urlscan.io logo urlscan.io
SecurityTrails logo

www.krtv.com Open in urlscan Pro
13.225.78.66  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.krtv.com/news/national/accenture-restores-systems-following-reported-ransomware-attack
Submission: On August 12 via api from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 99 IPs in 11 countries across 82 domains to perform 344 HTTP transactions. The main IP is 13.225.78.66, located in United States and belongs to AMAZON-02, US. The main domain is www.krtv.com.
TLS certificate: Issued by Amazon on February 5th 2021. Valid for: a year.
This is the only time www.krtv.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 13.225.78.66 16509 (AMAZON-02)
5 13.224.193.18 16509 (AMAZON-02)
1 2600:9000:218... 16509 (AMAZON-02)
2 2606:4700::68... 13335 (CLOUDFLAR...)
5 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
3 2606:4700:303... 13335 (CLOUDFLAR...)
8 2.18.234.190 16625 (AKAMAI-AS)
1 151.139.128.11 20446 (HIGHWINDS3)
1 13.224.193.67 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:21f... 16509 (AMAZON-02)
13 2.18.235.40 16625 (AKAMAI-AS)
5 52.84.44.170 16509 (AMAZON-02)
2 2.18.235.93 16625 (AKAMAI-AS)
2 3 2.19.35.65 16625 (AKAMAI-AS)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
2 2a03:2880:f04... 32934 (FACEBOOK)
1 52.84.254.59 16509 (AMAZON-02)
1 4 151.101.14.137 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
1 3 142.250.181.230 15169 (GOOGLE)
1 5 65.9.73.82 16509 (AMAZON-02)
3 5 2620:116:800d... 16509 (AMAZON-02)
1 35.227.203.93 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:210... 16509 (AMAZON-02)
2 2.18.232.28 16625 (AKAMAI-AS)
2 52.84.45.26 16509 (AMAZON-02)
1 35.179.78.10 16509 (AMAZON-02)
1 2600:9000:20e... 16509 (AMAZON-02)
1 52.205.167.202 14618 (AMAZON-AES)
1 34.96.74.203 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 52.84.45.81 16509 (AMAZON-02)
8 3.22.136.188 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
12 216.58.212.162 15169 (GOOGLE)
2 2600:1f18:e8a... 14618 (AMAZON-AES)
5 64.202.112.191 23352 (SERVERCEN...)
1 151.101.14.132 54113 (FASTLY)
9 2a00:1450:400... 15169 (GOOGLE)
1 5 34.254.122.11 16509 (AMAZON-02)
2 15 134.209.129.254 14061 (DIGITALOC...)
12 35.244.159.8 15169 (GOOGLE)
3 18.156.195.47 16509 (AMAZON-02)
2 69.173.144.140 26667 (RUBICONPR...)
3 67.202.110.21 32748 (STEADFAST)
2 52.28.154.195 16509 (AMAZON-02)
9 19 185.33.221.50 29990 (ASN-APPNEX)
21 151.101.194.137 54113 (FASTLY)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 70.42.32.159 22075 (AS-OUTBRAIN)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 151.101.114.132 54113 (FASTLY)
3 151.101.1.194 54113 (FASTLY)
9 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 5 2a00:1450:400... 15169 (GOOGLE)
4 35.156.113.115 16509 (AMAZON-02)
2 13.225.78.30 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
3 18.119.22.231 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
2 12 13.248.245.213 16509 (AMAZON-02)
2 2 167.172.1.14 14061 (DIGITALOC...)
2 205.185.216.10 20446 (HIGHWINDS3)
4 151.101.13.108 54113 (FASTLY)
1 208.100.17.174 32748 (STEADFAST)
6 104.109.78.125 16625 (AKAMAI-AS)
5 5 185.29.135.234 30419 (MEDIAMATH...)
5 6 37.157.6.247 198622 (ADFORM)
4 9 13.248.242.197 16509 (AMAZON-02)
9 15 172.217.18.98 15169 (GOOGLE)
2 2620:1ec:c11:... 8068 (MICROSOFT...)
3 4 2a00:1288:110... 34010 (YAHOO-IRD)
2 4 209.54.177.54 16509 (AMAZON-02)
2 2 64.202.112.63 22075 (AS-OUTBRAIN)
4 4 69.173.144.138 26667 (RUBICONPR...)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
3 69.173.144.165 26667 (RUBICONPR...)
1 35.244.174.68 15169 (GOOGLE)
4 4 151.101.14.49 54113 (FASTLY)
3 2.18.233.180 16625 (AKAMAI-AS)
2 2 35.186.253.211 15169 (GOOGLE)
4 4 18.159.140.98 16509 (AMAZON-02)
3 3 18.156.0.31 16509 (AMAZON-02)
4 4 2.18.234.21 16625 (AKAMAI-AS)
4 4 72.251.249.9 29791 (VOXEL-DOT...)
2 178.162.133.149 60781 (LEASEWEB-...)
2 104.18.100.194 13335 (CLOUDFLAR...)
2 37.252.173.27 29990 (ASN-APPNEX)
2 69.173.151.80 26667 (RUBICONPR...)
1 185.64.190.78 62713 (AS-PUBMATIC)
1 213.155.156.168 1299 (TELIANET ...)
1 178.250.2.151 44788 (ASN-CRITE...)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
18 185.64.190.80 62713 (AS-PUBMATIC)
3 3 52.16.214.249 16509 (AMAZON-02)
1 185.86.139.89 201081 (SMARTADSE...)
1 1 162.55.6.212 24940 (HETZNER-AS)
2 2 213.19.147.45 26120 (RHYTHMONE)
1 1 213.19.147.44 3356 (LEVEL3)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 94.23.171.206 16276 (OVH)
1 173.231.181.122 29791 (VOXEL-DOT...)
1 1 198.148.27.140 19189 (PULSEPOINT)
1 2 2606:4700::68... 13335 (CLOUDFLAR...)
1 169.197.150.7 398989 (DEEPINTENT)
3 185.64.190.81 62713 (AS-PUBMATIC)
3 3 51.79.83.225 16276 (OVH)
1 1 52.208.103.128 16509 (AMAZON-02)
1 2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 159.253.128.188 36351 (SOFTLAYER)
3 3 52.58.229.235 16509 (AMAZON-02)
1 1 193.0.160.128 54312 (ROCKETFUEL)
1 1 2001:678:cb4:... 56396 (TURN)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 178.62.202.251 14061 (DIGITALOC...)
1 1 66.155.71.150 13768 (COGECO-PEER1)
344 99
6    13.225.78.66 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-66.fra2.r.cloudfront.net
www.krtv.com
5    13.224.193.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-18.fra2.r.cloudfront.net
ewscripps.brightspotcdn.com
1    2600:9000:2181:9c00:9:4c16:5180:21 (United States)

ASN16509 (AMAZON-02, US)
d25dfknw9ghxs6.cloudfront.net
2    2606:4700::6810:9440 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.cookielaw.org
5    2a02:26f0:6c00::210:ba0b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
use.typekit.net
3    2606:4700:3037::6815:4e07 (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
8    2.18.234.190 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-190.deploy.static.akamaitechnologies.com
widgets.outbrain.com
widget-pixels.outbrain.com
1    151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)
s.skimresources.com
1    13.224.193.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-67.fra2.r.cloudfront.net
assets.scrippsdigital.com
1    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2600:9000:21f3:3e00:d:77c3:2dc0:21 (United States)

ASN16509 (AMAZON-02, US)
d2s8wlbatk24s7.cloudfront.net
13    2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com
sejs.moatads.com
px.moatads.com
z.moatads.com
5    52.84.44.170 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-44-170.mrs52.r.cloudfront.net
c.amazon-adsystem.com
2    2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com
contextual.media.net
hblg.media.net
3    2.19.35.65 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-35-65.deploy.static.akamaitechnologies.com
ads.rubiconproject.com
secure-assets.rubiconproject.com
1    2a02:26f0:6c00:2ae::19fd (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
p.typekit.net
2    2a03:2880:f045:10:face:b00c:0:3 (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    52.84.254.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-254-59.mrs52.r.cloudfront.net
cdn.parsely.com
4    151.101.14.137 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
cd.connatix.com
cds.connatix.com
lit.connatix.com
1    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    142.250.181.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f6.1e100.net
4394967.fls.doubleclick.net
5    65.9.73.82 (United States)

ASN16509 (AMAZON-02, US)
sb.scorecardresearch.com
5    2620:116:800d:21:f916:5049:f87f:108e (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
1    35.227.203.93 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 93.203.227.35.bc.googleusercontent.com
pymx5.com
4    2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2a00:1450:400c:c1b::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2600:9000:2104:f200:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
2    2.18.232.28 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-28.deploy.static.akamaitechnologies.com
tcheck.outbrainimg.com
images.outbrainimg.com
2    52.84.45.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-45-26.mrs52.r.cloudfront.net
api.ewscloud.com
1    35.179.78.10 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-179-78-10.eu-west-2.compute.amazonaws.com
mb.moatads.com
1    2600:9000:20eb:bc00:10:618e:d880:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.ewscloud.com
1    52.205.167.202 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-167-202.compute-1.amazonaws.com
p1.parsely.com
1    34.96.74.203 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 203.74.96.34.bc.googleusercontent.com
api.pymx5.com
1    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    52.84.45.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-84-45-81.mrs52.r.cloudfront.net
ob.cheqzone.com
8    3.22.136.188 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-22-136-188.us-east-2.compute.amazonaws.com
capi.connatix.com
2    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
googleads.g.doubleclick.net
12    216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f2.1e100.net
securepubads.g.doubleclick.net
2    2600:1f18:e8a:cd02:882c:d916:bae1:7722 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
obs.cheqzone.com
5    64.202.112.191 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com
log.outbrainimg.com
1    151.101.14.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
odb.outbrain.com
9    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
adservice.google.com
5    34.254.122.11 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-122-11.eu-west-1.compute.amazonaws.com
g2.gumgum.com
rtb.gumgum.com
15    134.209.129.254 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
e.serverbid.com
12    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
ewscripps-d.openx.net
eu-u.openx.net
us-u.openx.net
3    18.156.195.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
c2shb.ssp.yahoo.com
2    69.173.144.140 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
3    67.202.110.21 (Crown Point, United States)

ASN32748 (STEADFAST, US)
PTR: ip21.67-202-110.static.steadfastdns.net
ssc.33across.com
2    52.28.154.195 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-154-195.eu-central-1.compute.amazonaws.com
tlx.3lift.com
19    185.33.221.50 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
21    151.101.194.137 (United States)

ASN54113 (FASTLY, US)
vid.connatix.com
img.connatix.com
4    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
1    2a00:1450:4001:827::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    70.42.32.159 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
mcdp-nydc1.outbrain.com
1    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.pl
2    2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
9e10fba2caf64a2003141bd5460a3e52.safeframe.googlesyndication.com
1    151.101.114.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
mv.outbrain.com
3    151.101.1.194 (United States)

