nbcwashington.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 764f8b773d959191-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 30
expires: 0

POST
H2 200 cygnus Show response
htlb.casalemedia.com/ 30 B
305 B 206ms
171ms XHR
application/json 104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=248326
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/185796-256714881512110.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: edbcabfdc58a9618679956fd00041690889000a1df1eb9be40bc689bc8e28784

Request headers

Referer: https://www.nbcwashington.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 18:52:05 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EEVzffe%2BvO9IoS8Nh0yHyq%2FY3dQ4PdyK6a84pkWpzuC%2BOkGHZZyvYv34GoAoLIrPPhyVEGUMiQMHNobnk7I6AnMj%2BHgvWuV8Gxcd7AscOx5BZTgR8uXOel9AWE4yVcIC5P3FSitf"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.nbcwashington.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 764f8b773d999191-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 30
expires: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 69ms
25ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.nbcwashington.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110201.js?cb=31070732

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:52:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 62ms
24ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.nbcwashington.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110201.js?cb=31070732

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:52:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 30 KB
14 KB 80ms
79ms XHR
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3882925225093902&correlator=956284696335157&eid=31070732&output=ldjh&gdfp_req=1&vrg=2022110201&ptt=17&impl=fif&us_privacy=1---&iu_parts=2620%2Cots_web%2Cwrc%2Cinvestigations&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=970x250%7C5x1&ifi=1&adks=1387966979&sfv=1-0-39&prev_scp=slot%3Dtopbanner%26pos%3Dtopbanner&cust_params=zipcode%3D20001%26gpt1%3Dots_web%26platform%3Ddesktop%26source%3Dwww.nbcwashington.com%26pageid%3D10142961727%26pageid2%3D10142961727%26sect%3Dinvestigations%26sub%3D%26call%3DWRC%26region%3Dwashingtondc%26stationtype%3Dnbc%26tags%3Dinvestigations%252Cnews%252Clocal%252Cransomware%26gpt2%3DWRC%26station%3Dots%26sponsor%3D%26excl_cat%3Dinvestigations&sc=1&cookie_enabled=1&abxe=1&dt=1667587925625&lmt=1667587925&dlt=1667587924079&idt=1504&adxs=0&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.nbcwashington.com%2Finvestigations%2Finside-the-battle-against-ransomware-attacks%2F2961727%2F&frm=20&vis=1&psz=1600x320&msz=1600x320&fws=0&ohw=0&ga_vid=2090667329.1667587926&ga_sid=1667587926&ga_hid=761092328&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110201.js?cb=31070732

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1bff0aa938a251f6b36310a309cf3f8074ad2db89435fd0461274b2166d87b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:52:05 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13802
x-xss-protection: 0
google-lineitem-id: 5943191008
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138405898667
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.nbcwashington.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 563 B
803 B 71ms
70ms XHR
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3882925225093902&correlator=956284696335157&eid=31070732&output=ldjh&gdfp_req=1&vrg=2022110201&ptt=17&impl=fif&us_privacy=1---&iu_parts=2620%2Cots_web%2Cwrc%2Cinvestigations&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1x1&ifi=2&adks=2371873296&sfv=1-0-39&prev_scp=slot%3Dinterstitial%26pos%3Dinterstitial&cust_params=zipcode%3D20001%26gpt1%3Dots_web%26platform%3Ddesktop%26source%3Dwww.nbcwashington.com%26pageid%3D10142961727%26pageid2%3D10142961727%26sect%3Dinvestigations%26sub%3D%26call%3DWRC%26region%3Dwashingtondc%26stationtype%3Dnbc%26tags%3Dinvestigations%252Cnews%252Clocal%252Cransomware%26gpt2%3DWRC%26station%3Dots%26sponsor%3D%26excl_cat%3Dinvestigations&sc=1&cookie_enabled=1&abxe=1&dt=1667587925632&lmt=1667587925&dlt=1667587924079&idt=1504&adxs=1242&adys=2790&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.nbcwashington.com%2Finvestigations%2Finside-the-battle-against-ransomware-attacks%2F2961727%2F&frm=20&vis=1&psz=300x30&msz=0x0&fws=0&ohw=0&ga_vid=2090667329.1667587926&ga_sid=1667587926&ga_hid=761092328&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110201.js?cb=31070732

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba88931c67cd1b1d51233e9cc76d74b170c8fd8c1fef244978875ca9c7fb117e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:52:05 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 289
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.nbcwashington.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
d37b9fecc705efde6d7194b5671993b6.safeframe.googlesyndication.com/safeframe/1-0-39/html/ Frame 73D4 6 KB
3 KB 106ms
21ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d37b9fecc705efde6d7194b5671993b6.safeframe.googlesyndication.com/safeframe/1-0-39/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110201.js?cb=31070732

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nbcwashington.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 2988
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 04 Nov 2022 18:52:05 GMT
expires: Sat, 04 Nov 2023 18:52:05 GMT
last-modified: Tue, 25 Oct 2022 18:59:17 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 mparticle.js Show response
jssdkcdns.mparticle.com/js/v2/us1-36d67c9e4d591d4bb1bc1fa6c82ffcb9/ 175 KB
45 KB 82ms
6ms Script
application/javascript 2a04:4e42:200::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://jssdkcdns.mparticle.com/js/v2/us1-36d67c9e4d591d4bb1bc1fa6c82ffcb9/mparticle.js?env=0
Requested by: Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:200::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Kestrel /
Resource Hash: 6281437030356773bc45dba92c6149fa5b764b64832a5a433b3dd1a77222bd84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-served-by: cache-iad-kiad7000176-IAD, cache-fra-eddf8230138-FRA
date: Fri, 04 Nov 2022 18:52:05 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
server: Kestrel
age: 297
x-timer: S1667587926.725108,VS0,VE0
x-origin-name: fastlyshield--shield_ssl_cache_iad_kiad7000176_IAD
x-cache: HIT, HIT
content-type: application/javascript
vary: Accept, Accept-Encoding
cache-control: public, max-age=3600
accept-ranges: bytes
content-length: 45930
x-cache-hits: 282, 6

GET
H/1.1 200
OK x6byF4cApMt9 Show response
link.theplatform.com/s/Yh1nAC/ 2 KB
2 KB 570ms
211ms XHR
application/smil 52.71.228.112
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://link.theplatform.com/s/Yh1nAC/x6byF4cApMt9?manifest=m3u&format=SMIL&mbr=true&assetTypes=LegacyRelease&fwsitesection=ots_wrc_investigations&fwNetworkID=382114&pprofile=ots_desktop_html&sensitive=false&usPrivacy=1YYN&w=848&h=477&rnd=8458387&mode=on-demand&tracking=true&formats=MPEG-DASH+widevine,M3U+appleHlsEncryption,M3U+none,MPEG-DASH+none,MPEG4,MP3&vpaid=script&schema=2.0&sdk=PDK+6.1.3
Requested by: Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/wp-content/themes/nbc-station/static/js/player.6.1.3.js?ver=1.0.2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.71.228.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-71-228-112.compute-1.amazonaws.com
Software: openresty/1.15.8.3 /
Resource Hash: 17562615670437f9494367698767f6466ea5f2c5ad0403d37d230db91b70ef39

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Fri, 04 Nov 2022 18:52:06 GMT
Server: openresty/1.15.8.3
X-Cache: MISS from link.theplatform.com:443
Content-Type: application/smil; charset=UTF-8
Access-Control-Allow-Origin: https://www.nbcwashington.com
Access-Control-Expose-Headers: date
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 2015

POST
H2 200 cdb Show response
bidder.criteo.com/ 193 B
457 B 58ms
24ms XHR
application/json 2a02:2638::24
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=132&profileId=154&cb=14544690725

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

b53c06ec9b48143a0291e189f17aafeb029a1f3f99ac049888f7e9afcf427407

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.nbcwashington.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 04 Nov 2022 18:52:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.nbcwashington.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 182

POST
H2 200 cdb Show response
bidder.criteo.com/ 196 B
460 B 57ms
24ms XHR
application/json 2a02:2638::24
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=132&profileId=154&cb=83316052263

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

271326f8d65f9a97bdd2a4bd94ee4e61645c0c27cca42424c2e536a4459be1ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.nbcwashington.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Fri, 04 Nov 2022 18:52:05 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.nbcwashington.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 184

GET
H2 200 weather-alerts Show response
www.nbcwashington.com/wp-json/nbc/v1/ 2 B
447 B 11ms
11ms Fetch
application/json 96.16.128.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.nbcwashington.com/wp-json/nbc/v1/weather-alerts?_locale=user

Requested by

Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/wp-includes/js/dist/api-fetch.min.js?ver=134e23b5f88ba06a093f9f92520a98df

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.16.128.69 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-128-69.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, */*;q=0.1
Referer: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
accept-language: de-DE,de;q=0.9
X-WP-Nonce: b6f7524c98
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:52:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000 ; includeSubDomains
content-length: 22
x-rq: hhn2 0 2 9980
server: nginx
allow: GET
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
access-control-expose-headers: X-WP-Total, X-WP-TotalPages, Link
cache-control: max-age=60
accept-ranges: bytes
x-robots-tag: noindex
link: <https://www.nbcwashington.com/wp-json/>; rel="https://api.w.org/"
access-control-allow-headers: Authorization, X-WP-Nonce, Content-Disposition, Content-MD5, Content-Type
x-wp-nonce: b6f7524c98

GET
H2 200 pmk-202007141.39.js Show response
widget.perfectmarket.com/nbcots-network/ 117 KB
32 KB 10ms
10ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.perfectmarket.com/nbcots-network/pmk-202007141.39.js
Requested by: Host: widget.perfectmarket.com
URL: https://widget.perfectmarket.com/nbcots-network/load.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1b2ec73b2924b0268466b1c99d8ea299146578492c1b84b82adc555feeeeda8e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id: QhXiXDRpPcitcnK1HISW_Ap3TYjbf_K_
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
date: Fri, 04 Nov 2022 18:52:05 GMT
x-amz-request-id: K74VQ38DJQEWNKRG
age: 2113664
x-cache: HIT, HIT
content-length: 32337
x-amz-id-2: tl3OiUw7ZTWLjkfVy3XriOoUeeAkli/VE+71PYkTTVUMwJ+XvLKhElVArGCUN6UFrm5zJrGfuYs=
x-served-by: cache-lax10649-LGB, cache-fra-eddf8230033-FRA
last-modified: Fri, 25 Sep 2020 02:01:36 GMT
server: AmazonS3
x-timer: S1667587926.662358,VS0,VE0
etag: "7da81897b1d1fb8cbd52ba2825370888"
vary: Accept-Encoding,,
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000
accept-ranges: bytes
x-cache-hits: 15960, 2

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 16a4d2cdc4527633c9c363f446a7c57c1d44f4efdd2b7565a2156a3b4f97ebe2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 json Show response
trc.taboola.com/nbcots-wrc-tv/trc/3/ 85 KB
24 KB 662ms
637ms XHR
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/nbcots-wrc-tv/trc/3/json?tim=18%3A52%3A05.698&lti=deflated&data=%7B%22id%22%3A872%2C%22ii%22%3A%222961727%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1667481868810%2C%22vi%22%3A1667587925695%2C%22cv%22%3A%2220221102-48-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.nbcwashington.com%2Finvestigations%2Finside-the-battle-against-ransomware-attacks%2F2961727%2F%22%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22ccpa_ps%22%3A%221---%22%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22bu%22%3A%22https%3A%2F%2Fwww.nbcwashington.com%2Finvestigations%2Finside-the-battle-against-ransomware-attacks%2F2961727%2F%22%2C%22vpi%22%3A%22%2Finvestigations%2Finside-the-battle-against-ransomware-attacks%2F2961727%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A1600%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A1200%2C%22dw%22%3A1600%2C%22dh%22%3A5394%2C%22nsid%22%3A%22nbcots-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A6%2C%22uim%22%3A%22thumbnails-a%3Apub%3Dnbcots-network%3Aabp%3D0%22%2C%22uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22orig_uip%22%3A%22Below%20Article%20Thumbnails%22%2C%22cd%22%3A5088.234375%2C%22mw%22%3A848%7D%2C%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-a-right-rail%3Apub%3Dnbcots-network%3Aabp%3D0%22%2C%22uip%22%3A%22Right%20Rail%20Thumbnails%20-%20Fallback%22%2C%22orig_uip%22%3A%22Right%20Rail%20Thumbnails%20-%20Fallback%22%2C%22cd%22%3A1270.25%2C%22mw%22%3A0%7D%5D%2C%22cacheKey%22%3A%22text%3D2961727%2CBelow%20Article%20Thumbnails%3Dthumbnails-a%3Apub%3Dnbcots-network%3Aabp%3D0%2C%2CRight%20Rail%20Thumbnails%20-%20Fallback%3Dthumbnails-a-right-rail%3Apub%3Dnbcots-network%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20221102-48-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 3482f7cc45e2ae96e3b6416218e9cbf4520d42ef0c4e26de90c3cc2907a737e5

Request headers

Referer: https://www.nbcwashington.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain

Response headers

x-vcl-time-ms: 630
date: Fri, 04 Nov 2022 18:52:06 GMT
content-encoding: gzip
via: 1.1 varnish
x-served-by: cache-fra-eddf8230022-FRA
server: nginx
x-timer: S1667587926.722429,VS0,VE630
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.nbcwashington.com
content-type: application/javascript; charset=utf-8
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 204 debug
trc-events.taboola.com/nbcots-wrc-tv/log/2/ 0
90 B 129ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc-events.taboola.com/nbcots-wrc-tv/log/2/debug?tim=18%3A52%3A05.693&type=info&msg=https%3A%2F%2Fwww.nbcwashington.com%2Finvestigations%2Finside-the-battle-against-ransomware-attacks%2F2961727%2F&llvl=2&id=9282&cv=20221102-48-RELEASE&lt=deflated&pct=1
Requested by: Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:52:05 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 12621

GET
H2 204 debug
trc-events.taboola.com/nbcots-wrc-tv/log/2/ 0
89 B 129ms
15ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc-events.taboola.com/nbcots-wrc-tv/log/2/debug?tim=18%3A52%3A05.693&type=info&msg=%7B%22mode%22%3A%22thumbnails-a%22%2C%22container%22%3A%22taboola-below-article-thumbnails%22%2C%22placement%22%3A%22Below%20Article%20Thumbnails%22%2C%22target_type%22%3A%22mix%22%7D&llvl=2&id=9091&cv=20221102-48-RELEASE&lt=deflated&pct=1
Requested by: Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:52:05 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 12621

GET
H2 204 debug
trc-events.taboola.com/nbcots-wrc-tv/log/2/ 0
89 B 129ms
15ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc-events.taboola.com/nbcots-wrc-tv/log/2/debug?tim=18%3A52%3A05.694&type=info&msg=%7B%22mode%22%3A%22thumbnails-a-right-rail%22%2C%22container%22%3A%22taboola-right-rail-thumbnails---fallback%22%2C%22placement%22%3A%22Right%20Rail%20Thumbnails%20-%20Fallback%22%2C%22target_type%22%3A%22mix%22%2C%22flush%22%3Atrue%7D&llvl=2&id=7449&cv=20221102-48-RELEASE&lt=deflated&pct=1
Requested by: Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:52:05 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 12621

GET
H2 204 debug
trc-events.taboola.com/nbcots-wrc-tv/log/2/ 0
89 B 129ms
15ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc-events.taboola.com/nbcots-wrc-tv/log/2/debug?tim=18%3A52%3A05.697&type=info&msg=Below%20Article%20Thumbnails%20thumbnails-a&llvl=2&id=8613&cv=20221102-48-RELEASE&lt=deflated&pct=1
Requested by: Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:52:05 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 12621

GET
H2 204 debug
trc-events.taboola.com/nbcots-wrc-tv/log/2/ 0
89 B 129ms
16ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc-events.taboola.com/nbcots-wrc-tv/log/2/debug?tim=18%3A52%3A05.697&type=info&msg=Right%20Rail%20Thumbnails%20-%20Fallback%20thumbnails-a-right-rail&llvl=2&id=6233&cv=20221102-48-RELEASE&lt=deflated&pct=1
Requested by: Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:52:05 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 12621

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 988 B
1 KB 40ms
40ms XHR
application/json 99.81.236.184
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_visid_ver=5.3.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=A8AB776A5245B4220A490D44%40AdobeOrg&d_nsid=0&d_mid=82384461950396243241762757879631090499&d_blob=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&d_cid_ic=AVID%0131B2AFAADCACDA4F-60000F90C2C171B8&ts=1667587925702

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a2ef59fba8e9/3ba8c6b033ff/launch-6a742ce4ddf5.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

99.81.236.184 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-81-236-184.eu-west-1.compute.amazonaws.com

Software

Resource Hash

6f178937489e17b74f038f6140251c298d10f9d070f30ce01bd18a4915dade9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.nbcwashington.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-2-v045-027dff91d.edge-irl1.demdex.com 3 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: JkW/9PRJT/c=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.nbcwashington.com
Content-Type: application/json;charset=utf-8
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 552
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 66.svg
www.nbcwashington.com/wp-content/themes/nbc-station/client/build/media/ 1 KB
824 B 27ms
26ms Image
image/svg+xml 96.16.128.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nbcwashington.com/wp-content/themes/nbc-station/client/build/media/66.svg

Requested by

Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/wp-content/themes/nbc-station/client/build/css/weatherIcons.04ad80f6dd854170fd37.min.css?ver=1.0.2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.16.128.69 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-128-69.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

70b57ebe218beb815e129f1cf1bb1e159b6abab43e5bf8a6e09c381748a7820b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/wp-content/themes/nbc-station/client/build/css/weatherIcons.04ad80f6dd854170fd37.min.css?ver=1.0.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-rq: hhn2 0 2 9980
content-encoding: gzip
date: Fri, 04 Nov 2022 18:52:05 GMT
last-modified: Thu, 03 Nov 2022 20:57:08 GMT
server: nginx
strict-transport-security: max-age=31536000 ; includeSubDomains
etag: W/"63642b24-592"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 587
expires: Fri, 03 Nov 2023 21:04:51 GMT

GET
H2 200 103.svg
www.nbcwashington.com/wp-content/themes/nbc-station/client/build/media/ 646 B
632 B 25ms
24ms Image
image/svg+xml 96.16.128.69
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.nbcwashington.com/wp-content/themes/nbc-station/client/build/media/103.svg

Requested by

Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/wp-content/themes/nbc-station/client/build/css/weatherIcons.04ad80f6dd854170fd37.min.css?ver=1.0.2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.16.128.69 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-128-69.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

3b76d48f9c6c18f5d5b03d9f69bb8c09809bbb21aa46eba9cd4c514a04b4111b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/wp-content/themes/nbc-station/client/build/css/weatherIcons.04ad80f6dd854170fd37.min.css?ver=1.0.2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-rq: hhn2 0 2 9980
content-encoding: gzip
date: Fri, 04 Nov 2022 18:52:05 GMT
last-modified: Thu, 03 Nov 2022 20:57:08 GMT
server: nginx
strict-transport-security: max-age=31536000 ; includeSubDomains
etag: W/"63642b24-286"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 395
expires: Sat, 04 Nov 2023 01:09:39 GMT

GET
H2 200 en.json Show response
cdn.cookielaw.org/consent/a4ab8b1a-9be6-49ad-a4a2-40f17adfc9f9/91206b54-507c-4bc9-b838-37f0fb42aa82/ 194 KB
35 KB 24ms
23ms Fetch
application/x-javascript 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/a4ab8b1a-9be6-49ad-a4a2-40f17adfc9f9/91206b54-507c-4bc9-b838-37f0fb42aa82/en.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.32.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

475229d3816b1bf42c1f13b72bea551629d24b5940b15b3320be4d7b6f74474a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 04 Nov 2022 18:52:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: bjD1+6enBhx3re0YvvS2ig==
age: 7877
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 35765
x-ms-lease-status: unlocked
last-modified: Thu, 07 Jul 2022 18:25:23 GMT
server: cloudflare
etag: 0x8DA60460ECA3617
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 7ff592a1-301e-0099-367e-9d5724000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 764f8b77b9ee68ec-FRA
expires: Fri, 04 Nov 2022 22:52:05 GMT

POST
H2 204 events
bidder.criteo.com/csm/ 0
222 B 16ms
15ms Ping
text/plain 2a02:2638::24
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.nbcwashington.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 04 Nov 2022 18:52:04 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://www.nbcwashington.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

POST
H2 204 events
bidder.criteo.com/csm/ 0
222 B 17ms
16ms Ping
text/plain 2a02:2638::24
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::24 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.nbcwashington.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 04 Nov 2022 18:52:05 GMT
strict-transport-security: max-age=31536000; preload;
server: Finatra
vary: Origin
access-control-allow-origin: https://www.nbcwashington.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame C13B 0
0 51ms
50ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss5c9hqmlfQq-c_5PP5oW5Ts1F7K2fRmNTPyxDAU1niTEB8fj7GHXKv7AlP3dY1LJu5HPgl0y0AB2wXWEypOYEw6sB3EqBLnmUOoLleEbhTdFqqnEceDrlFCQBLvnY9qla88Gzt7R39bRn7a_5dk7yNchUeIkToSjYCJBLgGpHY4jPv9w4jXvj_h6lb4HzElc2Ki5zRdNBXyN6ik7elfg39osXdvQBzsq_NcYG9Rd0mJ8Nk9yJH5fWmBeInKxZuE4oh_SHEvJWKKYNEloJD0sm1oiD0YK691MJi9lzlEokzazIGMgYpyQTkdy6b9s8WKsHTVSC_S9uD8nQhXH2bqtXy-_FKLuREBVjnSJS-YUei&sai=AMfl-YQQw9cBTf6GiZK5vCAFYItj8n9aDeppZ9CvA8glz80CwGoOHnfHNnnPCJWO4si3sSI6PgbEMyqVUfJjOR2uCu7OHtJLN1USaTbOPFopvjuuD9a7EAEKX-3Om7e9ZObvqXNjsw&sig=Cg0ArKJSzLW5ASQVUHXFEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:52:05 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 04 Nov 2022 18:52:05 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame C13B 3 KB
2 KB 51ms
13ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110201.js?cb=31070732

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:02:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3001
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 18 Nov 2022 18:02:04 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C13B 154 KB
47 KB 694ms
665ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110201.js?cb=31070732

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c96507386689e69f6112a5d0a91ea851a260e5c023642dc374a8489271f53246

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:52:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48204
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1667489865617883"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 04 Nov 2022 18:52:06 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/nbcuniversal134024534264/ Frame C13B 331 KB
113 KB 12ms
11ms Script
application/x-javascript 2.19.107.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/nbcuniversal134024534264/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110201.js?cb=31070732
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.107.55 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-107-55.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: a1c2721480619d6ce7aee149e499183c08f67fb34d2e5fd41daa6b67cab40442

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:52:05 GMT
content-encoding: gzip
last-modified: Wed, 02 Nov 2022 15:27:37 GMT
server: AmazonS3
x-amz-request-id: YQHEV7JMGJM07B0A
etag: "fc018f0552805e09b6f981d806cda89b"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=16179
accept-ranges: bytes
content-length: 115178
x-amz-id-2: IgAbSS+Mqr7HuAIxsjYRD5y3nsvINeorSrgp+ZHn1VV7SQfQBz7i65oBNAdsgmkSEvI8ekcZX1s=

GET
H2 200 15840310206553247488
tpc.googlesyndication.com/simgad/ Frame C13B 232 KB
232 KB 51ms
15ms Image
image/jpeg 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/15840310206553247488

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110201.js?cb=31070732

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff8b4ea3d6948ccdd813325757a7f65b7c1016332cc58eac8682ff9692d8db0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Wed, 02 Nov 2022 18:45:04 GMT
x-content-type-options: nosniff
age: 173221
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 237342
x-xss-protection: 0
last-modified: Mon, 26 Sep 2022 22:45:23 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 02 Nov 2023 18:45:04 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame C13B 0
0 62ms
26ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQWPNJv4nZxTzqhNyz5l6z5JbMxgcpT5kKMBIbkKPW9igmFNn9GiGyUDRPzI-5Rx6VY_Txl
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110201.js?cb=31070732
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame C13B 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2914094344837668861f22af81d5d621d473244327722943a41dcb8d2b3b6f70

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 s68140515444851 Show response
nbcume.sc.omtrdc.net/b/ss/nbcuotsdivisiontotal/1/JS-2.2.0-LCS4/ 43 B
392 B 56ms
18ms XHR
image/gif 15.236.176.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://nbcume.sc.omtrdc.net/b/ss/nbcuotsdivisiontotal/1/JS-2.2.0-LCS4/s68140515444851

Requested by

Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/wp-content/themes/nbc-station/static/video/videoHeartbeat/VideoHeartbeat.1.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.236.176.210 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-236-176-210.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.nbcwashington.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 18:52:05 GMT
x-content-type-options: nosniff
last-modified: Sat, 05 Nov 2022 18:52:05 GMT
server: jag
etag: 3581117802522836992-4619827548279688918
vary: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.nbcwashington.com
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 03 Nov 2022 18:52:05 GMT

POST
H/1.1 200
OK event Show response
nbcu.demdex.net/ 3 KB
2 KB 175ms
39ms XHR
application/json 54.76.60.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://nbcu.demdex.net/event?d_dil_ver=9.5&_ts=1667587925785

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a2ef59fba8e9/3ba8c6b033ff/launch-6a742ce4ddf5.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.76.60.98 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-76-60-98.eu-west-1.compute.amazonaws.com

Software

Resource Hash

14b37df88b378e3e31586bf1340a217571000c6b8e71d01e2989b630af19ea4c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.nbcwashington.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-1-v045-0ced04f65.edge-irl1.demdex.com 5 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: nCN3Sob/Qd8=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.nbcwashington.com
Content-Type: application/json;charset=utf-8
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 975
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 70ms
24ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.nbcwashington.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110201.js?cb=31070732

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:52:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 73ms
22ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.nbcwashington.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110201.js?cb=31070732

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:52:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 30 KB
13 KB 79ms
78ms XHR
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3882925225093902&correlator=956284696335157&eid=31070732&output=ldjh&gdfp_req=1&vrg=2022110201&ptt=17&impl=fif&us_privacy=1---&iu_parts=2620%2Cots_web%2Cwrc%2Cinvestigations&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=88x31%7C120x60&ifi=3&adks=2125841508&sfv=1-0-39&prev_scp=module%3Dweather%26slot%3Dlogo%26pos%3Dlogo&cust_params=zipcode%3D20001%26gpt1%3Dots_web%26platform%3Ddesktop%26source%3Dwww.nbcwashington.com%26pageid%3D10142961727%26pageid2%3D10142961727%26sect%3Dinvestigations%26sub%3D%26call%3DWRC%26region%3Dwashingtondc%26stationtype%3Dnbc%26tags%3Dinvestigations%252Cnews%252Clocal%252Cransomware%26gpt2%3DWRC%26station%3Dots%26sponsor%3D%26excl_cat%3Dinvestigations%26m_data%3D1%26m_safety%3Dunsafe%26m_categories%3Dmoat_unsafe%252Cgv_crime%26m_mv%3DdataAvailable%26m_gv%3DdataAvailable&sc=1&cookie=ID%3D992de61eacde0e68-225f3fa08dd60004%3AT%3D1667587925%3AS%3DALNI_MZV2izXowhuLTjlJEovywAspnyeDA&gpic=UID%3D00000b1bdf5259d5%3AT%3D1667587925%3ART%3D1667587925%3AS%3DALNI_MZaoyuk8y4J5165JsE82GSTDN7qVg&abxe=1&dt=1667587925815&lmt=1667587925&dlt=1667587924079&idt=1504&adxs=1216&adys=2143&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.nbcwashington.com%2Finvestigations%2Finside-the-battle-against-ransomware-attacks%2F2961727%2F&frm=20&vis=1&psz=298x8&msz=153x0&fws=0&ohw=0&psts=APxP-9ANS23x6oJZfjKjfuzlBc4o7geLWR9sZBbjUkLu-QB1egdjiIZWdRrgMNmIp2jiI3GW901fQuCht9vaG-LwdOXYwDoH_p4%2CAPxP-9A6SzCjClfzuPGV4idFIHVR&ga_vid=2090667329.1667587926&ga_sid=1667587926&ga_hid=761092328&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110201.js?cb=31070732

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8a02c6f980cc00d2569318f236fc58e6ae8b3863a3730c5d1785b218f676f951

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:52:05 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12834
x-xss-protection: 0
google-lineitem-id: 5865958469
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138377266318
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.nbcwashington.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 427 B
265 B 62ms
61ms XHR
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3882925225093902&correlator=956284696335157&eid=31070732&output=ldjh&gdfp_req=1&vrg=2022110201&ptt=17&impl=fif&us_privacy=1---&iu_parts=2620%2Cots_web%2Cwrc%2Cinvestigations&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=88x31%7C120x60&ifi=4&adks=3929783224&sfv=1-0-39&prev_scp=slot%3Dlogo%26pos%3Dlogo&cust_params=zipcode%3D20001%26gpt1%3Dots_web%26platform%3Ddesktop%26source%3Dwww.nbcwashington.com%26pageid%3D10142961727%26pageid2%3D10142961727%26sect%3Dinvestigations%26sub%3D%26call%3DWRC%26region%3Dwashingtondc%26stationtype%3Dnbc%26tags%3Dinvestigations%252Cnews%252Clocal%252Cransomware%26gpt2%3DWRC%26station%3Dots%26sponsor%3D%26excl_cat%3Dinvestigations%26m_data%3D1%26m_safety%3Dunsafe%26m_categories%3Dmoat_unsafe%252Cgv_crime%26m_mv%3DdataAvailable%26m_gv%3DdataAvailable&sc=1&cookie=ID%3D992de61eacde0e68-225f3fa08dd60004%3AT%3D1667587925%3AS%3DALNI_MZV2izXowhuLTjlJEovywAspnyeDA&gpic=UID%3D00000b1bdf5259d5%3AT%3D1667587925%3ART%3D1667587925%3AS%3DALNI_MZaoyuk8y4J5165JsE82GSTDN7qVg&abxe=1&dt=1667587925822&lmt=1667587925&dlt=1667587924079&idt=1504&adxs=1304&adys=683&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.nbcwashington.com%2Finvestigations%2Finside-the-battle-against-ransomware-attacks%2F2961727%2F&frm=20&vis=1&psz=88x18&msz=88x0&fws=0&ohw=0&psts=APxP-9ANS23x6oJZfjKjfuzlBc4o7geLWR9sZBbjUkLu-QB1egdjiIZWdRrgMNmIp2jiI3GW901fQuCht9vaG-LwdOXYwDoH_p4%2CAPxP-9A6SzCjClfzuPGV4idFIHVR&ga_vid=2090667329.1667587926&ga_sid=1667587926&ga_hid=761092328&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110201.js?cb=31070732

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b8c28f685f3bcd0091a181495bdcd18416b6247659683fb6a455da1cbebe3942

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:52:05 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 236
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.nbcwashington.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ibs:dpid=771&dpuuid=CAESELOMPyn2tldp98LJiDz56xY&google_cver=1
dpm.demdex.net/ Frame 6350
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=ODIxNzA5NTM0OTY5NjY3ODIxNDE3NDE0MDgxMjU3NTc0NTgwNDk=
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESELOMPyn2tldp98LJiDz56xY&google_cver=1?gdpr=0&gdpr_consent=

42 B
942 B

39ms
39ms

Image
image/gif

99.81.236.184
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESELOMPyn2tldp98LJiDz56xY&google_cver=1?gdpr=0&gdpr_consent=

Requested by

Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/

Protocol

HTTP/1.1

Server

99.81.236.184 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-81-236-184.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nbcuni.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v045-06d6ad95b.edge-irl1.demdex.com 3 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: l6yilRuPTh0=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Fri, 04 Nov 2022 18:52:05 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESELOMPyn2tldp98LJiDz56xY&google_cver=1?gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 otFlat.json Show response
cdn.cookielaw.org/scripttemplates/6.32.0/assets/ 13 KB
3 KB 28ms
27ms Fetch
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.32.0/assets/otFlat.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.32.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ae30f6f2162279a812bf9e00efd0c985e20e76efece9444125b410f3a6822a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 04 Nov 2022 18:52:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: 8zrrRItZNMaEtuchK/ofwQ==
age: 10194
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 2959
x-ms-lease-status: unlocked
last-modified: Fri, 18 Mar 2022 16:29:14 GMT
server: cloudflare
etag: 0x8DA08FC70DA836E
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: cfd11ce7-501e-006c-413f-9d7335000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 764f8b788bb068ec-FRA