ASN54113 (FASTLY, US)
includemodal.global.ssl.fastly.net
9    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
5    2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
4    35.156.113.115 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-113-115.eu-central-1.compute.amazonaws.com
prebid-a.rubiconproject.com
2    13.225.78.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-30.fra2.r.cloudfront.net
videoads.ewscloud.com
3    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
3    18.119.22.231 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-119-22-231.us-east-2.compute.amazonaws.com
includemodal.com
1    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
12    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
2    167.172.1.14 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
sync.serverbid.com
2    205.185.216.10 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net
serverbid-sync.nyc3.cdn.digitaloceanspaces.com
4    151.101.13.108 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
acdn.adnxs.com
1    208.100.17.174 (United States)

ASN32748 (STEADFAST, US)
PTR: ip174.208-100-17.static.steadfastdns.net
ssc-cms.33across.com
6    104.109.78.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
5    185.29.135.234 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
6    37.157.6.247 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
9    13.248.242.197 (United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com
match.adsrvr.org
15    172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net
cm.g.doubleclick.net
2    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
4    2a00:1288:110:c305::8000 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
pr-bh.ybp.yahoo.com
4    209.54.177.54 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
2    64.202.112.63 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
4    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    2a00:1288:80:800::7001 (Frankfurt am Main, Germany)

ASN203220 (YAHOO-DEB, GB)
ads.yahoo.com
3    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
4    151.101.14.49 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
3    2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
rtb.openx.net
4    18.159.140.98 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
pixel.advertising.com
3    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
4    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
ssum-sec.casalemedia.com
4    72.251.249.9 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
2    178.162.133.149 (Madrid, Spain)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com
sync.go.sonobi.com
2    104.18.100.194 (United States)

ASN13335 (CLOUDFLARENET, US)
p.adsymptotic.com
2    37.252.173.27 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
2    69.173.151.80 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
1    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
1    213.155.156.168 (Uppsala, Sweden)

ASN1299 (TELIANET Telia Carrier, SE)
PTR: 213-155-156-168.teliacarrier-cust.com
d5p.de17a.com
1    178.250.2.151 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
1    85.114.159.118 (Schopfheim, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
18    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
image2.pubmatic.com
3    52.16.214.249 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
match.prod.bidr.io
1    185.86.139.89 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
1    162.55.6.212 (Germany)

ASN24940 (HETZNER-AS, DE)
csync.loopme.me
2    213.19.147.45 (United Kingdom)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
1    213.19.147.44 (United Kingdom)

ASN3356 (LEVEL3, US)
sync.targeting.unrulymedia.com
1    2606:4700:3039::6815:c073 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
1    94.23.171.206 (France)

ASN16276 (OVH, FR)
green.erne.co
1    173.231.181.122 (United States)

ASN29791 (VOXEL-DOT-NET, US)
cm.adgrx.com
1    198.148.27.140 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
2    2606:4700::6812:c05 (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    169.197.150.7 (United States)

ASN398989 (DEEPINTENT, US)
match.deepintent.com
3    185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
3    51.79.83.225 (Beauharnois, Canada)

ASN16276 (OVH, FR)
PTR: ns5000442.ip-51-79-83.net
pixel.onaudience.com
1    52.208.103.128 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
sync.crwdcntrl.net
2    2606:4700:10::6816:1857 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
mwzeom.zeotap.com
1    159.253.128.188 (Amsterdam, Netherlands)

ASN36351 (SOFTLAYER, US)
PTR: bc.80.fd9f.ip4.static.sl-reverse.com
um.simpli.fi
3    52.58.229.235 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
x.bidswitch.net
1    193.0.160.128 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
1    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (TURN, GB)
ad.turn.com
1    2a02:fa8:8806:13::1370 (United States)

ASN41041 (VCLK-EU-SE, US)
pubmatic-match.dotomi.com
1    178.62.202.251 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
1    66.155.71.150 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
Apex Domain
Subdomains		 Transfer
35 doubleclick.net
4394967.fls.doubleclick.net
stats.g.doubleclick.net
securepubads.g.doubleclick.net
googleads.g.doubleclick.net
cm.g.doubleclick.net
191 KB
33 connatix.com
cd.connatix.com
cds.connatix.com
capi.connatix.com
lit.connatix.com
vid.connatix.com
img.connatix.com
411 KB
25 pubmatic.com
ads.pubmatic.com
image6.pubmatic.com
simage2.pubmatic.com
image2.pubmatic.com
image4.pubmatic.com
simage4.pubmatic.com
36 KB
25 adnxs.com
ib.adnxs.com
acdn.adnxs.com
secure.adnxs.com
50 KB
24 rubiconproject.com
ads.rubiconproject.com
fastlane.rubiconproject.com
prebid-a.rubiconproject.com
eus.rubiconproject.com
token.rubiconproject.com
pixel.rubiconproject.com
secure-assets.rubiconproject.com
pixel-us-east.rubiconproject.com
147 KB
19 googlesyndication.com
pagead2.googlesyndication.com
9e10fba2caf64a2003141bd5460a3e52.safeframe.googlesyndication.com
tpc.googlesyndication.com
196 KB
17 serverbid.com
e.serverbid.com
sync.serverbid.com
3 KB
14 3lift.com
tlx.3lift.com
eb2.3lift.com
6 KB
14 openx.net
ewscripps-d.openx.net
eu-u.openx.net
us-u.openx.net
rtb.openx.net
4 KB
14 moatads.com
sejs.moatads.com
mb.moatads.com
px.moatads.com
z.moatads.com
387 KB
11 yahoo.com
c2shb.ssp.yahoo.com
pr-bh.ybp.yahoo.com
ads.yahoo.com
ups.analytics.yahoo.com
7 KB
11 outbrain.com
widgets.outbrain.com
widget-pixels.outbrain.com
odb.outbrain.com
mcdp-nydc1.outbrain.com
mv.outbrain.com
107 KB
9 adsrvr.org
match.adsrvr.org
3 KB
9 amazon-adsystem.com
c.amazon-adsystem.com
s.amazon-adsystem.com
38 KB
7 google.com
adservice.google.com
www.google.com
1 KB
7 outbrainimg.com
tcheck.outbrainimg.com
log.outbrainimg.com
images.outbrainimg.com
25 KB
6 adform.net
c1.adform.net
3 KB
6 typekit.net
use.typekit.net
p.typekit.net
123 KB
6 krtv.com
www.krtv.com
314 KB
5 mathtag.com
sync.mathtag.com
3 KB
5 googletagservices.com
www.googletagservices.com
177 KB
5 gumgum.com
g2.gumgum.com
rtb.gumgum.com
4 KB
5 ewscloud.com
api.ewscloud.com
static.ewscloud.com
videoads.ewscloud.com
450 KB
5 quantserve.com
secure.quantserve.com
pixel.quantserve.com
10 KB
5 scorecardresearch.com
sb.scorecardresearch.com
5 KB
5 google-analytics.com
www.google-analytics.com
20 KB
5 brightspotcdn.com
ewscripps.brightspotcdn.com
434 KB
4 lijit.com
ap.lijit.com
2 KB
4 casalemedia.com
ssum-sec.casalemedia.com
3 KB
4 advertising.com
pixel.advertising.com
1 KB
4 everesttech.net
sync-tm.everesttech.net
1 KB
4 googleapis.com
imasdk.googleapis.com
690 KB
4 33across.com
ssc.33across.com
ssc-cms.33across.com
1 KB
3 bidswitch.net
x.bidswitch.net
1 KB
3 onaudience.com
pixel.onaudience.com
1 KB
3 bidr.io
match.prod.bidr.io
2 KB
3 includemodal.com
includemodal.com
397 B
3 fastly.net
includemodal.global.ssl.fastly.net
29 KB
3 cheqzone.com
ob.cheqzone.com
obs.cheqzone.com
21 KB
3 fontawesome.com
use.fontawesome.com
132 KB
2 zeotap.com
spl.zeotap.com
mwzeom.zeotap.com
891 B
2 tribalfusion.com
a.tribalfusion.com
s.tribalfusion.com
1 KB
2 1rx.io
sync.1rx.io
1 KB
2 adsymptotic.com
p.adsymptotic.com
2 sonobi.com
sync.go.sonobi.com
952 B
2 zemanta.com
b1sync.zemanta.com
602 B
2 bing.com
c.bing.com
712 B
2 digitaloceanspaces.com
serverbid-sync.nyc3.cdn.digitaloceanspaces.com
10 KB
2 pymx5.com
pymx5.com
api.pymx5.com
10 KB
2 parsely.com
cdn.parsely.com
p1.parsely.com
24 KB
2 facebook.net
connect.facebook.net
69 KB
2 media.net
contextual.media.net
hblg.media.net
97 KB
2 cookielaw.org
cdn.cookielaw.org
7 KB
2 cloudfront.net
d25dfknw9ghxs6.cloudfront.net
d2s8wlbatk24s7.cloudfront.net
49 KB
1 sitescout.com
pixel-sync.sitescout.com
337 B
1 bidtheatre.com
match.adsby.bidtheatre.com
550 B
1 dotomi.com
pubmatic-match.dotomi.com
104 B
1 turn.com
ad.turn.com
518 B
1 rfihub.com
p.rfihub.com
781 B
1 simpli.fi
um.simpli.fi
609 B
1 crwdcntrl.net
sync.crwdcntrl.net
236 B
1 deepintent.com
match.deepintent.com
44 B
1 contextweb.com
bh.contextweb.com
462 B
1 adgrx.com
cm.adgrx.com
408 B
1 erne.co
green.erne.co
326 B
1 ad4m.at
ad4m.at
974 B
1 unrulymedia.com
sync.targeting.unrulymedia.com
535 B
1 loopme.me
csync.loopme.me
212 B
1 smartadserver.com
rtb-csync.smartadserver.com
163 B
1 adition.com
dsp.adfarm1.adition.com
501 B
1 criteo.com
dis.criteo.com
360 B
1 de17a.com
d5p.de17a.com
134 B
1 rlcdn.com
id.rlcdn.com
66 B
1 google.pl
adservice.google.pl
165 B
1 2mdn.net
s0.2mdn.net
17 KB
1 google.de
adservice.google.de
931 B
1 quantcount.com
rules.quantcount.com
1 KB
1 googletagmanager.com
www.googletagmanager.com
41 KB
1 scrippsdigital.com
assets.scrippsdigital.com
4 KB
1 skimresources.com
s.skimresources.com
0 id5-sync.com Failed
id5-sync.com Failed
0 dyntrk.com Failed
gu.dyntrk.com Failed
344 82
Domain Requested by
19 ib.adnxs.com 9 redirects d25dfknw9ghxs6.cloudfront.net
eb2.3lift.com
acdn.adnxs.com
15 cm.g.doubleclick.net 9 redirects eu-u.openx.net
eb2.3lift.com
15 vid.connatix.com cd.connatix.com
www.krtv.com
15 e.serverbid.com 2 redirects d25dfknw9ghxs6.cloudfront.net
serverbid-sync.nyc3.cdn.digitaloceanspaces.com
ads.pubmatic.com
12 simage2.pubmatic.com ads.pubmatic.com
12 eb2.3lift.com 2 redirects ads.rubiconproject.com
eb2.3lift.com
12 securepubads.g.doubleclick.net www.krtv.com
securepubads.g.doubleclick.net
d25dfknw9ghxs6.cloudfront.net
www.googletagservices.com
9 match.adsrvr.org 4 redirects eu-u.openx.net
eb2.3lift.com
9 tpc.googlesyndication.com securepubads.g.doubleclick.net
9e10fba2caf64a2003141bd5460a3e52.safeframe.googlesyndication.com
tpc.googlesyndication.com
9 px.moatads.com www.krtv.com
8 pagead2.googlesyndication.com securepubads.g.doubleclick.net
srcdoc
d25dfknw9ghxs6.cloudfront.net
tpc.googlesyndication.com
www.googletagservices.com
8 capi.connatix.com cd.connatix.com
7 widgets.outbrain.com www.krtv.com
widgets.outbrain.com
6 image2.pubmatic.com ads.pubmatic.com
6 c1.adform.net 5 redirects ads.pubmatic.com
6 eus.rubiconproject.com ads.rubiconproject.com
eus.rubiconproject.com
serverbid-sync.nyc3.cdn.digitaloceanspaces.com
6 eu-u.openx.net ads.rubiconproject.com
eu-u.openx.net
6 img.connatix.com www.krtv.com
6 www.krtv.com www.krtv.com
ewscripps.brightspotcdn.com
5 sync.mathtag.com 5 redirects
5 www.google.com 1 redirects securepubads.g.doubleclick.net
9e10fba2caf64a2003141bd5460a3e52.safeframe.googlesyndication.com
tpc.googlesyndication.com
5 www.googletagservices.com securepubads.g.doubleclick.net
9e10fba2caf64a2003141bd5460a3e52.safeframe.googlesyndication.com
5 log.outbrainimg.com d25dfknw9ghxs6.cloudfront.net
widgets.outbrain.com
5 sb.scorecardresearch.com 1 redirects www.krtv.com
widgets.outbrain.com
5 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
www.krtv.com
5 c.amazon-adsystem.com www.krtv.com
d25dfknw9ghxs6.cloudfront.net
5 use.typekit.net www.krtv.com
use.typekit.net
5 ewscripps.brightspotcdn.com www.krtv.com
4 ap.lijit.com 4 redirects
4 ssum-sec.casalemedia.com 4 redirects
4 pixel.advertising.com 4 redirects
4 sync-tm.everesttech.net 4 redirects
4 token.rubiconproject.com 4 redirects
4 s.amazon-adsystem.com 2 redirects eb2.3lift.com
4 pr-bh.ybp.yahoo.com 3 redirects ads.pubmatic.com
4 us-u.openx.net eu-u.openx.net
4 acdn.adnxs.com ads.rubiconproject.com
serverbid-sync.nyc3.cdn.digitaloceanspaces.com
4 prebid-a.rubiconproject.com d25dfknw9ghxs6.cloudfront.net
4 imasdk.googleapis.com cd.connatix.com
imasdk.googleapis.com
4 g2.gumgum.com d25dfknw9ghxs6.cloudfront.net
4 pixel.quantserve.com 3 redirects www.krtv.com
3 x.bidswitch.net 3 redirects
3 pixel.onaudience.com 3 redirects
3 match.prod.bidr.io 3 redirects
3 ups.analytics.yahoo.com 3 redirects
3 ads.pubmatic.com serverbid-sync.nyc3.cdn.digitaloceanspaces.com
ads.pubmatic.com
3 pixel.rubiconproject.com
3 includemodal.com www.krtv.com
3 z.moatads.com securepubads.g.doubleclick.net
3 includemodal.global.ssl.fastly.net securepubads.g.doubleclick.net
3 ssc.33across.com d25dfknw9ghxs6.cloudfront.net
3 c2shb.ssp.yahoo.com d25dfknw9ghxs6.cloudfront.net
3 stats.g.doubleclick.net d25dfknw9ghxs6.cloudfront.net
3 4394967.fls.doubleclick.net 1 redirects www.googletagmanager.com
www.krtv.com
3 use.fontawesome.com www.krtv.com
use.fontawesome.com
2 image4.pubmatic.com ads.pubmatic.com
2 sync.1rx.io 2 redirects
2 pixel-us-east.rubiconproject.com eus.rubiconproject.com
2 secure.adnxs.com acdn.adnxs.com
2 p.adsymptotic.com serverbid-sync.nyc3.cdn.digitaloceanspaces.com
2 sync.go.sonobi.com serverbid-sync.nyc3.cdn.digitaloceanspaces.com
2 rtb.openx.net 2 redirects
2 secure-assets.rubiconproject.com 2 redirects
2 b1sync.zemanta.com 2 redirects
2 c.bing.com eb2.3lift.com
2 serverbid-sync.nyc3.cdn.digitaloceanspaces.com ads.rubiconproject.com
2 sync.serverbid.com 2 redirects
2 googleads.g.doubleclick.net 9e10fba2caf64a2003141bd5460a3e52.safeframe.googlesyndication.com
2 videoads.ewscloud.com securepubads.g.doubleclick.net
www.krtv.com
2 9e10fba2caf64a2003141bd5460a3e52.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 tlx.3lift.com d25dfknw9ghxs6.cloudfront.net
2 fastlane.rubiconproject.com d25dfknw9ghxs6.cloudfront.net
2 ewscripps-d.openx.net d25dfknw9ghxs6.cloudfront.net
2 obs.cheqzone.com ob.cheqzone.com
www.krtv.com
2 adservice.google.com 4394967.fls.doubleclick.net
securepubads.g.doubleclick.net
2 api.ewscloud.com ewscripps.brightspotcdn.com
2 cds.connatix.com www.krtv.com
cd.connatix.com
2 connect.facebook.net www.krtv.com
connect.facebook.net
2 cdn.cookielaw.org www.krtv.com
d25dfknw9ghxs6.cloudfront.net
1 simage4.pubmatic.com ads.pubmatic.com
1 rtb.gumgum.com 1 redirects
1 pixel-sync.sitescout.com 1 redirects
1 match.adsby.bidtheatre.com 1 redirects
1 pubmatic-match.dotomi.com ads.pubmatic.com
1 ad.turn.com 1 redirects
1 p.rfihub.com 1 redirects
1 um.simpli.fi ads.pubmatic.com
1 mwzeom.zeotap.com ads.pubmatic.com
1 spl.zeotap.com 1 redirects
1 sync.crwdcntrl.net 1 redirects
1 match.deepintent.com ads.pubmatic.com
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 bh.contextweb.com 1 redirects
1 cm.adgrx.com ads.pubmatic.com
1 green.erne.co 1 redirects
1 ad4m.at ads.pubmatic.com
1 sync.targeting.unrulymedia.com 1 redirects
1 csync.loopme.me 1 redirects
1 rtb-csync.smartadserver.com ads.pubmatic.com
1 dsp.adfarm1.adition.com 1 redirects
1 dis.criteo.com ads.pubmatic.com
1 d5p.de17a.com ads.pubmatic.com
1 image6.pubmatic.com ads.pubmatic.com
1 id.rlcdn.com
1 ads.yahoo.com
1 ssc-cms.33across.com ads.rubiconproject.com
1 mv.outbrain.com widgets.outbrain.com
1 adservice.google.pl securepubads.g.doubleclick.net
1 images.outbrainimg.com www.krtv.com
1 mcdp-nydc1.outbrain.com widgets.outbrain.com
1 s0.2mdn.net imasdk.googleapis.com
1 lit.connatix.com cd.connatix.com
1 odb.outbrain.com widgets.outbrain.com
1 hblg.media.net www.krtv.com
1 adservice.google.de adservice.google.com
1 ob.cheqzone.com widgets.outbrain.com
1 api.pymx5.com pymx5.com
1 p1.parsely.com www.krtv.com
1 static.ewscloud.com www.krtv.com
1 mb.moatads.com sejs.moatads.com
1 widget-pixels.outbrain.com www.krtv.com
1 tcheck.outbrainimg.com d25dfknw9ghxs6.cloudfront.net
1 rules.quantcount.com secure.quantserve.com
1 pymx5.com www.googletagmanager.com
1 secure.quantserve.com www.krtv.com
1 cd.connatix.com 1 redirects
1 cdn.parsely.com www.krtv.com
1 p.typekit.net use.typekit.net
1 ads.rubiconproject.com www.krtv.com
1 contextual.media.net www.krtv.com
1 sejs.moatads.com www.krtv.com
1 d2s8wlbatk24s7.cloudfront.net d25dfknw9ghxs6.cloudfront.net
1 www.googletagmanager.com www.krtv.com
1 assets.scrippsdigital.com www.krtv.com
1 s.skimresources.com www.krtv.com
1 d25dfknw9ghxs6.cloudfront.net www.krtv.com
0 id5-sync.com Failed
0 gu.dyntrk.com Failed
344 139
Subject Issuer Validity Valid
*.scrippsnationalnews.com
Amazon		 2021-02-05 -
2022-03-06		 a year crt.sh
ewscripps.brightspotcdn.com
Amazon		 2021-05-30 -
2022-06-28		 a year crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh
cookielaw.org
Cloudflare Inc ECC CA-3		 2021-06-01 -
2022-05-31		 a year crt.sh
use.typekit.net
DigiCert TLS RSA SHA256 2020 CA1		 2020-11-03 -
2021-11-07		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-07 -
2022-07-06		 a year crt.sh
*.outbrain.com
DigiCert SHA2 Secure Server CA		 2021-05-25 -
2022-06-01		 a year crt.sh
*.skimresources.com
DigiCert SHA2 Secure Server CA		 2020-09-10 -
2021-10-12		 a year crt.sh
*.scrippsdigital.com
Amazon		 2021-08-08 -
2022-09-06		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
moatads.com
DigiCert SHA2 Secure Server CA		 2021-01-21 -
2022-01-25		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2021-07-06 -
2022-06-27		 a year crt.sh
*.media.net
DigiCert SHA2 Secure Server CA		 2021-04-12 -
2022-04-20		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-04-01 -
2022-04-04		 a year crt.sh
*.typekit.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-16 -
2022-07-21		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-07-20 -
2021-10-18		 3 months crt.sh
*.parsely.com
Amazon		 2021-07-05 -
2022-08-03		 a year crt.sh
*.connatix.com
Go Daddy Secure Certificate Authority - G2		 2020-09-29 -
2021-10-19		 a year crt.sh
*.google.com
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
*.scorecardresearch.com
Amazon		 2021-02-28 -
2022-03-29		 a year crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA		 2020-10-02 -
2021-10-07		 a year crt.sh
*.pymx5.com
Go Daddy Secure Certificate Authority - G2		 2020-09-10 -
2021-10-12		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-07-26 -
2021-10-18		 3 months crt.sh
*.outbrainimg.com
DigiCert SHA2 Secure Server CA		 2021-05-04 -
2022-05-09		 a year crt.sh
*.ewscloud.com
DigiCert SHA2 Secure Server CA		 2019-08-02 -
2021-10-13		 2 years crt.sh
*.moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-05-25 -
2022-06-25		 a year crt.sh
*.cheqzone.com
Amazon		 2021-02-21 -
2022-03-22		 a year crt.sh
*.google.de
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
obs.cheqzone.com
R3		 2021-06-14 -
2021-09-12		 3 months crt.sh
*.gumgum.com
Amazon		 2021-06-05 -
2022-07-04		 a year crt.sh
e.serverbid.com
R3		 2021-06-01 -
2021-08-30		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-08-10 -
2022-02-02		 6 months crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2020-06-01 -
2021-09-30		 a year crt.sh
*.3lift.com
Amazon		 2021-06-12 -
2022-07-11		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
*.google.pl
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
*.freetls.fastly.net
GlobalSign Atlas R3 DV TLS CA 2020		 2021-04-27 -
2022-05-29		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-07-12 -
2021-10-04		 3 months crt.sh
includemodal.com
Amazon		 2020-11-15 -
2021-12-14		 a year crt.sh
*.nyc3.cdn.digitaloceanspaces.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-30 -
2022-04-30		 a year crt.sh
cdn.adnxs.com
GlobalSign Organization Validated CA - SHA256 - G4		 2021-05-10 -
2022-06-11		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2021-07-06 -
2022-01-06		 6 months crt.sh
s.amazon-adsystem.com
Amazon		 2021-07-14 -
2022-06-27		 a year crt.sh
*.ads.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-07-08 -
2021-08-25		 2 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-25 -
2022-03-28		 a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2021-03-30 -
2022-04-04		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2020-12-06 -
2022-01-07		 a year crt.sh
track.adform.net
DigiCert SHA2 Secure Server CA		 2019-09-16 -
2021-09-20		 2 years crt.sh
*.de17a.com
Sectigo ECC Domain Validation Secure Server CA		 2020-11-25 -
2021-12-25		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2021-06-27 -
2021-09-24		 3 months crt.sh
*.smartadserver.com
DigiCert ECC Secure Server CA		 2020-01-30 -
2022-02-03		 2 years crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-24 -
2022-03-26		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2020-04-09 -
2022-06-08		 2 years crt.sh
*.simpli.fi
DigiCert SHA2 Secure Server CA		 2019-09-18 -
2021-12-12		 2 years crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-03-29 -
2021-09-22		 6 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2019-06-19 -
2021-08-31		 2 years crt.sh