GET
H2 200 otPcCenter.json Show response
cdn.cookielaw.org/scripttemplates/6.32.0/assets/v2/ 48 KB
12 KB 25ms
24ms Fetch
application/json 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.32.0/assets/v2/otPcCenter.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.32.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

25f5cc4a39b2d6a0d908fe93f98f6f4e9b9a821a35547dd7b19504150db76f6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 04 Nov 2022 18:52:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: uYlRueaFtS5mhOymjGWFow==
age: 9654
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 11627
x-ms-lease-status: unlocked
last-modified: Fri, 18 Mar 2022 16:29:16 GMT
server: cloudflare
etag: 0x8DA08FC723EC22F
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 506ac237-e01e-0158-473f-9d9ac8000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 764f8b788bb568ec-FRA

GET
H2 200 otCommonStyles.css Show response
cdn.cookielaw.org/scripttemplates/6.32.0/assets/ 21 KB
4 KB 26ms
25ms Fetch
text/css 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/6.32.0/assets/otCommonStyles.css

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/6.32.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8edbd08b9bb87f815ad871e44aae03af609fc44b1961d608e94eff3f4e010375

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 04 Nov 2022 18:52:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: SHFDtZO2nDZuiPDW83p1IQ==
age: 8600
x-ms-lease-status: unlocked
last-modified: Fri, 18 Mar 2022 16:29:27 GMT
server: cloudflare
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 82c80446-401e-009d-123f-9da2a6000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
cf-ray: 764f8b788bb768ec-FRA

POST
H2 200 headerstats Show response
as-sec.casalemedia.com/ 0
509 B 82ms
51ms XHR
text/plain 104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/headerstats?s=248326&u=https%3A%2F%2Fwww.nbcwashington.com%2Finvestigations%2Finside-the-battle-against-ransomware-attacks%2F2961727%2F&v=3
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/185796-256714881512110.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nbcwashington.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 18:52:05 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nggi19WHQWIGRZWR6vGVSJHiiixpwsKmPmH9wxANchAsScgQMY2dzwukfhAjbIUGuclh6T2AgsiIxVGeYr%2FWiz9YoW9xEUULfA8%2BxA206wO9Jq6MSvfrF4Pfp%2BqjvkjYqkuTQGm%2F%2Bfo%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://www.nbcwashington.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 764f8b78c9389954-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 30 KB
13 KB 75ms
74ms XHR
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3882925225093902&correlator=956284696335157&eid=31070732&output=ldjh&gdfp_req=1&vrg=2022110201&ptt=17&impl=fif&us_privacy=1---&iu_parts=2620%2Cots_web%2Cwrc%2Cinvestigations&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250%7C300x600&ifi=5&adks=3803858138&sfv=1-0-39&prev_scp=slot%3Dbottombox%26pos%3Dbottombox&cust_params=zipcode%3D20001%26gpt1%3Dots_web%26platform%3Ddesktop%26source%3Dwww.nbcwashington.com%26pageid%3D10142961727%26pageid2%3D10142961727%26sect%3Dinvestigations%26sub%3D%26call%3DWRC%26region%3Dwashingtondc%26stationtype%3Dnbc%26tags%3Dinvestigations%252Cnews%252Clocal%252Cransomware%26gpt2%3DWRC%26station%3Dots%26sponsor%3D%26excl_cat%3Dinvestigations%26m_data%3D1%26m_safety%3Dunsafe%26m_categories%3Dmoat_unsafe%252Cgv_crime%26m_mv%3DdataAvailable%26m_gv%3DdataAvailable&sc=1&cookie=ID%3D992de61eacde0e68-225f3fa08dd60004%3AT%3D1667587925%3AS%3DALNI_MZV2izXowhuLTjlJEovywAspnyeDA&gpic=UID%3D00000b1bdf5259d5%3AT%3D1667587925%3ART%3D1667587925%3AS%3DALNI_MZaoyuk8y4J5165JsE82GSTDN7qVg&abxe=1&dt=1667587925851&lmt=1667587925&dlt=1667587924079&idt=1504&adxs=1092&adys=2198&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.nbcwashington.com%2Finvestigations%2Finside-the-battle-against-ransomware-attacks%2F2961727%2F&frm=20&vis=1&psz=300x630&msz=300x600&fws=0&ohw=0&psts=APxP-9ANS23x6oJZfjKjfuzlBc4o7geLWR9sZBbjUkLu-QB1egdjiIZWdRrgMNmIp2jiI3GW901fQuCht9vaG-LwdOXYwDoH_p4%2CAPxP-9A6SzCjClfzuPGV4idFIHVR&ga_vid=2090667329.1667587926&ga_sid=1667587926&ga_hid=761092328&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110201.js?cb=31070732

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6078de6137cf8ee9c42a4a994e873c3bc0558e792cd7153a9bb814d7bde22d77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:52:05 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12879
x-xss-protection: 0
google-lineitem-id: 6106303393
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138404312194
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.nbcwashington.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 204 identify
identity.mparticle.com/v1/ Frame 0
0 106ms
7ms Preflight 2a04:4e42::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://identity.mparticle.com/v1/identify

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::645 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-mp-key
Access-Control-Request-Method: POST
Origin: https://www.nbcwashington.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: content-type,x-mp-key
access-control-allow-methods: POST
access-control-allow-origin: *
age: 1630
date: Fri, 04 Nov 2022 18:52:05 GMT
server: Kestrel
strict-transport-security: max-age=900
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 511
x-origin-name: 4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-served-by: cache-fra-eddf8230096-FRA
x-timer: S1667587926.962119,VS0,VE0

POST
H2 200 identify Show response
identity.mparticle.com/v1/ 177 B
329 B 118ms
118ms XHR
application/json 2a04:4e42::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://identity.mparticle.com/v1/identify

Requested by

Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-36d67c9e4d591d4bb1bc1fa6c82ffcb9/mparticle.js?env=0

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42::645 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Kestrel /

Resource Hash

95d47f7bd4338712f3512dd4e2a039f8241aa9c33c2e60aef09145f5d28e89cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=900

Request headers

x-mp-key: us1-36d67c9e4d591d4bb1bc1fa6c82ffcb9
Referer: https://www.nbcwashington.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/json

Response headers

x-served-by: cache-fra-eddf8230096-FRA
date: Fri, 04 Nov 2022 18:52:06 GMT
content-encoding: gzip
via: 1.1 varnish
strict-transport-security: max-age=900
server: Kestrel
x-timer: S1667587926.972078,VS0,VE112
x-origin-name: 4PrgpUXX9K0sNAH1JImfyI--F_us1_origin
x-cache: MISS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-mp-rate-limit-percentage-used: 17.8
vary: Accept-Encoding
accept-ranges: bytes
x-cache-hits: 0

POST
H2 200 headerstats Show response
as-sec.casalemedia.com/ 0
259 B 65ms
55ms XHR
text/plain 104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/headerstats?s=248326&u=https%3A%2F%2Fwww.nbcwashington.com%2Finvestigations%2Finside-the-battle-against-ransomware-attacks%2F2961727%2F&v=3
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/185796-256714881512110.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nbcwashington.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 18:52:05 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qSM8YKFRt2htOe5QvZZB2y7S6QuAEjEFzu1ny4gR5pRh9vjh%2BWhyhQnnX4fCJPPfKsqAvSJ49SrdAg8I15YWsq9nALyudbo8Ux%2B7qYoNHgKmk5jM13TCUCJRPeJ7iB5P5B%2FZyDZhsGU%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://www.nbcwashington.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 764f8b78c9419954-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

POST
H2 200 open Show response
api2.branch.io/v1/ 279 B
641 B 217ms
175ms XHR
application/json 2600:9000:2394:9400:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.branch.io/v1/open

Requested by

Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2394:9400:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

1c0385f10843dd32739763f339511536580b52639f14646178b2ae43e3aa06c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.nbcwashington.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 04 Nov 2022 18:52:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 a5b856e4b06666713c5cc47a5b2ec7ae.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache
x-branch-request-id: 60c3c5b8f2fa467ba6c42a8ee66f6dfb-2022110418
content-length: 279
x-amz-cf-id: 5Z6sZjkhHqMQ74DQ5dj4GFZiLuvQPMHZLV4B5QjllinU5MuvjGHAvw==

POST
H2 200 headerstats Show response
as-sec.casalemedia.com/ 0
263 B 58ms
54ms XHR
text/plain 104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/headerstats?s=248326&u=https%3A%2F%2Fwww.nbcwashington.com%2Finvestigations%2Finside-the-battle-against-ransomware-attacks%2F2961727%2F&v=3
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/185796-256714881512110.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nbcwashington.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 18:52:05 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ETDvk2oMYvcFkxlXtI5dHtx2uRG3jqIpJvG80uYngDpLXcPk4n4VoSp7RK0m6u%2FPab3HQaKspQO87DA9S%2Bgk6U0vgkR2MbPhSQItXKRUfzwb%2Fo4CsB1NFvjZxH0wrdIjX%2BJvpiCU%2BJQ%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://www.nbcwashington.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 764f8b78c93d9954-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 14654292097.dfxp Show response
media.nbcmiami.com/assets/video/NBCU_LM_VMS_-_WRC/581/135/ 23 KB
24 KB 568ms
468ms XHR
text/plain 2a02:26f0:1700:1b4::507
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://media.nbcmiami.com/assets/video/NBCU_LM_VMS_-_WRC/581/135/14654292097.dfxp
Requested by: Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/wp-content/themes/nbc-station/client/build/js/common.0d2c16bf3bc07e9e65f3.bundle.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:1b4::507 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: faa502a8805e71a2655538e478d733fe7fd3148d5567af13fc138916990945f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:52:06 GMT
last-modified: Fri, 04 Feb 2022 23:10:25 GMT
server: AkamaiNetStorage
content-md5: c9GjYJPUHvBA3z43Im4wvw==
etag: "73d1a36093d41ef040df3e37226e30bf:1644016225.30613"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/plain
access-control-allow-origin: *
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
content-length: 23758

GET
H2 200 poweredBy_ot_logo.svg
cdn.cookielaw.org/logos/static/ 3 KB
2 KB 20ms
19ms Image
image/svg+xml 2606:4700::6810:9540
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.cookielaw.org/logos/static/poweredBy_ot_logo.svg

Requested by

Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:9540 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

49b9b4996d1ff0a8e3de643a0c623255bf631f298f2799b949c29de93926ee7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 04 Nov 2022 18:52:05 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: LpuayL42jB78xRllx0vkOw==
age: 12607
x-ms-lease-status: unlocked
last-modified: Thu, 03 Nov 2022 15:58:10 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: b230bc3c-d01e-0010-38a5-efee00000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
cf-ray: 764f8b78fd809118-FRA

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 30 KB
13 KB 96ms
96ms XHR
text/plain 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3882925225093902&correlator=956284696335157&eid=31070732&output=ldjh&gdfp_req=1&vrg=2022110201&ptt=17&impl=fif&us_privacy=1---&iu_parts=2620%2Cots_web%2Cwrc%2Cinvestigations&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x250%7C300x600&ifi=6&adks=2142246300&sfv=1-0-39&prev_scp=slot%3Dtopbox%26pos%3Dtopbox&cust_params=zipcode%3D20001%26gpt1%3Dots_web%26platform%3Ddesktop%26source%3Dwww.nbcwashington.com%26pageid%3D10142961727%26pageid2%3D10142961727%26sect%3Dinvestigations%26sub%3D%26call%3DWRC%26region%3Dwashingtondc%26stationtype%3Dnbc%26tags%3Dinvestigations%252Cnews%252Clocal%252Cransomware%26gpt2%3DWRC%26station%3Dots%26sponsor%3D%26excl_cat%3Dinvestigations%26m_data%3D1%26m_safety%3Dunsafe%26m_categories%3Dmoat_unsafe%252Cgv_crime%26m_mv%3DdataAvailable%26m_gv%3DdataAvailable&sc=1&cookie=ID%3D992de61eacde0e68-225f3fa08dd60004%3AT%3D1667587925%3AS%3DALNI_MZV2izXowhuLTjlJEovywAspnyeDA&gpic=UID%3D00000b1bdf5259d5%3AT%3D1667587925%3ART%3D1667587925%3AS%3DALNI_MZaoyuk8y4J5165JsE82GSTDN7qVg&abxe=1&dt=1667587925924&lmt=1667587925&dlt=1667587924079&idt=1504&adxs=1092&adys=1312&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=4&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.nbcwashington.com%2Finvestigations%2Finside-the-battle-against-ransomware-attacks%2F2961727%2F&frm=20&vis=1&psz=300x630&msz=300x600&fws=0&ohw=0&psts=APxP-9ANS23x6oJZfjKjfuzlBc4o7geLWR9sZBbjUkLu-QB1egdjiIZWdRrgMNmIp2jiI3GW901fQuCht9vaG-LwdOXYwDoH_p4%2CAPxP-9A6SzCjClfzuPGV4idFIHVR&ga_vid=2090667329.1667587926&ga_sid=1667587926&ga_hid=761092328&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110201.js?cb=31070732

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59f5bfbc3ab89120229392acaa6ad7424b34bffb450809a6cdcdb52d0a422

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:52:05 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12869
x-xss-protection: 0
google-lineitem-id: 6106303393
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138404312347
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.nbcwashington.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D536 0
0 57ms
54ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv3SD5Oy0rzEKYv8uE2IfyLgdgekR1Bcye2RNNtDvmDAqjpNXx9EktmS8X9NJaY2Kgd9mMBZ8EEE1YUZjreL8UuKZn34SndaxUzboQUsiaZyuiaWYrUiW0cIf-Wy52hGO2Qm8eM_gX5llNoTMPhAakISRf-RgTZbVcoxTFmOxSO5ZazOri0sCja-Q39aYdkHA_u2EasfCZwaJTwOFfnDU87IvoyvzL0RTYKHjVljod9pqHc7v1uSi8qeT6YZyaYTUmmWvvrcZcJCJKyEDKWhqfxgNr9xc5wIxwEwdJKPBqn1x9c3oeeqYjBnIJWOdzPD_EX14rolgvJDryej0EmfjS9Y9IHo6Y&sai=AMfl-YS2oqsj_W_bm_sNdMbHocjpi345cloTHWUXvh7zZS8m_L4cIQGY9dmtu9MVY8HUQ7XHMiVM2y5BZtjQmlnWFw1fv3HwQDhQGNwd7GlwFXXggHlf0mw4DAXQUx2vYJcpJA&sig=Cg0ArKJSzGHMJrjZnYYvEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:52:05 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame D536 3 KB
1 KB 46ms
14ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110201.js?cb=31070732

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:02:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3001
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 18 Nov 2022 18:02:04 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D536 154 KB
47 KB 504ms
502ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110201.js?cb=31070732

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c96507386689e69f6112a5d0a91ea851a260e5c023642dc374a8489271f53246

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:52:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48204
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1667489865617883"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 04 Nov 2022 18:52:06 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/nbcuniversal134024534264/ Frame D536 331 KB
113 KB 17ms
14ms Script
application/x-javascript 2.19.107.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/nbcuniversal134024534264/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110201.js?cb=31070732
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.107.55 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-107-55.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: a1c2721480619d6ce7aee149e499183c08f67fb34d2e5fd41daa6b67cab40442

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:52:05 GMT
content-encoding: gzip
last-modified: Wed, 02 Nov 2022 15:27:37 GMT
server: AmazonS3
x-amz-request-id: YQHEV7JMGJM07B0A
etag: "fc018f0552805e09b6f981d806cda89b"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=16179
accept-ranges: bytes
content-length: 115178
x-amz-id-2: IgAbSS+Mqr7HuAIxsjYRD5y3nsvINeorSrgp+ZHn1VV7SQfQBz7i65oBNAdsgmkSEvI8ekcZX1s=

GET
H3 200 4096433298112001959
tpc.googlesyndication.com/simgad/ Frame D536 3 KB
3 KB 45ms
15ms Image
image/png 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4096433298112001959

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110201.js?cb=31070732

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

01aa9aaa378a788a278f98548ded224a6d9dc5d4b38483ef20676a52d5471901

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 02:15:29 GMT
x-content-type-options: nosniff
age: 59796
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3085
x-xss-protection: 0
last-modified: Thu, 30 Dec 2021 22:34:48 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 04 Nov 2023 02:15:29 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame D536 0
0 66ms
24ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQHpe-VnFNAGz61-FITRWWPvwIbKWJUowNpsDS_WkRRAwSi1xy4lIqxaBr2D0lKZ107JgQA
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110201.js?cb=31070732
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

POST
H3 200 headerstats Show response
as-sec.casalemedia.com/ 0
500 B 58ms
44ms XHR
text/plain 104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/headerstats?s=248326&u=https%3A%2F%2Fwww.nbcwashington.com%2Finvestigations%2Finside-the-battle-against-ransomware-attacks%2F2961727%2F&v=3
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/185796-256714881512110.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.18.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nbcwashington.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 18:52:06 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9SsI6SpesxGWcZaE2P4MnQzyj%2FL5JlSC7EXPj6fuWWh9eYPwlyQLbWog95g1UNjRQmGwzOYdyZFOUplovjas1FUBzH0sJ0FAM9x6eO5KYR4aLfDLtQ709zY6aU7Aivpnl6zR5iHbGYk%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://www.nbcwashington.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 764f8b795c749a2f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
DATA 200
OK truncated
/ Frame D536 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3cfed0ec87e01659e8892e34f3f62997b3d8e4d0283dfa27df94220f7486a06a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7047 0
0 52ms
49ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssq0S6EqKgt92Ro4y3p_a3drq2ctYudTTR-BnESBq_NWqcWv75m-8fT8dzwNCcv0Y34vb_CQCvIXzGILwMgEFtMa7cmYgVXNfZMzBSP5FO8z3XN3PqO8CwUKSxVE3XiDtEQv1cMS2l5B853mjXAqOvTwpzD3VpM1UIUD7i25eXOWbAwo4dZOpOTAodDS4k2DjZ6p4nPjVUjN4Fh-xRKz9b9kInEeuwu_YmGZaaTeR33UjEuTje43hyGh_MQ3ZxzJmmPAX8P3BjK9vFTsbnak9SFXtMpKWbqLMt1k0YSugxPdJe2z0FxP66pYh5OyrsRry9as6MqCOnUmrmsREn8ryy4&sai=AMfl-YRpMMNErs0ew6r1LjFLq4JmsN1rONgYRFmJSV0qarBeRI8923HrmhEovDtTT3VXX_wtCsS9qlYgOPzBPMuvZrj5aYlKDihXZ9K7FT5b_-1AHvCriV4IsBR-OS0dWeMBjQ&sig=Cg0ArKJSzB9m1tep0iCVEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:52:06 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame 7047 3 KB
1 KB 16ms
13ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110201.js?cb=31070732

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:02:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3001
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 18 Nov 2022 18:02:04 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7047 154 KB
47 KB 450ms
446ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110201.js?cb=31070732

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c96507386689e69f6112a5d0a91ea851a260e5c023642dc374a8489271f53246

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:52:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48204
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1667489865617883"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 04 Nov 2022 18:52:06 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/nbcuniversal134024534264/ Frame 7047 331 KB
113 KB 15ms
10ms Script
application/x-javascript 2.19.107.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/nbcuniversal134024534264/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110201.js?cb=31070732
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.107.55 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-107-55.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: a1c2721480619d6ce7aee149e499183c08f67fb34d2e5fd41daa6b67cab40442

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:52:05 GMT
content-encoding: gzip
last-modified: Wed, 02 Nov 2022 15:27:37 GMT
server: AmazonS3
x-amz-request-id: YQHEV7JMGJM07B0A
etag: "fc018f0552805e09b6f981d806cda89b"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=16179
accept-ranges: bytes
content-length: 115178
x-amz-id-2: IgAbSS+Mqr7HuAIxsjYRD5y3nsvINeorSrgp+ZHn1VV7SQfQBz7i65oBNAdsgmkSEvI8ekcZX1s=

GET
H3 200 7160138766894266958
tpc.googlesyndication.com/simgad/ Frame 7047 10 KB
10 KB 19ms
15ms Image
image/jpeg 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7160138766894266958

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110201.js?cb=31070732

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

821ba81ecabc05217edb8f1253f0f02b7cde320eec2e21858afae0ecabbf6664

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 04:11:24 GMT
x-content-type-options: nosniff
age: 52841
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10627
x-xss-protection: 0
last-modified: Wed, 07 Sep 2022 22:25:42 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 04 Nov 2023 04:11:24 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 7047 0
0 31ms
28ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQcMVb7bjH8CskCLbmugOWaF8qdBbCVkl76PzsdKdhNuRucBm5Wg8NL4U0YID7a0hlWhORx
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110201.js?cb=31070732
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

GET
H/1.1

200
OK

ibs:dpid=30646
dpm.demdex.net/ Frame 6350
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=82170953496966782141741408125757458049&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-rrVbwjRE2pFYxzRiRzYyonr.fWotJTUSgio-~A

42 B
942 B

35ms
35ms

Image
image/gif

99.81.236.184
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-rrVbwjRE2pFYxzRiRzYyonr.fWotJTUSgio-~A

Requested by

Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/

Protocol

HTTP/1.1

Server

99.81.236.184 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-99-81-236-184.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nbcuni.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v045-06452629d.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: xXghQoVySHs=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date: Fri, 04 Nov 2022 18:52:06 GMT
strict-transport-security: max-age=31536000
via: http/1.1 spdc0102.pbp.ir2.yahoo.com (ApacheTrafficServer)
server: ATS
age: 0
content-type: text/html;charset=utf-8
location: https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-rrVbwjRE2pFYxzRiRzYyonr.fWotJTUSgio-~A
content-length: 0

GET
DATA 200
OK truncated
/ Frame 7047 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 70b86dc042d34aef1bee12b42d8f2d18514fd0f0274ec76be78596c16ca505a2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6C3A 0
0 51ms
51ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu4QJaCWygwqKParKGKq-jDcP5lb5QHBhnX4OO6NAkn1Yc7zAuklJCCD0Tg2LLfkDG9Mf49OWFFyrY_EeBY-GGUFxCYyw5IsJ_EdvhpiIY1GlOtdm3WjhNdzicrHCS_3WkVgf9NeK8XyXIneOSwvtXPUT8IxY91GIXU9TR5mQxk8UhKrs5BtpHn6tiNNLj5_GjJWONToBlVDtNG-7nguCwlu6Ik5T_f9wQVpCtFcy4g-AzRsTtBcbYX3bJDSTQBUc4HPpxCDi12pYgjcjU4rI_4dB-YRYH1yIfznXHLWoxVoVFXwLr4RMstDfBZ7raN_e9OtbzCtaeGJ4g_yYwnqY52&sai=AMfl-YR0n-Z5twJUUBs8Zksc2FNbjDjgbgSAfqRxlugdzQgPBRDSxVZ0FFJY5MdxYZJPR_FLnVHIPAx2hkKV8s0N6QvlrlBu_3tiqL8jPgF6xKvMXOOAWmF_OzTSLjMKMSKBMQ&sig=Cg0ArKJSzHTLKSQyg43uEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:52:06 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/ Frame 6C3A 3 KB
1 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221101/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110201.js?cb=31070732

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:02:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3002
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 18 Nov 2022 18:02:04 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6C3A 154 KB
47 KB 423ms
422ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110201.js?cb=31070732

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c96507386689e69f6112a5d0a91ea851a260e5c023642dc374a8489271f53246

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:52:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48204
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1667489865617883"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 04 Nov 2022 18:52:06 GMT

GET
H2 200 moatad.js Show response
z.moatads.com/nbcuniversal134024534264/ Frame 6C3A 331 KB
113 KB 14ms
13ms Script
application/x-javascript 2.19.107.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/nbcuniversal134024534264/moatad.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110201.js?cb=31070732
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.107.55 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-107-55.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: a1c2721480619d6ce7aee149e499183c08f67fb34d2e5fd41daa6b67cab40442

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:52:06 GMT
content-encoding: gzip
last-modified: Wed, 02 Nov 2022 15:27:37 GMT
server: AmazonS3
x-amz-request-id: YQHEV7JMGJM07B0A
etag: "fc018f0552805e09b6f981d806cda89b"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=16178
accept-ranges: bytes
content-length: 115178
x-amz-id-2: IgAbSS+Mqr7HuAIxsjYRD5y3nsvINeorSrgp+ZHn1VV7SQfQBz7i65oBNAdsgmkSEvI8ekcZX1s=

GET
H3 200 16626074724023932129
tpc.googlesyndication.com/simgad/ Frame 6C3A 10 KB
10 KB 18ms
17ms Image
image/jpeg 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16626074724023932129

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110201.js?cb=31070732

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

821ba81ecabc05217edb8f1253f0f02b7cde320eec2e21858afae0ecabbf6664

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 04:07:28 GMT
x-content-type-options: nosniff
age: 53078
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10627
x-xss-protection: 0
last-modified: Wed, 07 Sep 2022 22:27:12 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 04 Nov 2023 04:07:28 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 6C3A 0
0 22ms
22ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRf6Z-QG8mbtV-jZGdosWRVwOCR2qwEUEeoTEBldw7t3TUlz5x-hV31NbULAOBZK5EeI6q7
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110201.js?cb=31070732
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 6C3A 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f7022a969b9da4acd72eaa9f0f30b5e9435c18953224b0120817371c176b8106

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 pageview Show response
api2.branch.io/v1/ 28 B
433 B 179ms
179ms XHR
application/json 2600:9000:2394:9400:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.branch.io/v1/pageview

Requested by

Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2394:9400:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

/ Express

Resource Hash

a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.nbcwashington.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 04 Nov 2022 18:52:06 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 a5b856e4b06666713c5cc47a5b2ec7ae.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
x-powered-by: Express
etag: W/"1c-KRZWpHfIKyIHGKJ9mp9lAyX+vFY"
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-branch-request-id: f6581948b18447c09ce32e7e90c209f0-2022110418
content-length: 28
x-amz-cf-id: A98TpcLMiDRXiAdrrJzK9yfxqcOY4tXavsZ9nq124USMy6OJARv7vA==

GET
H2 204 adb-ext.gif
ds.reson8.com/ Frame 6350 0
96 B 76ms
26ms Image
text/plain 104.18.8.110
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ds.reson8.com/adb-ext.gif?puid=82170953496966782141741408125757458049

Requested by

Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.8.110 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nbcuni.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:52:06 GMT
strict-transport-security: max-age=15552000
server: cloudflare
cf-ray: 764f8b7a682b5b3e-FRA
vary: Accept-Encoding

GET
H2

200

restricted
mid.rkdms.com/ Frame 6350
Redirect Chain

https://mid.rkdms.com/bct?pid=8bc436aa-e0fc-4baa-9c9a-06fbeca87826&puid=82170953496966782141741408125757458049&_ct=img
https://mid.rkdms.com/restricted

0
0

97ms
97ms

Image
text/html

3.83.210.131
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mid.rkdms.com/restricted
Requested by: Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
Protocol: H2
Server: 3.83.210.131 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-83-210-131.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://nbcuni.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Redirect headers

location: /restricted
date: Fri, 04 Nov 2022 18:52:06 GMT
server: nginx
content-length: 0

GET
H/1.1 200
OK 1 Show response
5d4a1.v.fwmrm.net/ad/g/ 1 KB
2 KB 179ms
31ms XHR
text/xml 3.69.181.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://5d4a1.v.fwmrm.net/ad/g/1?prof=382114%3Aots_desktop_html&nw=382114&caid=1999915587871&cd=848,477&vdur=349&asnw=382114&ssnw=382114&resp=VMAP1&sensitivecontent=false&csid=ots_wrc_investigations&cbfn=tv.freewheel.SDK._instanceQueue%5B%27Context_1%27%5D.requestComplete&srcPageUrl=https%3A%2F%2Fwww.nbcwashington.com%2F&mediaUrl=https%3A%2F%2Fwww.nbcwashington.com%2F&flag=%2Bplay-uapl%2Bsltp%2Bemcr%2Bunka%2Bunks%2Bfbad%2Bslcb%2Bnucr%2Baeti%2Brema%2Bvicb;&_fw_dpr=1.00;slid=tp-ad-slot_300x250&ptgt=s&w=848&h=477&envp=g_js&flag=+cmpn&_fw_us_privacy=1YYN
Requested by: Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/wp-content/themes/nbc-station/static/js/player.6.1.3.js?ver=1.0.2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.69.181.162 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-69-181-162.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: af0a3295076e2f957244f59533f063fffcdb2f2e427df15f13cf2943d442bbf0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Fri, 04 Nov 2022 18:52:06 GMT
Content-Encoding: gzip
P3P: policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Connection: keep-alive
Content-Length: 510
X-Fw-Power-By: Smart
Pragma: no-cache
Access-Control-Max-Age: 1728000
Access-Control-Allow-Methods: GET,POST,OPTIONS
Content-Type: text/xml
Access-Control-Allow-Origin: https://www.nbcwashington.com
Cache-Control: no-store
Access-Control-Allow-Credentials: true
Vary: Accept-Encoding
Keep-Alive: timeout=300
Access-Control-Allow-Headers: content-type, depth, user-agent, x-file-size, x-requested-with, if-modified-since, x-file-name, cache-control
Expires: 0

GET
H2 200 bootstrap.min.css
media.nbcnewyork.com/assets/editorial/national/common/css/ Frame 67A2 147 KB
148 KB 36ms
35ms Stylesheet
text/css 2a02:26f0:1700:385::507
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://media.nbcnewyork.com/assets/editorial/national/common/css/bootstrap.min.css
Requested by: Host: data.nbcstations.com
URL: https://data.nbcstations.com/national/2022/DC/ransomware/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:385::507 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: aebf611c1438dc7ec748e9a6364c734066b34bf2a1c7e2fc6511ed784635b50e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://data.nbcstations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

unused62: 8096267
date: Fri, 04 Nov 2022 18:52:06 GMT
last-modified: Wed, 22 Jul 2020 18:07:36 GMT
server: AkamaiNetStorage
content-md5: fpI60iPp8z5U0i5QzyvM5Q==
etag: "7e923ad223e9f33e54d22e50cf2bcce5:1595441256.173837"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/css
access-control-allow-origin: *
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
content-length: 150996

GET
H2 200 css
fonts.googleapis.com/ Frame 67A2 10 KB
861 B 61ms
24ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700

Requested by

Host: data.nbcstations.com
URL: https://data.nbcstations.com/national/2022/DC/ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5f9b06d09687c0f2c7c194d069d62aa90618c2d6fa4a1ce28b8f1ea2a1083625

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://data.nbcstations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 04 Nov 2022 18:52:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 04 Nov 2022 18:38:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 04 Nov 2022 18:52:06 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 67A2 8 KB
1 KB 60ms
23ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500,300,100

Requested by

Host: data.nbcstations.com
URL: https://data.nbcstations.com/national/2022/DC/ransomware/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9b1bccefc0f9716ac6746325a5ea35e7cd1cd0e92cd2272fbbfcbf85812b3c55

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://data.nbcstations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 04 Nov 2022 18:52:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 04 Nov 2022 18:52:06 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 04 Nov 2022 18:52:06 GMT

GET
H2 200 arthouse.css
media.nbcnewyork.com/assets/editorial/national/common/fonts/ Frame 67A2 930 B
1 KB 28ms
27ms Stylesheet
text/css 2a02:26f0:1700:385::507
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://media.nbcnewyork.com/assets/editorial/national/common/fonts/arthouse.css
Requested by: Host: data.nbcstations.com
URL: https://data.nbcstations.com/national/2022/DC/ransomware/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:385::507 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: dba4ff8c48e289edc2d9302d580ba5de38e9b2acbf53162c874ea7e48bdbae9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://data.nbcstations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:52:06 GMT
last-modified: Wed, 22 Jul 2020 20:46:07 GMT
server: AkamaiNetStorage
content-md5: 6m+rJ6yvj1CymvXIlKlwbA==
etag: "ea6fab27acaf8f50b29af5c894a9706c:1595450767.80841"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: text/css
access-control-allow-origin: *
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
content-length: 930

GET
H/1.1 200
OK nbcotsbase.css
data.nbcstations.com/national/2022/DC/ransomware/css/ Frame 67A2 3 KB
1 KB 173ms
172ms Stylesheet
text/css 2a02:26f0:3500:589::5ac
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://data.nbcstations.com/national/2022/DC/ransomware/css/nbcotsbase.css
Requested by: Host: data.nbcstations.com
URL: https://data.nbcstations.com/national/2022/DC/ransomware/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:589::5ac Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: e92d50a4e1cb80aaa74b3f334424a9640de9e7d3dc9c8e04fa4252ff045274ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://data.nbcstations.com/national/2022/DC/ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Fri, 04 Nov 2022 18:52:06 GMT
Content-Encoding: gzip
Last-Modified: Fri, 04 Feb 2022 17:34:36 GMT
Server: nginx
ETag: "b90-5d734aa1fe3e6-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 737

GET
H2 200 crosstalk.js Show response
media.nbcnewyork.com/assets/editorial/national/common/js/ Frame 67A2 4 KB
4 KB 24ms
24ms Script
application/x-javascript 2a02:26f0:1700:385::507
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://media.nbcnewyork.com/assets/editorial/national/common/js/crosstalk.js
Requested by: Host: data.nbcstations.com
URL: https://data.nbcstations.com/national/2022/DC/ransomware/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:385::507 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 3fe72f55f546ee25203b76630995cd05a77ce891f1a821bf014dac177bcb26be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://data.nbcstations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

unused62: 8096267
date: Fri, 04 Nov 2022 18:52:06 GMT
last-modified: Wed, 22 Jul 2020 18:03:34 GMT
server: AkamaiNetStorage
content-md5: 9dggQBaYMySwRYdIlPPyJQ==
etag: "f5d8204016983324b045874894f3f225:1595441014.762738"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
content-length: 3848

GET
H/1.1 200
OK Ransomware-Desktop.png
data.nbcstations.com/national/2022/DC/ransomware/images/ Frame 67A2 14 KB
14 KB 166ms
166ms Image
image/png 2a02:26f0:3500:589::5ac
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.nbcstations.com/national/2022/DC/ransomware/images/Ransomware-Desktop.png
Requested by: Host: data.nbcstations.com
URL: https://data.nbcstations.com/national/2022/DC/ransomware/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:589::5ac Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: edecd8da0e1abb0f30524b0a3d5339600560aa021ae663eeb9e9c02df02cc6d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://data.nbcstations.com/national/2022/DC/ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Fri, 04 Nov 2022 18:52:06 GMT
Last-Modified: Fri, 04 Feb 2022 17:34:37 GMT
Server: nginx
ETag: "3696-5d734aa34f6b7"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13974

GET
H/1.1 200
OK Ransomware-Tablet.png
data.nbcstations.com/national/2022/DC/ransomware/images/ Frame 67A2 10 KB
10 KB 481ms
467ms Image
image/png 2a02:26f0:3500:589::5ac
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.nbcstations.com/national/2022/DC/ransomware/images/Ransomware-Tablet.png
Requested by: Host: data.nbcstations.com
URL: https://data.nbcstations.com/national/2022/DC/ransomware/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:589::5ac Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1cf508ea1827754ed0c523ff19fed41c6d287ef113d64f54ae839e55397db7af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://data.nbcstations.com/national/2022/DC/ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Fri, 04 Nov 2022 18:52:07 GMT
Last-Modified: Fri, 04 Feb 2022 17:34:36 GMT
Server: nginx
ETag: "289f-5d734aa291430"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 10399

GET
H/1.1 200
OK Ransomware-Mobile.png
data.nbcstations.com/national/2022/DC/ransomware/images/ Frame 67A2 14 KB
14 KB 471ms
457ms Image
image/png 2a02:26f0:3500:589::5ac
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://data.nbcstations.com/national/2022/DC/ransomware/images/Ransomware-Mobile.png
Requested by: Host: data.nbcstations.com
URL: https://data.nbcstations.com/national/2022/DC/ransomware/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:589::5ac Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 49dbc44335b7244eb54541243ee9d8945072ee5b42f21d19aa50507f7f78ee78

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://data.nbcstations.com/national/2022/DC/ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Fri, 04 Nov 2022 18:52:07 GMT
Last-Modified: Fri, 04 Feb 2022 17:34:37 GMT
Server: nginx
ETag: "3618-5d734aa2fce30"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13848

GET
H2 200 bootstrap.min.js Show response
media.nbcnewyork.com/assets/editorial/national/common/js/ Frame 67A2 46 KB
46 KB 18ms
17ms Script
application/x-javascript 2a02:26f0:1700:385::507
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://media.nbcnewyork.com/assets/editorial/national/common/js/bootstrap.min.js
Requested by: Host: data.nbcstations.com
URL: https://data.nbcstations.com/national/2022/DC/ransomware/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:385::507 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: fa421b6ebbd2fb474d3a3866409ce6c1efd120b47ff256fffb8f8f50d556d3d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://data.nbcstations.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

unused62: 8096267
date: Fri, 04 Nov 2022 18:52:06 GMT
last-modified: Wed, 22 Jul 2020 18:05:17 GMT
server: AkamaiNetStorage
content-md5: CCegvc2akXmQ7uRhp33TPg==
etag: "0827a0bdcd9a917990eee461a77dd33e:1595441117.179074"
access-control-max-age: 86400
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
access-control-allow-credentials: false
accept-ranges: bytes
access-control-allow-headers: *
content-length: 46653

GET
H/1.1 200
OK resizer.js Show response
data.nbcstations.com/national/2022/DC/ransomware/js/ Frame 67A2 3 KB
1 KB 175ms
175ms Script
application/javascript 2a02:26f0:3500:589::5ac
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://data.nbcstations.com/national/2022/DC/ransomware/js/resizer.js
Requested by: Host: data.nbcstations.com
URL: https://data.nbcstations.com/national/2022/DC/ransomware/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:589::5ac Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 763d3f5f349af5e2a4b458e5486b90a5f9b78c0c2f1b2d5ad6179ccb3675aa22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://data.nbcstations.com/national/2022/DC/ransomware/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Fri, 04 Nov 2022 18:52:06 GMT
Content-Encoding: gzip
Last-Modified: Fri, 04 Feb 2022 17:34:36 GMT
Server: nginx
ETag: "bdd-5d734aa2568fd-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1006

GET
H2 200 UnitFeedManagerDesktop.min.js Show response
vidstat.taboola.com/lite-unit/3.9.5/ 104 KB
30 KB 9ms
6ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vidstat.taboola.com/lite-unit/3.9.5/UnitFeedManagerDesktop.min.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20221102-48-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 92f452014c4bd081f4e3395e0423c9f5088e12f20b456f60c8b0d6b51a118127

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:52:06 GMT
via: 1.1 b3fce8903671f8346e7a6a138d2d4610.cloudfront.net (CloudFront), 1.1 varnish
content-encoding: gzip
x-amz-cf-pop: FRA60-P1
age: 1254531
x-cache: Hit from cloudfront, HIT
content-length: 30400
x-served-by: cache-fra-eddf8230031-FRA
last-modified: Tue, 13 Sep 2022 09:04:05 GMT
server: AmazonS3
x-timer: S1667587926.381013,VS0,VE0
etag: "61c09a3e99bef5074941c5ea63321376"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
access-control-allow-headers: *
x-amz-cf-id: dIhg5LJx5eUZ4JuHijQ1TE34dIeqh18ZyFicfL14sPs3mIsIpAT69w==
x-cache-hits: 105541

GET
H2 200 feed-card-placeholder.20221102-48-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 5 KB
2 KB 9ms
9ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/feed-card-placeholder.20221102-48-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/nbcots-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9d792e3260418bfb17e3513b41a31c12ed4d0fc1ad3a2a721a568670ea8b6727

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id: kBCd85qUXBBmoMcGT.rSwGsl5_EFo4jL
content-encoding: gzip
via: 1.1 varnish
date: Fri, 04 Nov 2022 18:52:06 GMT
x-amz-request-id: C61YZMS1G1YAWC3X
age: 62
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1263
x-amz-id-2: 0UsrcsNIX509aSCJx2NWbP8yfQ6Vcxf8OQhHvNajEyT8VQZnmorfxB/vdgJ6noMJ7kiWpgjL/8o=
x-served-by: cache-fra-eddf8230022-FRA
last-modified: Thu, 03 Nov 2022 13:41:30 GMT
server: AmazonS3
x-timer: S1667587926.390641,VS0,VE0
etag: "d8e55e37ddf354c8899fd81a7ef9f9a1"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 15
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 1815

GET
H2 200 distance-from-article.20221102-48-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 2 KB
1 KB 7ms
7ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/distance-from-article.20221102-48-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/nbcots-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9e1fcdb893358b14ff403a9eb433bd15c052ad972d64b27728b0a15bc0c707d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id: lWd0Z.0t.IDX6lDEpnXp8H1g9Yrx84XK
content-encoding: gzip
via: 1.1 varnish
date: Fri, 04 Nov 2022 18:52:06 GMT
x-amz-request-id: 2QQEHM3B5XDE8W1A
age: 65
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1013
x-amz-id-2: 81aBQwqTx/YQgzi7T96ZXGYURoVQJjoAIeeJNCjsCA8cyZiHnlUsJJB4HFaTQIe7XLW5eLdEqf0=
x-served-by: cache-fra-eddf8230022-FRA
last-modified: Thu, 03 Nov 2022 13:41:06 GMT
server: AmazonS3
x-timer: S1667587926.393118,VS0,VE0
etag: "087339cbc9b2863d079cc3834a77a228"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 15
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 66

GET
H2 200 article-detection.20221102-48-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 3 KB
1 KB 7ms
7ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/article-detection.20221102-48-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/nbcots-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5a48b03ff9ad40a8a09a4c1a9561f4595b9467ba51c47488cc3c5319b100d670

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id: Ea0qenVuyoc_QcFQY7s7e0c2CQqnq7ud
content-encoding: gzip
via: 1.1 varnish
date: Fri, 04 Nov 2022 18:52:06 GMT
x-amz-request-id: JNNB991QEAD390KD
age: 101
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 1236
x-amz-id-2: 4xYPNeDDavArJLQd4+7qkZtJWzh5EN7P+VqrhsNtE6QV8mJQ6bCcg7uAkomPa8gILEnjOcCNY1s=
x-served-by: cache-fra-eddf8230022-FRA
last-modified: Thu, 03 Nov 2022 13:40:36 GMT
server: AmazonS3
x-timer: S1667587926.393187,VS0,VE0
etag: "8296b467c2ddf27e33fabd92fda06b97"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 15
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 91

GET
H2 200 userx.20221102-48-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 17 KB
6 KB 7ms
7ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20221102-48-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/nbcots-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c6850b56cf391dfcf856fa0119a04d34d3d1d4b14e2c75fd5b6576623f70addc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id: EgBiEpIHRE_ndglte7AzF8wwRdRZ3Uc7
content-encoding: gzip
via: 1.1 varnish
date: Fri, 04 Nov 2022 18:52:06 GMT
x-amz-request-id: 8G1S06H51DWHJK7Y
age: 107
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 5398
x-amz-id-2: xKLfCkdD8gsVDi+YITyKbfVYpe5xJb0Mb36ZLA9UGFunxsWP2Xfn+9AYGq/6lQlkgfzOnOmIGCk=
x-served-by: cache-fra-eddf8230022-FRA
last-modified: Thu, 03 Nov 2022 13:43:27 GMT
server: AmazonS3
x-timer: S1667587926.407411,VS0,VE0
etag: "cd64469c740fe5393564a58c47678359"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 15
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 68

GET
H2 200 explore-more.20221102-48-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ 21 KB
6 KB 7ms
7ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/explore-more.20221102-48-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/nbcots-network/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 589795ed37d341a3bce4b39a810cd327f55739c76b5bda587049c6fccd48154c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id: ej1_uQ7twpYTKUWP.xsSw1Azg7VAOeBk
content-encoding: gzip
via: 1.1 varnish
date: Fri, 04 Nov 2022 18:52:06 GMT
x-amz-request-id: 1NVQ6Z2TB7HCPG3G
age: 61
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 6377
x-amz-id-2: btSwZJZKFb52VKSxF+HHSVX8gVFHZB0qpdIonCOFfrIuXTuMdpKYNpPRpt7D5/yjwGD6pEnACbs=
x-served-by: cache-fra-eddf8230022-FRA
last-modified: Thu, 03 Nov 2022 13:41:23 GMT
server: AmazonS3
x-timer: S1667587926.418955,VS0,VE0
etag: "11cf5c1ffd02321819c5003bea674742"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 15
cache-control: private,max-age=14400
accept-ranges: bytes
x-cache-hits: 95

GET
H2 204 debug
am-trc-events.taboola.com/nbcots-wrc-tv/log/2/ 0
89 B 19ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/nbcots-wrc-tv/log/2/debug?tim=18%3A52%3A06.390&type=info&msg=%7B%22name%22%3A%22Below%20Article%20Thumbnails%22%2C%22nb%22%3A%222%22%2C%22eof%22%3A%22%22%2C%22fti%22%3A%22nbcots-network-feed-action-bucket-1555335887064%22%2C%22vsm%22%3Atrue%7D&llvl=2&id=4951&cv=20221102-48-RELEASE&lt=deflated&pct=1
Requested by: Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:52:06 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13252

GET
H2 204 debug
am-trc-events.taboola.com/nbcots-wrc-tv/log/2/ 0
89 B 19ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/nbcots-wrc-tv/log/2/debug?tim=18%3A52%3A06.398&type=info&msg=%7B%22name%22%3A%22Below%20Article%20Thumbnails%22%2C%22nb%22%3A%222%22%2C%22eof%22%3A%22%22%2C%22fti%22%3A%22nbcots-network-feed-action-bucket-1555335887064%22%2C%22vsm%22%3Atrue%7D&llvl=2&id=1402&cv=20221102-48-RELEASE&lt=deflated&pct=1
Requested by: Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:52:06 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13252

GET
H2 204 debug
am-trc-events.taboola.com/nbcots-wrc-tv/log/2/ 0
89 B 20ms
15ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/nbcots-wrc-tv/log/2/debug?tim=18%3A52%3A06.401&type=info&msg=Start%20Rendering%20Below%20Article%20Thumbnails%20%7C%20Card%201&llvl=2&id=7757&cv=20221102-48-RELEASE&lt=deflated&pct=1
Requested by: Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:52:06 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13252

GET
H2 204 debug
am-trc-events.taboola.com/nbcots-wrc-tv/log/2/ 0
89 B 17ms
12ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/nbcots-wrc-tv/log/2/debug?tim=18%3A52%3A06.407&type=info&msg=Finish%20Rendering%20Below%20Article%20Thumbnails%20%7C%20Card%201&llvl=2&id=8892&cv=20221102-48-RELEASE&lt=deflated&pct=1
Requested by: Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:52:06 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13252

GET
H2 204 debug
am-trc-events.taboola.com/nbcots-wrc-tv/log/2/ 0
89 B 18ms
13ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/nbcots-wrc-tv/log/2/debug?tim=18%3A52%3A06.409&type=info&msg=Start%20Rendering%20Below%20Article%20Thumbnails%20%7C%20Card%202&llvl=2&id=9594&cv=20221102-48-RELEASE&lt=deflated&pct=1
Requested by: Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:52:06 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13252

GET
H2 204 debug
am-trc-events.taboola.com/nbcots-wrc-tv/log/2/ 0
89 B 18ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/nbcots-wrc-tv/log/2/debug?tim=18%3A52%3A06.411&type=info&msg=Finish%20Rendering%20Below%20Article%20Thumbnails%20%7C%20Card%202&llvl=2&id=1133&cv=20221102-48-RELEASE&lt=deflated&pct=1
Requested by: Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:52:06 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13252

GET
H3

200

B28360616.343678768;dc_pre=CP2x-Y-ZlfsCFUYm4Aod9w0MsA;dc_trk_aid=535112177;dc_trk_cid=176040241;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consen...
ad.doubleclick.net/ddm/trackimp/N297201.2069703TABOOLA/
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N297201.2069703TABOOLA/B28360616.343678768;dc_trk_aid=535112177;dc_trk_cid=176040241;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=...
https://ad.doubleclick.net/ddm/trackimp/N297201.2069703TABOOLA/B28360616.343678768;dc_pre=CP2x-Y-ZlfsCFUYm4Aod9w0MsA;dc_trk_aid=535112177;dc_trk_cid=176040241;ord=[timestamp];dc_lat=;dc_rdid=;tag_f...

42 B
63 B

66ms
38ms

Image
image/gif

216.58.212.134
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/ddm/trackimp/N297201.2069703TABOOLA/B28360616.343678768;dc_pre=CP2x-Y-ZlfsCFUYm4Aod9w0MsA;dc_trk_aid=535112177;dc_trk_cid=176040241;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?;dc_ref=nbcwashington.com

Requested by

Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/

Protocol

Server

216.58.212.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f134.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 18:52:06 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 04 Nov 2022 18:52:06 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ad.doubleclick.net/ddm/trackimp/N297201.2069703TABOOLA/B28360616.343678768;dc_pre=CP2x-Y-ZlfsCFUYm4Aod9w0MsA;dc_trk_aid=535112177;dc_trk_cid=176040241;ord=[timestamp];dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ltd=?;dc_ref=nbcwashington.com
content-type: text/html; charset=UTF-8
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 debug
am-trc-events.taboola.com/nbcots-wrc-tv/log/2/ 0
89 B 17ms
16ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/nbcots-wrc-tv/log/2/debug?tim=18%3A52%3A06.413&type=info&msg=Start%20Rendering%20Below%20Article%20Thumbnails%20%7C%20Card%203&llvl=2&id=4617&cv=20221102-48-RELEASE&lt=deflated&pct=1
Requested by: Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:52:06 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 12661

GET
H2 204 debug
am-trc-events.taboola.com/nbcots-wrc-tv/log/2/ 0
89 B 21ms
20ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/nbcots-wrc-tv/log/2/debug?tim=18%3A52%3A06.415&type=info&msg=Finish%20Rendering%20Below%20Article%20Thumbnails%20%7C%20Card%203&llvl=2&id=4776&cv=20221102-48-RELEASE&lt=deflated&pct=1
Requested by: Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:52:06 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 12661

GET
H2 204 supply-feature
am-trc-events.taboola.com/nbcots-wrc-tv/log/3/ 0
230 B 24ms
23ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/nbcots-wrc-tv/log/3/supply-feature?route=AM:AM:V&lti=deflated&ri=e8a9d1e34d8185b0078e6685dd1c8282&sd=v2_95d710b4cf493a0eecb39e6902a1cbeb_6ffb4465-f529-48c2-8b0e-cd224916eb98-tucta5ee4d5_1667587925_1667587925_CNawjgYQnfY-GL_N8Z_EMCABKAEwODib4wlAgooQSMzK2QNQpewQWABgAGiKz_O9ts7MhmZwAA&ui=6ffb4465-f529-48c2-8b0e-cd224916eb98-tucta5ee4d5&pi=2961727&wi=-3137518505971700602&pt=text&vi=1667587925695&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22ADOPTED%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=18%3A52%3A06.415&id=4067&llvl=2&cv=20221102-48-RELEASE&
Requested by: Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 04 Nov 2022 18:52:06 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 debug
am-trc-events.taboola.com/nbcots-wrc-tv/log/2/ 0
89 B 22ms
21ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/nbcots-wrc-tv/log/2/debug?tim=18%3A52%3A06.417&type=info&msg=%7B%22name%22%3A%22Explore%20More%22%2C%22nb%22%3A%222%22%2C%22eof%22%3A%22%22%2C%22fti%22%3A%22delta-override%3A10534970%3APUBLISHED%22%2C%22vsm%22%3Afalse%7D&llvl=2&id=4444&cv=20221102-48-RELEASE&lt=deflated&pct=1
Requested by: Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:52:06 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 12661

GET
H2 204 debug
am-trc-events.taboola.com/nbcots-wrc-tv/log/2/ 0
89 B 22ms
21ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/nbcots-wrc-tv/log/2/debug?tim=18%3A52%3A06.422&type=info&msg=Start%20Rendering%20Explore%20More%20%7C%20Card%201&llvl=2&id=1487&cv=20221102-48-RELEASE&lt=deflated&pct=1
Requested by: Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:52:06 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 12661

GET
H2 204 debug
am-trc-events.taboola.com/nbcots-wrc-tv/log/2/ 0
89 B 22ms
21ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/nbcots-wrc-tv/log/2/debug?tim=18%3A52%3A06.427&type=info&msg=Finish%20Rendering%20Explore%20More%20%7C%20Card%201&llvl=2&id=2590&cv=20221102-48-RELEASE&lt=deflated&pct=1
Requested by: Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:52:06 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 12661

GET
H2 204 debug
am-trc-events.taboola.com/nbcots-wrc-tv/log/2/ 0
89 B 14ms
13ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/nbcots-wrc-tv/log/2/debug?tim=18%3A52%3A06.432&type=info&msg=Start%20Rendering%20Explore%20More%20%7C%20Card%201&llvl=2&id=5208&cv=20221102-48-RELEASE&lt=deflated&pct=1
Requested by: Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:52:06 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 14229

GET
H2 204 debug
am-trc-events.taboola.com/nbcots-wrc-tv/log/2/ 0
89 B 14ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/nbcots-wrc-tv/log/2/debug?tim=18%3A52%3A06.433&type=info&msg=Finish%20Rendering%20Explore%20More%20%7C%20Card%201&llvl=2&id=9502&cv=20221102-48-RELEASE&lt=deflated&pct=1
Requested by: Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:52:06 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 14229

GET
H2 204 debug
am-trc-events.taboola.com/nbcots-wrc-tv/log/2/ 0
89 B 15ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/nbcots-wrc-tv/log/2/debug?tim=18%3A52%3A06.434&type=info&msg=%7B%22name%22%3A%22Explore%20More%22%2C%22nb%22%3A%222%22%2C%22eof%22%3A%22%22%2C%22fti%22%3A%22delta-override%3A10534970%3APUBLISHED%22%2C%22vsm%22%3Afalse%7D&llvl=2&id=7578&cv=20221102-48-RELEASE&lt=deflated&pct=1
Requested by: Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:52:06 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 14229

GET
H2 204 debug
am-trc-events.taboola.com/nbcots-wrc-tv/log/2/ 0
89 B 16ms
15ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/nbcots-wrc-tv/log/2/debug?tim=18%3A52%3A06.435&type=info&msg=Start%20Rendering%20Explore%20More%20%7C%20Card%202&llvl=2&id=8396&cv=20221102-48-RELEASE&lt=deflated&pct=1
Requested by: Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:52:06 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 14229

GET
H2 204 debug
am-trc-events.taboola.com/nbcots-wrc-tv/log/2/ 0
89 B 16ms
15ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/nbcots-wrc-tv/log/2/debug?tim=18%3A52%3A06.436&type=info&msg=Finish%20Rendering%20Explore%20More%20%7C%20Card%202&llvl=2&id=6224&cv=20221102-48-RELEASE&lt=deflated&pct=1
Requested by: Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:52:06 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 14229

GET
H2 204 debug
am-trc-events.taboola.com/nbcots-wrc-tv/log/2/ 0
89 B 16ms
16ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/nbcots-wrc-tv/log/2/debug?tim=18%3A52%3A06.437&type=info&msg=Start%20Rendering%20Explore%20More%20%7C%20Card%203&llvl=2&id=4004&cv=20221102-48-RELEASE&lt=deflated&pct=1
Requested by: Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:52:06 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 14229

GET
H2 204 debug
am-trc-events.taboola.com/nbcots-wrc-tv/log/2/ 0
89 B 14ms
13ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/nbcots-wrc-tv/log/2/debug?tim=18%3A52%3A06.439&type=info&msg=Finish%20Rendering%20Explore%20More%20%7C%20Card%203&llvl=2&id=8652&cv=20221102-48-RELEASE&lt=deflated&pct=1
Requested by: Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:52:06 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 14073

GET
H2 204 debug
am-trc-events.taboola.com/nbcots-wrc-tv/log/2/ 0
89 B 14ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/nbcots-wrc-tv/log/2/debug?tim=18%3A52%3A06.440&type=info&msg=Start%20Rendering%20Explore%20More%20%7C%20Card%204&llvl=2&id=1262&cv=20221102-48-RELEASE&lt=deflated&pct=1
Requested by: Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:52:06 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 14073

GET
H2 204 debug
am-trc-events.taboola.com/nbcots-wrc-tv/log/2/ 0
89 B 15ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/nbcots-wrc-tv/log/2/debug?tim=18%3A52%3A06.442&type=info&msg=Finish%20Rendering%20Explore%20More%20%7C%20Card%204&llvl=2&id=1849&cv=20221102-48-RELEASE&lt=deflated&pct=1
Requested by: Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:52:06 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 14073

GET
H2 204 debug
am-trc-events.taboola.com/nbcots-wrc-tv/log/2/ 0
89 B 15ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/nbcots-wrc-tv/log/2/debug?tim=18%3A52%3A06.443&type=info&msg=Start%20Rendering%20Explore%20More%20%7C%20Card%205&llvl=2&id=2330&cv=20221102-48-RELEASE&lt=deflated&pct=1
Requested by: Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:52:06 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 14073

GET
H2 204 debug
am-trc-events.taboola.com/nbcots-wrc-tv/log/2/ 0
89 B 15ms
15ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/nbcots-wrc-tv/log/2/debug?tim=18%3A52%3A06.445&type=info&msg=Finish%20Rendering%20Explore%20More%20%7C%20Card%205&llvl=2&id=417&cv=20221102-48-RELEASE&lt=deflated&pct=1
Requested by: Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:52:06 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 14073

GET
H2 204 debug
am-trc-events.taboola.com/nbcots-wrc-tv/log/2/ 0
89 B 16ms
15ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/nbcots-wrc-tv/log/2/debug?tim=18%3A52%3A06.446&type=info&msg=Start%20Rendering%20Explore%20More%20%7C%20Card%206&llvl=2&id=1417&cv=20221102-48-RELEASE&lt=deflated&pct=1
Requested by: Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:52:06 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 14073

GET
H2 204 debug
am-trc-events.taboola.com/nbcots-wrc-tv/log/2/ 0
89 B 14ms
13ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/nbcots-wrc-tv/log/2/debug?tim=18%3A52%3A06.448&type=info&msg=Finish%20Rendering%20Explore%20More%20%7C%20Card%206&llvl=2&id=2246&cv=20221102-48-RELEASE&lt=deflated&pct=1
Requested by: Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:52:06 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 14005

GET
H2 200 f89e1763-220d-4e09-ba69-9e040548fb7a.svg
cdn.taboola.com/static/f8/ 4 KB
2 KB 7ms
7ms Image
image/svg+xml 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/static/f8/f89e1763-220d-4e09-ba69-9e040548fb7a.svg
Requested by: Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id: cMrDKn.emLmm9kiiOOF64ulDT4DRy6LK
content-encoding: gzip
via: 1.1 varnish
date: Fri, 04 Nov 2022 18:52:06 GMT
x-amz-request-id: H7R138A04VP7WASX
age: 85
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1758
x-amz-id-2: dF3JOcSYnRvo9sxdxx7uDPtUFlxaMSQiY2U1Epnpj7gOFw7DhecnYJclQk9pMubUFkyjUVfw0Kk=
x-served-by: cache-fra-eddf8230022-FRA
last-modified: Wed, 07 Feb 2018 11:15:52 GMT
server: AmazonS3
x-timer: S1667587926.455082,VS0,VE0
etag: "b8b410e4b18d45aa2f3d9bc09cd335fb"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: image/svg+xml
access-control-allow-origin: *
abp: 15
cache-control: private,max-age=31536000
accept-ranges: bytes
access-control-allow-headers: *
x-cache-hits: 134

GET
H2 204 social
am-trc-events.taboola.com/nbcots-wrc-tv/log/3/ 0
230 B 18ms
17ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/nbcots-wrc-tv/log/3/social?route=AM:AM:V&lti=deflated&ri=e8a9d1e34d8185b0078e6685dd1c8282&sd=v2_95d710b4cf493a0eecb39e6902a1cbeb_6ffb4465-f529-48c2-8b0e-cd224916eb98-tucta5ee4d5_1667587925_1667587925_CNawjgYQnfY-GL_N8Z_EMCABKAEwODib4wlAgooQSMzK2QNQpewQWABgAGiKz_O9ts7MhmZwAA&ui=6ffb4465-f529-48c2-8b0e-cd224916eb98-tucta5ee4d5&pi=2961727&wi=-3137518505971700602&pt=text&vi=1667587925695&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fwww.nbcwashington.com%2Finvestigations%2Finside-the-battle-against-ransomware-attacks%2F2961727%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22_sessionPending_%22%2C%22hdl%22%3A%22Inside%20the%20Battle%20Against%20Ransomware%20Attacks%22%2C%22sec%22%3A%22investigations%22%2C%22aut%22%3A%5B%22Jodie%20Fleischer%22%2C%22Rick%20Yarborough%22%2C%22Steve%20Jones%22%5D%2C%22img%22%3A%22https%3A%2F%2Fmedia.nbcwashington.com%2F2022%2F02%2FMan-at-computer.jpg%3Fquality%3D85%26strip%3Dall%26resize%3D1200%252C675%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=18%3A52%3A06.479&id=7131&llvl=2&cv=20221102-48-RELEASE&
Requested by: Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 04 Nov 2022 18:52:06 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 social
am-trc-events.taboola.com/nbcots-wrc-tv/log/3/ 0
230 B 18ms
17ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/nbcots-wrc-tv/log/3/social?route=AM:AM:V&lti=deflated&ri=e8a9d1e34d8185b0078e6685dd1c8282&sd=v2_95d710b4cf493a0eecb39e6902a1cbeb_6ffb4465-f529-48c2-8b0e-cd224916eb98-tucta5ee4d5_1667587925_1667587925_CNawjgYQnfY-GL_N8Z_EMCABKAEwODib4wlAgooQSMzK2QNQpewQWABgAGiKz_O9ts7MhmZwAA&ui=6ffb4465-f529-48c2-8b0e-cd224916eb98-tucta5ee4d5&pi=2961727&wi=-3137518505971700602&pt=text&vi=1667587925695&st=social-visible&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22w%22%2C%22tp%22%3A%22player-div%22%2C%22nm%22%3A%22video%22%2C%22c%22%3A1%2C%22ln%22%3A%22above-fold%22%2C%22lx%22%3A208%2C%22ly%22%3A665%2C%22m%22%3A%22video%22%2C%22v%22%3A3%2C%22md%22%3A%7B%22ap%22%3Anull%2C%22vd%22%3Anull%7D%7D%5D%7D&tim=18%3A52%3A06.480&id=9847&llvl=2&cv=20221102-48-RELEASE&
Requested by: Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 04 Nov 2022 18:52:06 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 debug
am-trc-events.taboola.com/nbcots-wrc-tv/log/2/ 0
89 B 14ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/nbcots-wrc-tv/log/2/debug?tim=18%3A52%3A06.496&type=info&msg=Finish%20Rendering%20Below%20Article%20Thumbnails%20%7C%20Card%201&llvl=2&id=9290&cv=20221102-48-RELEASE&lt=deflated&pct=1
Requested by: Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:52:06 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 14005

GET
H/1.1 200
OK 1
5d4a1.v.fwmrm.net/ad/l/ 0
428 B 10ms
9ms Image
text/html 3.69.181.162
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://5d4a1.v.fwmrm.net/ad/l/1?s=v2b63&n=382114%3B382114%3B169843%3B378678&t=1667587926985725594&f=262144&cn=slotImpression&et=i&tpos=0&init=1&slid=0
Requested by: Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.69.181.162 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-69-181-162.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Nov 2022 18:52:06 GMT
Content-Type: text/html
P3P: policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control: no-store
Connection: keep-alive
Keep-Alive: timeout=300
Content-Length: 0
Expires: 0

GET
H/1.1 200
OK 1
5d4a1.v.fwmrm.net/ad/l/ 0
428 B 19ms
8ms Image
text/html 3.69.181.162
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://5d4a1.v.fwmrm.net/ad/l/1?s=v2b63&n=382114%3B382114%3B169843%3B378678&t=1667587926985725594&f=262144&cn=slotEnd&et=i&tpos=0&init=1&slid=0
Requested by: Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.69.181.162 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-69-181-162.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 04 Nov 2022 18:52:06 GMT
Content-Type: text/html
P3P: policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control: no-store
Connection: keep-alive
Keep-Alive: timeout=300
Content-Length: 0
Expires: 0