This page contains 51 frames:

Primary Page: https://www.krtv.com/news/national/accenture-restores-systems-following-reported-ransomware-attack
Frame ID: 53F7A4C6D07E00FBEF72455ED36B6A6D
Requests: 145 HTTP requests in this frame

Frame: https://cds.connatix.com/p/126004/connatix.playspace.dc.js
Frame ID: B15F2C76923BA2B396E4E541ABE76FAE
Requests: 13 HTTP requests in this frame

Frame: https://4394967.fls.doubleclick.net/activityi;dc_pre=CK789M_gqvICFZPQ1QodAQwGqw;src=4394967;type=wftx;cat=pc_tt0;ord=8460480683144;gtm=2wg8b0;auiddc=1047019986.1628746255;u1=U.S.%20and%20the%20World;u2=Accenture%20restores%20systems%20following%20reported%20ransomware%20attack;ps=1;~oref=https%3A%2F%2Fwww.krtv.com%2Fnews%2Fnational%2Faccenture-restores-systems-following-reported-ransomware-attack
Frame ID: 844CADC00B0C6E8CC2B8B3F61958535B
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/cookie/test.html
Frame ID: 735F9313DC1A0FD6CE103458BC89FD60
Requests: 2 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CK789M_gqvICFZPQ1QodAQwGqw;src=4394967;type=wftx;cat=pc_tt0;ord=8460480683144;gtm=2wg8b0;auiddc=1047019986.1628746255;u1=U.S.%20and%20the%20World;u2=Accenture%20restores%20systems%20following%20reported%20ransomware%20attack;ps=1;~oref=https%3A%2F%2Fwww.krtv.com%2Fnews%2Fnational%2Faccenture-restores-systems-following-reported-ransomware-attack
Frame ID: EABA2B374599835F0BF309201C801AAF
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CK789M_gqvICFZPQ1QodAQwGqw;src=4394967;type=wftx;cat=pc_tt0;ord=8460480683144;gtm=2wg8b0;auiddc=1047019986.1628746255;u1=U.S.%20and%20the%20World;u2=Accenture%20restores%20systems%20following%20reported%20ransomware%20attack;ps=1;~oref=https%3A%2F%2Fwww.krtv.com%2Fnews%2Fnational%2Faccenture-restores-systems-following-reported-ransomware-attack
Frame ID: B1B1CB1C1732F4808DF96C6503ED976B
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.474.0_en.html
Frame ID: D72315697417F7C88A890AFF31C07E4A
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.474.0_en.html
Frame ID: CD28CE3BB7EE36EE19449F7BF1F49B1D
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.474.0_en.html
Frame ID: 56FB5F61C0D2C9D57382352A95384153
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 05ABACA9DBEBC377EAB397E9D1A76464
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 70F35A48D1C4A9EA7A55A505EE3F41E4
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: C007A0A9C1140B5BEB235A6CB77C259D
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Frame ID: 017FC157B570AF90FAD75874C2E672FC
Requests: 3 HTTP requests in this frame

Frame: https://9e10fba2caf64a2003141bd5460a3e52.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D677E8B17B942BC2073E94D8CB1DB49C
Requests: 1 HTTP requests in this frame

Frame: https://includemodal.global.ssl.fastly.net/pw.js
Frame ID: 0360AA0C8D742D835C53FF009EE26B41
Requests: 11 HTTP requests in this frame

Frame: https://z.moatads.com/ewscrippsdfp76939516016/moatad.js
Frame ID: 545181B056EF6CC8325DFDF21F252CCE
Requests: 9 HTTP requests in this frame

Frame: https://9e10fba2caf64a2003141bd5460a3e52.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: EAFC9E1CDA2C00DC96BA4E608BF71F88
Requests: 9 HTTP requests in this frame

Frame: https://includemodal.global.ssl.fastly.net/pw.js
Frame ID: 54C421088617CF5AD4A7A4A12811793E
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 0726A2CCEC97D7A53B61E6D98D6FC619
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 3835B3F1C5BD6BEE17DE463A4A54F339
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 14EBADA5AA2FFA4886FE32D94E61775C
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: A9F557AAA5131C445A50FC381711674C
Requests: 11 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=244d878b-1cc7-43a5-9a4f-43a0e7f860dd&gdpr=1
Frame ID: 4B018168FBF3C718B2A1EE244888EB3D
Requests: 7 HTTP requests in this frame

Frame: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Frame ID: 9AA04976C44ABE81973BD5617B37C0E6
Requests: 8 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: F51268411767A16023C0097BBE4CE14C
Requests: 3 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=azIy8WByqr67OuaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined
Frame ID: 2962120D64928CD887F7DBC403B615F7
Requests: 1 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 8607F235D81055C263C77FCBE09325D1
Requests: 11 HTTP requests in this frame

Frame: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Frame ID: E465E6274281B55220F0637CDE6A2E90
Requests: 8 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=244d878b-1cc7-43a5-9a4f-43a0e7f860dd&gdpr=1
Frame ID: 74CBE3042C5ACE43595E7D86A8FA0444
Requests: 7 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 5F6302B28F86B456D6EF8D4F18488D3D
Requests: 10 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 965CB834B14BBA8A746B3D7024BE72A9
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Frame ID: 99CE99E00092DF167E0CCEFC083A8356
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Frame ID: C8444782B41D9EC3299D24AE21B844E0
Requests: 24 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 3C3CB09B6A91046727EBB656A06E2CA5
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Frame ID: 78F70C08A06639F106BDDC44C5AC5C7E
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Frame ID: 659C2E10960E134E8E94A58A77951892
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: ED2E8CBE2ED2C39294D671C811A2F19E
Requests: 2 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=32F0BC0C-2763-4FAF-9C87-B4A19F5371E3
Frame ID: 9793D712CFFB3CC115DC5C8C8CD1570A
Requests: 1 HTTP requests in this frame

Frame: https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
Frame ID: F30A0FF38DD1BE12EEEBC11838C524DF
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 5EA2FF3561DC427D08D81465F28F0F9A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6995411933071341714
Frame ID: D2CFDD01C744533FF581A6B1F39985D2
Requests: 1 HTTP requests in this frame

Frame: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAB5v07CKWQAAFlouNuOmg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID
Frame ID: 827DE4EDFA81DC1327D7FDEB1224BFD6
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
Frame ID: E76546B738A67CAC011444E5A21CB115
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-0ea0ee20-602f-4486-8077-c2bad2c143a5-003
Frame ID: E87E3654E814DA5DE2657026533D202D
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Frame ID: 947BB0F63D8E2C5EC0DF1FDF2297D7EF
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=q2iV2DJwua4Cbk8F8XwmXTDr
Frame ID: D9B39B45D10268CA44297737040BC841
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 29684037676C2E5B1BEE268A0F992DC5
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=DSouyefzClMM&pid=557219
Frame ID: 53274F98A904060DC78F28330AB11E65
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 74EA9BC2A9097E029D973CF002BFEA21
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw%26piggybackCookie%3D%24%7BDI_USER_ID%7D&gdpr=0&gdpr_consent=
Frame ID: 87401442CCF45EA8C1FE318DE78D9B3A
Requests: 1 HTTP requests in this frame

Frame: https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=4&userId=32F0BC0C-2763-4FAF-9C87-B4A19F5371E3
Frame ID: 8C4B288F6800A42FD57224BCC343767F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • headers via /\(CloudFront\)$/i
Overall confidence: 100%
Detected patterns
  • headers via /\(CloudFront\)$/i
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Overall confidence: 100%
Detected patterns
  • script /googlesyndication\.com\//i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • script /\.quantserve\.com\/quant\.js/i
Overall confidence: 100%
Detected patterns
  • html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
  • script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