GET
H/1.1 200
OK master.m3u8 Show response
nbclim-f.akamaihd.net/i/Prod/NBCU_LM_VMS_-_WRC/581/135/14654292097-,1080p,720p,540phigh,540plow,360p,234p,nbcstations.mp4.csmil/ 1 KB
2 KB 2988ms
2918ms XHR
application/vnd.apple.mpegurl 2a02:26f0:3500:5::17d8:4d0d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://nbclim-f.akamaihd.net/i/Prod/NBCU_LM_VMS_-_WRC/581/135/14654292097-,1080p,720p,540phigh,540plow,360p,234p,nbcstations.mp4.csmil/master.m3u8
Requested by: Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/wp-content/themes/nbc-station/static/js/player.6.1.3.js?ver=1.0.2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:26f0:3500:5::17d8:4d0d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiGHost /
Resource Hash: e103a6b639e8537db6cf4d4f45a0bdf1885ec93f9a2bc2cb9b9eac83ae8508ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Fri, 04 Nov 2022 18:52:09 GMT
Server: AkamaiGHost
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: application/vnd.apple.mpegurl
Access-Control-Allow-Origin: https://www.nbcwashington.com
Access-Control-Expose-Headers: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *
Mime-Version: 1.0
Content-Length: 1515

GET
H2 204 debug
am-trc-events.taboola.com/nbcots-wrc-tv/log/2/ 0
89 B 17ms
16ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/nbcots-wrc-tv/log/2/debug?tim=18%3A52%3A06.524&type=info&msg=Finish%20Rendering%20Below%20Article%20Thumbnails%20%7C%20Card%202&llvl=2&id=2205&cv=20221102-48-RELEASE&lt=deflated&pct=1
Requested by: Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:52:06 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 14005

GET
H2 204 debug
am-trc-events.taboola.com/nbcots-wrc-tv/log/2/ 0
89 B 17ms
17ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/nbcots-wrc-tv/log/2/debug?tim=18%3A52%3A06.524&type=info&msg=Finish%20Rendering%20Below%20Article%20Thumbnails%20%7C%20Card%203&llvl=2&id=2767&cv=20221102-48-RELEASE&lt=deflated&pct=1
Requested by: Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:52:06 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 14005

GET
H2 204 debug
am-trc-events.taboola.com/nbcots-wrc-tv/log/2/ 0
89 B 13ms
13ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/nbcots-wrc-tv/log/2/debug?tim=18%3A52%3A06.529&type=info&msg=Start%20Rendering%20Right%20Rail%20Thumbnails%20-%20Fallback&llvl=2&id=5071&cv=20221102-48-RELEASE&lt=deflated&pct=1
Requested by: Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:52:06 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 14419

GET
H2 204 debug
am-trc-events.taboola.com/nbcots-wrc-tv/log/2/ 0
89 B 14ms
13ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/nbcots-wrc-tv/log/2/debug?tim=18%3A52%3A06.530&type=info&msg=Finish%20Rendering%20Right%20Rail%20Thumbnails%20-%20Fallback&llvl=2&id=5388&cv=20221102-48-RELEASE&lt=deflated&pct=1
Requested by: Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:52:06 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 14419

GET
H2 204 abtests
am-trc-events.taboola.com/nbcots-wrc-tv/log/3/ 0
230 B 19ms
18ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/nbcots-wrc-tv/log/3/abtests?route=AM:AM:V&lti=deflated&ri=e8a9d1e34d8185b0078e6685dd1c8282&sd=v2_95d710b4cf493a0eecb39e6902a1cbeb_6ffb4465-f529-48c2-8b0e-cd224916eb98-tucta5ee4d5_1667587925_1667587925_CNawjgYQnfY-GL_N8Z_EMCABKAEwODib4wlAgooQSMzK2QNQpewQWABgAGiKz_O9ts7MhmZwAA&ui=6ffb4465-f529-48c2-8b0e-cd224916eb98-tucta5ee4d5&pi=2961727&wi=-3137518505971700602&pt=text&vi=1667587925695&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22recommendation-reel%22%2C%22type%22%3A%22available%22%2C%22eventTime%22%3A1667587926537%7D&tim=18%3A52%3A06.537&id=4340&llvl=2&cv=20221102-48-RELEASE&
Requested by: Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 04 Nov 2022 18:52:06 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 debug
am-trc-events.taboola.com/nbcots-wrc-tv/log/2/ 0
89 B 14ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/nbcots-wrc-tv/log/2/debug?tim=18%3A52%3A06.547&type=info&msg=Finish%20Rendering%20Explore%20More%20%7C%20Card%202&llvl=2&id=3263&cv=20221102-48-RELEASE&lt=deflated&pct=1
Requested by: Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:52:06 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 14419

GET
H2 204 debug
am-trc-events.taboola.com/nbcots-wrc-tv/log/2/ 0
89 B 17ms
17ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/nbcots-wrc-tv/log/2/debug?tim=18%3A52%3A06.548&type=info&msg=Finish%20Rendering%20Explore%20More%20%7C%20Card%203&llvl=2&id=813&cv=20221102-48-RELEASE&lt=deflated&pct=1
Requested by: Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:52:06 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 14419

GET
H2 204 debug
am-trc-events.taboola.com/nbcots-wrc-tv/log/2/ 0
89 B 17ms
17ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/nbcots-wrc-tv/log/2/debug?tim=18%3A52%3A06.548&type=info&msg=Finish%20Rendering%20Explore%20More%20%7C%20Card%204&llvl=2&id=8093&cv=20221102-48-RELEASE&lt=deflated&pct=1
Requested by: Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:52:06 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 14419

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 533cbc352aa349da346dc9cd271bd8aa529b4fb4e40c5dd94a93d93f9ef15e8e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 204 debug
am-trc-events.taboola.com/nbcots-wrc-tv/log/2/ 0
89 B 17ms
12ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/nbcots-wrc-tv/log/2/debug?tim=18%3A52%3A06.557&type=info&msg=Finish%20Rendering%20Explore%20More%20%7C%20Card%205&llvl=2&id=8478&cv=20221102-48-RELEASE&lt=deflated&pct=1
Requested by: Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:52:06 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 14580

GET
H2 204 debug
am-trc-events.taboola.com/nbcots-wrc-tv/log/2/ 0
89 B 16ms
13ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/nbcots-wrc-tv/log/2/debug?tim=18%3A52%3A06.558&type=info&msg=Finish%20Rendering%20Explore%20More%20%7C%20Card%206&llvl=2&id=3088&cv=20221102-48-RELEASE&lt=deflated&pct=1
Requested by: Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:52:06 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 14580

GET
H2 200 c40301bfbec9837bb83765abf5bfb64b.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_348%2Cw_660%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 46 KB
47 KB 9ms
8ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_348%2Cw_660%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c40301bfbec9837bb83765abf5bfb64b.jpg
Requested by: Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: da0f0d629083c4770ec7a6055b2e238cee3d32ba033621f38e9efd3346520810

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 04 Nov 2022 18:52:06 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_348%2Cw_660%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c40301bfbec9837bb83765abf5bfb64b.jpg
age: 1588082
edge-cache-tag: 546958493222635699882515151545245029967,320131976113462108692030635689510429540,29ecf9b93bbf306179626feeda1fab70
cache-tag: 546958493222635699882515151545245029967,320131976113462108692030635689510429540,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 728
req-referer: https://www.t-online.de/
content-length: 46878
x-request-id: 52e7dfc4b949e9a590ca7cb40a6573bc
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by: cache-iad-kcgs7200089-IAD, cache-iad-kcgs7200134-IAD, cache-lga21960-LGA, cache-iad-kcgs7200040-IAD, cache-fra-eddf8230022-FRA
last-modified: Fri, 14 Oct 2022 12:59:35 GMT
server: nginx
x-timer: S1667587927.557800,VS0,VE1
etag: "7742aefd663aba5dcf7d80a8f2a969e4"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 3, 1

GET
H2 200 1cc0ee860248b9fc5bc45b61341d1702.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_360%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 13 KB
14 KB 11ms
11ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_360%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1cc0ee860248b9fc5bc45b61341d1702.png
Requested by: Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c33e3e0759c9e6be7db9356a1530d0ea8f12df18a765706790bfd6a0a725d8e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Fri, 04 Nov 2022 18:52:06 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_360%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1cc0ee860248b9fc5bc45b61341d1702.png
age: 5100682
edge-cache-tag: 401272061756895022684103978876556082586,619046864577321299006260266932630550853,29ecf9b93bbf306179626feeda1fab70
cache-tag: 401272061756895022684103978876556082586,619046864577321299006260266932630550853,29ecf9b93bbf306179626feeda1fab70
x-cache: HIT, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 119
expiration: expiry-date="Thu, 08 Sep 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.nbcnews.com/
content-length: 13680
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb802
x-served-by: cache-iad-kiad7000057-IAD, cache-iad-kjyo7100087-IAD, cache-lga21948-LGA, cache-iad-kiad7000176-IAD, cache-fra-eddf8230022-FRA
last-modified: Mon, 08 Aug 2022 15:06:19 GMT
server: nginx
x-timer: S1667587927.557895,VS0,VE2
etag: "e1cdfd5e1c06a335feba148b843a3e3e"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 0, 0, 113, 1

GET
H2 200 6112cd5658f16b34d7a9aa69b9fddc72.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_360%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 33 KB
34 KB 10ms
10ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_360%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6112cd5658f16b34d7a9aa69b9fddc72.jpg
Requested by: Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: cde3f5ffe0e71a30f1bda7f4f8016e3ea750ad9b23257232b55b017b631a1792

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Fri, 04 Nov 2022 18:52:06 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_360%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6112cd5658f16b34d7a9aa69b9fddc72.jpg
age: 2355349
edge-cache-tag: 434288274088954826597025193201407680381,619046864577321299006260266932630550853,29ecf9b93bbf306179626feeda1fab70
cache-tag: 434288274088954826597025193201407680381,619046864577321299006260266932630550853,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 349
expiration: expiry-date="Sun, 09 Oct 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.nbcnews.com/
content-length: 33634
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by: cache-iad-kjyo7100117-IAD, cache-iad-kcgs7200166-IAD, cache-bur-kbur8200028-BUR, cache-iad-kcgs7200148-IAD, cache-fra-eddf8230022-FRA
last-modified: Thu, 08 Sep 2022 12:53:07 GMT
server: nginx
x-timer: S1667587927.558024,VS0,VE2
etag: "f8cfd69d0c7a98710c2db91973be3261"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 12, 1

GET
H2 200 985137888__hi4xzDAU.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_348%2Cw_660%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/DV/ 11 KB
12 KB 100ms
97ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_348%2Cw_660%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/DV/985137888__hi4xzDAU.jpg
Requested by: Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0eaee4dbbf2d516be60772710cfc0c1bd3f9c8ea7e1d7bebd0e82e2ad9542356

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-vcl-time-ms: 88
date: Fri, 04 Nov 2022 18:52:06 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_348%2Cw_660%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/DV/985137888__hi4xzDAU.jpg
age: 233535
edge-cache-tag: 294627647531404584068419212342316804301,320131976113462108692030635689510429540,29ecf9b93bbf306179626feeda1fab70
cache-tag: 294627647531404584068419212342316804301,320131976113462108692030635689510429540,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, MISS, HIT, MISS
x-envoy-upstream-service-time: 166
expiration: expiry-date="Fri, 04 Nov 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.nbcdfw.com/entertainment/entertainment-news/ncis-and-bones-actor-heath-freemans-cause-of-death-revealed/2911770/
content-length: 11106
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by: cache-iad-kcgs7200089-IAD, cache-iad-kcgs7200039-IAD, cache-lga21972-LGA, cache-iad-kiad7000030-IAD, cache-fra-eddf8230022-FRA
last-modified: Tue, 04 Oct 2022 03:01:21 GMT
server: nginx
x-timer: S1667587927.572020,VS0,VE88
etag: "fdb7fd2cbc5f3f7929c8a12ca8f42d3b"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 2, 0

GET
H2 200 1b80f57a1a2ddd5872cba5063633409f.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_348%2Cw_660%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 8 KB
9 KB 16ms
11ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_348%2Cw_660%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1b80f57a1a2ddd5872cba5063633409f.png
Requested by: Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 5228675075dfe6d3f4d7f05e182a76dae7bad18004df47a011ddf94e71a20560

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 04 Nov 2022 18:52:06 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_348%2Cw_660%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1b80f57a1a2ddd5872cba5063633409f.png
age: 1147265
edge-cache-tag: 327577597698835215939082029905796668758,576425602493441304680707119287410077383,29ecf9b93bbf306179626feeda1fab70
cache-tag: 327577597698835215939082029905796668758,576425602493441304680707119287410077383,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: HIT, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time: 195
req-referer: https://www.fichajes.net/
content-length: 8360
x-request-id: e8388986763372798645a399de298f20
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by: cache-iad-kcgs7200048-IAD, cache-iad-kiad7000034-IAD, cache-lga21945-LGA, cache-iad-kcgs7200051-IAD, cache-fra-eddf8230022-FRA
last-modified: Fri, 14 Oct 2022 09:15:29 GMT
server: nginx
x-timer: S1667587927.572308,VS0,VE1
etag: "bd8baffbbc564cfd730d882ecbc8f3de"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 0, 0, 0, 1

GET
H2 200 85b21d13dbda7a187bf2bed71078e894.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_360%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 13 KB
14 KB 15ms
10ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_360%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/85b21d13dbda7a187bf2bed71078e894.jpg
Requested by: Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0176fb6f0f9d69bfd0c2456d95c2519ee24011284b5558829c047d01aa79f254

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 04 Nov 2022 18:52:06 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_360%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/85b21d13dbda7a187bf2bed71078e894.jpg
age: 1901725
edge-cache-tag: 570241793575223785956517782784221843806,619046864577321299006260266932630550853,29ecf9b93bbf306179626feeda1fab70
cache-tag: 570241793575223785956517782784221843806,619046864577321299006260266932630550853,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 656
req-referer: https://www.nbcnews.com/select/shopping/bialetti-moka-express-coffee-pot-ncna1285877
content-length: 13726
x-request-id: 6232e1d59206ef4872bb46ff56e787a7
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by: cache-iad-kcgs7200145-IAD, cache-iad-kjyo7100062-IAD, cache-bur-kbur8200026-BUR, cache-iad-kiad7000157-IAD, cache-fra-eddf8230022-FRA
last-modified: Thu, 13 Oct 2022 08:45:52 GMT
server: nginx
x-timer: S1667587927.572029,VS0,VE1
etag: "bd77bb9f3f1ad1688b6b3e45985d68c9"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 4, 1

GET
H2 200 107143342-1667226833695-AP22301699608869.jpg%3Fquality%3D85%26strip%3Dall%26resize%3D1168%252C675
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//media.nbcwashington.com/2022/10/ 61 KB
62 KB 100ms
99ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//media.nbcwashington.com/2022/10/107143342-1667226833695-AP22301699608869.jpg%3Fquality%3D85%26strip%3Dall%26resize%3D1168%252C675
Requested by: Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 6bd51f6516ca64734ce2ef387191064496952715b7fa1a0fb13591f4806e109f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-vcl-time-ms: 89
date: Fri, 04 Nov 2022 18:52:06 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//media.nbcwashington.com/2022/10/107143342-1667226833695-AP22301699608869.jpg%3Fquality%3D85%26strip%3Dall%26resize%3D1168%252C675
age: 96925
edge-cache-tag: 338017976389009582526311192944071103874,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
cache-tag: 338017976389009582526311192944071103874,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT, HIT, MISS
x-envoy-upstream-service-time: 361
req-referer: https://www.nbcwashington.com/
content-length: 62448
x-request-id: df8836809d6d2ff46826e793fdfab6bf
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by: cache-iad-kcgs7200024-IAD, cache-iad-kcgs7200145-IAD, cache-bur-kbur8200050-BUR, cache-iad-kjyo7100064-IAD, cache-fra-eddf8230022-FRA
last-modified: Thu, 03 Nov 2022 15:46:39 GMT
server: nginx
x-timer: S1667587927.572005,VS0,VE89
etag: "cacb24afd2d7ceb3e4bee73912a39227"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 3, 1, 22, 0

GET
H2 200 GettyImages-1402257042.jpg%3Fquality%3D85%26strip%3Dall%26resize%3D1200%252C675
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//media.nbcwashington.com/2022/11/ 38 KB
39 KB 104ms
103ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//media.nbcwashington.com/2022/11/GettyImages-1402257042.jpg%3Fquality%3D85%26strip%3Dall%26resize%3D1200%252C675
Requested by: Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: ed1c5bbca34935ba1b5cab94520839f182612ec6a8d6093f576c3e90bb4ab4aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-vcl-time-ms: 95
date: Fri, 04 Nov 2022 18:52:06 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//media.nbcwashington.com/2022/11/GettyImages-1402257042.jpg%3Fquality%3D85%26strip%3Dall%26resize%3D1200%252C675
age: 102772
edge-cache-tag: 378357857431581606509469834179339759048,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
cache-tag: 378357857431581606509469834179339759048,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT, HIT, MISS
x-envoy-upstream-service-time: 303
req-referer: https://www.nbcwashington.com/
content-length: 39364
x-request-id: 047a49d12d99c7afbd20f8276bd2db36
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by: cache-iad-kcgs7200155-IAD, cache-iad-kcgs7200041-IAD, cache-chi-klot8100070-CHI, cache-iad-kcgs7200059-IAD, cache-fra-eddf8230022-FRA
last-modified: Thu, 03 Nov 2022 14:15:25 GMT
server: nginx
x-timer: S1667587927.571994,VS0,VE95
etag: "51e404cb346624a0cee56bebbf53d71f"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 3, 1, 36, 0

GET
H2 200 GettyImages-1431729325.jpg%3Fquality%3D85%26strip%3Dall%26resize%3D1200%252C675
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//media.nbcwashington.com/2022/11/ 22 KB
23 KB 98ms
98ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//media.nbcwashington.com/2022/11/GettyImages-1431729325.jpg%3Fquality%3D85%26strip%3Dall%26resize%3D1200%252C675
Requested by: Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 02bbca75fdffc07306339d08b8c85f7e9bb4a95a15c3f46163cb9e578d70625d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-vcl-time-ms: 88
date: Fri, 04 Nov 2022 18:52:06 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//media.nbcwashington.com/2022/11/GettyImages-1431729325.jpg%3Fquality%3D85%26strip%3Dall%26resize%3D1200%252C675
age: 118718
edge-cache-tag: 359722932587566589666107944364185384603,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
cache-tag: 359722932587566589666107944364185384603,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, MISS, HIT, MISS
x-envoy-upstream-service-time: 394
req-referer: https://www.nbcwashington.com/
content-length: 22346
x-request-id: f71b1c0f3083d67ebe951c9208f0f56f
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by: cache-iad-kcgs7200120-IAD, cache-iad-kjyo7100138-IAD, cache-chi-klot8100114-CHI, cache-iad-kiad7000023-IAD, cache-fra-eddf8230022-FRA
last-modified: Thu, 03 Nov 2022 09:41:55 GMT
server: nginx
x-timer: S1667587927.571975,VS0,VE88
etag: "3e95492c832cea6343161faa9dd24dbc"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 3, 0, 3, 0

GET
H2 200 081122-Courtney-Clenney-Christian-Obumseli.jpg%3Fquality%3D85%26strip%3Dall%26fit%3D1200%252C675
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//media.nbcwashington.com/2022/08/ 54 KB
54 KB 101ms
99ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//media.nbcwashington.com/2022/08/081122-Courtney-Clenney-Christian-Obumseli.jpg%3Fquality%3D85%26strip%3Dall%26fit%3D1200%252C675
Requested by: Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: dd112607a042b68ef533bf746751d7a039403ef4e35626cf44a96ddc30dfd06e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-vcl-time-ms: 92
date: Fri, 04 Nov 2022 18:52:06 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_630%2Cw_1260%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//media.nbcwashington.com/2022/08/081122-Courtney-Clenney-Christian-Obumseli.jpg%3Fquality%3D85%26strip%3Dall%26fit%3D1200%252C675
age: 101905
edge-cache-tag: 568609874705602757440823791954260844834,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
cache-tag: 568609874705602757440823791954260844834,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT, HIT, MISS
x-envoy-upstream-service-time: 503
req-referer: https://www.nbcwashington.com/
content-length: 54894
x-request-id: 695022a22717231a93087b4b78491495
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by: cache-iad-kcgs7200103-IAD, cache-iad-kjyo7100082-IAD, cache-bur-kbur8200160-BUR, cache-iad-kjyo7100038-IAD, cache-fra-eddf8230022-FRA
last-modified: Thu, 03 Nov 2022 14:31:13 GMT
server: nginx
x-timer: S1667587927.583539,VS0,VE92
etag: "3437bbb7fe88d30a0e488c76366c49db"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 2, 1, 28, 0

GET
H2 200 107010301-1643832060204-pelosi-1.jpg%3Fquality%3D85%26strip%3Dall%26resize%3D1200%252C675
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_330%2Cw_660%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//media.nbcwashington.com/2022/10/ 17 KB
18 KB 94ms
93ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_330%2Cw_660%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//media.nbcwashington.com/2022/10/107010301-1643832060204-pelosi-1.jpg%3Fquality%3D85%26strip%3Dall%26resize%3D1200%252C675
Requested by: Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 72bded34156f752c4de5d289f6c733633167a91df316667c855056ed86392f7d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-vcl-time-ms: 87
date: Fri, 04 Nov 2022 18:52:06 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_330%2Cw_660%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//media.nbcwashington.com/2022/10/107010301-1643832060204-pelosi-1.jpg%3Fquality%3D85%26strip%3Dall%26resize%3D1200%252C675
age: 70544
edge-cache-tag: 429985494092034999958728354558484402050,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
cache-tag: 429985494092034999958728354558484402050,523272642140522660213979017363544863538,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT, HIT, MISS
x-envoy-upstream-service-time: 161
req-referer: https://www.nbcwashington.com/
content-length: 17308
x-request-id: 1d83b88e8e483d806d07164b3a117edb
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb803
x-served-by: cache-iad-kcgs7200162-IAD, cache-iad-kcgs7200075-IAD, cache-chi-klot8100104-CHI, cache-iad-kiad7000062-IAD, cache-fra-eddf8230022-FRA
last-modified: Thu, 03 Nov 2022 23:10:12 GMT
server: nginx
x-timer: S1667587927.583655,VS0,VE87
etag: "498ef53d9d6a95fb53b6c2d49bd3654a"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 3, 0

GET
H2 200 web-221104-jimmie-johnson-richard-petty-usa.jpg%3Fquality%3D85%26strip%3Dall%26resize%3D1200%252C675
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//media.nbcwashington.com/2022/11/ 23 KB
24 KB 103ms
100ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//media.nbcwashington.com/2022/11/web-221104-jimmie-johnson-richard-petty-usa.jpg%3Fquality%3D85%26strip%3Dall%26resize%3D1200%252C675
Requested by: Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 03f8c5121744bda17d4fa73cd42b93d988f38aaa974e399d9468d23f87db6c87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-vcl-time-ms: 94
date: Fri, 04 Nov 2022 18:52:06 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//media.nbcwashington.com/2022/11/web-221104-jimmie-johnson-richard-petty-usa.jpg%3Fquality%3D85%26strip%3Dall%26resize%3D1200%252C675
age: 1009
edge-cache-tag: 327304976309272012088538868535275584440,329765810179079982686186289182046609799,29ecf9b93bbf306179626feeda1fab70
cache-tag: 327304976309272012088538868535275584440,329765810179079982686186289182046609799,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, MISS
x-envoy-upstream-service-time: 869
req-referer: https://www.nbcwashington.com/
content-length: 23628
x-request-id: e76f72da330c23f0718957f9d34313c8
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by: cache-iad-kcgs7200026-IAD, cache-iad-kiad7000144-IAD, cache-lga21949-LGA, cache-iad-kcgs7200024-IAD, cache-fra-eddf8230022-FRA
last-modified: Fri, 04 Nov 2022 18:28:59 GMT
server: nginx
x-timer: S1667587927.671513,VS0,VE94
etag: "52f62bdfcc89f38a415e9c710d26c9ca"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 10, 0

GET
H2 200 GettyImages-1241320093.jpg%3Fquality%3D85%26strip%3Dall%26resize%3D1200%252C675
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//media.nbcwashington.com/2022/10/ 26 KB
27 KB 97ms
95ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//media.nbcwashington.com/2022/10/GettyImages-1241320093.jpg%3Fquality%3D85%26strip%3Dall%26resize%3D1200%252C675
Requested by: Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 7f4f6137089c2d8b41d7c558da1be4c8d5a1974c129b763327263d70478d0723

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-vcl-time-ms: 89
date: Fri, 04 Nov 2022 18:52:06 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//media.nbcwashington.com/2022/10/GettyImages-1241320093.jpg%3Fquality%3D85%26strip%3Dall%26resize%3D1200%252C675
age: 173809
edge-cache-tag: 577759088652965253667462652361688950585,329765810179079982686186289182046609799,29ecf9b93bbf306179626feeda1fab70
cache-tag: 577759088652965253667462652361688950585,329765810179079982686186289182046609799,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, MISS
x-envoy-upstream-service-time: 621
req-referer: https://www.nbcwashington.com/
content-length: 27014
x-request-id: 7242b2a367b138ca42eab1c2d38d83d9
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by: cache-iad-kiad7000077-IAD, cache-iad-kjyo7100100-IAD, cache-chi-klot8100125-CHI, cache-iad-kiad7000092-IAD, cache-fra-eddf8230022-FRA
last-modified: Thu, 27 Oct 2022 04:00:32 GMT
server: nginx
x-timer: S1667587927.671591,VS0,VE89
etag: "9672e0e07a9012898ab887fc96888baf"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 571, 0

GET
H2 200 Maryland-Teacher-Leaves-School-With-27-Kids.jpg%3Fquality%3D85%26strip%3Dall%26resize%3D1200%252C675
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//media.nbcwashington.com/2022/11/ 21 KB
22 KB 94ms
94ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//media.nbcwashington.com/2022/11/Maryland-Teacher-Leaves-School-With-27-Kids.jpg%3Fquality%3D85%26strip%3Dall%26resize%3D1200%252C675
Requested by: Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: f720d7b27752703f04681491c4d82dbff16403f35f441dac6e237830121e8d65

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-vcl-time-ms: 87
date: Fri, 04 Nov 2022 18:52:06 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_345%2Cw_620%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//media.nbcwashington.com/2022/11/Maryland-Teacher-Leaves-School-With-27-Kids.jpg%3Fquality%3D85%26strip%3Dall%26resize%3D1200%252C675
age: 62595
edge-cache-tag: 332490893092378411147453308690935262141,329765810179079982686186289182046609799,29ecf9b93bbf306179626feeda1fab70
cache-tag: 332490893092378411147453308690935262141,329765810179079982686186289182046609799,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, MISS
x-envoy-upstream-service-time: 667
req-referer: https://www.nbcwashington.com/
content-length: 21662
x-request-id: 447baa802c9603d907af9a15e99bc77d
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by: cache-iad-kjyo7100064-IAD, cache-iad-kcgs7200030-IAD, cache-lga21925-LGA, cache-iad-kiad7000118-IAD, cache-fra-eddf8230022-FRA
last-modified: Fri, 04 Nov 2022 01:23:25 GMT
server: nginx
x-timer: S1667587927.671602,VS0,VE87
etag: "bc0e2d9c5897eb2a9eb618cdd5963ccc"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 23, 0

GET
H2 200 c40301bfbec9837bb83765abf5bfb64b.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 74 KB
75 KB 9ms
9ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c40301bfbec9837bb83765abf5bfb64b.jpg
Requested by: Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 40355cdae80a47f8ae8299ba472f5c5a4519a4372228fd3c701f661420c22b96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 04 Nov 2022 18:52:06 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c40301bfbec9837bb83765abf5bfb64b.jpg
age: 1592626
edge-cache-tag: 546958493222635699882515151545245029967,583871214053319515287197068629212291723,29ecf9b93bbf306179626feeda1fab70
cache-tag: 546958493222635699882515151545245029967,583871214053319515287197068629212291723,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 1274
req-referer: https://www.t-online.de/
content-length: 75734
x-request-id: c67c92bdfa4bcf1f0fff988c1dd69557
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kjyo7100154-IAD, cache-iad-kcgs7200048-IAD, cache-lax10648-LGB, cache-iad-kiad7000157-IAD, cache-fra-eddf8230022-FRA
last-modified: Fri, 14 Oct 2022 12:59:35 GMT
server: nginx
x-timer: S1667587927.674884,VS0,VE1
etag: "80082b322fa40c9cb14d70f08618cffb"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 20, 1

GET
H2 200 1cc0ee860248b9fc5bc45b61341d1702.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 42 KB
42 KB 8ms
8ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1cc0ee860248b9fc5bc45b61341d1702.png
Requested by: Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 768a3d68f150bd74181df7153849699322b477948143a82928b649f54bfb8640

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 04 Nov 2022 18:52:06 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/1cc0ee860248b9fc5bc45b61341d1702.png
age: 2641171
edge-cache-tag: 401272061756895022684103978876556082586,583871214053319515287197068629212291723,29ecf9b93bbf306179626feeda1fab70
cache-tag: 401272061756895022684103978876556082586,583871214053319515287197068629212291723,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, HIT, HIT, HIT, HIT
x-envoy-upstream-service-time: 305
req-referer: https://puebla.lodehoy.com.mx/
content-length: 42658
x-request-id: fb1628140d89c7fa0cab7cdb6473ca32
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kjyo7100138-IAD, cache-iad-kjyo7100041-IAD, cache-bur-kbur8200120-BUR, cache-iad-kiad7000048-IAD, cache-fra-eddf8230022-FRA
last-modified: Mon, 03 Oct 2022 17:08:26 GMT
server: nginx
x-timer: S1667587927.678514,VS0,VE1
etag: "7480bdca7043fd40d36c5cd0f807a65c"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 1, 1, 59, 1

GET
H2 200 shutterstock_617553545-2.jpg%3Fquality%3D85%26strip%3Dall%26resize%3D1200%252C675
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//media.nbcwashington.com/2022/10/ 18 KB
19 KB 103ms
102ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//media.nbcwashington.com/2022/10/shutterstock_617553545-2.jpg%3Fquality%3D85%26strip%3Dall%26resize%3D1200%252C675
Requested by: Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 2d13663b2a3ea8ff1e44705ffe601435646ea4863d55d7d64cef51536bcf7240

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-vcl-time-ms: 94
date: Fri, 04 Nov 2022 18:52:06 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//media.nbcwashington.com/2022/10/shutterstock_617553545-2.jpg%3Fquality%3D85%26strip%3Dall%26resize%3D1200%252C675
age: 548823
edge-cache-tag: 530148608078686388804271587008448907761,491862125603500554501118228743896000770,29ecf9b93bbf306179626feeda1fab70
cache-tag: 530148608078686388804271587008448907761,491862125603500554501118228743896000770,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, MISS
x-envoy-upstream-service-time: 582
req-referer: https://www.nbcwashington.com/
content-length: 18686
x-request-id: 62f2204b0fe1fb679038b6f7df9b76b7
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by: cache-iad-kiad7000118-IAD, cache-iad-kiad7000164-IAD, cache-bur-kbur8200158-BUR, cache-iad-kiad7000179-IAD, cache-fra-eddf8230022-FRA
last-modified: Sat, 29 Oct 2022 00:47:48 GMT
server: nginx
x-timer: S1667587927.685200,VS0,VE94
etag: "c7a3d4311ee994e9c6820c6b95fd0a90"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 23, 0

GET
H2 200 GettyImages-1438540665.jpg%3Fquality%3D85%26strip%3Dall%26resize%3D1024%252C675
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//media.nbcwashington.com/2022/11/ 8 KB
8 KB 99ms
99ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//media.nbcwashington.com/2022/11/GettyImages-1438540665.jpg%3Fquality%3D85%26strip%3Dall%26resize%3D1024%252C675
Requested by: Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 1eab95cad832c16cecba27fe0e012dbc47dacb8bd8c4581a1d4f183decff307b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-vcl-time-ms: 92
date: Fri, 04 Nov 2022 18:52:06 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//media.nbcwashington.com/2022/11/GettyImages-1438540665.jpg%3Fquality%3D85%26strip%3Dall%26resize%3D1024%252C675
age: 94851
edge-cache-tag: 532023293686027803159113426428523627317,491862125603500554501118228743896000770,29ecf9b93bbf306179626feeda1fab70
cache-tag: 532023293686027803159113426428523627317,491862125603500554501118228743896000770,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, MISS
x-envoy-upstream-service-time: 481
req-referer: https://www.nbcwashington.com/
content-length: 7886
x-request-id: 57eb5001dd266ffa06bd96984a1d0970
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by: cache-iad-kcgs7200114-IAD, cache-iad-kjyo7100056-IAD, cache-bur-kbur8200129-BUR, cache-iad-kcgs7200130-IAD, cache-fra-eddf8230022-FRA
last-modified: Thu, 03 Nov 2022 16:23:45 GMT
server: nginx
x-timer: S1667587927.685599,VS0,VE92
etag: "3ffadceaebc6240430f4a4c7c41d330a"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 7, 0

GET
H2 200 6112cd5658f16b34d7a9aa69b9fddc72.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 28 KB
29 KB 8ms
8ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6112cd5658f16b34d7a9aa69b9fddc72.jpg
Requested by: Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: d1b3a4144c69f76740543e4f9d04de2cf728b906d0769eb163ee77fedafb9a46

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 04 Nov 2022 18:52:06 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/6112cd5658f16b34d7a9aa69b9fddc72.jpg
age: 1301207
edge-cache-tag: 434288274088954826597025193201407680381,491862125603500554501118228743896000770,29ecf9b93bbf306179626feeda1fab70
cache-tag: 434288274088954826597025193201407680381,491862125603500554501118228743896000770,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 389
expiration: expiry-date="Thu, 20 Oct 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://www.leckerbacken.com/
content-length: 28688
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kcgs7200157-IAD, cache-iad-kjyo7100074-IAD, cache-bur-kbur8200026-BUR, cache-iad-kcgs7200155-IAD, cache-fra-eddf8230022-FRA
last-modified: Mon, 19 Sep 2022 08:27:32 GMT
server: nginx
x-timer: S1667587927.687789,VS0,VE1
etag: "d106ce82afe32dc08f7e1ba204d17d8b"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 1, 1

GET
H2 200 985137888__hi4xzDAU.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/DV/ 7 KB
8 KB 10ms
10ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/DV/985137888__hi4xzDAU.jpg
Requested by: Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: a693714d6b33e3df746ffca1bdcff7ef5e0dc2ab4c011637e9ebdd7cb9439d70

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 04 Nov 2022 18:52:06 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_272%2Cw_380%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/GETTY_IMAGES/DV/985137888__hi4xzDAU.jpg
age: 302695
edge-cache-tag: 294627647531404584068419212342316804301,491862125603500554501118228743896000770,29ecf9b93bbf306179626feeda1fab70
cache-tag: 294627647531404584068419212342316804301,491862125603500554501118228743896000770,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time: 663
req-referer: https://militarybud.com/
content-length: 7636
x-request-id: d1d81e9603bbe7288360161f653a0439
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kcgs7200174-IAD, cache-iad-kiad7000032-IAD, cache-lax10628-LGB, cache-iad-kjyo7100117-IAD, cache-fra-eddf8230022-FRA
last-modified: Tue, 01 Nov 2022 05:12:01 GMT
server: nginx
x-timer: S1667587927.697616,VS0,VE1
etag: "8ee46da55e1399d86e756e837d6a0495"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 0, 1

GET
H2 200 Holmdel-home-raid-catalytic-converters-w-insets.jpg%3Fquality%3D85%26strip%3Dall%26resize%3D1200%252C675
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//media.nbcwashington.com/2022/11/ 47 KB
47 KB 104ms
103ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//media.nbcwashington.com/2022/11/Holmdel-home-raid-catalytic-converters-w-insets.jpg%3Fquality%3D85%26strip%3Dall%26resize%3D1200%252C675
Requested by: Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 46d22855250f0ec00510d9611f49856aab85c3da4c943eaeb555198a130e2fe9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-vcl-time-ms: 94
date: Fri, 04 Nov 2022 18:52:06 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//media.nbcwashington.com/2022/11/Holmdel-home-raid-catalytic-converters-w-insets.jpg%3Fquality%3D85%26strip%3Dall%26resize%3D1200%252C675
age: 87506
edge-cache-tag: 453373098758691562305513669474114069957,583871214053319515287197068629212291723,29ecf9b93bbf306179626feeda1fab70
cache-tag: 453373098758691562305513669474114069957,583871214053319515287197068629212291723,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, MISS
x-envoy-upstream-service-time: 838
req-referer: https://www.nbcwashington.com/
content-length: 47824
x-request-id: aecfef98ed82263acbe1a3285c58383b
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb204
x-served-by: cache-iad-kcgs7200073-IAD, cache-iad-kcgs7200147-IAD, cache-bur-kbur8200093-BUR, cache-iad-kcgs7200087-IAD, cache-fra-eddf8230022-FRA
last-modified: Thu, 03 Nov 2022 18:10:53 GMT
server: nginx
x-timer: S1667587927.708307,VS0,VE94
etag: "7006e354eb53ca145559c37d0dcd055a"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 19, 0

GET
H2 200 POWERBALL-1B.jpg%3Fquality%3D85%26strip%3Dall%26fit%3D1200%252C675
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//media.nbcwashington.com/2022/10/ 48 KB
48 KB 99ms
99ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//media.nbcwashington.com/2022/10/POWERBALL-1B.jpg%3Fquality%3D85%26strip%3Dall%26fit%3D1200%252C675
Requested by: Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 1810b35a3b2b4ed88cebe1ef32adadfd5f239b826d2f207864a4017f52dfbf2e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-vcl-time-ms: 91
date: Fri, 04 Nov 2022 18:52:06 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_523%2Cw_940%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//media.nbcwashington.com/2022/10/POWERBALL-1B.jpg%3Fquality%3D85%26strip%3Dall%26fit%3D1200%252C675
age: 180840
edge-cache-tag: 511689560195562614891153945690714584765,583871214053319515287197068629212291723,29ecf9b93bbf306179626feeda1fab70
cache-tag: 511689560195562614891153945690714584765,583871214053319515287197068629212291723,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: MISS, MISS, MISS, HIT, MISS
x-envoy-upstream-service-time: 856
req-referer: https://www.nbcwashington.com/
content-length: 48764
x-request-id: 5d1065bca65df2aa73313dd5dc0d1ec0
x-backend-name: CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb804
x-served-by: cache-iad-kjyo7100049-IAD, cache-iad-kjyo7100040-IAD, cache-lga21927-LGA, cache-iad-kjyo7100078-IAD, cache-fra-eddf8230022-FRA
last-modified: Mon, 31 Oct 2022 18:28:08 GMT
server: nginx
x-timer: S1667587927.766071,VS0,VE91
etag: "bbd6b66b4da5e01af6936a74ca1604a7"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 51, 0

POST
H/1.1 200
OK event Show response
nbcu.demdex.net/ 3 KB
2 KB 38ms
38ms XHR
application/json 54.76.60.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://nbcu.demdex.net/event?d_dil_ver=9.5&_ts=1667587926599

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/a2ef59fba8e9/3ba8c6b033ff/launch-6a742ce4ddf5.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.76.60.98 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-76-60-98.eu-west-1.compute.amazonaws.com

Software

Resource Hash

747ce3629cffbd8a71d882029a7f2acb1c1aa3efa68838ae71001f407f152c5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.nbcwashington.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

DCS: dcs-prod-irl1-1-v045-09f6df340.edge-irl1.demdex.com 6 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: ezR0eOUMRBo=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.nbcwashington.com
Content-Type: application/json;charset=utf-8
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 976
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 s62772036625481
nbcume.sc.omtrdc.net/b/ss/nbcuotsdivisiontotal/1/JS-2.2.0-LCS4/ 43 B
347 B 23ms
22ms Image
image/gif 15.236.176.210
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://nbcume.sc.omtrdc.net/b/ss/nbcuotsdivisiontotal/1/JS-2.2.0-LCS4/s62772036625481?AQB=1&ndh=1&pf=1&t=4%2F10%2F2022%2018%3A52%3A6%205%200&mid=82384461950396243241762757879631090499&aid=31B2AFAADCACDA4F-60000F90C2C171B8&aamlh=6&ce=UTF-8&pageName=investigations%3Adetail%20content%20page&g=https%3A%2F%2Fwww.nbcwashington.com%2Finvestigations%2Finside-the-battle-against-ransomware-attacks%2F2961727%2F&cc=USD&ch=investigations&server=nbcwashington&events=event1&c1=investigations&v1=D%3Dc1&c2=article%20-%20general&v3=D%3Dc3&v4=D%3Dc4&v5=investigations%3Adetail%20content%20page&c6=https%3A%2F%2Fwww.nbcwashington.com%2Finvestigations%2Finside-the-battle-against-ransomware-attacks%2F2961727%2F&v6=D%3Dc6&c8=nbc&v8=D%3Dc8&c9=dc&v9=D%3Dc9&c10=WRC&v10=D%3Dc10&v12=D%3Dc12&v13=D%3Dc13&v15=D%3Dc15&v16=D%3Dc16&v17=D%3Dc17&c18=matt%20stabley&c19=false&c20=nbcuotsdivisiontotal&c21=10142961727&v21=D%3Dc21&c22=Inside%20the%20Battle%20Against%20Ransomware%20Attacks&v22=D%3Dc22&c23=article%20lead%20video%20embed&v23=D%3Dc23&c25=jodie%20fleischer%2C%20rick%20yarborough%2C%20steve%20jones&v25=D%3Dc25&v28=D%3Dc28&c29=investigations%2C%20news%2C%20local%2C%20ransomware&v29=D%3Dc29&c30=washington%20dc&c32=no%20keyword&v32=D%3Dc32&c48=desktop&c49=Inside%20the%20Battle%20Against%20Ransomware%20Attacks%20%E2%80%93%20NBC4%20Washington&v49=D%3Dc49&v54=nbcwashington&v55=investigations&c57=home%20top%20stories%2C%20local%2C%20news4%20i-team&v57=D%3Dc57&c59=feb%2004%2C%202022%2019%3A45%3A17%20pm%20est&v59=D%3Dc59&v68=D%3Dc68&c70=feb%2004%2C%202022%2017%3A49%3A44%20pm%20est&v70=D%3Dc70&c74=page%20not%20sponsored&v74=D%3Dc74&v75=D%3Dc75&v76=page%20not%20sponsored&v80=D%3Dc2&v81=10142961727&v90=ransomware&pe=ms_s&pev3=video&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=A8AB776A5245B4220A490D44%40AdobeOrg&AQE=1

Requested by

Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.236.176.210 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-236-176-210.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 18:52:06 GMT
x-content-type-options: nosniff
last-modified: Sat, 05 Nov 2022 18:52:06 GMT
server: jag
etag: 3581117804817481728-4619808412052867304
vary: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: *
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0, no-transform, private
content-length: 43
x-xss-protection: 1; mode=block
expires: Thu, 03 Nov 2022 18:52:06 GMT

GET
H2 204 debug
am-trc-events.taboola.com/nbcots-wrc-tv/log/2/ 0
89 B 15ms
15ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/nbcots-wrc-tv/log/2/debug?tim=18%3A52%3A06.613&type=info&msg=Finish%20Rendering%20Right%20Rail%20Thumbnails%20-%20Fallback&llvl=2&id=3509&cv=20221102-48-RELEASE&lt=deflated&pct=1
Requested by: Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:52:06 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 14270

GET
H2 200 c40301bfbec9837bb83765abf5bfb64b.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_67%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ 3 KB
4 KB 8ms
8ms Image
image/webp 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_67%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c40301bfbec9837bb83765abf5bfb64b.jpg
Requested by: Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: c56feace12d286075153ea5106de444475723ccb149b9afedefe5e54a77b1c9a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Fri, 04 Nov 2022 18:52:06 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_67%2Cw_120%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/c40301bfbec9837bb83765abf5bfb64b.jpg
age: 810078
edge-cache-tag: 546958493222635699882515151545245029967,384546063800215356513993958895285648237,29ecf9b93bbf306179626feeda1fab70
cache-tag: 546958493222635699882515151545245029967,384546063800215356513993958895285648237,29ecf9b93bbf306179626feeda1fab70
x-cache: HIT, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time: 152
expiration: expiry-date="Thu, 17 Nov 2022 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://zlive-news.de/
content-length: 3068
x-backend-name: LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by: cache-iad-kiad7000050-IAD, cache-iad-kcgs7200112-IAD, cache-lax10652-LGB, cache-iad-kjyo7100171-IAD, cache-fra-eddf8230022-FRA
last-modified: Mon, 17 Oct 2022 12:44:32 GMT
server: nginx
x-timer: S1667587927.767693,VS0,VE1
etag: "e7fc008a143ea081be1db363a9f4f8d3"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 0, 0, 0, 1

GET
H2 200 n.js Show response
geo.moatads.com/ 84 B
255 B 106ms
38ms Script
text/html 52.215.141.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.moatads.com/n.js?e=35&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CE%24%3D!!t*8Wi_lOfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-HQPfcs6wZ10QbMk%2BqjMratT%2F8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-3wQSTAc2oUtvHw%3D%3D&sc=1&os=1-fg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&i=NBCUV2&hp=1&wf=1&ra=1&pxm=5&sgs=3&vb=6&cm=7&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1667587926662&de=293686430143&m=0&ar=48843429bae-clean&iw=da7ecb3&q=3&cb=0&ym=0&cu=1667587926662&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=36877698%3A3078332534%3A6106303393%3A138404312194&zGSRC=1&zMoatPS=bottombox&zMoatST=-&zMoatDomain=nbcwashington.com&zMoatSubdomain=nbcwashington.com&zMoatSc=-&zMoatVp=-&zMoatRawVp=-&zMoatJS=-&zMoatDR=-&zMoatMMV_MAX=dataAvailable&zMoatMSafety=unsafe&zMoatMGV_MAX=dataAvailable&zMoatMMV=dataAvailable&zMoatMGV=dataAvailable&zMoatMData=1&zMoatTag=-&zMoatSZ=-&zMoatCURL=nbcwashington.com%2Finvestigations%2Finside-the-battle-against-ransomware-attacks%2F2961727&zMoatDev=Desktop&zGSRS=1&gu=https%3A%2F%2Fwww.nbcwashington.com%2Finvestigations%2Finside-the-battle-against-ransomware-attacks%2F2961727%2F&id=1&ii=4&bo=124194738&bd=140065698&zMoatOrigSlicer1=124194738&zMoatOrigSlicer2=140065698&gw=nbcuniversal134024534264&fd=1&it=500&ti=0&ih=2&pe=1%3A2422%3A2422%3A0%3A2763&tz=bottombox&iq=dataAvailable&tt=dataAvailable&tu=1&tp=unsafe&jk=-1&jm=-1&fs=200871&na=181543442&cs=0&ord=1667587926662&jv=338113772&callback=DOMlessLLDcallback_41529048
Requested by: Host: z.moatads.com
URL: https://z.moatads.com/nbcuniversal134024534264/moatad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.141.21 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-141-21.eu-west-1.compute.amazonaws.com
Software: Microsoft-IIS/6.0 /
Resource Hash: 93efa0874c0e78066882313ce513c98cd2ec3a7f6cbdd20a63d31f31a48d4779

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:52:06 GMT
cache-control: max-age=900
server: Microsoft-IIS/6.0
timing-allow-origin: *
etag: "05ad2484fdbeae51a6ced812e7e7d6cfd118e031"
content-length: 84
content-type: text/html; charset=UTF-8

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7047 0
0 79ms
50ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuWx1IxjelKM4_Mp9ZzZwFnM1qJNXgB7fIxnbkPIIneoWpY_W1eQeciUS1eEP6yiKrMccwakaHibzcvC4J9kOjCiR2Vhkc33zmZRw93s0xWZltn6H_QMepV_EEb5iDy9P7GaXF9nbonMbjBOPJoYZcGD0SHgB9HMnE7P30sMTEj890YB-BTJR8Drz5aWYPQ8CqIs6apZDtmJpw4XDjyUhlKc4RfHy82cOePHtLEnhBxOqMgVjvNH99NJDFJw8qVMpO69gIJHbtW2KyzFgOVWJZIqva77JxxRudsjrkxt3aLoDRu39YsYz6bM8CKGxPrOz8JN-hq7mPZEK9gDkmee2RBRMM&sai=AMfl-YRSSC4QeuZxYxcdHZOTO-nIuF8mRQ5aOOFTENXgeT4nOhnkxWsKf83-4eJlHpGiGovR4XpKpRs74-9m4Ap6tJgqxsNZ_ddGeWoIM08-_zzg3eihXFwTkbkpJU_dJTyXCw&sig=Cg0ArKJSzAwlkEKw2Z8oEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:52:06 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 04 Nov 2022 18:52:06 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame C13B 0
0 56ms
50ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvKIWYYZVMLJWwwFk58iFJebO2EK0hN04RMHIrxbRNR8hdVxuYHavLG2ki67pHxnRxyF14HThOubdG_fQYc1t389hlhf_x2z3pew8Hf8ErO5ZdxR0G41WjZOd6GL7mZr7IjkKHmSAbTfhAbuKIGsG1KQ4c6EuJREeKbQuLCgiIfleivHU4E0CvFcZ5ZXYWH9mwgxuezyoZ6dCiPJj47WKJaL9MrlQUa6oE0NyXfdwiDCaHZWXermuuWQlFMVOtzw-Lg7yYPf3u7SpfJhavrBTtaDh63KOXaakoqWpWRShOt0mAwLo8Rgdkc7-3Rgqy8LxaoTa_A52sRYTU40nMPhr3tXcSV&sai=AMfl-YRN_FbTcXyY_VJHn5DyrARqhcq_eHnbEYHG_7Gea9EJUO13umYjLZvhPa2CUTCPNZ0DFsNTc1OqnNIQlfVVsfduLAU9k089dZ2O6Omx9ZwFzn0MmTHOMdouZ5VrBew9P74NNw&sig=Cg0ArKJSzDjIvDgyMAZnEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:52:06 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 04 Nov 2022 18:52:06 GMT

GET
H2 204 event.gif
beacon.krxd.net/ 0
455 B 158ms
30ms Image
text/plain 52.208.54.255
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/event.gif?event_id=JnqJS_Pa&event_type=rtg&ord=1667587926709
Requested by: Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.54.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-54-255.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-served-by: beacon-n008-dub-prod.krxd.net
date: Fri, 04 Nov 2022 18:52:06 GMT
cache-control: private, no-cache, no-store
x-request-time: D=33 t=1667587926
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame D536 0
0 49ms
49ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvb1ZDtQIUJU1bteVmUq0rdeWdaRtW4Hde9ffqsQOpcsorEH8jhrHpU0-olOLT4b9OJcEnn7sx77XHFsItiO1g-6U6pRSu_zn2A4LwXFLvgIwUIbJNvbpk0S_8apjb9_KCWkLe5xiBzmdbdfalNBZmr1jNflGLWtQc4bG55jfupDMw-JiHToWqNe4jpbhGDwkPYY8IPHIok8Wbd_BkeKOfgSjK-2X2PThw1GX6ddULbujvWljUSIU41SihG8_m-i9MMts3aadGxD1BzYLTAzbf4fGK1_El-CCAfzEjKfwy2CfXDY9eEuH82F4bCKxsA8OZylOAkP1-zuiwnC7Zr4VZfreYRvROmBw&sai=AMfl-YQfTowF0pu4251Lnrc1D-iHuKO9aJWJkLD-CAcxFUxV--_Z1X-HIiGj9A2bBDtbQM1p7AVQbPy_VGCKIm_Gl1o15goVofYU45JdNMWydBp8SUcIBLREUUf1pf8E5bkOVA&sig=Cg0ArKJSzJkBVoL3vf1SEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:52:06 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 04 Nov 2022 18:52:06 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 48ms
10ms Image
image/gif 2.19.107.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=17&i=NBCUV2&hp=1&wf=1&ra=1&pxm=5&sgs=3&vb=6&cm=10&kq=1&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&bq=0&f=0&j=&t=1667587926745&de=855759384092&m=0&ar=48843429bae-clean&iw=da7ecb3&q=12&cb=0&ym=0&cu=1667587926745&ll=2&lm=0&ln=1&r=0&em=0&en=0&d=207061818%3A2956387664%3A5865958469%3A138377266318&zGSRC=1&zMoatPS=logo&zMoatST=-&zMoatDomain=nbcwashington.com&zMoatSubdomain=nbcwashington.com&zMoatSc=-&zMoatVp=-&zMoatRawVp=-&zMoatJS=-&zMoatDR=-&zMoatMMV_MAX=dataAvailable&zMoatMSafety=unsafe&zMoatMGV_MAX=dataAvailable&zMoatMMV=dataAvailable&zMoatMGV=dataAvailable&zMoatMData=1&zMoatTag=-&zMoatSZ=-&zMoatCURL=nbcwashington.com%2Finvestigations%2Finside-the-battle-against-ransomware-attacks%2F2961727&zMoatDev=Desktop&zGSRS=1&gu=https%3A%2F%2Fwww.nbcwashington.com%2Finvestigations%2Finside-the-battle-against-ransomware-attacks%2F2961727%2F&id=1&ii=4&bo=124194738&bd=140065698&zMoatOrigSlicer1=124194738&zMoatOrigSlicer2=140065698&gw=nbcuniversal134024534264&fd=1&it=500&ti=0&ih=2&pe=1%3A2422%3A2422%3A0%3A2763&tz=logo&iq=dataAvailable&tt=dataAvailable&tu=1&tp=unsafe&jk=-1&jm=-1&fs=200871&na=1598499767&cs=0
Requested by: Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.107.55 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-107-55.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 18:52:06 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 04 Nov 2022 18:52:06 GMT

GET
H2 204 event.gif
beacon.krxd.net/ 0
456 B 110ms
30ms Image
text/plain 52.208.54.255
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/event.gif?event_id=JnqJS_Pa&event_type=rtg&ord=1667587926745
Requested by: Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.54.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-54-255.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-served-by: beacon-n005-dub-prod.krxd.net
date: Fri, 04 Nov 2022 18:52:06 GMT
cache-control: private, no-cache, no-store
x-request-time: D=34 t=1667587926
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6C3A 0
0 49ms
48ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstLAGf-9KQwA9QLl7eSxY7YmrAS0xs4TLAE9jieYanfbJcq3vHiZ4XxRKtJQSauiTrt750kQb7JDY5hMkNJXjMZa1vtc8IdmAXYqW71_VAupadRg0zEO8lwRB595wjgVsddyH86DIS6N6eYMrdXt_2OjgGA77j2fvAiEBWSGiD2oXIB_UPf7vVRV4a1R-3k31i3ZyrvXbAvpHG3HFr27qy8vCW3Kx36dhXguU_3eGnRwlNP59lOophgJprmguJqDMQiqzjgqr9-j4s83oFevrs5EGQRK-8ZhXtT1dIwst_8Rbj0WseDGrzwPuVWZKhLQYkonPXttigI5luSB1DrmoIbg2Q&sai=AMfl-YQzQb_Qy1dmOW-3Fh8jFp4yMBS4-4LuqEKi_GE00I240nJD0oViivrh_zzdtjb7OchWKdgV0RZsuvCHhVDSYwxedrEzibRTkLLF63nAUwO7ByTDHNaWa-2PzY_xBpkctA&sig=Cg0ArKJSzFN3m06fJrdzEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:52:06 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 04 Nov 2022 18:52:06 GMT

GET
DATA 200
OK truncated
/ 862 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eae77f352b46db2bbb05689f634c340e0ce7bb6fa88997258977fd8d5950c758

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 204 / Show response
nbcume.hb.omtrdc.net/ 0
39 B 103ms
103ms XHR
text/plain 13.36.218.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://nbcume.hb.omtrdc.net/?s:sc:rsid=nbcuotsdivisiontotal&s:sc:tracking_server=nbcume.sc.omtrdc.net&h:sc:ssl=1&s:user:aid=31B2AFAADCACDA4F-60000F90C2C171B8&s:user:mid=82384461950396243241762757879631090499&s:aam:blob=6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y&l:aam:loc_hint=6&s:sp:ovp=theplatform&s:sp:sdk=mpx-javascript-player-sdk&s:sp:channel=WRC&s:sp:player_name=An%20Inside%20Look%20At%20the%20Battle%20Against%20Ransomware%20Attacks%20%E2%80%93%20NBC4%20Washington&s:sp:hb_version=js-n-1.6.9.113-3dff70&l:sp:hb_api_lvl=4&s:event:sid=166758792659495920634&s:event:type=start&l:event:duration=0&l:event:playhead=0&l:event:ts=1667587926601&l:event:prev_ts=-1&s:asset:type=main&s:asset:name=Battling%20the%20Rise%20of%20Ransomware%20Attacks&s:asset:video_id=14654292097&s:asset:publisher=A8AB776A5245B4220A490D44%40AdobeOrg&l:asset:length=349&s:stream:type=VOD%20Clip&l:stream:bitrate=50000&l:stream:fps=29&l:stream:dropped_frames=0&l:stream:startup_time=0&s:meta:ovp=html5&s:meta:player_type=articleplayer%20lead&s:meta:network=nbc&s:meta:videomarketorigination=WRC&s:meta:videocontentsource=WEBFM&s:meta:minute=18%3A52&s:meta:hour=18%3A00&s:meta:day=Friday&s:meta:date=11%2F04%2F2022&s:meta:videotargetcontentid=10142961727&s:meta:videompxid=1999915587871&s:meta:platform=desktop&s:meta:businessunit=DC&s:meta:videopageurl=https%3A%2F%2Fwww.nbcwashington.com%2Finvestigations%2Finside-the-battle-against-ransomware-attacks%2F2961727%2F&s:meta:continuousplay=first%20play&s:meta:videotag=investigations%2C%20ransomware-attacks&s:meta:videocollection=OTT%20Local

Requested by

Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/wp-content/themes/nbc-station/static/video/videoHeartbeat/VideoHeartbeat.1.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 04 Nov 2022 18:52:06 GMT
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-content-type-options: nosniff
server: jag
x-xss-protection: 1; mode=block

GET
H2 204 / Show response
nbcume.hb.omtrdc.net/ 0
39 B 104ms
103ms XHR
text/plain 13.36.218.177
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/wp-content/themes/nbc-station/static/video/videoHeartbeat/VideoHeartbeat.1.0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.36.218.177 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-13-36-218-177.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 04 Nov 2022 18:52:05 GMT
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-content-type-options: nosniff
server: jag
x-xss-protection: 1; mode=block

GET
H2 204 supply-feature
am-trc-events.taboola.com/nbcots-wrc-tv/log/3/ 0
230 B 15ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/nbcots-wrc-tv/log/3/supply-feature?route=AM:AM:V&lti=deflated&ri=e8a9d1e34d8185b0078e6685dd1c8282&sd=v2_95d710b4cf493a0eecb39e6902a1cbeb_6ffb4465-f529-48c2-8b0e-cd224916eb98-tucta5ee4d5_1667587925_1667587925_CNawjgYQnfY-GL_N8Z_EMCABKAEwODib4wlAgooQSMzK2QNQpewQWABgAGiKz_O9ts7MhmZwAA&ui=6ffb4465-f529-48c2-8b0e-cd224916eb98-tucta5ee4d5&pi=2961727&wi=-3137518505971700602&pt=text&vi=1667587925695&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22AVAILABLE%22%2C%22event_value%22%3A%22%22%2C%22event_msg%22%3A%22%22%2C%22event_key%22%3A%22%22%7D&tim=18%3A52%3A06.892&id=4208&llvl=2&cv=20221102-48-RELEASE&
Requested by: Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 04 Nov 2022 18:52:06 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 abtests
am-trc-events.taboola.com/nbcots-wrc-tv/log/3/ 0
230 B 15ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/nbcots-wrc-tv/log/3/abtests?route=AM:AM:V&lti=deflated&ri=e8a9d1e34d8185b0078e6685dd1c8282&sd=v2_95d710b4cf493a0eecb39e6902a1cbeb_6ffb4465-f529-48c2-8b0e-cd224916eb98-tucta5ee4d5_1667587925_1667587925_CNawjgYQnfY-GL_N8Z_EMCABKAEwODib4wlAgooQSMzK2QNQpewQWABgAGiKz_O9ts7MhmZwAA&ui=6ffb4465-f529-48c2-8b0e-cd224916eb98-tucta5ee4d5&pi=2961727&wi=-3137518505971700602&pt=text&vi=1667587925695&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22explore-more%22%2C%22type%22%3A%22header%20found%22%2C%22eventTime%22%3A1667587926901%7D&tim=18%3A52%3A06.901&id=3347&llvl=2&cv=20221102-48-RELEASE&
Requested by: Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 04 Nov 2022 18:52:06 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 supply-feature
am-trc-events.taboola.com/nbcots-wrc-tv/log/3/ 0
230 B 15ms
15ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/nbcots-wrc-tv/log/3/supply-feature?route=AM:AM:V&lti=deflated&ri=e8a9d1e34d8185b0078e6685dd1c8282&sd=v2_95d710b4cf493a0eecb39e6902a1cbeb_6ffb4465-f529-48c2-8b0e-cd224916eb98-tucta5ee4d5_1667587925_1667587925_CNawjgYQnfY-GL_N8Z_EMCABKAEwODib4wlAgooQSMzK2QNQpewQWABgAGiKz_O9ts7MhmZwAA&ui=6ffb4465-f529-48c2-8b0e-cd224916eb98-tucta5ee4d5&pi=2961727&wi=-3137518505971700602&pt=text&vi=1667587925695&d=%7B%22event_type%22%3A%22EXPLORE_MORE%22%2C%22event_state%22%3A%22CLICKABLE%22%2C%22event_value%22%3A%22tblOriginalState%3A%20true%22%2C%22event_msg%22%3A%22back%20button%20enabled%2C%20history%20changed.%22%2C%22event_key%22%3A%22%22%7D&tim=18%3A52%3A06.902&id=6842&llvl=2&cv=20221102-48-RELEASE&
Requested by: Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 04 Nov 2022 18:52:06 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 10ms
10ms Image
image/gif 2.19.107.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&wf=1&ra=1&pxm=5&sgs=3&vb=6&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2Ftpc.googlesyndication.com%2Fsimgad%2F4096433298112001959&i=NBCUV2&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CE%24%3D!!t*8Wi_lOfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-HQPfcs6wZ10QbMk%2BqjMratT%2F8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-3wQSTAc2oUtvHw%3D%3D&sc=1&os=1-fg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&bq=0&g=0&h=60&w=120&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.nbcwashington.com%2Finvestigations%2Finside-the-battle-against-ransomware-attacks%2F2961727%2F&id=1&ii=4&cm=10&f=0&j=&t=1667587926745&de=855759384092&cu=1667587926745&m=1667587925956&ar=48843429bae-clean&iw=da7ecb3&cb=0&ym=0&zMoatSc=1600x1200&zMoatVp=1600x1200&zMoatRawVp=1600x1200&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=9320&le=1&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A-%3A-&pe=1%3A2422%3A2422%3A0%3A2763&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&bu=8&cd=0&ah=8&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=207061818%3A2956387664%3A5865958469%3A138377266318&bo=124194738&bd=140065698&gw=nbcuniversal134024534264&zMoatOrigSlicer1=124194738&zMoatOrigSlicer2=140065698&zMoatDomain=nbcwashington.com&zMoatSubdomain=nbcwashington.com&zMoatPS=logo&zMoatST=-&zMoatJS=3%3A-&zMoatDR=-&zMoatMMV_MAX=dataAvailable&zMoatMSafety=unsafe&zMoatMGV_MAX=dataAvailable&zMoatMMV=dataAvailable&zMoatMGV=dataAvailable&zMoatMData=1&zMoatTag=-&zMoatSZ=-&zMoatCURL=nbcwashington.com%2Finvestigations%2Finside-the-battle-against-ransomware-attacks%2F2961727&zMoatDev=Desktop&hv=DOMSEARCH&ab=3&fd=1&kt=strict&it=500&oq=0&ot=0&ti=0&ih=2&jk=-1&jm=1&tz=logo&iq=dataAvailable&tt=dataAvailable&tu=1&tp=unsafe&tc=0&fs=200871&na=891629863&cs=0
Requested by: Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.107.55 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-107-55.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 18:52:06 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 04 Nov 2022 18:52:06 GMT

GET
H2 200 pixel.gif
nbcudisplay.s.moatpixel.com/ 43 B
260 B 130ms
10ms Image
image/gif 23.35.229.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nbcudisplay.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=3&fi=1&apd=5&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=nbcwashington.com&L1id=119401458&L2id=296852298&L3id=5943191008&L4id=138405898667&S1id=124194738&S2id=140065698&ord=1667587926709&r=463764337900&t=meas&os=1&fi2=0&div1=0&ait=0&bedc=1&q=1&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Requested by: Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 18:52:07 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 04 Nov 2022 18:52:07 GMT

GET
H2 200 pixel.gif
nbcudisplay.s.moatpixel.com/ 43 B
260 B 131ms
11ms Image
image/gif 23.35.229.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nbcudisplay.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=3&fi=1&apd=5&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=nbcwashington.com&L1id=119401458&L2id=296852298&L3id=5943191008&L4id=138405898667&S1id=124194738&S2id=140065698&ord=1667587926709&r=463764337900&t=fv&os=1&fi2=0&div1=0&ait=0&bedc=1&q=2&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Requested by: Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 18:52:07 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 04 Nov 2022 18:52:07 GMT