Page Statistics

344
Requests

95 %
HTTPS

29 %
IPv6

82
Domains

139
Subdomains

99
IPs

11
Countries

4337 kB
Transfer

12079 kB
Size

17
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 27
  • https://cd.connatix.com/connatix.playspace.js HTTP 302
  • https://cds.connatix.com/p/126004/connatix.playspace.dc.js
Request Chain 32
  • https://4394967.fls.doubleclick.net/activityi;src=4394967;type=wftx;cat=pc_tt0;ord=8460480683144;gtm=2wg8b0;auiddc=1047019986.1628746255;u1=U.S.%20and%20the%20World;u2=Accenture%20restores%20systems%20following%20reported%20ransomware%20attack;ps=1;~oref=https%3A%2F%2Fwww.krtv.com%2Fnews%2Fnational%2Faccenture-restores-systems-following-reported-ransomware-attack HTTP 302
  • https://4394967.fls.doubleclick.net/activityi;dc_pre=CK789M_gqvICFZPQ1QodAQwGqw;src=4394967;type=wftx;cat=pc_tt0;ord=8460480683144;gtm=2wg8b0;auiddc=1047019986.1628746255;u1=U.S.%20and%20the%20World;u2=Accenture%20restores%20systems%20following%20reported%20ransomware%20attack;ps=1;~oref=https%3A%2F%2Fwww.krtv.com%2Fnews%2Fnational%2Faccenture-restores-systems-following-reported-ransomware-attack
Request Chain 59
  • https://sb.scorecardresearch.com/b?c1=2&c2=6036471&ns__t=1628746255673&ns_c=UTF-8&cv=3.5&c8=Accenture%20restores%20systems%20following%20reported%20ransomware%20attack&c7=https%3A%2F%2Fwww.krtv.com%2Fnews%2Fnational%2Faccenture-restores-systems-following-reported-ransomware-attack&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6036471&ns__t=1628746255673&ns_c=UTF-8&cv=3.5&c8=Accenture%20restores%20systems%20following%20reported%20ransomware%20attack&c7=https%3A%2F%2Fwww.krtv.com%2Fnews%2Fnational%2Faccenture-restores-systems-following-reported-ransomware-attack&c9=
Request Chain 194
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si
Request Chain 213
  • https://sync.serverbid.com/ss/2000248.html HTTP 302
  • https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Request Chain 217
  • https://sync.serverbid.com/ss/2000248.html HTTP 302
  • https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Request Chain 221
  • https://id5-sync.com/s/441/9.gif?puid=e_a5d69ec2-5f44-4c84-b86d-bcc92c2660de&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/441/9/1.gif?puid=e_a5d69ec2-5f44-4c84-b86d-bcc92c2660de&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMO70RTxCj3h-5KTHm9aL377wUnbgDpb3l5vtVTcQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F8%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMO70RTxCj3h-5KTHm9aL377wUnbgDpb3l5vtVTcQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F8%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/cq/441/124/8/2.gif?puid=cedfd0f8-5cd2-4f98-b4a9-b62a0047b522&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY HTTP 303
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&domid=1033 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx&google_gid=CAESEDm-3ujVvzWwM4nSVRZYbP0&google_cver=1 HTTP 303
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEDm-3ujVvzWwM4nSVRZYbP0&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=7280709557202271541&opid=apx&ops=&utidl=tech:goo:CAESEDm-3ujVvzWwM4nSVRZYbP0&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 303
  • https://id5-sync.com/qp/18.gif?puid=vec%3A19794773729&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY HTTP 302
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/6/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/19/6/4.gif?puid=692ae379967479d50e535a76ae029d4b&gdpr=1&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F101%2F5%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F101%2F5%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/441/101/5/5.gif?puid=14570cc5-10d6-4205-b7c1-f36d5c658820&gdpr=1&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F108%2F4%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F108%2F4%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/108/4/6.gif?puid=503c55bd-cbe4-44eb-b954-a7638c0905bc&gdpr=1&gdpr_consent= HTTP 302
  • https://gu.dyntrk.com/adx/id5/us.php?dynk=id5&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F118%2F3%2F7.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
Request Chain 222
  • https://id5-sync.com/s/441/9.gif?puid=e_e840fc71-5321-45b7-aa8f-29f6d4e82716&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/441/9/1.gif?puid=e_e840fc71-5321-45b7-aa8f-29f6d4e82716&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOM0Ct4udViql8x_5SjSq13pSRs66x1P3GBu4oTA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F8%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOM0Ct4udViql8x_5SjSq13pSRs66x1P3GBu4oTA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F8%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/cq/441/124/8/2.gif?puid=7687bbde-459c-47ff-8157-0e8faa6f8451&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY HTTP 303
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&domid=1033 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx&google_gid=CAESEDm-3ujVvzWwM4nSVRZYbP0&google_cver=1 HTTP 303
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEDm-3ujVvzWwM4nSVRZYbP0&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=7280709557202271541&opid=apx&ops=&utidl=tech:goo:CAESEDm-3ujVvzWwM4nSVRZYbP0&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 303
  • https://id5-sync.com/qp/18.gif?puid=vec%3A19794773729&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY HTTP 302
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/6/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/6/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/19/6/4.gif?puid=692ae379967479d50e535a76ae029d4b&gdpr=1&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F101%2F5%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F101%2F5%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/441/101/5/5.gif?puid=3da05643-f3dc-428a-b528-5343108e2250&gdpr=1&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F108%2F4%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F108%2F4%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/108/4/6.gif?puid=503c55bd-cbe4-44eb-b954-a7638c0905bc&gdpr=1&gdpr_consent=
Request Chain 223
  • https://id5-sync.com/s/441/9.gif?puid=e_5dfb82c6-ff87-4d20-b127-38caf8ad5951&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/441/9/1.gif?puid=e_5dfb82c6-ff87-4d20-b127-38caf8ad5951&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOG7l8XZH2hdp_tDalfs91sIc8qjk0khMyhmrKFg&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F8%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOG7l8XZH2hdp_tDalfs91sIc8qjk0khMyhmrKFg&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F8%2F2.gif%3Fpuid%3D%7BPUB_USER_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/cq/441/124/8/2.gif?puid=cedfd0f8-5cd2-4f98-b4a9-b62a0047b522&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent= HTTP 302
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY HTTP 303
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&domid=1033 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=1033&ops=apx&google_gid=CAESEDm-3ujVvzWwM4nSVRZYbP0&google_cver=1 HTTP 303
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEDm-3ujVvzWwM4nSVRZYbP0&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 302
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=7280709557202271541&opid=apx&ops=&utidl=tech:goo:CAESEDm-3ujVvzWwM4nSVRZYbP0&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&etid=&domid=1033 HTTP 303
  • https://id5-sync.com/qp/18.gif?puid=vec%3A19794773729&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY HTTP 302
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/6/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/6/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/19/6/4.gif?puid=692ae379967479d50e535a76ae029d4b&gdpr=1&gdpr_consent= HTTP 302
  • https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F101%2F5%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F101%2F5%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D HTTP 302
  • https://id5-sync.com/c/441/101/5/5.gif?puid=46cf6519-8fd1-4a9d-a47a-b03ed1090b4f&gdpr=1&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F108%2F4%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F108%2F4%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_consent= HTTP 302
  • https://id5-sync.com/c/441/108/4/6.gif?puid=503c55bd-cbe4-44eb-b954-a7638c0905bc&gdpr=1&gdpr_consent=
Request Chain 224
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=22456114-b216-4200-9dcf-e8ea5ff4350b
Request Chain 225
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=GBkroEwaKvIDSSnyGB83okhLIq0DSy73GR8ORh6Z
Request Chain 226
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8268701735968554551
Request Chain 229
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEH_d28JKXnuN-3pbCSzians&google_cver=1
Request Chain 230
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=a8a66114-b216-4600-8eb7-d3f32f273575
Request Chain 231
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=GBkroEwaKvIDSSnyGB83okhLIq0DSy73GR8ORh6Z
Request Chain 232
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5749842285205543521
Request Chain 235
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEH_d28JKXnuN-3pbCSzians&google_cver=1
Request Chain 237
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESELHTymWOFlJ72dIr6QHGLyA&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Request Chain 238
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTIxODk1NzkzMzQ3OTEzNTI4OTM%3D
Request Chain 240
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/12189579334791352893?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-fV3Afo1E2oQrTcjix8MrhINLN.qTVGuaQzIks3n3qg--~A&dongle=0883
Request Chain 241
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=1%26gdpr_consent= HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Feb2.3lift.com%252Fxuid%253Fmid%253D3335%2526xuid%253D%2524UID%2526dongle%253D4d58%2526gdpr%3D1%2526gdpr_consent%3D HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=5217591311189622766&dongle=4d58&gdpr=1&gdpr_consent=
Request Chain 242
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=12189579334791352893 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=12189579334791352893&dcc=t
Request Chain 243
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Request Chain 247
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESELHTymWOFlJ72dIr6QHGLyA&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Request Chain 248
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTIxODk1NzkzMzQ3OTEzNTI4OTM%3D
Request Chain 250
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/12189579334791352893?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-LhVzfn9E2oSBLUWNmZMbZv5lqo43HsrU8RdknFj8vA--~A&dongle=0883
Request Chain 251
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=1%26gdpr_consent= HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Feb2.3lift.com%252Fxuid%253Fmid%253D3335%2526xuid%253D%2524UID%2526dongle%253D4d58%2526gdpr%3D1%2526gdpr_consent%3D HTTP 302
  • https://eb2.3lift.com/xuid?mid=3335&xuid=7135838635284570558&dongle=4d58&gdpr=1&gdpr_consent=
Request Chain 252
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=12189579334791352893 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=12189579334791352893&dcc=t
Request Chain 253
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Request Chain 257
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Request Chain 258
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Request Chain 260
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KS8HGUSZ-B-JYH3&sigv=1&esig=2~790cdc58fd48216ddd8209b0d903114102e8b294
Request Chain 261
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=a8a66114-b216-4600-8eb7-d3f32f273575
Request Chain 262
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZjFmODZjNjUwZDgwNzE1ZGZiNTI4OTI2OGFiZWNlZmQyNGU5NTRjMg
Request Chain 263
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1M4SEdVU1otQi1KWUgz
Request Chain 265
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/nGq6-A1jLb-jVp_dwGHZBg?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1630162021251744290
Request Chain 266
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YRSyFwADtLyELAA4 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YRSyFwADtLyELAA4&_test=YRSyFwADtLyELAA4
Request Chain 267
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17632&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Request Chain 270
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D%24%7BUID%7D HTTP 302
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=19&userId=2fafc806-b11c-499c-9823-e97ccc5873e6
Request Chain 271
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D28%26userId%3D%24UID HTTP 302
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=7280709557202271541
Request Chain 272
  • https://pixel.advertising.com/ups/56621/occ HTTP 302
  • https://pixel.advertising.com/ups/56621/occ?verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/56621/occ?apid=UP7d68f55d-fb2e-11eb-a2a4-069952163948 HTTP 302
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UP7d68f55d-fb2e-11eb-a2a4-069952163948
Request Chain 273
  • https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D&C=1 HTTP 302
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YRSyGRtJR2S6K9qnaNd5YwAA%261145
Request Chain 274
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D24%26userId%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D24%26userId%3D%24UID&sovrn_retry=true HTTP 307
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=24&userId=e2ac2ea0a6023cf1804d8a4d
Request Chain 276
  • https://e.serverbid.com/udb/9969/match?redir=https://p.adsymptotic.com/d/px/?_pid=15964%26_rand=0.7497890313207147%26_psign=7af0e337a8b79b30c2c8126809252942%26_puuid= HTTP 302
  • https://p.adsymptotic.com/d/px/ue1-sb1-1cd679e0-b266-4a2b-80db-f162c5621762
Request Chain 277
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D%24%7BUID%7D HTTP 302
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=19&userId=2fafc806-b11c-499c-9823-e97ccc5873e6
Request Chain 278
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D28%26userId%3D%24UID HTTP 302
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=7280709557202271541
Request Chain 279
  • https://pixel.advertising.com/ups/56621/occ HTTP 302
  • https://pixel.advertising.com/ups/56621/occ?verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/56621/occ?apid=UP7d691c4f-fb2e-11eb-99fb-069fb351cf48 HTTP 302
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UP7d691c4f-fb2e-11eb-99fb-069fb351cf48
Request Chain 280
  • https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D&C=1 HTTP 302
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YRSyGR0kvKzH2S5.fi9BBwAA%261137
Request Chain 281
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D24%26userId%3D%24UID HTTP 307
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D24%26userId%3D%24UID&sovrn_retry=true HTTP 307
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=24&userId=e5e998a4b6df9061af3ae0bd
Request Chain 283
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17632&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Request Chain 286
  • https://e.serverbid.com/udb/9969/match?redir=https://p.adsymptotic.com/d/px/?_pid=15964%26_rand=0.4457179237831399%26_psign=7af0e337a8b79b30c2c8126809252942%26_puuid= HTTP 302
  • https://p.adsymptotic.com/d/px/ue1-sb1-1cd679e0-b266-4a2b-80db-f162c5621762
Request Chain 300
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6995411933071341714
Request Chain 301
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCNXYwN0NLV1FBQUZsb3VOdU9tZw&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAB5v07CKWQAAFlouNuOmg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID
Request Chain 302
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
Request Chain 303
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5819635973 HTTP 302
  • https://sync.1rx.io/usersync/tradedesk/d31170c9-dbb0-4d16-ad6c-fdcb20ff1c48 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-0ea0ee20-602f-4486-8077-c2bad2c143a5-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-0ea0ee20-602f-4486-8077-c2bad2c143a5-003 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-0ea0ee20-602f-4486-8077-c2bad2c143a5-003
Request Chain 305
  • https://green.erne.co/pubmatic/cm HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=q2iV2DJwua4Cbk8F8XwmXTDr
Request Chain 307
  • https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%% HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=DSouyefzClMM&pid=557219
Request Chain 308
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 311
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=MvC8DCdjT6-ch7Shn1Nx4w%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 312
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=a8a66114-b216-4600-8eb7-d3f32f273575
Request Chain 313
  • https://pixel.onaudience.com/?partner=214&mapped=32F0BC0C-2763-4FAF-9C87-B4A19F5371E3 HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=692ae379967479d50e535a76ae029d4b HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1 HTTP 302
  • https://pixel.onaudience.com/?partner=147&mapped=d31170c9-dbb0-4d16-ad6c-fdcb20ff1c48&icm HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=749a0b42e6d35195 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=9cdf5c21-2b1e-403f-6b7a-d659d8e839f3&reqId=e4d5d1d4-d449-4975-5fdb-a8c642ed7c42&zcluid=749a0b42e6d35195&zdid=1332 HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEMSHh9yiaFGJnhT-U6mRTSA&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=9cdf5c21-2b1e-403f-6b7a-d659d8e839f3&reqId=e4d5d1d4-d449-4975-5fdb-a8c642ed7c42&zcluid=749a0b42e6d35195&zdid=1332
Request Chain 314
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MzJGMEJDMEMtMjc2My00RkFGLTlDODctQjRBMTlGNTM3MUUz&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 315
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGrnO-MNcGz2iMKsAbhrDsY&google_cver=1
Request Chain 317
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:a8a66114-b216-4600-8eb7-d3f32f273575&gdpr=0&gdpr_consent=
Request Chain 318
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8268701735968554551
Request Chain 319
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=d31170c9-dbb0-4d16-ad6c-fdcb20ff1c48
Request Chain 320
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7280709557202271541&gdpr=0&gdpr_consent=
Request Chain 322
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=32F0BC0C-2763-4FAF-9C87-B4A19F5371E3&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-E6EA00JE2uVT7j7h32akdBx4paybLNg-~A&gdpr=0&gdpr_consent=
Request Chain 323
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=pubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=1870471597376003085&expires=30&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=b1a97c2c-ece5-4c2e-9953-d3d90341f8d8&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 324
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=zhnezJoa357VSdyezh_Czp5L18HVS9ubzx_RV5bP
Request Chain 325
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2802036076063539463&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 326
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D&_test=YRSyFwADiZ7T3QAC HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YRSyFwADiZ7T3QAC&gdpr=0&gdpr_consent=&_test=YRSyFwADiZ7T3QAC
Request Chain 328
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:230cd2d3-1488-4a81-8676-8e7e0612cdd8&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 329
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Request Chain 330
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7280709557202271541
Request Chain 331
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_209115a7-4780-47b6-b5e2-fa15e7e1787f