GET
H2 200 pixel.gif
nbcudisplay.s.moatpixel.com/ 43 B
260 B 131ms
11ms Image
image/gif 23.35.229.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nbcudisplay.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=203&fi=1&apd=205&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=nbcwashington.com&L1id=119401458&L2id=296852298&L3id=5943191008&L4id=138405898667&S1id=124194738&S2id=140065698&ord=1667587926709&r=463764337900&t=hdn&os=1&fi2=0&div1=0&ait=100&bedc=1&q=3&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Requested by: Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 18:52:07 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 04 Nov 2022 18:52:07 GMT

GET
H2 200 pixel.gif
nbcudisplay.s.moatpixel.com/ 43 B
260 B 132ms
13ms Image
image/gif 23.35.229.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nbcudisplay.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=8&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=nbcwashington.com&L1id=207061818&L2id=2956387664&L3id=5865958469&L4id=138377266318&S1id=124194738&S2id=140065698&ord=1667587926745&r=855759384092&t=meas&os=0&fi2=0&div1=0&ait=0&bedc=1&q=1&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Requested by: Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 18:52:07 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 04 Nov 2022 18:52:07 GMT

GET
H2 200 pixel.gif
nbcudisplay.s.moatpixel.com/ 43 B
260 B 108ms
13ms Image
image/gif 23.35.229.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nbcudisplay.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=199&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=nbcwashington.com&L1id=207061818&L2id=2956387664&L3id=5865958469&L4id=138377266318&S1id=124194738&S2id=140065698&ord=1667587926745&r=855759384092&t=hdn&os=0&fi2=0&div1=0&ait=0&bedc=1&q=2&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Requested by: Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 18:52:07 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 04 Nov 2022 18:52:07 GMT

GET
H2 200 pixel.gif
nbcudisplay.s.moatpixel.com/ 43 B
260 B 106ms
12ms Image
image/gif 23.35.229.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nbcudisplay.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=199&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=nbcwashington.com&L1id=207061818&L2id=2956387664&L3id=5865958469&L4id=138377266318&S1id=124194738&S2id=140065698&ord=1667587926745&r=855759384092&t=nht&os=0&fi2=0&div1=0&ait=0&bedc=1&q=3&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Requested by: Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 18:52:07 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 04 Nov 2022 18:52:07 GMT

GET
H2 204 event.gif
beacon.krxd.net/ 0
337 B 31ms
31ms Image
text/plain 52.208.54.255
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/event.gif?event_id=KnpkLvA_&event_type=rtg
Requested by: Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.54.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-54-255.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-served-by: beacon-n010-dub-prod.krxd.net
date: Fri, 04 Nov 2022 18:52:06 GMT
cache-control: private, no-cache, no-store
x-request-time: D=91 t=1667587926
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 st Show response
imprammp.taboola.com/ Frame D327 742 B
552 B 24ms
19ms Document
text/html 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V79vsCFgPmaIha7nB_EATmaIha7nB_EAUAAAAGBvQHJLhczUa-1WQt8808btFiMlwrLIuNW2YbeYYTi8ewMbmGQILL1WzkW03WMt_M4xYtJsO1wrLYuGW2kWc4sXgMG5NrCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8bxNB0Onyue73u97vLLR7fw3N02n2mv92u8bv9Srvt5Tk9fQ7T02_3_JV2z9PkcouOLrfEYTqdXW6Fz-G0e05vycPu-bt9D8vLrTCdHh6v5y9Zzha7yW4vBwAAAICH____fwgAAACACAAAAAAJAAAAAIqAin8LgQsAAAAAjP___38NACgOhnPdrS-70eH6vOz-AAAAAAABAAAAIAEQeN8vAbAAyzn5_________48ZoM-8kfn___-_MegBePABeBACAAD4GEKA-osTzrv6JSq4LWIEAAAAICsafXg0qRMqi6r___9-K4ArAIAAwiH-s5ks3UGJtzAAAICBsQV6WPx-s8Ou8btd9v________9v9n_2jyZEZGaWFsQCAKD2CwgAsPYLCADApm4AAG8CcEFH0IrBYHUEMRstZwcAAABw9____68HkquRbzGYmDY203KzMKxcHotnubItB5OFY2NxWbyX-ZGxK2RiINIXIiyz33dQUE5Pj9llEBVdb4vd4TR7DuKDhmE5GQTzm7DFaDWZbJbD2XIxGQxHw9FofwMx2A1wIgbL5WSymOxWo9VoM9yNZoMFCsRgghQtGkxWo9FkMRmuRpPVbLnY7TZI0arVbLQZDFezyWy3Ww0Hw-VohBO2GK0mk81yOFsuJoPhaDgaDRHGZjaLaTRbrWWuyXItGm4sa-HEsHJrTJbJaLmYrSzO4Vr0-pgerpXLNHJtUTCgYi-Sp0U60VhcJpttN9qMNjaTbWVZLQeT0WRmWxhWvsHMsrCIJZqTRTqRXfbN1ci3GExMG5tpuVkYVi6PxbNc2ZaDycKxsbgs_trMZjGNZqu1zDVZrkXDjWUtnBhWbo3JMhktF7OVxTlci14f08O1cplGrn1jNtuthrvlZLVvzGa71XC3nKz2HTrDd_U5G3Wbs60j8-vEab_F5jAoXAaL9ycxLabd2cHz-x2dNvVLWdQZhZfv0WtQeA4e00v995mjz29NdFt7DwZFLBFcpBO5xeM3fd66y8ctul3EEqXpIp1IlrPFbrKbiCWC00U6Eb2Mp4v6jw-xG84Vs8lcMljOFZvVKgEAAAAAAAAALGHOvAkAAADAaRDLyWqwW-dBjGaz0WS1XICH3Q7dH1s_i3CekNZd6rolxeMrVsPixo8b3OLxmz5v3eXjFt2uDPCge8y8-TNBrNVqWQMAAAhgAwAABHDr5i0gzIr_____jwMAAJCRowcAAKDfB4JyoNALP3LlJ8jBaDM!&cmcv=&pix=undefined&cb=1667587927051&uv=3239&tms=1667587927051&abt=fuvClient1_vA!nrlc_vA!spa2_vA!t45!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=8956d752-f7fc-4128-a21c-f6d38bbc0cd5&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.9.5/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 878a2c6c7257a40f4bd4a98b8e865f1307fadd09a359b067f19049d6f096a4c3

Request headers

Referer: https://www.nbcwashington.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-type: text/html;charset=ISO-8859-1
date: Fri, 04 Nov 2022 18:52:07 GMT
server: nginx
vary: Accept-Encoding
via: 1.1 varnish
x-cache: MISS
x-cache-hits: 0
x-served-by: cache-fra-eddf8230022-FRA
x-timer: S1667587927.058697,VS0,VE11

GET
H2 200 sync Show response
am-match.taboola.com/ Frame B843 742 B
827 B 55ms
14ms Document
text/html 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://am-match.taboola.com/sync?dast=V79vsCFgPmaIha7nB_EATmaIha7nB_EAUAAAAGBvQHJLhczUa-1WQt8808btFiMlwrLIuNW2YbeYYTi8ewMbmGQILL1WzkW03WMt_M4xYtJsO1wrLYuGW2kWc4sXgMG5NrCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8bxNB0Onyue73u97vLLR7fw3N02n2mv92u8bv9Srvt5Tk9fQ7T02_3_JV2z9PkcouOLrfEYTqdXW6Fz-G0e05vycPu-bt9D8vLrTCdHh6v5y9Zzha7yW4vBwAAAICH____fwgAAACACAAAAAAJAAAAAIqAin8LgQsAAAAAjP___38NACgOhnPdrS-70eH6vOz-AAAAAAABAAAAIAEQeN8vAbAAyzn5_________48ZoM-8kfn___-_MegBePABeBACAAD4GEKA-osTzrv6JSq4LWIEAAAAICsafXg0qRMqi6r___9-K4ArAIAAwiH-s5ks3UGJtzAAAICBsQV6WPx-s8Ou8btd9v________9v9n_2jyZEZGaWFsQCAKD2CwgAsPYLCADApm4AAG8CcEFH0IrBYHUEMRstZwcAAABw9____68HkquRbzGYmDY203KzMKxcHotnubItB5OFY2NxWbyX-ZGxK2RiINIXIiyz33dQUE5Pj9llEBVdb4vd4TR7DuKDhmE5GQTzm7DFaDWZbJbD2XIxGQxHw9FofwMx2A1wIgbL5WSymOxWo9VoM9yNZoMFCsRgghQtGkxWo9FkMRmuRpPVbLnY7TZI0arVbLQZDFezyWy3Ww0Hw-VohBO2GK0mk81yOFsuJoPhaDgaDRHGZjaLaTRbrWWuyXItGm4sa-HEsHJrTJbJaLmYrSzO4Vr0-pgerpXLNHJtUTCgYi-Sp0U60VhcJpttN9qMNjaTbWVZLQeT0WRmWxhWvsHMsrCIJZqTRTqRXfbN1ci3GExMG5tpuVkYVi6PxbNc2ZaDycKxsbgs_trMZjGNZqu1zDVZrkXDjWUtnBhWbo3JMhktF7OVxTlci14f08O1cplGrn1jNtuthrvlZLVvzGa71XC3nKz2HTrDd_U5G3Wbs60j8-vEab_F5jAoXAaL9ycxLabd2cHz-x2dNvVLWdQZhZfv0WtQeA4e00v995mjz29NdFt7DwZFLBFcpBO5xeM3fd66y8ctul3EEqXpIp1IlrPFbrKbiCWC00U6Eb2Mp4v6jw-xG84Vs8lcMljOFZvVKgEAAAAAAAAALGHOvAkAAADAaRDLyWqwW-dBjGaz0WS1XICH3Q7dH1s_i3CekNZd6rolxeMrVsPixo8b3OLxmz5v3eXjFt2uDPCge8y8-TNBrNVqWQMAAAhgAwAABHDr5i0gzIr_____jwMAAJCRowcAAKDfB4JyoNALP3LlJ8jBaDM!&excid=22&docw=0&cijs=1&nlb=false
Requested by: Host: vidstat.taboola.com
URL: https://vidstat.taboola.com/lite-unit/3.9.5/UnitFeedManagerDesktop.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: f4461fdc5512d2915f67a2b761cfd5ce1166d1f8dd0f07a571bf31eb1c7d0855

Request headers

Referer: https://www.nbcwashington.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-type: text/html;charset=ISO-8859-1
date: Fri, 04 Nov 2022 18:52:07 GMT
machineid: 3408
server: nginx

GET
H2 200 st
am-vid-events.taboola.com/ 0
43 B 51ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-vid-events.taboola.com/st?cijs=convusmp&ttype=45&cisd=convusmp&cipid=66361655&crid=-1&dast=V79vsCFgPmaIha7nB_EATmaIha7nB_EAUAAAAGBvQHJLhczUa-1WQt8808btFiMlwrLIuNW2YbeYYTi8ewMbmGQILL1WzkW03WMt_M4xYtJsO1wrLYuGW2kWc4sXgMG5NrCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8bxNB0Onyue73u97vLLR7fw3N02n2mv92u8bv9Srvt5Tk9fQ7T02_3_JV2z9PkcouOLrfEYTqdXW6Fz-G0e05vycPu-bt9D8vLrTCdHh6v5y9Zzha7yW4vBwAAAICH____fwgAAACACAAAAAAJAAAAAIqAin8LgQsAAAAAjP___38NACgOhnPdrS-70eH6vOz-AAAAAAABAAAAIAEQeN8vAbAAyzn5_________48ZoM-8kfn___-_MegBePABeBACAAD4GEKA-osTzrv6JSq4LWIEAAAAICsafXg0qRMqi6r___9-K4ArAIAAwiH-s5ks3UGJtzAAAICBsQV6WPx-s8Ou8btd9v________9v9n_2jyZEZGaWFsQCAKD2CwgAsPYLCADApm4AAG8CcEFH0IrBYHUEMRstZwcAAABw9____68HkquRbzGYmDY203KzMKxcHotnubItB5OFY2NxWbyX-ZGxK2RiINIXIiyz33dQUE5Pj9llEBVdb4vd4TR7DuKDhmE5GQTzm7DFaDWZbJbD2XIxGQxHw9FofwMx2A1wIgbL5WSymOxWo9VoM9yNZoMFCsRgghQtGkxWo9FkMRmuRpPVbLnY7TZI0arVbLQZDFezyWy3Ww0Hw-VohBO2GK0mk81yOFsuJoPhaDgaDRHGZjaLaTRbrWWuyXItGm4sa-HEsHJrTJbJaLmYrSzO4Vr0-pgerpXLNHJtUTCgYi-Sp0U60VhcJpttN9qMNjaTbWVZLQeT0WRmWxhWvsHMsrCIJZqTRTqRXfbN1ci3GExMG5tpuVkYVi6PxbNc2ZaDycKxsbgs_trMZjGNZqu1zDVZrkXDjWUtnBhWbo3JMhktF7OVxTlci14f08O1cplGrn1jNtuthrvlZLVvzGa71XC3nKz2HTrDd_U5G3Wbs60j8-vEab_F5jAoXAaL9ycxLabd2cHz-x2dNvVLWdQZhZfv0WtQeA4e00v995mjz29NdFt7DwZFLBFcpBO5xeM3fd66y8ctul3EEqXpIp1IlrPFbrKbiCWC00U6Eb2Mp4v6jw-xG84Vs8lcMljOFZvVKgEAAAAAAAAALGHOvAkAAADAaRDLyWqwW-dBjGaz0WS1XICH3Q7dH1s_i3CekNZd6rolxeMrVsPixo8b3OLxmz5v3eXjFt2uDPCge8y8-TNBrNVqWQMAAAhgAwAABHDr5i0gzIr_____jwMAAJCRowcAAKDfB4JyoNALP3LlJ8jBaDM!&cmcv=&pix=31589837&cb=1667587927051&uv=3239&tms=1667587927051&abt=fuvClient1_vA!nrlc_vA!spa2_vA!t45!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&debug=pn:!sqg:!torgn:1667587922364.1!ts:1667587927050&mntl=1
Requested by: Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:52:07 GMT
content-length: 0
server: nginx

GET
H2 200 sync
taboola-supply-partners.tremorhub.com/ Frame D327 43 B
183 B 327ms
104ms Image
image/gif 2600:1f18:612b:4232:669d:1752:f0d7:2482
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V79vsCFgPmaIha7nB_EATmaIha7nB_EAUAAAAGBvQHJLhczUa-1WQt8808btFiMlwrLIuNW2YbeYYTi8ewMbmGQILL1WzkW03WMt_M4xYtJsO1wrLYuGW2kWc4sXgMG5NrCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8bxNB0Onyue73u97vLLR7fw3N02n2mv92u8bv9Srvt5Tk9fQ7T02_3_JV2z9PkcouOLrfEYTqdXW6Fz-G0e05vycPu-bt9D8vLrTCdHh6v5y9Zzha7yW4vBwAAAICH____fwgAAACACAAAAAAJAAAAAIqAin8LgQsAAAAAjP___38NACgOhnPdrS-70eH6vOz-AAAAAAABAAAAIAEQeN8vAbAAyzn5_________48ZoM-8kfn___-_MegBePABeBACAAD4GEKA-osTzrv6JSq4LWIEAAAAICsafXg0qRMqi6r___9-K4ArAIAAwiH-s5ks3UGJtzAAAICBsQV6WPx-s8Ou8btd9v________9v9n_2jyZEZGaWFsQCAKD2CwgAsPYLCADApm4AAG8CcEFH0IrBYHUEMRstZwcAAABw9____68HkquRbzGYmDY203KzMKxcHotnubItB5OFY2NxWbyX-ZGxK2RiINIXIiyz33dQUE5Pj9llEBVdb4vd4TR7DuKDhmE5GQTzm7DFaDWZbJbD2XIxGQxHw9FofwMx2A1wIgbL5WSymOxWo9VoM9yNZoMFCsRgghQtGkxWo9FkMRmuRpPVbLnY7TZI0arVbLQZDFezyWy3Ww0Hw-VohBO2GK0mk81yOFsuJoPhaDgaDRHGZjaLaTRbrWWuyXItGm4sa-HEsHJrTJbJaLmYrSzO4Vr0-pgerpXLNHJtUTCgYi-Sp0U60VhcJpttN9qMNjaTbWVZLQeT0WRmWxhWvsHMsrCIJZqTRTqRXfbN1ci3GExMG5tpuVkYVi6PxbNc2ZaDycKxsbgs_trMZjGNZqu1zDVZrkXDjWUtnBhWbo3JMhktF7OVxTlci14f08O1cplGrn1jNtuthrvlZLVvzGa71XC3nKz2HTrDd_U5G3Wbs60j8-vEab_F5jAoXAaL9ycxLabd2cHz-x2dNvVLWdQZhZfv0WtQeA4e00v995mjz29NdFt7DwZFLBFcpBO5xeM3fd66y8ctul3EEqXpIp1IlrPFbrKbiCWC00U6Eb2Mp4v6jw-xG84Vs8lcMljOFZvVKgEAAAAAAAAALGHOvAkAAADAaRDLyWqwW-dBjGaz0WS1XICH3Q7dH1s_i3CekNZd6rolxeMrVsPixo8b3OLxmz5v3eXjFt2uDPCge8y8-TNBrNVqWQMAAAhgAwAABHDr5i0gzIr_____jwMAAJCRowcAAKDfB4JyoNALP3LlJ8jBaDM!&cmcv=&pix=undefined&cb=1667587927051&uv=3239&tms=1667587927051&abt=fuvClient1_vA!nrlc_vA!spa2_vA!t45!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=8956d752-f7fc-4128-a21c-f6d38bbc0cd5&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4232:669d:1752:f0d7:2482 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Fri, 04 Nov 2022 18:52:07 GMT
server: Apache-Coyote/1.1
content-type: image/gif

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame D327 70 B
264 B 31ms
31ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V79vsCFgPmaIha7nB_EATmaIha7nB_EAUAAAAGBvQHJLhczUa-1WQt8808btFiMlwrLIuNW2YbeYYTi8ewMbmGQILL1WzkW03WMt_M4xYtJsO1wrLYuGW2kWc4sXgMG5NrCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8bxNB0Onyue73u97vLLR7fw3N02n2mv92u8bv9Srvt5Tk9fQ7T02_3_JV2z9PkcouOLrfEYTqdXW6Fz-G0e05vycPu-bt9D8vLrTCdHh6v5y9Zzha7yW4vBwAAAICH____fwgAAACACAAAAAAJAAAAAIqAin8LgQsAAAAAjP___38NACgOhnPdrS-70eH6vOz-AAAAAAABAAAAIAEQeN8vAbAAyzn5_________48ZoM-8kfn___-_MegBePABeBACAAD4GEKA-osTzrv6JSq4LWIEAAAAICsafXg0qRMqi6r___9-K4ArAIAAwiH-s5ks3UGJtzAAAICBsQV6WPx-s8Ou8btd9v________9v9n_2jyZEZGaWFsQCAKD2CwgAsPYLCADApm4AAG8CcEFH0IrBYHUEMRstZwcAAABw9____68HkquRbzGYmDY203KzMKxcHotnubItB5OFY2NxWbyX-ZGxK2RiINIXIiyz33dQUE5Pj9llEBVdb4vd4TR7DuKDhmE5GQTzm7DFaDWZbJbD2XIxGQxHw9FofwMx2A1wIgbL5WSymOxWo9VoM9yNZoMFCsRgghQtGkxWo9FkMRmuRpPVbLnY7TZI0arVbLQZDFezyWy3Ww0Hw-VohBO2GK0mk81yOFsuJoPhaDgaDRHGZjaLaTRbrWWuyXItGm4sa-HEsHJrTJbJaLmYrSzO4Vr0-pgerpXLNHJtUTCgYi-Sp0U60VhcJpttN9qMNjaTbWVZLQeT0WRmWxhWvsHMsrCIJZqTRTqRXfbN1ci3GExMG5tpuVkYVi6PxbNc2ZaDycKxsbgs_trMZjGNZqu1zDVZrkXDjWUtnBhWbo3JMhktF7OVxTlci14f08O1cplGrn1jNtuthrvlZLVvzGa71XC3nKz2HTrDd_U5G3Wbs60j8-vEab_F5jAoXAaL9ycxLabd2cHz-x2dNvVLWdQZhZfv0WtQeA4e00v995mjz29NdFt7DwZFLBFcpBO5xeM3fd66y8ctul3EEqXpIp1IlrPFbrKbiCWC00U6Eb2Mp4v6jw-xG84Vs8lcMljOFZvVKgEAAAAAAAAALGHOvAkAAADAaRDLyWqwW-dBjGaz0WS1XICH3Q7dH1s_i3CekNZd6rolxeMrVsPixo8b3OLxmz5v3eXjFt2uDPCge8y8-TNBrNVqWQMAAAhgAwAABHDr5i0gzIr_____jwMAAJCRowcAAKDfB4JyoNALP3LlJ8jBaDM!&cmcv=&pix=undefined&cb=1667587927051&uv=3239&tms=1667587927051&abt=fuvClient1_vA!nrlc_vA!spa2_vA!t45!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=8956d752-f7fc-4128-a21c-f6d38bbc0cd5&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 04 Nov 2022 18:52:07 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

rtb-h Show response
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame D327
Redirect Chain

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=c7cd7b62-5c71-11ed-bffe-1a7ccaea0506&orig=video&us_privacy=1---gdpr=1&

0
98 B

75ms
13ms

Script
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=c7cd7b62-5c71-11ed-bffe-1a7ccaea0506&orig=video&us_privacy=1---gdpr=1&
Requested by: Host: imprammp.taboola.com
URL: https://imprammp.taboola.com/st?cijs=convusmp&ttype=0&cisd=convusmp&cipid=66361655&crid=-1&dast=V79vsCFgPmaIha7nB_EATmaIha7nB_EAUAAAAGBvQHJLhczUa-1WQt8808btFiMlwrLIuNW2YbeYYTi8ewMbmGQILL1WzkW03WMt_M4xYtJsO1wrLYuGW2kWc4sXgMG5NrCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8bxNB0Onyue73u97vLLR7fw3N02n2mv92u8bv9Srvt5Tk9fQ7T02_3_JV2z9PkcouOLrfEYTqdXW6Fz-G0e05vycPu-bt9D8vLrTCdHh6v5y9Zzha7yW4vBwAAAICH____fwgAAACACAAAAAAJAAAAAIqAin8LgQsAAAAAjP___38NACgOhnPdrS-70eH6vOz-AAAAAAABAAAAIAEQeN8vAbAAyzn5_________48ZoM-8kfn___-_MegBePABeBACAAD4GEKA-osTzrv6JSq4LWIEAAAAICsafXg0qRMqi6r___9-K4ArAIAAwiH-s5ks3UGJtzAAAICBsQV6WPx-s8Ou8btd9v________9v9n_2jyZEZGaWFsQCAKD2CwgAsPYLCADApm4AAG8CcEFH0IrBYHUEMRstZwcAAABw9____68HkquRbzGYmDY203KzMKxcHotnubItB5OFY2NxWbyX-ZGxK2RiINIXIiyz33dQUE5Pj9llEBVdb4vd4TR7DuKDhmE5GQTzm7DFaDWZbJbD2XIxGQxHw9FofwMx2A1wIgbL5WSymOxWo9VoM9yNZoMFCsRgghQtGkxWo9FkMRmuRpPVbLnY7TZI0arVbLQZDFezyWy3Ww0Hw-VohBO2GK0mk81yOFsuJoPhaDgaDRHGZjaLaTRbrWWuyXItGm4sa-HEsHJrTJbJaLmYrSzO4Vr0-pgerpXLNHJtUTCgYi-Sp0U60VhcJpttN9qMNjaTbWVZLQeT0WRmWxhWvsHMsrCIJZqTRTqRXfbN1ci3GExMG5tpuVkYVi6PxbNc2ZaDycKxsbgs_trMZjGNZqu1zDVZrkXDjWUtnBhWbo3JMhktF7OVxTlci14f08O1cplGrn1jNtuthrvlZLVvzGa71XC3nKz2HTrDd_U5G3Wbs60j8-vEab_F5jAoXAaL9ycxLabd2cHz-x2dNvVLWdQZhZfv0WtQeA4e00v995mjz29NdFt7DwZFLBFcpBO5xeM3fd66y8ctul3EEqXpIp1IlrPFbrKbiCWC00U6Eb2Mp4v6jw-xG84Vs8lcMljOFZvVKgEAAAAAAAAALGHOvAkAAADAaRDLyWqwW-dBjGaz0WS1XICH3Q7dH1s_i3CekNZd6rolxeMrVsPixo8b3OLxmz5v3eXjFt2uDPCge8y8-TNBrNVqWQMAAAhgAwAABHDr5i0gzIr_____jwMAAJCRowcAAKDfB4JyoNALP3LlJ8jBaDM!&cmcv=&pix=undefined&cb=1667587927051&uv=3239&tms=1667587927051&abt=fuvClient1_vA!nrlc_vA!spa2_vA!t45!ufm_vE&ft=0&su=6&unm=FEED_MANAGER&aure=false&agl=1&cirid=8956d752-f7fc-4128-a21c-f6d38bbc0cd5&excid=e22lLINE_ITEM_ID_WILL_BE_HERE_ON_SERVINGc&tst=1&docw=0&cs=true&cias=1
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imprammp.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:52:07 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 16078

Redirect headers

Date: Fri, 04 Nov 2022 18:52:07 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Location: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=c7cd7b62-5c71-11ed-bffe-1a7ccaea0506&orig=video&us_privacy=1---gdpr=1&
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 89
Connection: keep-alive
Content-Length: 0

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame B843 70 B
264 B 32ms
31ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?gdpr=1&ttd_pid=054f32o&us_privacy=1---&ttd_tpi=1
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V79vsCFgPmaIha7nB_EATmaIha7nB_EAUAAAAGBvQHJLhczUa-1WQt8808btFiMlwrLIuNW2YbeYYTi8ewMbmGQILL1WzkW03WMt_M4xYtJsO1wrLYuGW2kWc4sXgMG5NrCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8bxNB0Onyue73u97vLLR7fw3N02n2mv92u8bv9Srvt5Tk9fQ7T02_3_JV2z9PkcouOLrfEYTqdXW6Fz-G0e05vycPu-bt9D8vLrTCdHh6v5y9Zzha7yW4vBwAAAICH____fwgAAACACAAAAAAJAAAAAIqAin8LgQsAAAAAjP___38NACgOhnPdrS-70eH6vOz-AAAAAAABAAAAIAEQeN8vAbAAyzn5_________48ZoM-8kfn___-_MegBePABeBACAAD4GEKA-osTzrv6JSq4LWIEAAAAICsafXg0qRMqi6r___9-K4ArAIAAwiH-s5ks3UGJtzAAAICBsQV6WPx-s8Ou8btd9v________9v9n_2jyZEZGaWFsQCAKD2CwgAsPYLCADApm4AAG8CcEFH0IrBYHUEMRstZwcAAABw9____68HkquRbzGYmDY203KzMKxcHotnubItB5OFY2NxWbyX-ZGxK2RiINIXIiyz33dQUE5Pj9llEBVdb4vd4TR7DuKDhmE5GQTzm7DFaDWZbJbD2XIxGQxHw9FofwMx2A1wIgbL5WSymOxWo9VoM9yNZoMFCsRgghQtGkxWo9FkMRmuRpPVbLnY7TZI0arVbLQZDFezyWy3Ww0Hw-VohBO2GK0mk81yOFsuJoPhaDgaDRHGZjaLaTRbrWWuyXItGm4sa-HEsHJrTJbJaLmYrSzO4Vr0-pgerpXLNHJtUTCgYi-Sp0U60VhcJpttN9qMNjaTbWVZLQeT0WRmWxhWvsHMsrCIJZqTRTqRXfbN1ci3GExMG5tpuVkYVi6PxbNc2ZaDycKxsbgs_trMZjGNZqu1zDVZrkXDjWUtnBhWbo3JMhktF7OVxTlci14f08O1cplGrn1jNtuthrvlZLVvzGa71XC3nKz2HTrDd_U5G3Wbs60j8-vEab_F5jAoXAaL9ycxLabd2cHz-x2dNvVLWdQZhZfv0WtQeA4e00v995mjz29NdFt7DwZFLBFcpBO5xeM3fd66y8ctul3EEqXpIp1IlrPFbrKbiCWC00U6Eb2Mp4v6jw-xG84Vs8lcMljOFZvVKgEAAAAAAAAALGHOvAkAAADAaRDLyWqwW-dBjGaz0WS1XICH3Q7dH1s_i3CekNZd6rolxeMrVsPixo8b3OLxmz5v3eXjFt2uDPCge8y8-TNBrNVqWQMAAAhgAwAABHDr5i0gzIr_____jwMAAJCRowcAAKDfB4JyoNALP3LlJ8jBaDM!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 04 Nov 2022 18:52:07 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 sync
taboola-supply-partners.tremorhub.com/ Frame B843 43 B
182 B 292ms
105ms Image
image/gif 2600:1f18:612b:4232:669d:1752:f0d7:2482
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://taboola-supply-partners.tremorhub.com/sync?UISTB=%3CtaboolaUserId%3E&gdpr=1&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Ftelaria-rtb-network%2F1%2Frtb-h%2F%3Fgdpr%3D1%26us_privacy%3D1---%26taboola_hm%3D%5BTVUSER_ID%5D%26orig%3Dvideo
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V79vsCFgPmaIha7nB_EATmaIha7nB_EAUAAAAGBvQHJLhczUa-1WQt8808btFiMlwrLIuNW2YbeYYTi8ewMbmGQILL1WzkW03WMt_M4xYtJsO1wrLYuGW2kWc4sXgMG5NrCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8bxNB0Onyue73u97vLLR7fw3N02n2mv92u8bv9Srvt5Tk9fQ7T02_3_JV2z9PkcouOLrfEYTqdXW6Fz-G0e05vycPu-bt9D8vLrTCdHh6v5y9Zzha7yW4vBwAAAICH____fwgAAACACAAAAAAJAAAAAIqAin8LgQsAAAAAjP___38NACgOhnPdrS-70eH6vOz-AAAAAAABAAAAIAEQeN8vAbAAyzn5_________48ZoM-8kfn___-_MegBePABeBACAAD4GEKA-osTzrv6JSq4LWIEAAAAICsafXg0qRMqi6r___9-K4ArAIAAwiH-s5ks3UGJtzAAAICBsQV6WPx-s8Ou8btd9v________9v9n_2jyZEZGaWFsQCAKD2CwgAsPYLCADApm4AAG8CcEFH0IrBYHUEMRstZwcAAABw9____68HkquRbzGYmDY203KzMKxcHotnubItB5OFY2NxWbyX-ZGxK2RiINIXIiyz33dQUE5Pj9llEBVdb4vd4TR7DuKDhmE5GQTzm7DFaDWZbJbD2XIxGQxHw9FofwMx2A1wIgbL5WSymOxWo9VoM9yNZoMFCsRgghQtGkxWo9FkMRmuRpPVbLnY7TZI0arVbLQZDFezyWy3Ww0Hw-VohBO2GK0mk81yOFsuJoPhaDgaDRHGZjaLaTRbrWWuyXItGm4sa-HEsHJrTJbJaLmYrSzO4Vr0-pgerpXLNHJtUTCgYi-Sp0U60VhcJpttN9qMNjaTbWVZLQeT0WRmWxhWvsHMsrCIJZqTRTqRXfbN1ci3GExMG5tpuVkYVi6PxbNc2ZaDycKxsbgs_trMZjGNZqu1zDVZrkXDjWUtnBhWbo3JMhktF7OVxTlci14f08O1cplGrn1jNtuthrvlZLVvzGa71XC3nKz2HTrDd_U5G3Wbs60j8-vEab_F5jAoXAaL9ycxLabd2cHz-x2dNvVLWdQZhZfv0WtQeA4e00v995mjz29NdFt7DwZFLBFcpBO5xeM3fd66y8ctul3EEqXpIp1IlrPFbrKbiCWC00U6Eb2Mp4v6jw-xG84Vs8lcMljOFZvVKgEAAAAAAAAALGHOvAkAAADAaRDLyWqwW-dBjGaz0WS1XICH3Q7dH1s_i3CekNZd6rolxeMrVsPixo8b3OLxmz5v3eXjFt2uDPCge8y8-TNBrNVqWQMAAAhgAwAABHDr5i0gzIr_____jwMAAJCRowcAAKDfB4JyoNALP3LlJ8jBaDM!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4232:669d:1752:f0d7:2482 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Fri, 04 Nov 2022 18:52:07 GMT
server: Apache-Coyote/1.1
content-type: image/gif

GET
H2

200

rtb-h Show response
sync-t1.taboola.com/sg/spotx-rtb-network/1/ Frame B843
Redirect Chain

https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync.search.spotxchange.com/partner?gdpr=1&adv_id=8532&us_privacy=1---&redir=https%3A%2F%2Fsync-t1.taboola.com%2Fsg%2Fspotx-rtb-network%2F1%2Frtb-h%3Ftaboola_hm%3D%24SPOTX_USER_ID%26orig%3D...
https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=c7cf7d80-5c71-11ed-a0d3-16877d160106&orig=video&us_privacy=1---gdpr=1&

0
98 B

61ms
14ms

Script
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=c7cf7d80-5c71-11ed-a0d3-16877d160106&orig=video&us_privacy=1---gdpr=1&
Requested by: Host: am-match.taboola.com
URL: https://am-match.taboola.com/sync?dast=V79vsCFgPmaIha7nB_EATmaIha7nB_EAUAAAAGBvQHJLhczUa-1WQt8808btFiMlwrLIuNW2YbeYYTi8ewMbmGQILL1WzkW03WMt_M4xYtJsO1wrLYuGW2kWc4sXgMG5NrCh_GcpkMaoGEZfb7DgrK6ekxuwyiouttsTucZs8bxNB0Onyue73u97vLLR7fw3N02n2mv92u8bv9Srvt5Tk9fQ7T02_3_JV2z9PkcouOLrfEYTqdXW6Fz-G0e05vycPu-bt9D8vLrTCdHh6v5y9Zzha7yW4vBwAAAICH____fwgAAACACAAAAAAJAAAAAIqAin8LgQsAAAAAjP___38NACgOhnPdrS-70eH6vOz-AAAAAAABAAAAIAEQeN8vAbAAyzn5_________48ZoM-8kfn___-_MegBePABeBACAAD4GEKA-osTzrv6JSq4LWIEAAAAICsafXg0qRMqi6r___9-K4ArAIAAwiH-s5ks3UGJtzAAAICBsQV6WPx-s8Ou8btd9v________9v9n_2jyZEZGaWFsQCAKD2CwgAsPYLCADApm4AAG8CcEFH0IrBYHUEMRstZwcAAABw9____68HkquRbzGYmDY203KzMKxcHotnubItB5OFY2NxWbyX-ZGxK2RiINIXIiyz33dQUE5Pj9llEBVdb4vd4TR7DuKDhmE5GQTzm7DFaDWZbJbD2XIxGQxHw9FofwMx2A1wIgbL5WSymOxWo9VoM9yNZoMFCsRgghQtGkxWo9FkMRmuRpPVbLnY7TZI0arVbLQZDFezyWy3Ww0Hw-VohBO2GK0mk81yOFsuJoPhaDgaDRHGZjaLaTRbrWWuyXItGm4sa-HEsHJrTJbJaLmYrSzO4Vr0-pgerpXLNHJtUTCgYi-Sp0U60VhcJpttN9qMNjaTbWVZLQeT0WRmWxhWvsHMsrCIJZqTRTqRXfbN1ci3GExMG5tpuVkYVi6PxbNc2ZaDycKxsbgs_trMZjGNZqu1zDVZrkXDjWUtnBhWbo3JMhktF7OVxTlci14f08O1cplGrn1jNtuthrvlZLVvzGa71XC3nKz2HTrDd_U5G3Wbs60j8-vEab_F5jAoXAaL9ycxLabd2cHz-x2dNvVLWdQZhZfv0WtQeA4e00v995mjz29NdFt7DwZFLBFcpBO5xeM3fd66y8ctul3EEqXpIp1IlrPFbrKbiCWC00U6Eb2Mp4v6jw-xG84Vs8lcMljOFZvVKgEAAAAAAAAALGHOvAkAAADAaRDLyWqwW-dBjGaz0WS1XICH3Q7dH1s_i3CekNZd6rolxeMrVsPixo8b3OLxmz5v3eXjFt2uDPCge8y8-TNBrNVqWQMAAAhgAwAABHDr5i0gzIr_____jwMAAJCRowcAAKDfB4JyoNALP3LlJ8jBaDM!&excid=22&docw=0&cijs=1&nlb=false
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://am-match.taboola.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:52:07 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 16078

Redirect headers

Date: Fri, 04 Nov 2022 18:52:07 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Location: https://sync-t1.taboola.com/sg/spotx-rtb-network/1/rtb-h?taboola_hm=c7cf7d80-5c71-11ed-a0d3-16877d160106&orig=video&us_privacy=1---gdpr=1&
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 39
Connection: keep-alive
Content-Length: 0

GET
H2 200 pixel.gif
nbcudisplay.s.moatpixel.com/ 43 B
260 B 7ms
7ms Image
image/gif 23.35.229.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nbcudisplay.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=408&fi=1&apd=410&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=nbcwashington.com&L1id=119401458&L2id=296852298&L3id=5943191008&L4id=138405898667&S1id=124194738&S2id=140065698&ord=1667587926709&r=463764337900&t=nht&os=1&fi2=0&div1=0&ait=305&bedc=1&q=4&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Requested by: Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 18:52:07 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 04 Nov 2022 18:52:07 GMT

GET
H2 204 event.gif
beacon.krxd.net/ 0
337 B 30ms
30ms Image
text/plain 52.208.54.255
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/event.gif?event_id=KnpkLvA_&event_type=rtg
Requested by: Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.54.255 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-54-255.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-served-by: beacon-n003-dub-prod.krxd.net
date: Fri, 04 Nov 2022 18:52:07 GMT
cache-control: private, no-cache, no-store
x-request-time: D=41 t=1667587927
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 nr-1216.min.js Show response
js-agent.newrelic.com/ 38 KB
14 KB 30ms
7ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1216.min.js
Requested by: Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id: mHHzJIqOizHibcYt0xqAszRr0gQRiNYy
content-encoding: gzip
via: 1.1 varnish
date: Fri, 04 Nov 2022 18:52:07 GMT
x-amz-request-id: 1V3R4R835K8E2R4N
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 14391
x-amz-id-2: HP18kHSqdkOhEXHj8Gkoh07DqKawr0XnlledYNcTNpTVSpWT2yHF3I0iyZS7fIjG6WPONy11JZ4=
x-served-by: cache-fra-eddf8230117-FRA
last-modified: Thu, 14 Apr 2022 16:45:57 GMT
server: AmazonS3
x-timer: S1667587927.436594,VS0,VE0
etag: "9f533d8cd24b2c5e3b4dc886ecbd43e8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 5153

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 100ms
36ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022110201&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110201.js?cb=31070732

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0cd930ff5dbde1fac5cb7d5ea77cb8cf6cb487353801466cf55291f05b46301

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:52:07 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11197
x-xss-protection: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 8BFA 15 KB
6 KB 50ms
17ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.nbcwashington.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.nbcwashington.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 04 Nov 2022 18:52:07 GMT
server: Kestrel
server-processing-duration-in-ticks: 916410
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 204 debug
am-trc-events.taboola.com/nbcots-wrc-tv/log/2/ 0
89 B 13ms
13ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/nbcots-wrc-tv/log/2/debug?tim=18%3A52%3A07.444&type=info&msg=FPO%20completed%20running&llvl=2&id=801&cv=20221102-48-RELEASE&lt=deflated&pct=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:52:07 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 15499

GET
H2 204 social
am-trc-events.taboola.com/nbcots-wrc-tv/log/3/ 0
230 B 15ms
13ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/nbcots-wrc-tv/log/3/social?route=AM:AM:V&lti=deflated&ri=e8a9d1e34d8185b0078e6685dd1c8282&sd=v2_95d710b4cf493a0eecb39e6902a1cbeb_6ffb4465-f529-48c2-8b0e-cd224916eb98-tucta5ee4d5_1667587925_1667587925_CNawjgYQnfY-GL_N8Z_EMCABKAEwODib4wlAgooQSMzK2QNQpewQWABgAGiKz_O9ts7MhmZwAA&ui=6ffb4465-f529-48c2-8b0e-cd224916eb98-tucta5ee4d5&pi=2961727&wi=-3137518505971700602&pt=text&vi=1667587925695&st=social-available&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22w%22%2C%22tp%22%3A%22custom-share%22%2C%22nm%22%3A%22facebook%22%2C%22c%22%3A2%2C%22m%22%3A%22stp%22%7D%2C%7B%22i%22%3A%22w%22%2C%22tp%22%3A%22player-div%22%2C%22nm%22%3A%22video%22%2C%22c%22%3A1%2C%22m%22%3A%22video%22%7D%2C%7B%22i%22%3A%22ctx%22%2C%22ism%22%3Afalse%2C%22srx%22%3A1600%2C%22sry%22%3A1200%2C%22pd%22%3Anull%2C%22tpl%22%3A%22%22%2C%22url%22%3A%22https%3A%2F%2Fwww.nbcwashington.com%2Finvestigations%2Finside-the-battle-against-ransomware-attacks%2F2961727%22%2C%22rref%22%3A%22%22%2C%22sref%22%3A%22%22%2C%22hdl%22%3A%22Inside%20the%20Battle%20Against%20Ransomware%20Attacks%22%2C%22sec%22%3A%22investigations%22%2C%22aut%22%3A%5B%22Jodie%20Fleischer%22%2C%22Rick%20Yarborough%22%2C%22Steve%20Jones%22%5D%2C%22img%22%3A%22https%3A%2F%2Fmedia.nbcwashington.com%2F2022%2F02%2FMan-at-computer.jpg%3Fquality%3D85%26strip%3Dall%26resize%3D1200%252C675%22%2C%22v%22%3A15%2C%22pw%22%3Afalse%7D%5D%7D&tim=18%3A52%3A07.448&id=2971&llvl=2&cv=20221102-48-RELEASE&
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 04 Nov 2022 18:52:07 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H/1.1 200
OK 53cef82690 Show response
bam.nr-data.net/1/ 49 B
620 B 186ms
159ms Script
text/javascript 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/53cef82690?a=189190456&v=1216.487a282&to=YVBXYBEFVkZSU00NVlgadFcXDVdbHEdLBUlGUEc%3D&rst=5092&ck=1&ref=https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/&ap=2117&be=1735&fe=5051&dc=2822&perf=%7B%22timing%22:%7B%22of%22:1667587922364,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:48,%22c%22:48,%22s%22:54,%22ce%22:70,%22rq%22:70,%22rp%22:1709,%22rpe%22:2361,%22dl%22:1715,%22di%22:2763,%22ds%22:2820,%22de%22:2822,%22dc%22:5051,%22l%22:5051,%22le%22:5060%7D,%22navigation%22:%7B%7D%7D&fp=2422&fcp=2422&at=TRdAFlkfRRkRURteQktI&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1216.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Fri, 04 Nov 2022 18:52:07 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
Server: cloudflare
Transfer-Encoding: chunked
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Vary: Accept-Encoding
access-control-allow-credentials: true
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
CF-Ray: 764f8b82cc7991de-FRA

GET
H2

200

sid Show response
mug.criteo.com/ Frame 8BFA
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=nbcwashington.com&sn=ChromeSyncframe&so=0&topUrl=www.nbcwashington.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=XnQ0-XxFTnhnV3FoUWhqVjNwSjhHSmlQZmNWVndzZ0U3dHNoMTBNZzFEYW00ZUs3OGR5K1UvSjJvSUxBMXhiT0tCVm1nREdlMXcrMDArK3hib1ZGbkpVYlJPV2F3M3pXZWdxdnlPTE5HUm9GNnlkL0tINUIxeGMxZEN3VH...

465 B
678 B

395ms
19ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=XnQ0-XxFTnhnV3FoUWhqVjNwSjhHSmlQZmNWVndzZ0U3dHNoMTBNZzFEYW00ZUs3OGR5K1UvSjJvSUxBMXhiT0tCVm1nREdlMXcrMDArK3hib1ZGbkpVYlJPV2F3M3pXZWdxdnlPTE5HUm9GNnlkL0tINUIxeGMxZEN3VHlEWk9rTktKL0xpSi9PeTFadFBHL28wdzJIVVNibkxQMGpjbDZ1VTVTUEtRaWpRNGwrOUg4emYvM2xzNXpDZlRMUWRjVHAxMTN4SFExRVdJa0lWRlFOZDJRc05RVHVyRzBXVjY4L21ZeCs4eEw1M2F0U2JiWjFNSk9XTjNNRDhWWXJVaVd3eGlrVFNoMk5Bd2hmU09IRUR4OTB3eWNGeWZSaGZJTkM0R015NWN4aGpGRFlGST18&cppv=2

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e437c41a77ca269b115558523de118ff73f72f80c0d023785dfae03f42533ffa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 18:52:06 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2131289
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 04 Nov 2022 18:52:06 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=XnQ0-XxFTnhnV3FoUWhqVjNwSjhHSmlQZmNWVndzZ0U3dHNoMTBNZzFEYW00ZUs3OGR5K1UvSjJvSUxBMXhiT0tCVm1nREdlMXcrMDArK3hib1ZGbkpVYlJPV2F3M3pXZWdxdnlPTE5HUm9GNnlkL0tINUIxeGMxZEN3VHlEWk9rTktKL0xpSi9PeTFadFBHL28wdzJIVVNibkxQMGpjbDZ1VTVTUEtRaWpRNGwrOUg4emYvM2xzNXpDZlRMUWRjVHAxMTN4SFExRVdJa0lWRlFOZDJRc05RVHVyRzBXVjY4L21ZeCs4eEw1M2F0U2JiWjFNSk9XTjNNRDhWWXJVaVd3eGlrVFNoMk5Bd2hmU09IRUR4OTB3eWNGeWZSaGZJTkM0R015NWN4aGpGRFlGST18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 526074
content-length: 0
expires: 0

POST
H2 204 bulk Show response
trc.taboola.com/nbcots-wrc-tv/log/3/ 0
249 B 25ms
25ms XHR
image/gif 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/nbcots-wrc-tv/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=11
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20221102-48-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.nbcwashington.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 10
pragma: no-cache
date: Fri, 04 Nov 2022 18:52:07 GMT
via: 1.1 varnish
x-served-by: cache-fra-eddf8230022-FRA
server: nginx
x-timer: S1667587927.495600,VS0,VE10
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://www.nbcwashington.com
content-type: image/gif
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022110201.js?cb=31070732

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:52:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 04 Nov 2022 18:52:07 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9369 13 KB
5 KB 14ms
13ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.nbcwashington.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2932
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 04 Nov 2022 18:03:15 GMT
expires: Sat, 04 Nov 2023 18:03:15 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 727B 783 B
536 B 24ms
24ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3d1308d416fd779d4dcfaa91bb993b7d91a9c25558f0f1a4d8edc2bf2632568f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-weKtN5_ViYqfBl9xIYP2Ow' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.nbcwashington.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-weKtN5_ViYqfBl9xIYP2Ow' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 04 Nov 2022 18:52:07 GMT
expires: Fri, 04 Nov 2022 18:52:07 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 PTWQOrfCOp17EyrMcPeT6PfhP85_faJCCfTgkqMfTIQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 9369 36 KB
16 KB 45ms
14ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/PTWQOrfCOp17EyrMcPeT6PfhP85_faJCCfTgkqMfTIQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d35903ab7c23a9d7b132acc70f793e8f7e13fce7f7da24209f4e092a31f4c84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 05:03:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49713
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16184
x-xss-protection: 0
last-modified: Thu, 20 Oct 2022 10:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 04 Nov 2023 05:03:34 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 727B 0
0 79ms
49ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022110201&jk=3882925225093902&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

GET
H2 204 social
am-trc-events.taboola.com/nbcots-wrc-tv/log/3/ 0
230 B 13ms
13ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/nbcots-wrc-tv/log/3/social?route=AM:AM:V&lti=deflated&ri=e8a9d1e34d8185b0078e6685dd1c8282&sd=v2_95d710b4cf493a0eecb39e6902a1cbeb_6ffb4465-f529-48c2-8b0e-cd224916eb98-tucta5ee4d5_1667587925_1667587925_CNawjgYQnfY-GL_N8Z_EMCABKAEwODib4wlAgooQSMzK2QNQpewQWABgAGiKz_O9ts7MhmZwAA&ui=6ffb4465-f529-48c2-8b0e-cd224916eb98-tucta5ee4d5&pi=2961727&wi=-3137518505971700602&pt=text&vi=1667587925695&st=social-visible&d=%7B%22data%22%3A%5B%7B%22i%22%3A%22w%22%2C%22tp%22%3A%22custom-share%22%2C%22nm%22%3A%22facebook%22%2C%22c%22%3A1%2C%22ln%22%3A%22above-fold%22%2C%22lx%22%3A929%2C%22ly%22%3A600%2C%22m%22%3A%22stp%22%2C%22v%22%3A3%7D%5D%7D&tim=18%3A52%3A07.708&id=4972&llvl=2&cv=20221102-48-RELEASE&
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 04 Nov 2022 18:52:07 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 9369 0
10 B 13ms
12ms Image
text/plain 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?zpqUzA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

date: Fri, 04 Nov 2022 18:52:07 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 pixel.gif
nbcudisplay.s.moatpixel.com/ 43 B
260 B 8ms
8ms Image
image/gif 23.35.229.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nbcudisplay.s.moatpixel.com/pixel.gif?m=1&iv=1&tuv=820&tet=1031&fi=1&apd=1033&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=nbcwashington.com&L1id=119401458&L2id=296852298&L3id=5943191008&L4id=138405898667&S1id=124194738&S2id=140065698&ord=1667587926709&r=463764337900&t=iv&os=1&fi2=0&div1=1&ait=928&bedc=1&q=5&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 18:52:07 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 04 Nov 2022 18:52:07 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C13B 42 B
64 B 82ms
52ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstOKSWB_DX0Y9Pd5M3ceWbadQKM7Fsx_XY4V4AuxpAvuqUNswqKTV60pGOKM_dh66xgrhWJ5oMdWT15Ut-PiK4sJnH19uSOmsjjQ4Lp85NBKJFwaVAdNltZxfXmWbSiMb9muifge-dHlBXvpggnWWAPGspyZNcap6JRhZyRqlGOkDT-KUOxp-WF3e6KgMggtqoCdyG1eRo1o7QULKMi0EF7Mw_HZ5Xd-E__ocbXlP5efBnwX9dkML6o8s6EzlPvOMxAF7BI7N5Yl4CJzc-iqOSB6pd0xSu4gjDC3ZHt5V1allhc5bayqlqZ4077zjdtZysJEnSKQqEHBkdgWm7feOH-05No37PFZdLk&sai=AMfl-YSHQ1jkdFS-j0euarNXCF6u25iFQfxhnFFNqABw3R2qlpJoP7s3CgfL0HR8E9v3GPV-47FqQvgNsMPTMrazpcetxDZWfH6CMgl-cRO6Ul_hv1lMjSwky7Qf0DqAho35m0IRMA&sig=Cg0ArKJSzPIs4poAz8JjEAE&id=lidar2&mcvt=1000&p=35,315,285,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20221103&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=1387966979&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1667587925738&rpt=965&isd=0&lsd=0&met=mue&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 18:52:07 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ 254 B
709 B 9ms
9ms Image
image/png 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date: Fri, 04 Nov 2022 18:52:07 GMT
via: 1.1 varnish
x-amz-request-id: 1V3H9VCVPBG1B2M0
age: 16127
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: ecEkqIT2UiXx3kNvrYZW8vzeO4j3+ukvjDCTHGC9cb5Y1awQ9zHumBitHqhNLm54Y/VcUMLqVJ0=
x-served-by: cache-fra-eddf8230022-FRA
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1667587928.892480,VS0,VE0
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
content-type: image/png
abp: 15
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 6960

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 51ms
51ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022110201&jk=3882925225093902&bg=!vL-lv_vNAAZPh4lnb4c7ACkAdvg8WouOZKtJEb3HLtGtDJ2bOw0h-UuJh64XAwrBvDS7jVPCcspa-gIAAABmUgAAAANoAQeZAqcPZSL1H3iWY3rmAvAR1wNYF9l9W7wxUEMkga2He5kpcD-RKwBSUXlLDAwQG6mUkoV7dt7WTwYMFjI-d6L-Y0oLBzxXM_RYlbOiSV3RZNsLnnJjo5RMGNJ0N3cO8A9T_rerBXbnT_2mSqe4XaYcXwIE6_ySE8rXOJ6-porBHxkqCwg6ITymJHnxpKN13QKzroIGq3IoegTuh1iUbDRjXWgid84emgkuDrokWDvGlFIJOGE3QuMHJ3VfHMRG-LQrMGUpgK6etl8ijrHaoypWMAmt0d_bu6LMrTfjRgtp39xVRSKcCUZCJIsrhkgyg_r4TgN_IkAoMmfJWGmh1aWK4XWfBbiCOAJcDTAq4DYetTXopmNUcw450KonhlAM4Uvhfw5i5g-w-NZkDN3hswQd9gtT15-hri60g0m2r7OQcf0PBJjPJWCYNmRiknB5QagpfctbixrA1xrUca-agsjYIagTHUpNleurGTUM7zp5T1NGYFYVW0Xfw10rrrGLeEst5P_gPvqJYqnQ_Sll-miE-7rP3jpBQRcDABC6Rp3bn1dC6HlG3bfySz7NBL9caT5Kk6IEnMjxLKpxRr2K57lq70NDSzSd3nvo8450c0dDee0gsYkyEqUgApcrA4G1dZpDDTVIKxoHQquJo-ijxQ7nOhfV8MWmVZnGkKtbfUhNpfcolk4qtSebeT8g9kb5u85dlJnNk4IOWSgxLySSvK9NwPLpo10862tRBrwpHn0Gd4MZSwK-Nxy8-iNZbnEpn533UR3YPbG06PZ89LoEVqlM-BAXUJt-uGyxTbbp5EFfWHpFXzpwaP3YKoWxoyuRrRaHIUa-FFaYAcxNZRMxtmO7QCuHkzJ_ZhQWesgRfKpnYITWf8xUwaCP7yvwnFt02cJsJVYeqxdcOLy4
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

GET
H2 200 sv.js Show response
nbcu.track.securedvisit.com/js/ 59 KB
24 KB 456ms
198ms Script
application/javascript 3.94.178.28
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://nbcu.track.securedvisit.com/js/sv.js?sv_cid=5998_04798&sv_origin=www.nbcwashington.com
Requested by: Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/investigations/inside-the-battle-against-ransomware-attacks/2961727/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.94.178.28 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-94-178-28.compute-1.amazonaws.com
Software: nginx/1.22.0 /
Resource Hash: f9df1da2e337cc44e3d87a5dc93f8271933b5ee914c7046ef02e281014b6cda0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 18:52:09 GMT
content-encoding: gzip
last-modified: Fri, 04 Nov 2022 18:52:09 GMT
server: nginx/1.22.0
etag: W/"273cf9801333aefc61a4f311b0692f6a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: no-cache, max-age=0, must-revalidate, proxy-revalidate, private
expires: Fri, 04 Nov 2022 18:52:09 GMT

GET
H/1.1 200
OK index_2_av.m3u8 Show response
nbclim-f.akamaihd.net/i/Prod/NBCU_LM_VMS_-_WRC/581/135/14654292097-,1080p,720p,540phigh,540plow,360p,234p,nbcstations.mp4.csmil/ 6 KB
7 KB 9ms
8ms XHR
application/vnd.apple.mpegurl 2a02:26f0:3500:5::17d8:4d0d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://nbclim-f.akamaihd.net/i/Prod/NBCU_LM_VMS_-_WRC/581/135/14654292097-,1080p,720p,540phigh,540plow,360p,234p,nbcstations.mp4.csmil/index_2_av.m3u8
Requested by: Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/wp-content/themes/nbc-station/static/js/player.6.1.3.js?ver=1.0.2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:26f0:3500:5::17d8:4d0d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiGHost /
Resource Hash: 5977b7b835a3b98bc26c4a5b972b651e88a02f0830141fc21e1d4543f7cfb126

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Fri, 04 Nov 2022 18:52:09 GMT
Server: AkamaiGHost
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: application/vnd.apple.mpegurl
Access-Control-Allow-Origin: https://www.nbcwashington.com
Access-Control-Expose-Headers: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *
Mime-Version: 1.0
Content-Length: 6077

GET
H/1.1 200
OK segment1_2_av.ts Show response
nbclim-f.akamaihd.net/i/Prod/NBCU_LM_VMS_-_WRC/581/135/14654292097-,1080p,720p,540phigh,540plow,360p,234p,nbcstations.mp4.csmil/ 2 MB
2 MB 2126ms
2126ms XHR
video/mp2t 2a02:26f0:3500:5::17d8:4d0d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://nbclim-f.akamaihd.net/i/Prod/NBCU_LM_VMS_-_WRC/581/135/14654292097-,1080p,720p,540phigh,540plow,360p,234p,nbcstations.mp4.csmil/segment1_2_av.ts
Requested by: Host: www.nbcwashington.com
URL: https://www.nbcwashington.com/wp-content/themes/nbc-station/static/js/player.6.1.3.js?ver=1.0.2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a02:26f0:3500:5::17d8:4d0d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiGHost /
Resource Hash: a112d9aa3aa837ba2d7f0e61267374f8b94126b06e9a042c25760cf78b2fb5ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

Date: Fri, 04 Nov 2022 18:52:11 GMT
Server: AkamaiGHost
Access-Control-Allow-Methods: GET, HEAD, OPTIONS
Content-Type: video/MP2T
Access-Control-Allow-Origin: https://www.nbcwashington.com
Access-Control-Expose-Headers: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *
Mime-Version: 1.0
Content-Length: 2158428

POST
H2 202 events Show response
jssdks.mparticle.com/v3/JS/us1-36d67c9e4d591d4bb1bc1fa6c82ffcb9/ 42 B
290 B 36ms
11ms Fetch
application/json 2a04:4e42::645
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://jssdks.mparticle.com/v3/JS/us1-36d67c9e4d591d4bb1bc1fa6c82ffcb9/events
Requested by: Host: jssdkcdns.mparticle.com
URL: https://jssdkcdns.mparticle.com/js/v2/us1-36d67c9e4d591d4bb1bc1fa6c82ffcb9/mparticle.js?env=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42::645 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Kestrel /
Resource Hash: 87c6797a5ac63c01a7e966f90eac494c3796a5a90c14fa973d2edcb1acf5aa4d

Request headers

Accept: text/plain;charset=UTF-8
Referer: https://www.nbcwashington.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-served-by: cache-fra-eddf8230135-FRA
date: Fri, 04 Nov 2022 18:52:11 GMT
content-encoding: gzip
via: 1.1 varnish
server: Kestrel
x-timer: S1667587931.123559,VS0,VE3
x-origin-name: 7arPuRjnqGEhiMyprEtnLk--F_us1_origin
x-cache: MISS
content-type: application/json
access-control-allow-origin: *
vary: Accept-Encoding
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 pixel.gif
nbcudisplay.s.moatpixel.com/ 43 B
260 B 7ms
7ms Image
image/gif 23.35.229.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nbcudisplay.s.moatpixel.com/pixel.gif?m=1&iv=1&tuv=820&tet=5068&fi=1&apd=5070&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=0&d=nbcwashington.com&L1id=119401458&L2id=296852298&L3id=5943191008&L4id=138405898667&S1id=124194738&S2id=140065698&ord=1667587926709&r=463764337900&t=page5&os=1&fi2=1&div1=1&ait=4860&bedc=1&q=6&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 18:52:11 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 04 Nov 2022 18:52:11 GMT

GET
H2 200 pixel.gif
nbcudisplay.s.moatpixel.com/ 43 B
260 B 7ms
7ms Image
image/gif 23.35.229.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nbcudisplay.s.moatpixel.com/pixel.gif?m=1&iv=0&tuv=-1&tet=0&fi=0&apd=5059&ui=0&uit=0&h=0&th=-1&s=0&ts=-1&bfa=1&d=nbcwashington.com&L1id=207061818&L2id=2956387664&L3id=5865958469&L4id=138377266318&S1id=124194738&S2id=140065698&ord=1667587926745&r=855759384092&t=page5&os=0&fi2=0&div1=0&ait=0&bedc=1&q=4&nu=1&ib=0&dc=1&ob=0&oh=0&lt=0&ab=0&n=1&nm=1&sp=0&pt=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-151.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 18:52:11 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 04 Nov 2022 18:52:11 GMT

GET segment2_2_av.ts
nbclim-f.akamaihd.net/i/Prod/NBCU_LM_VMS_-_WRC/581/135/14654292097-,1080p,720p,540phigh,540plow,360p,234p,nbcstations.mp4.csmil/ 0
0

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 11ms
10ms Image
image/gif 2.19.107.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&wf=1&ra=1&pxm=5&sgs=3&vb=6&kq=1&lo=0&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=NBCUV2&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~tM!90vv9L%24%2FoDb%2Fz(lKm3GFlNUU%2Cu%5Bh_GcS%25%5BHvLU%5B4(K%2B%7BgeFWl_%3DNqUXR%3A%3D%2BAxMn%3Ch%2CyenA8p%2FHm%24%60%233P(ry5*ZRocMp1tq%5BN%7Bq%60RP%3CG.ceFW%7CoG%22mxT%3Bwv%40V374BKm55%3D%261fp%5BoU5t(Kc%2CE%24%3D!!t*8Wi_lOfxECSR23_hFAkD%3Dv%3CN%5B.%22%24b_o%3FtVD%5D%5BpN%7CQF%40Sy7%7B%2CNr1U*%26ujMUU9%3C%24kBjqI&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=1%2C1%2C0%2C3%2C3326192205%2C1%2C4%2C0%2Cprobably%2Cprobably&rb=1-HQPfcs6wZ10QbMk%2BqjMratT%2F8IKBUGMSV3C%2FvEJM65hND7UVt69nIRrqyNQFcZFf7egP&rs=1-3wQSTAc2oUtvHw%3D%3D&sc=1&os=1-fg%3D%3D&qp=10000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7Oxib8MxOtJYHCBdm5kBhIcC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBBBj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNwxBbBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=0&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=ot%24b%5Bh%40%22oD~T_Gr1%3E%3AB%40NVt7%3BY%3EhyMmxNXJZPV8t6%3D%3Dh_GW3r4Aj!L%3E%2BbK0pH%23H&qr=0&ql=%3B%5BpwxnRd%7Dt%3Aal9EU%22y%2F.D%5B5%2F%5BGI%3Fi6%5EB61%2F%3DSqcMr1%7B%2CTu9LJJ(a.P%2B)s1(uA&qo=0&vf=1&vg=100&bq=0&g=1&h=60&w=120&hq=0&hs=0&hu=0&hr=0&ht=1&dnt=0&fy=0&gp=0&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.nbcwashington.com%2Finvestigations%2Finside-the-battle-against-ransomware-attacks%2F2961727%2F&id=1&ii=4&cm=10&f=0&j=&t=1667587926745&de=855759384092&cu=1667587926745&m=1667587931204&ar=48843429bae-clean&iw=da7ecb3&cb=0&ym=0&zMoatSc=1600x1200&zMoatVp=1600x1200&zMoatRawVp=1600x1200&ll=2&lm=0&ln=1&r=0&dl=0&dn=0&gh=1&xx=undefined%3A875484570224&td=1&lk=undefined&lb=6623&le=1&lf=174&lg=1&lh=75&gm=1&io=1&vv=1&vw=1%3A3%3A0&vp=0&vx=0%3A0%3A-&pe=1%3A2422%3A2422%3A5060%3A2763&as=0&ag=0&an=0&gf=0&gg=0&ix=0&ic=0&aj=0&pg=0&pf=0&ib=1&cc=0&bw=0&bx=0&dj=0&aa=0&ad=0&cn=0&gk=0&gl=0&ik=0&cq=0&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&bu=5059&cd=8&ah=5059&am=8&xd=00&rf=0&re=1&wb=1&cl=0&at=0&d=207061818%3A2956387664%3A5865958469%3A138377266318&bo=124194738&bd=140065698&gw=nbcuniversal134024534264&zMoatOrigSlicer1=124194738&zMoatOrigSlicer2=140065698&zMoatDomain=nbcwashington.com&zMoatSubdomain=nbcwashington.com&zMoatPS=logo&zMoatST=-&zMoatJS=3%3A-&zMoatDR=-&zMoatMMV_MAX=dataAvailable&zMoatMSafety=unsafe&zMoatMGV_MAX=dataAvailable&zMoatMMV=dataAvailable&zMoatMGV=dataAvailable&zMoatMData=1&zMoatTag=-&zMoatSZ=-&zMoatCURL=nbcwashington.com%2Finvestigations%2Finside-the-battle-against-ransomware-attacks%2F2961727&zMoatDev=Desktop&hv=NBCUV2-google_image_div&ab=3&fd=1&kt=strict&it=500&oq=0&ot=0&ti=0&ih=2&jk=4&jm=2&tz=logo&iq=dataAvailable&tt=dataAvailable&tu=1&tp=unsafe&tc=0&fs=200871&na=1571364009&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.107.55 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-107-55.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.nbcwashington.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 04 Nov 2022 18:52:12 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Fri, 04 Nov 2022 18:52:12 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: nbclim-f.akamaihd.net
URL: https://nbclim-f.akamaihd.net/i/Prod/NBCU_LM_VMS_-_WRC/581/135/14654292097-,1080p,720p,540phigh,540plow,360p,234p,nbcstations.mp4.csmil/segment2_2_av.ts