344 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set accenture-restores-systems-following-reported-ransomware-attack
www.krtv.com/news/national/ 		235 KB
63 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.krtv.com/news/national/accenture-restores-systems-following-reported-ransomware-attack
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-66.fra2.r.cloudfront.net
Software
Apache Tomcat / Brightspot
Resource Hash
b4e3bb3288c44d1effbc6f8d234ff9254eaf981fc08a63650ea2145a0db0e3ce

Request headers

Host
www.krtv.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
text/html;charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
max-age=240
Content-Encoding
gzip
Date
Thu, 12 Aug 2021 05:30:54 GMT
Server
Apache Tomcat
Set-Cookie
JSESSIONID=3C8186E5DE25A9741B15F0DBA678D3AD; Path=/; HttpOnly
X-Powered-By
Brightspot
Vary
Accept-Encoding
X-Cache
Miss from cloudfront
Via
1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA2-C2
X-Amz-Cf-Id
LJCmQyLJ1KBUOMThFJlxvEuJJAkBGIj0GqJpwg5yfVDtbfHUwZHaHg==
All.min.d24dd0c79936bb18919e9ffa2e40e06e.gz.css
ewscripps.brightspotcdn.com/resource/0000017a-a079-deca-affa-e67d326f0000/styleguide/ 		115 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ewscripps.brightspotcdn.com/resource/0000017a-a079-deca-affa-e67d326f0000/styleguide/All.min.d24dd0c79936bb18919e9ffa2e40e06e.gz.css
Requested by
Host: www.krtv.com
URL: https://www.krtv.com/news/national/accenture-restores-systems-following-reported-ransomware-attack
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-18.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ff74753c4fc2b91dda33e4656268727e261ffe843483731e1dd652451f0657be

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 13 Jul 2021 15:25:39 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Tue, 13 Jul 2021 15:25:38 GMT
Server
AmazonS3
Age
2556317
ETag
"6ae0de3c1c51aceb2ae118ebbc85f0cf"
X-Cache
Hit from cloudfront
Content-Type
text/css
Via
1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront)
Cache-Control
public, max-age=31536000
X-Amz-Cf-Pop
FRA2-C1
Accept-Ranges
bytes
Content-Length
21404
X-Amz-Cf-Id
G1PjtHJvzGUuQeRfDknrHBsz4z5v4lEXhILaxEQCZiEfah9umdCvGA==
scsp.js
d25dfknw9ghxs6.cloudfront.net/ 		134 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Requested by
Host: www.krtv.com
URL: https://www.krtv.com/news/national/accenture-restores-systems-following-reported-ransomware-attack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2181:9c00:9:4c16:5180:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f94366efc6314725e16b4002b1e6903913b1f6d9f5757aec611205dcd0db3596

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
D6d3wRZSpYd2caAk52T_Z3UgQuNzycNf
content-encoding
gzip
last-modified
Tue, 02 Feb 2021 20:14:21 GMT
server
AmazonS3
age
81539
etag
W/"1315a3807c809bf51bb6f25ee163a270"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 11db54d41dc7b64f760df4a169363db2.cloudfront.net (CloudFront)
date
Wed, 11 Aug 2021 06:51:57 GMT
x-amz-cf-pop
MRS52-P2
x-amz-cf-id
-hq7FdiCnw4DXvfWbe5a5gJu9Gu1cHufr_VuhS_IzzVnRpDVa_gL4g==
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Requested by
Host: www.krtv.com
URL: https://www.krtv.com/news/national/accenture-restores-systems-following-reported-ransomware-attack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e45f3b0dad8aa0528790a6dd6dd2831bb8547129bd1320c10fd120118f44616
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Thu, 12 Aug 2021 05:30:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
content-md5
BC5xsXKGgJbQbCzkLNvwBQ==
age
384004
vary
Accept-Encoding
content-length
6328
x-ms-lease-status
unlocked
last-modified
Wed, 04 Aug 2021 01:49:58 GMT
server
cloudflare
etag
0x8D956EA2A6E73F4
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
c665260d-901e-001c-2bbd-8b00f1000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
67d7507ddd734c7a-AMS
tsu4adm.css
use.typekit.net/ 		18 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/tsu4adm.css
Requested by
Host: www.krtv.com
URL: https://www.krtv.com/news/national/accenture-restores-systems-following-reported-ransomware-attack
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
9592b27c145acee477908583cbdf62f5ce13238a120afaec8e6632e4678baccd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
server
nginx
date
Thu, 12 Aug 2021 05:30:55 GMT
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
1697
all.css
use.fontawesome.com/releases/v5.1.0/css/ 		45 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.1.0/css/all.css
Requested by
Host: www.krtv.com
URL: https://www.krtv.com/news/national/accenture-restores-systems-following-reported-ransomware-attack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:4e07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce91e2144ea27f82292ef2c87c5d9e1d0b9994df63836130293865aca18fc550

Request headers

Origin
https://www.krtv.com
Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 05:30:55 GMT
content-encoding
br
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2803174
access-control-allow-methods
GET
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
x-amz-request-id
C6X1S77HWAQMY4S5
x-amz-id-2
XcQl//oeWRsOt8qTBbuERdwdt+kHWhh1+cC0dxb4CzlIIevSI7uEmrqUq2z8qETLfZhNHrw3tA8=
last-modified
Wed, 30 Jun 2021 15:30:31 GMT
server
cloudflare
etag
W/"826c57385f3d35cfed5478ba7b1f5c03"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9mE1Gpu1mvqck6Lbdmjz%2BP1wnhN%2B6p2DmvER5rHYzI2CkLkWELPRCdud%2F0O7bUVNgnK7mNtGlJElLKvs%2FTyO6nJHPTwQfPvUJWbiWUazcNkOiOYoZKYb1UqLYBzSnGXYCg4WXFfCC9k8OyJ7JSpd7%2F%2Bu"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31556926
cf-ray
67d7507e68310d52-ARN
/
ewscripps.brightspotcdn.com/dims4/default/0616ec7/2147483647/strip/true/crop/489x133+0+0/resize/400x109!/quality/90/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewscripps.brightspotcdn.com/dims4/default/0616ec7/2147483647/strip/true/crop/489x133+0+0/resize/400x109!/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2Ff6%2Fae%2F44f35f7645f0af82bb673eb675fe%2Fkrtv-main-logo.png
Requested by
Host: www.krtv.com
URL: https://www.krtv.com/news/national/accenture-restores-systems-following-reported-ransomware-attack
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-18.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
90c902cc470819e7e9e454542d3bf7ce8a4ececad1943fd0f46ecf0424cd08fd