Verdicts & Comments Add Verdict or Comment

255 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

38 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.demdex.net/	1970-01-20 11:32:19	Name: demdex Value: 82170953496966782141741408125757458049
.nbcwashington.com/	1970-01-20 16:41:55	Name: _cb Value: BFqrMjCPYzFDDCsn_t
.nbcwashington.com/	1970-01-20 16:41:55	Name: _chartbeat2 Value: .1667587925497.1667587925497.1.BP0VdvDutPJdBjJk_8BAYmmuBiXRVc.1
.nbcwashington.com/	1970-01-20 07:13:09	Name: _cb_svref Value: null
www.nbcwashington.com/	1970-01-20 15:58:43	Name: usprivacy Value: 1---
.nbcwashington.com/	1969-12-31 23:59:59	Name: AMCVS_A8AB776A5245B4220A490D44%40AdobeOrg Value: 1
.omtrdc.net/	1970-01-20 16:49:07	Name: s_vi Value: [CS]v1\|31B2AFAADCACDA4F-60000F90C2C171B8[CE]
.nbcwashington.com/	1970-01-20 16:34:43	Name: __gpi Value: UID=00000b1bdf5259d5:T=1667587925:RT=1667587925:S=ALNI_MZaoyuk8y4J5165JsE82GSTDN7qVg
www.nbcwashington.com/	1970-01-20 07:13:09	Name: _tb_sess_r Value:
.app.link/	1970-01-20 15:58:43	Name: _s Value: yd3wcl6bklnEZFDldf%2BvldQ6%2BkvidVpNUnKzfubZfOavyAcaL7sqTAxSp5fcgL%2By
.nbcwashington.com/	1970-01-20 16:49:07	Name: AMCV_A8AB776A5245B4220A490D44%40AdobeOrg Value: -2121179033%7CMCIDTS%7C19301%7CMCMID%7C82384461950396243241762757879631090499%7CMCAAMLH-1668192725%7C6%7CMCAAMB-1668192725%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1667595125s%7CNONE%7CMCAID%7C31B2AFAADCACDA4F-60000F90C2C171B8%7CvVersion%7C5.3.0
.nbcwashington.com/	1970-01-20 15:59:02	Name: s_vnc365 Value: 1699123925775%26vn%3D1
.nbcwashington.com/	1970-01-20 07:13:09	Name: s_ivc Value: true
.nbcwashington.com/	1970-01-20 07:13:09	Name: s_inv Value: 0
.nbcwashington.com/	1970-01-20 07:13:09	Name: nbcu_prepagename Value: investigations%3Adetail%20content%20page
.nbcwashington.com/	1969-12-31 23:59:59	Name: s_cc Value: true
.doubleclick.net/	1970-01-20 16:34:43	Name: IDE Value: AHWqTUkrkmOoYSEhSUyqWda4IYJecPMI2_C_0a6FsLJ2Em9RRVhLBcKOrf1iKrdkr6M
.nbcwashington.com/	1970-01-20 15:58:43	Name: OptanonConsent Value: isIABGlobal=false&datestamp=Fri+Nov+04+2022+18%3A52%3A05+GMT%2B0000+(GMT)&version=6.32.0&hosts=&consentId=d51beb90-303f-4820-81f4-f3d7a4c6dcc0&interactionCount=0&landingPath=https%3A%2F%2Fwww.nbcwashington.com%2Finvestigations%2Finside-the-battle-against-ransomware-attacks%2F2961727%2F&groups=1%3A1%2C12%3A1%2C9%3A1%2C10%3A1%2C11%3A1%2C13%3A1%2C14%3A1%2Cdummy%3A1
.nbcwashington.com/	1970-01-20 16:34:43	Name: __gads Value: ID=992de61eacde0e68:T=1667587925:S=ALNI_MbP7255G0XIfUV44QqkVNQjDlEbsA
.dpm.demdex.net/	1970-01-20 11:32:19	Name: dpm Value: 82170953496966782141741408125757458049
.nbcwashington.com/	1970-01-20 09:37:07	Name: aam_uuid Value: 82834497628678196791789895468523223896
.yahoo.com/	1970-01-20 15:59:05	Name: A3 Value: d=AQABBFZfZWMCENNMSncjzYSbyufCd0SG5mQ&S=AQAAAtsK-Jy9f2CudkxFlgoK-r0
.demdex.net/	1970-01-20 11:32:19	Name: dextp Value: 771-1-1667587925829\|30646-1-1667587925993\|57282-1-1667587926099\|129099-1-1667587926200
www.nbcwashington.com/	1970-01-20 15:58:43	Name: trc_cookie_storage Value: taboola%2520global%253Auser-id%3D6ffb4465-f529-48c2-8b0e-cd224916eb98-tucta5ee4d5
.fwmrm.net/	1970-01-20 11:32:19	Name: _uid Value: "v2b63_7162235605374844275"
.fwmrm.net/	1970-01-20 07:56:19	Name: _cph Value: "1667587926.8320.1.1%2C"
.fwmrm.net/	1970-01-20 07:56:19	Name: _sc Value: "sg542936.1667587926.1667587926.28800.0.0%2C"
.fwmrm.net/	1970-01-20 07:56:19	Name: _wr Value: "g542936"
.fwmrm.net/	1969-12-31 23:59:59	Name: _sid Value: "v2b63_7162235605374844300"
.nbcwashington.com/	1970-01-20 07:56:19	Name: s_nr30 Value: 1667587926596-New
.nbcwashington.com/	1970-01-20 16:49:07	Name: s_tslv Value: 1667587926597
.krxd.net/	1970-01-20 07:16:00	Name: e_JnqJS_Pa^ord\|1667587926745 Value: 1667587926
.krxd.net/	1970-01-20 11:32:19	Name: _kuid_ Value: PLd-H6wT
.krxd.net/	1970-01-20 07:16:00	Name: e_JnqJS_Pa^ord\|1667587926709 Value: 1667587926
.spotxchange.com/	1970-01-20 07:53:27	Name: audience Value: c7cf7d80-5c71-11ed-a0d3-16877d160106
.criteo.com/	1970-01-20 16:34:43	Name: uid Value: 2513c6fe-93ed-439e-b011-21ce3db7f0af
.nr-data.net/	1969-12-31 23:59:59	Name: JSESSIONID Value: a557f4862bb28517
.nbcwashington.com/	1970-01-20 16:34:43	Name: cto_bundle Value: ItU7zV80eTF5TFI3Z1F4RzE2OWRVZjRVNEZ5ZVIlMkZmRzN0YUZ1U1BWQ2xBNHA3OHkyejlQalVyTnJEa0w1bnZ2JTJCV2hNZUtJV1drV2pkbWJiblklMkJkbnFUZ2hOWlV0bkFvJTJGYUFTUnlYaVBsbXVIUnlvYUprTlA4dVlmTGMxbHElMkZEcXpHTzdoMVR6NnklMkZhOXVobTRvWU00bVFDbSUyQnclMkY1JTJCeGxEMm8yWjI3TFZBU0x2WjglM0Q

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope Message: Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

5d4a1.v.fwmrm.net
ad.doubleclick.net
adservice.google.com
adservice.google.de
ak.sail-horizon.com
am-match.taboola.com
am-trc-events.taboola.com
am-vid-events.taboola.com
api.rlcdn.com
api2.branch.io
app.link
as-sec.casalemedia.com
assets.adobedtm.com
bam.nr-data.net
beacon.krxd.net
bidder.criteo.com
c2.taboola.com
cdn.branch.io
cdn.cookielaw.org
cdn.taboola.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
d37b9fecc705efde6d7194b5671993b6.safeframe.googlesyndication.com
data.nbcstations.com
dpm.demdex.net
ds.reson8.com
fonts.googleapis.com
geo.moatads.com
geolocation.onetrust.com
gum.criteo.com
htlb.casalemedia.com
id.sv.rkdms.com
identity.mparticle.com
images.taboola.com
imprammp.taboola.com
js-agent.newrelic.com
js-sec.indexww.com
jssdkcdns.mparticle.com
jssdks.mparticle.com
link.theplatform.com
match.adsrvr.org
mb.moatads.com
media.nbcmiami.com
media.nbcnewyork.com
media.nbcwashington.com
mid.rkdms.com
mug.criteo.com
native.sharethrough.com
nbclim-f.akamaihd.net
nbcu.demdex.net
nbcu.track.securedvisit.com
nbcudisplay.s.moatpixel.com
nbcume.hb.omtrdc.net
nbcume.sc.omtrdc.net
nbcuni.demdex.net
pagead2.googlesyndication.com
ping.chartbeat.net
pixel.wp.com
px.moatads.com
sb.scorecardresearch.com
securepubads.g.doubleclick.net
static.chartbeat.com
static.criteo.net
stats.wp.com
sync-t1.taboola.com
sync.search.spotxchange.com
taboola-supply-partners.tremorhub.com
tpc.googlesyndication.com
trc-events.taboola.com
trc.taboola.com
vidstat.taboola.com
widget.perfectmarket.com
www.google.com
www.googletagservices.com
www.nbcwashington.com
z.moatads.com
nbclim-f.akamaihd.net
104.18.12.76
104.18.18.126
104.18.19.126
104.18.8.110
108.138.7.41
13.36.218.177
141.226.228.48
142.250.181.226
15.236.176.210
151.101.1.44
151.101.129.44
151.101.130.137
162.247.241.14
178.250.0.157
18.65.39.27
18.66.147.70
18.66.147.86
185.94.180.126
192.0.76.3
2.19.107.55
212.82.100.182
216.58.212.134
23.35.229.151
2600:1f18:612b:4232:669d:1752:f0d7:2482
2600:9000:2057:1000:18:1fcd:351:7bc1
2600:9000:2057:e000:19:9934:6a80:93a1
2600:9000:2394:9400:11:f728:3040:93a1
2606:4700:4400::ac40:929e
2606:4700::6810:9540
2a00:1450:4001:800::2001
2a00:1450:4001:808::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:810::200a
2a00:1450:4001:812::2002
2a00:1450:4001:813::2002
2a00:1450:4001:828::2001
2a00:1450:4001:828::2004
2a00:1450:4001:82b::2002
2a02:2638::1c
2a02:2638::24
2a02:2638::3
2a02:26f0:1700:1b4::507
2a02:26f0:1700:385::507
2a02:26f0:1700:494::1e80
2a02:26f0:3500:589::5ac
2a02:26f0:3500:5::17d8:4d0d
2a04:4e42:200::645
2a04:4e42::645
3.250.251.255
3.33.220.150
3.69.181.162
3.83.210.131
3.94.178.28
34.120.133.55
34.202.126.101
52.208.54.255
52.215.141.21
52.44.88.224
52.71.228.112
54.76.60.98
96.16.128.69
99.81.236.184
001ddcc6f10fe9de9074dcd3f09ca6a8a62201b8eadf585ea618c532405ad565
0176fb6f0f9d69bfd0c2456d95c2519ee24011284b5558829c047d01aa79f254
01aa9aaa378a788a278f98548ded224a6d9dc5d4b38483ef20676a52d5471901
02bbca75fdffc07306339d08b8c85f7e9bb4a95a15c3f46163cb9e578d70625d
03672d47613f5c19502577d4c8668ea0d854cee559be85dcd14207a97d806db6
03f8c5121744bda17d4fa73cd42b93d988f38aaa974e399d9468d23f87db6c87
04d439e000eb278a036c741b3a0b3ddb4b22087ff0bbb9342a6be5dc7d1ab60a
04e6fb814fccce3a0aecb83be0bc24665cf3e6a5e993f296471a63708f63e138
058531a130cd22a620b2348073c12e21691b59840f51d60f478082473b809452
05e37121df175bdbdfbc618c01958bd0c8e18974e8d25e3c16af77ae0a5c91ee
082f579d2670dd6302b31a7be61ece128710bf84b8f46b6b7208967ed883a390
08cf5f0f53253de103d4ecdc15d8f1caef5316313de073461733bd2e31bbb939
0d245890f21fc25bc4cbea250cba106e6bfe4efb98328476036597926a19f26f
0e4e46fa1aa04c24e793912d7aabaa2f2b0f7dc03d73cf74fbe12cb84f062554
0eaee4dbbf2d516be60772710cfc0c1bd3f9c8ea7e1d7bebd0e82e2ad9542356
14b37df88b378e3e31586bf1340a217571000c6b8e71d01e2989b630af19ea4c
1507a904689c100821bb8cf277ed9fd6e8efbc1d60c1d0dd917d81bddc879ec1
16a4d2cdc4527633c9c363f446a7c57c1d44f4efdd2b7565a2156a3b4f97ebe2
17562615670437f9494367698767f6466ea5f2c5ad0403d37d230db91b70ef39
1810b35a3b2b4ed88cebe1ef32adadfd5f239b826d2f207864a4017f52dfbf2e
19adad8c96fb9028c466ecab6e6ed081c2bd70cd8655a78c03e3bee6c7d9ac2e
1a4c8b6d2ae9966e21cf323b1ec200267c57a31d938ebfdc482f6d8d251c3599
1b2ec73b2924b0268466b1c99d8ea299146578492c1b84b82adc555feeeeda8e
1c0385f10843dd32739763f339511536580b52639f14646178b2ae43e3aa06c7
1cf508ea1827754ed0c523ff19fed41c6d287ef113d64f54ae839e55397db7af
1eab95cad832c16cecba27fe0e012dbc47dacb8bd8c4581a1d4f183decff307b
222117d34dd32a4b971bc241cb2639dd304de7134d5c09642626b623e649af46
2234a64fbdd5acd8549163f238955fc82dbf2a03c842e34508b4d63dfa22ced1
24d95cd21a79bf7fc2804c21ab4c78799d4e01701024bd27ba12b09250212fff
25f5cc4a39b2d6a0d908fe93f98f6f4e9b9a821a35547dd7b19504150db76f6a
271326f8d65f9a97bdd2a4bd94ee4e61645c0c27cca42424c2e536a4459be1ec
285cea5b8e3e40a96191cbb561cd074d277805bb314110dd4480d8042632f7e5
2914094344837668861f22af81d5d621d473244327722943a41dcb8d2b3b6f70
293913879d30bab7499013e935009f5183facbddd63bfc9656a859622590b80b
2d13663b2a3ea8ff1e44705ffe601435646ea4863d55d7d64cef51536bcf7240
2e9f88df02cc6433b5e0b4ff85534f5a011d3b55a85bbb1e2835b0a396af53fe
300706e57de1a7af148bd670379c4b39bb36dda8160e42d92747a3139af37816
30bcd8fa5d73028dab381818a8311cfcb32431c2e2294ee4eecedec69e017fcd
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3482f7cc45e2ae96e3b6416218e9cbf4520d42ef0c4e26de90c3cc2907a737e5
358b3eb517aa9a092a9e99bdbdd77aed0d06488781101c6b7acaf40e8de4973e
35e18a403ab9bdda0eaed7c63ca5643a247d385bf255ca02ae699290e1b01080
39b076e4bb4fab9b8a142499cf6155f8c128464974691a04de7e764f71b72618
3b1044254817db82db11bf0042705a826b4428aa2c4480a5f4816da7a55b682f
3b76d48f9c6c18f5d5b03d9f69bb8c09809bbb21aa46eba9cd4c514a04b4111b
3c917803eec203f6b2d0069cb4f89f40abc555e04d4caca4fb793e40a294c5e1
3cfed0ec87e01659e8892e34f3f62997b3d8e4d0283dfa27df94220f7486a06a
3d1308d416fd779d4dcfaa91bb993b7d91a9c25558f0f1a4d8edc2bf2632568f
3d35903ab7c23a9d7b132acc70f793e8f7e13fce7f7da24209f4e092a31f4c84
3fe72f55f546ee25203b76630995cd05a77ce891f1a821bf014dac177bcb26be
40355cdae80a47f8ae8299ba472f5c5a4519a4372228fd3c701f661420c22b96
40547a1b3593bd9873e0bdb7e4840f6eb4c56b33a27f57653a55b3f708b93009
4150d571d0ad505dd6c1987a542a04e5f9676f30549aaab58be044007df0dca4
41cc6337900eece09cac31f2b023c363cd2a723245b008788a943ff03d875f6a
4332c884ec3750287d10ad254e9f86df95698154b80ca213d665e19ef970ecb9
43923a9741e5894f4547101700f7303f91a609aa76f64f63d6da0d6b1ce06702
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46d22855250f0ec00510d9611f49856aab85c3da4c943eaeb555198a130e2fe9
475229d3816b1bf42c1f13b72bea551629d24b5940b15b3320be4d7b6f74474a
48c09e6be0a5640a1c6fed123ab9ae219780afd6f2dc72834e1321e09143812e
49b9b4996d1ff0a8e3de643a0c623255bf631f298f2799b949c29de93926ee7a
49dbc44335b7244eb54541243ee9d8945072ee5b42f21d19aa50507f7f78ee78
4b91c05036678091c0030fbe505d5fd21c57fd0594ec9dee55170d01dcdd5977
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
51fccaf84a833109409acfec09e7c66755a3ba6fbc5f098a17ecba48b8ddfb1f
5228675075dfe6d3f4d7f05e182a76dae7bad18004df47a011ddf94e71a20560
533cbc352aa349da346dc9cd271bd8aa529b4fb4e40c5dd94a93d93f9ef15e8e
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486
589795ed37d341a3bce4b39a810cd327f55739c76b5bda587049c6fccd48154c
5977b7b835a3b98bc26c4a5b972b651e88a02f0830141fc21e1d4543f7cfb126
5a48b03ff9ad40a8a09a4c1a9561f4595b9467ba51c47488cc3c5319b100d670
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5d1bc9b443f3f81fa4b4ad4634c1bb9702194c1898e3a9de0ab5e2cdc0e9f479
5dc89846fca2c8051e0c805735e48d3b31f23359dbd47f6b9c47b6ae41969236
5e47b7e4a55a0823c4933823fe45f77486f509c194d670d37432b670546d52ab
5f9b06d09687c0f2c7c194d069d62aa90618c2d6fa4a1ce28b8f1ea2a1083625
6078de6137cf8ee9c42a4a994e873c3bc0558e792cd7153a9bb814d7bde22d77
61a24d2b5c4eaadc8bee81696a4534fee8a6c43bd2b291ce52df6821ef2c7db2
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6281437030356773bc45dba92c6149fa5b764b64832a5a433b3dd1a77222bd84
658c7c6c6ca3966abb8e05d4b3d6acdb4f75d31903e90d58c1bff31d581e676c
68307e0844d10272b324f7128e0fdaa14e6ed997127c84aef763450493cd96e8
6bd5068ee3f41ad2ed4f003c13c4e939021c77f7a69ac82d25211c72868b520e
6bd51f6516ca64734ce2ef387191064496952715b7fa1a0fb13591f4806e109f
6d726276ed26c9cee416eb8c7c8205d7984a3075d4507301e002a60bd64cdc90
6da2aa058bdcf08ce40a70190acccb9fa77aa7509153f0f4ac6b30273ca87de9
6f178937489e17b74f038f6140251c298d10f9d070f30ce01bd18a4915dade9f
6f973e7d75a7e6f6e59708f19631c8890034db5debb4d04f189deb53c114e708
7085f3cd641ed3383b2aefc1fca82a30ccf27818fbce4e7db66dda88e55ae25a
70b57ebe218beb815e129f1cf1bb1e159b6abab43e5bf8a6e09c381748a7820b
70b86dc042d34aef1bee12b42d8f2d18514fd0f0274ec76be78596c16ca505a2
7268811aec102a2a5629fe970de1104d0fe3c26fbd3f6aaee0a86afeb83463eb
72bded34156f752c4de5d289f6c733633167a91df316667c855056ed86392f7d
747ce3629cffbd8a71d882029a7f2acb1c1aa3efa68838ae71001f407f152c5f
748baf8cf04ae0964028f44b61896a87f1192a505281d66c4cb9f6ad5bd36ac1
74bc3815b4077f743c8c0e49b55a16f2e7ce15bcdaf8262f42cc325f34bd1be3
763d3f5f349af5e2a4b458e5486b90a5f9b78c0c2f1b2d5ad6179ccb3675aa22
768a3d68f150bd74181df7153849699322b477948143a82928b649f54bfb8640
7710e756fcf5f568d87fa8c2ee6f4e52f1d2f264554a7218946d867f3cc772e7
78fb6a6ce8170b6f508e7c8e4821323e73a5cd84a0f69da6de0d4164aa04440b
7a33482fe3d5b22877feb14ddd6ceb1a1e9d9e09ff21e85aa319f9b7ece3421d
7b5e7285786c817aa1bb66afb1d3d9b28fe82cf82f346270d2f5694f5940a3e6
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7c3b97969857993e9fce96afdc4f34f6b63ff110e681be5acf6b55f8afb11f60
7f4f6137089c2d8b41d7c558da1be4c8d5a1974c129b763327263d70478d0723
7f5be9193f5443e364cc12cc4bcac4bd329730f890288921b41d16b0ce1b142a
7fd59f5bfbc3ab89120229392acaa6ad7424b34bffb450809a6cdcdb52d0a422
7fdca3b256a891e7750a3ef41a8cdedb3f8b1ea71c62d9aa43e68400ea95b9fc
821ba81ecabc05217edb8f1253f0f02b7cde320eec2e21858afae0ecabbf6664
8228c5284b96616b8873d2985b9c7cf4f25e38c8e40237a01a7bb80c74ab114b
82d0aae1e7b8cfc0574d6548d1f35096f5e4310321aa964ff3fdb46c4d12e302
8518882d24d5c83caa6bb6ae8f88b2f89524037f9bebc83d2f0741c5d6d1c7ea
878a2c6c7257a40f4bd4a98b8e865f1307fadd09a359b067f19049d6f096a4c3
87c6797a5ac63c01a7e966f90eac494c3796a5a90c14fa973d2edcb1acf5aa4d
87f31cded62015a1d11cce6be7a32b77405de2fb36f4b8a7c2c5a4ccabd6a403
87f9ab9b18b15d6eef1720f92841057c001a336ad922f4c037225573f967b0ad
8a02c6f980cc00d2569318f236fc58e6ae8b3863a3730c5d1785b218f676f951
8ae30f6f2162279a812bf9e00efd0c985e20e76efece9444125b410f3a6822a6
8b226c4bac8d2758f178084578562a01a0a47ae51d8d0f0e82e020df96adf31e
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8edbd08b9bb87f815ad871e44aae03af609fc44b1961d608e94eff3f4e010375
92f452014c4bd081f4e3395e0423c9f5088e12f20b456f60c8b0d6b51a118127
93efa0874c0e78066882313ce513c98cd2ec3a7f6cbdd20a63d31f31a48d4779
943e812c6b9018cfca4cbac405a38934fadbd9a7b5b4c314b509de89ee5f3cf3
95d47f7bd4338712f3512dd4e2a039f8241aa9c33c2e60aef09145f5d28e89cd
9602d7d5d50bad3592475ef669f734a9cab3a11cfa9e51ad67e48f69134af727
99affd7a1c868ecf15a0789fc85e87ca23ae783e7916aee316e6282d9777369c
9b1bccefc0f9716ac6746325a5ea35e7cd1cd0e92cd2272fbbfcbf85812b3c55
9d792e3260418bfb17e3513b41a31c12ed4d0fc1ad3a2a721a568670ea8b6727
9e1fcdb893358b14ff403a9eb433bd15c052ad972d64b27728b0a15bc0c707d4
9f41f12b99ca3b53367cbb974af11d5aa9eaa6a5133bfc8816d9f885aa5d6d27
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a112d9aa3aa837ba2d7f0e61267374f8b94126b06e9a042c25760cf78b2fb5ae
a1c2721480619d6ce7aee149e499183c08f67fb34d2e5fd41daa6b67cab40442
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a2b8e33b3bd7963b17d4e00a1762ecdf16a098ac11003187de037f5bde432470
a3bbc289bf959e8e83fa74f6f922f827cf7cea8596e2d87800d258c7642d6ab5
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a551816438cad97982fe6ecb1d9335e3910908328bf14ab95d0584aded57fdda
a693714d6b33e3df746ffca1bdcff7ef5e0dc2ab4c011637e9ebdd7cb9439d70
a698184d62366acbed562640fe3d9fb325a76faed856f9c6a7fe9a6f809ae2ec
a7b7120dffd25546c93c1367b9c86a3dc87e71d2c89ebb39163a71eb3b659f01
a8236998816487aa6623e3626d7cd50f395e3deee0732c33b150bec3cb81f9a3
a82dc28d43942326b346f92907df3bea5e38b2325ef97176f3b6234966bf19eb
a9705dfc47c0763380d851ab1801be6f76019f6b67e40e9b873f8b4a0603f7a9
abb1564b7faef7ce9cc7e96e9b88d4d932d998eb6f3dfdec4048b5f60ed8e4c8
aeb779d96af4bfa1b664c203d52fbd9ef573b84a31b34314668325fc784e1b13
aebf611c1438dc7ec748e9a6364c734066b34bf2a1c7e2fc6511ed784635b50e
af0a3295076e2f957244f59533f063fffcdb2f2e427df15f13cf2943d442bbf0
b12316c521b84fe9a4d2792fb0a2c1824d0a53ad4ef4bc8969715f90033a890b
b53c06ec9b48143a0291e189f17aafeb029a1f3f99ac049888f7e9afcf427407
b8c28f685f3bcd0091a181495bdcd18416b6247659683fb6a455da1cbebe3942
ba014750573ae4b66c0c476eb1da0aa977ecb2cef297077c4ee71474c31e48eb
ba88931c67cd1b1d51233e9cc76d74b170c8fd8c1fef244978875ca9c7fb117e
bd7c00b01f969e8ac08345cd6e9c5bf609dc92de4ddf7c54f88dd78f7b549079
beb9f5e32ed61fbce010497242a9b6b8219242b5ffc636038e7891510c773725
c33e3e0759c9e6be7db9356a1530d0ea8f12df18a765706790bfd6a0a725d8e0
c56feace12d286075153ea5106de444475723ccb149b9afedefe5e54a77b1c9a
c6850b56cf391dfcf856fa0119a04d34d3d1d4b14e2c75fd5b6576623f70addc
c8ee725acb9b5e7f9b47cfe186b2fd300241912e7b2bc0e725cca2018c4d5619
c96507386689e69f6112a5d0a91ea851a260e5c023642dc374a8489271f53246
cbc67007d847bf746349ff3584a31f9aea791c80d92b746ac53f01e848edf012
cc5a824b335fb27ef0c20eb4361fdd3e6bf05d432805939e78c920a6322a1aa3
cde3f5ffe0e71a30f1bda7f4f8016e3ea750ad9b23257232b55b017b631a1792
cebf3e8225847788fe4831794866864d3dfa406b1e302a1caae64cabf840c5fc
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1b3a4144c69f76740543e4f9d04de2cf728b906d0769eb163ee77fedafb9a46
d1bff0aa938a251f6b36310a309cf3f8074ad2db89435fd0461274b2166d87b2
d224b56d2a4dca561789cbebfef8fc511047304e1f849a71cb86a343c97fad1e
d6a343d1f22a917f6cd12624a677162451fa8c0f9059b5b8abbf06eab46b793a
d907cc0c4954f89fcdaf9ae17505474d44d1ba3f279fb04c09e7a76d49b78ddf
d9d73dee2b493bdc2014177826ffc9c43e0e4d099473a051780ca5833b96f8a3
da0f0d629083c4770ec7a6055b2e238cee3d32ba033621f38e9efd3346520810
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
da8b96246cd43f76f8ac5d77f7fee9b278b454cc32f060f5720e5993afe1a812
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
dba4ff8c48e289edc2d9302d580ba5de38e9b2acbf53162c874ea7e48bdbae9b
dceda745a0fb58233a95eff6d10796026df6792cb960cdf675eb7b8a6750a2d2
dd112607a042b68ef533bf746751d7a039403ef4e35626cf44a96ddc30dfd06e
de731d31fc3dc248dbea8fc7b6e96571cc96cad021793b2e0b051326d22cf8bd
dedb8d16bcb79e6b0c1bed21f6f32493a32f09d2ace418343fbedcbbaa777313
e0a5ac83948f3e3452af42c7621ebd3076d2738a371ccde99684bf7a88b13ad0
e0cd930ff5dbde1fac5cb7d5ea77cb8cf6cb487353801466cf55291f05b46301
e103a6b639e8537db6cf4d4f45a0bdf1885ec93f9a2bc2cb9b9eac83ae8508ab
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e437c41a77ca269b115558523de118ff73f72f80c0d023785dfae03f42533ffa
e441ee295ad7b48279eedcc69697711ad1a202fe30b0ba53bbb5a224e7f3b812
e58b529d0358a268a829d1a81346ddd9b081d0936fe8ad776a9196389491e7b2
e87a1c5e24f9a7c7dcb437417f0b05b0a3c12947ce32d65c990c988a8b5ed4d7
e8b4b0aa6c6f247658c8821e74e67ed1681b80eb6417952b431b594c78ff32f5
e92d50a4e1cb80aaa74b3f334424a9640de9e7d3dc9c8e04fa4252ff045274ab
e970076927edd20deaa79b96fbfa750a66592690e2fcdebfd62ac0a12b92a664
eae77f352b46db2bbb05689f634c340e0ce7bb6fa88997258977fd8d5950c758
ec67b0d6d3e138800d3b15568885ea4255e7cebaa480422594372f73123e0242
ed1c5bbca34935ba1b5cab94520839f182612ec6a8d6093f576c3e90bb4ab4aa
edbcabfdc58a9618679956fd00041690889000a1df1eb9be40bc689bc8e28784
edecd8da0e1abb0f30524b0a3d5339600560aa021ae663eeb9e9c02df02cc6d8
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
ee977fc9637c2b47a1564834a56b4638cedbef87df4d454db64889b54a2a3b57
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f4461fdc5512d2915f67a2b761cfd5ce1166d1f8dd0f07a571bf31eb1c7d0855
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f7022a969b9da4acd72eaa9f0f30b5e9435c18953224b0120817371c176b8106
f720d7b27752703f04681491c4d82dbff16403f35f441dac6e237830121e8d65
f8bd28fee94c800df636a486d42ed91d2df89db1fd3e223d5e89ce3d9dd107fe
f8f2c33fb7386ff63d909399b7399d9132329bb53de31fcf2d331a7f0fb4aab2
f9df1da2e337cc44e3d87a5dc93f8271933b5ee914c7046ef02e281014b6cda0
fa421b6ebbd2fb474d3a3866409ce6c1efd120b47ff256fffb8f8f50d556d3d9
faa502a8805e71a2655538e478d733fe7fd3148d5567af13fc138916990945f9
ff8b4ea3d6948ccdd813325757a7f65b7c1016332cc58eac8682ff9692d8db0d
ffe8ff80eb054f37fdc4c961a4fbf814ce86c50028f10c66679178b01fb8cfe9

www.nbcwashington.com Open in urlscan Pro 96.16.128.69 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

312 Requests

97 %HTTPS

40 %IPv6

46 Domains

76 Subdomains

60 IPs

6 Countries

6416 kBTransfer

14107 kBSize

38 Cookies

57 Outgoing links

Redirected requests

312 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 26 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.nbcwashington.com Open in urlscan Pro
96.16.128.69 Public Scan

Screenshot
Live screenshot

Full Image

312
Requests

97 %
HTTPS

40 %
IPv6

46
Domains

76
Subdomains

60
IPs

6
Countries

6416 kB
Transfer

14107 kB
Size

38
Cookies

312 HTTP transactions
26 data transactions