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Sun, 30 May 2021 03:01:46 GMT
Via
1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront)
Connection
keep-alive
Server
Apache
Age
6402549
ETag
9e980a95528709e08477758b78051229
X-Cache
Hit from cloudfront
Content-Type
image/png
Edge-Control
downstream-ttl=31536000
Cache-Control
max-age=31536000, public
X-Amz-Cf-Pop
FRA2-C1
X-Robots-Tag
nofollow
Content-Length
12194
X-Amz-Cf-Id
BPxmiyWhNwxfkBy4ZrZ_EQ4bM8023okFtiyMToHNtX-iOcicdAYQTQ==
Expires
Mon, 30 May 2022 03:01:46 GMT
Blank.gif
www.krtv.com/styleguide/assets/ 		57 B
473 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.krtv.com/styleguide/assets/Blank.gif
Requested by
Host: www.krtv.com
URL: https://www.krtv.com/news/national/accenture-restores-systems-following-reported-ransomware-attack
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-66.fra2.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
e4447831baf6690d632168390edfd95679cb7b5a09aec2c54d47b0a2343e54aa

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.krtv.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://www.krtv.com/news/national/accenture-restores-systems-following-reported-ransomware-attack
Cookie
JSESSIONID=3C8186E5DE25A9741B15F0DBA678D3AD
Connection
keep-alive
Referer
https://www.krtv.com/news/national/accenture-restores-systems-following-reported-ransomware-attack
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 09 Jun 2021 15:14:34 GMT
Via
1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
Connection
keep-alive
Server
Apache-Coyote/1.1
Age
5494580
X-Cache
Hit from cloudfront
Content-Type
image/gif;charset=UTF-8
Cache-Control
public, max-age=31536000
X-Amz-Cf-Pop
FRA2-C2
Content-Length
57
X-Amz-Cf-Id
5q2YL71vrW8jy5mWvl6CchvJZEq9l90lARYKjPpflFrYBXKaeZg3hA==
outbrain.js
widgets.outbrain.com/ 		183 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/outbrain.js
Requested by
Host: www.krtv.com
URL: https://www.krtv.com/news/national/accenture-restores-systems-following-reported-ransomware-attack
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
ca970a739804e821a54849f66454b2306dd35d688afafb094be7082b6c973ba1

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 05:30:55 GMT
content-encoding
gzip
last-modified
Wed, 11 Aug 2021 07:20:16 GMT
etag
W/"2dda4-l/pM8Y5TIQ+772GL8dNFCf0pmU0"
vary
Accept-Encoding
edge-cache-tag
widget-cheetah
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=14400
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
x-traceid
57f0b2547832a7bd1ef745c4baf7ba2f
timing-allow-origin
*, *
content-length
62300
expires
Thu, 12 Aug 2021 09:30:55 GMT
.skimlinks.js
s.skimresources.com/js/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://s.skimresources.com/js/.skimlinks.js
Requested by
Host: www.krtv.com
URL: https://www.krtv.com/news/national/accenture-restores-systems-following-reported-ransomware-attack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
logo-scripps.png
assets.scrippsdigital.com/cms/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.scrippsdigital.com/cms/images/logo-scripps.png
Requested by
Host: www.krtv.com
URL: https://www.krtv.com/news/national/accenture-restores-systems-following-reported-ransomware-attack
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.67 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-67.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d66c157e60a88623fc6bb87393d303096b3a2db235ad33c1cdb80ed71ee38c42

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 11 Aug 2021 22:45:00 GMT
Via
1.1 ba5b5e2e7fd98c4a472633bc4c1d4480.cloudfront.net (CloudFront)
Last-Modified
Mon, 23 Oct 2017 14:04:11 GMT
Server
AmazonS3
Age
24356
ETag
"f46791d665054bf21da09492d448e1d2"
X-Cache
Hit from cloudfront
x-amz-version-id
8lNexGmb6tKD4SPVOeXslwnzBtFWYJoV
Connection
keep-alive
x-amz-replication-status
COMPLETED
X-Amz-Cf-Pop
FRA2-C1
Accept-Ranges
bytes
Content-Type
image/png
Content-Length
3532
X-Amz-Cf-Id
nOETQDOBkXZTK_hu4mfB5Qo8gEraiaSDxqpsvbti1u-7PJCFdEJdbQ==
All.min.16f3eda5f509cd80c92941c92c424b30.gz.js
ewscripps.brightspotcdn.com/resource/0000017a-a079-deca-affa-e67d326f0000/styleguide/ 		427 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ewscripps.brightspotcdn.com/resource/0000017a-a079-deca-affa-e67d326f0000/styleguide/All.min.16f3eda5f509cd80c92941c92c424b30.gz.js
Requested by
Host: www.krtv.com
URL: https://www.krtv.com/news/national/accenture-restores-systems-following-reported-ransomware-attack
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-18.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
08fcdd6f9b764f048f0e87f97e3d752ad6be37290960cd8982d023f258daf343

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Tue, 13 Jul 2021 15:25:39 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Tue, 13 Jul 2021 15:25:38 GMT
Server
AmazonS3
Age
2556317
ETag
"2803445d1e55d79c134cd282fb760c51"
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Via
1.1 172e63b20fb363ed969de28ae3937e21.cloudfront.net (CloudFront)
Cache-Control
public, max-age=31536000
X-Amz-Cf-Pop
FRA2-C1
Accept-Ranges
bytes
Content-Length
100987
X-Amz-Cf-Id
DO-BQwHePf_OnxHCVgSUUmUCMPsMCjjlH3xQu0yk-OStP-fM_I97ZQ==
gtm.js
www.googletagmanager.com/ 		132 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-M3XW6HF
Requested by
Host: www.krtv.com
URL: https://www.krtv.com/news/national/accenture-restores-systems-following-reported-ransomware-attack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
dc127490c65389fe71cc9a2dc9d694692d50ef2389143b6eca3ad6e3223ede4a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 05:30:55 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42319
x-xss-protection
0
last-modified
Thu, 12 Aug 2021 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 12 Aug 2021 05:30:55 GMT
ff983cd0-6c28-474c-9cc4-7a5281d11e05.js
d2s8wlbatk24s7.cloudfront.net/service/js/ 		45 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d2s8wlbatk24s7.cloudfront.net/service/js/ff983cd0-6c28-474c-9cc4-7a5281d11e05.js
Requested by
Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:3e00:d:77c3:2dc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
8aa51a5c311e967514749fe34ba1463f33792a7115be91cc4a7c351d9582f220

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 02:22:44 GMT
content-encoding
gzip
server
nginx/1.10.3 (Ubuntu)
age
11291
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
14400
cache-control
public, max-age=14400
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA2-C2
access-control-allow-headers
*
x-amz-cf-id
VEDvHiLArCoTVUi697_fdjsYJhgoEpuHrUkl0V0_P0OYWD2lWFsgmw==
via
1.1 2b2e2811e641703aebf776da39317b9c.cloudfront.net (CloudFront)
000000.json
cdn.cookielaw.org/consent/000000/ 		215 B
397 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.cookielaw.org/consent/000000/000000.json
Requested by
Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:9440 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b2ea528c721f576ba4e001b5052a7d85e3baf21554eb6a7200aa613fa1823ccd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 05:30:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
age
380712
vary
Accept-Encoding
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/xml
access-control-allow-origin
*
x-ms-request-id
fd91feda-101e-016f-4ec4-8b3667000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=86400
x-ms-version
2009-09-19
cf-ray
67d7507f4ef37251-AMS
yi.js
sejs.moatads.com/crackedscrippsdfpprebidheader262014341684/ 		211 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sejs.moatads.com/crackedscrippsdfpprebidheader262014341684/yi.js
Requested by
Host: www.krtv.com
URL: https://www.krtv.com/news/national/accenture-restores-systems-following-reported-ransomware-attack
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
5677aa88ac39e3584fb6d8065b625efb3b02ef3b177ac08b7d33754566c90878

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 12 Aug 2021 05:30:55 GMT
Content-Encoding
gzip
Server
AmazonS3
x-amz-request-id
F8EWA024Q0JTT7JF
ETag
"e4fadf5e4fbd1cb88cd39f45321dfa50"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=7686
Transfer-Encoding
chunked
Connection
keep-alive, Transfer-Encoding
x-amz-id-2
yLnC17EgIu2IbTGLil2XnKqlGEUyGAl/gt5ZvoUS0BK1GGt22dI2yw+QPWPkoQYZU9MAH5ESBHo=
apstag.js
c.amazon-adsystem.com/aax2/ 		123 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.krtv.com
URL: https://www.krtv.com/news/national/accenture-restores-systems-following-reported-ransomware-attack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.44.170 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-44-170.mrs52.r.cloudfront.net
Software
Server /
Resource Hash
e7a1375f883984026b922acfbe7cbc0bd02effdbfbfdde9354922a6055502624

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
cdBhoWYDE8U.miXtMaq72_QdUztpgDZw
content-encoding
gzip
etag
f8520ea4ebd91256d6b4f461d472242a
age
246
x-cache
Hit from cloudfront
server
Server
x-amz-rid
1BNPRKQSE8XH5XFMD48W
date
Thu, 12 Aug 2021 05:26:49 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 4d1daf728c8f336e79bd83ec18bb8cb0.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
MRS52-P1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
mm3JdNQW7I7WL-EF50eenqTkWLDpEFae7VlCLNNy9akXqRhlLgp7uw==
bidexchange.js
contextual.media.net/ 		407 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/bidexchange.js?cid=8CU6Q6626&dn=www.krtv.com&version=4.1&https=1
Requested by
Host: www.krtv.com
URL: https://www.krtv.com/news/national/accenture-restores-systems-following-reported-ransomware-attack
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
2b3b50b597de335d60cf0e350ba8c9dcf253e46802253d0f8be115a32dff0408
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
server
Apache
date
Thu, 12 Aug 2021 05:30:56 GMT
vary
Accept-Encoding
x-mnet-h
E
content-type
text/javascript; charset=utf-8
cache-control
max-age=1800
expires
Thu, 12 Aug 2021 06:00:56 GMT
5776_Scripps_Local_Stations.js
ads.rubiconproject.com/prebid/ 		538 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Requested by
Host: www.krtv.com
URL: https://www.krtv.com/news/national/accenture-restores-systems-following-reported-ransomware-attack
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.19.35.65 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-35-65.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
2b55d3dd1d2068b741f65d275b9824b39528bfebb1e20ba4892a0a5c61d110e9

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 12 Aug 2021 05:30:55 GMT
Content-Encoding
gzip
Last-Modified
Wed, 28 Jul 2021 20:35:27 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=8379
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
109667
Expires
Thu, 12 Aug 2021 07:50:34 GMT
p.css
p.typekit.net/ 		5 B
162 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p.typekit.net/p.css?s=1&k=tsu4adm&ht=tk&f=137.138.139.140.169.170.171.172.175.176.141.142.143.144.147.148.151.152.153.154.155.156.157.160.161.162.165.166.167.168&a=15199297&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/tsu4adm.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:2ae::19fd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Referer
https://use.typekit.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 05:30:55 GMT
last-modified
Thu, 05 Nov 2020 13:49:42 GMT
server
nginx
etag
"5fa402f6-5"
content-type
text/css
access-control-allow-origin
*
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.krtv.com
URL: https://www.krtv.com/news/national/accenture-restores-systems-following-reported-ransomware-attack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f045:10:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
665af9ef2ede0924b37aaed3dd3a36b04fc5d2c9b5e933299ae2a29ed27d9155
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
N26vT4HhZLLMaMe31N9oKw==
cross-origin-resource-policy
cross-origin
expires
Thu, 12 Aug 2021 05:33:31 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
1687
x-fb-rlafr
0
x-fb-debug
MSe/bHnnQO60q8hAFnkpKhaBMviuZF3lX/60ZNT8q7i+w6HzF/DcvaNiwtMdfXzaynSnHl6oLmmXbbIAVEGclw==
x-fb-trip-id
1709462857
x-fb-content-md5
9f482e0ed8440916656e4877a98bfb4d
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coop_report"
date
Thu, 12 Aug 2021 05:30:55 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"e6f55f6cdd76d805072cfe1c794441f1"
timing-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
fa-solid-900.woff2
use.fontawesome.com/releases/v5.1.0/webfonts/ 		58 KB
59 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.1.0/webfonts/fa-solid-900.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.1.0/css/all.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:4e07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a83079124373d924ad1402fbc08d2e24d0043234d4c26565f1c368745f55f5d9

Request headers

Origin
https://www.krtv.com
Referer
https://use.fontawesome.com/releases/v5.1.0/css/all.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 05:30:55 GMT
access-control-allow-methods
GET
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1935
cf-ray
67d7507fdbf30d52-ARN
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
59572
x-amz-id-2
u/isRoKPBRzRNlip8CgLzg8GqEZu6w5p6mMuJwqq+7eAHLVCFm4oXr5YVDjnL3fUktqI5CrDVZ8=
last-modified
Wed, 30 Jun 2021 15:30:49 GMT
server
cloudflare
etag
"18d2347ab2a9f40ca2247cdb03303d84"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lc2wUaPQNoMZW0ehphaJH4dV3mDPhd8Kq1EsbTAwX6%2BWXZAU%2Ft01DzCV9dWLrXZOf%2B0LaJ8trM%2B5wQHykkm7h2lB1xUV%2Ba5mqHFgUDJ8WeZGKjLQATWQuzsQ9%2BNTjRQ89edym1ohO%2Bsd9rpVcRst6X7T"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
HWJ1PYHHHVTMVFN1
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
content-type
font/woff2
l
use.typekit.net/af/d45b9a/000000000000000077359577/30/ 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/d45b9a/000000000000000077359577/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/tsu4adm.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
e75d314fab0c1fb09c90b1ee7051ca57bd554017c874d96d113356b28ba57928

Request headers

Origin
https://www.krtv.com
Referer
https://use.typekit.net/tsu4adm.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 05:30:55 GMT
server
nginx
etag
"f806d2fcac6bea1cced8320378bba8659e3a95e8"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
33364
l
use.typekit.net/af/199a3f/00000000000000007735955e/30/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/199a3f/00000000000000007735955e/30/l?subset_id=2&fvd=n8&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/tsu4adm.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
c105e92e6d74d51c6452e1a43eebcfc303d88f98aed8c41c8c63b26f5793adca

Request headers

Origin
https://www.krtv.com
Referer
https://use.typekit.net/tsu4adm.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 05:30:55 GMT
server
nginx
etag
"4d63fb8d8caf8ff8476cf83b11ee093a28942062"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
20160
l
use.typekit.net/af/98e3f6/000000000000000077359562/30/ 		33 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/98e3f6/000000000000000077359562/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/tsu4adm.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
2418ec657ce8bb25dee8ddb0ac29cb2379a43b4f115b653ef974d3c9fc52e649

Request headers

Origin
https://www.krtv.com
Referer
https://use.typekit.net/tsu4adm.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 05:30:55 GMT
server
nginx
etag
"27cd5d037b3d5bcc152de6c7fe0aa3098a381c24"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
34152
fa-brands-400.woff2
use.fontawesome.com/releases/v5.1.0/webfonts/ 		62 KB
63 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.1.0/webfonts/fa-brands-400.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.1.0/css/all.css
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:4e07 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62b5e7ae9e2ed60dcd7cb2e0823dd0884575f2176aff629f2df1e912dfae20e1

Request headers

Origin
https://www.krtv.com
Referer
https://use.fontawesome.com/releases/v5.1.0/css/all.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 05:30:55 GMT
access-control-allow-methods
GET
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1935
cf-ray
67d7507fdbf80d52-ARN
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length
63376
x-amz-id-2
fSO+Bv2nSvOzuqJLNDsJGHVbG05xr154MARZO0k7TSZyCV7vbwNhdoemDGetSfgrBAE5OEUajVE=
last-modified
Wed, 30 Jun 2021 15:30:49 GMT
server
cloudflare
etag
"f319eac1c755f9929fd856720ce1695e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age
3000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j%2B1ksC%2BQuaOemfG5vXvn1JVkmjT4tdSfyRHZ4lgLkBhKkO%2BKHLJKZKl1MuyWV5XH98HmDDbmFG%2BAw4dTqTbC%2Bpd9Pmj4sPho2ji8qFJYom7RS8VqxTG0PA2DPbDu2jakEYSZSw5ukDe1B9V%2FgeNX9IWb"}],"group":"cf-nel","max_age":604800}
x-amz-request-id
HWJCD9966GNDW07H
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
content-type
font/woff2
l
use.typekit.net/af/6cc429/00000000000000007735957a/30/ 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/6cc429/00000000000000007735957a/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i4&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/tsu4adm.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
b0e29423b61fdebc4ed8d19a3d8c453ba15c15e6179d55b70a2770b2ddfabeda

Request headers

Origin
https://www.krtv.com
Referer
https://use.typekit.net/tsu4adm.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 05:30:55 GMT
server
nginx
etag
"e32f2e1468d1ab6c324774fe08a8c96298c1ca86"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
35428
p.js
cdn.parsely.com/keys/krtv.com/ 		66 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.parsely.com/keys/krtv.com/p.js
Requested by
Host: www.krtv.com
URL: https://www.krtv.com/news/national/accenture-restores-systems-following-reported-ransomware-attack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.254.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-254-59.mrs52.r.cloudfront.net
Software
nginx /
Resource Hash
54a0343a97a9a8aa61a47abc9a313208d2e46da82c1c367e7d3a58d7c29b1f30

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Thu, 12 Aug 2021 05:30:55 GMT
content-encoding
gzip
last-modified
Tue, 02 Feb 2021 21:20:35 GMT
server
nginx
x-amz-cf-pop
MRS52-P2
etag
W/"6019c223-1070d"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 e0bdf334d52930321c517cf8d37af32e.cloudfront.net (CloudFront)
cache-control
max-age=86400, public
x-amz-cf-id
Zt1CUlRDl5SHdA4wueuqx2S1khuSLo_p5CZq6tumWr0Y58C1IbWAXQ==
expires
Fri, 13 Aug 2021 02:51:44 GMT
connatix.playspace.dc.js
cds.connatix.com/p/126004/ Frame B15F
Redirect Chain
  • https://cd.connatix.com/connatix.playspace.js
  • https://cds.connatix.com/p/126004/connatix.playspace.dc.js
1 MB
233 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/126004/connatix.playspace.dc.js
Requested by
Host: www.krtv.com
URL: https://www.krtv.com/news/national/accenture-restores-systems-following-reported-ransomware-attack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.14.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7e394b958e395a75d071e997ea19587d9f3c795189f10ea59ac145af052039ba

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 05:30:55 GMT
content-encoding
br
last-modified
Mon, 09 Aug 2021 18:27:54 GMT
age
161083
etag
"72ae6fd0c0d1f5064599b5340fe438e7"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate= 31557600, immutable,max-age=31557600
accept-ranges
bytes
content-length
238672

Redirect headers

location
https://cds.connatix.com/p/126004/connatix.playspace.dc.js
date
Thu, 12 Aug 2021 05:30:55 GMT
cache-control
no-cache, no-store, must-revalidate, max-age=0
age
0
accept-ranges
bytes
content-length
0
retry-after
0
/
ewscripps.brightspotcdn.com/dims4/default/f201dca/2147483647/strip/true/crop/6720x3780+0+350/resize/1280x720!/quality/90/ 		113 KB
113 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewscripps.brightspotcdn.com/dims4/default/f201dca/2147483647/strip/true/crop/6720x3780+0+350/resize/1280x720!/quality/90/?url=https%3A%2F%2Fewscripps.brightspotcdn.com%2Fe5%2Ff7%2F42baa3f7459188609cbff0a0f941%2Fap21183856825157.jpg
Requested by
Host: www.krtv.com
URL: https://www.krtv.com/news/national/accenture-restores-systems-following-reported-ransomware-attack
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-18.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
59dbf94902b840941928e4a105a7735cf7004fede4db8d8f05ddaad42fb9bdbf

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 11 Aug 2021 20:24:45 GMT
Via
1.1 172e63b20fb363ed969de28ae3937e21.cloudfront.net (CloudFront)
Connection
keep-alive
Server
Apache
Age
32770
ETag
1f16fffcb62151c1ac26696edae37a3a
X-Cache
Hit from cloudfront
Content-Type
image/jpeg
Edge-Control
downstream-ttl=31536000
Cache-Control
max-age=31536000, public
X-Amz-Cf-Pop
FRA2-C1
X-Robots-Tag
nofollow
Content-Length
115423
X-Amz-Cf-Id
88b7q6WA5Ou5JgFuCNOQJr7GAIrjE-ZS7MNeTEc5T9hZ-AFUx1kN2A==
Expires
Thu, 11 Aug 2022 20:24:45 GMT
/
ewscripps.brightspotcdn.com/dims4/default/6b2e69d/2147483647/strip/true/crop/480x360+0+0/resize/480x360!/quality/90/ 		188 KB
188 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ewscripps.brightspotcdn.com/dims4/default/6b2e69d/2147483647/strip/true/crop/480x360+0+0/resize/480x360!/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2F41%2F31%2F0ea9ef674896849b2d0a0665ca97%2Fkrtvott-480x360.png
Requested by
Host: www.krtv.com
URL: https://www.krtv.com/news/national/accenture-restores-systems-following-reported-ransomware-attack
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-18.fra2.r.cloudfront.net
Software
Apache /
Resource Hash
bb052f15833736c0fa25ff211b6059c74d575ad96edadfd8ab81e9bf45abafaa

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 01 Jul 2021 14:31:05 GMT
Via
1.1 adb1b226e6965f6206603ba087bd4a0a.cloudfront.net (CloudFront)
Connection
keep-alive
Server
Apache
Age
3596390
ETag
94a7f8b65bad281cd91b671fdb12fe7b
X-Cache
Hit from cloudfront
Content-Type
image/png
Edge-Control
downstream-ttl=31536000
Cache-Control
max-age=31536000, public
X-Amz-Cf-Pop
FRA2-C1
X-Robots-Tag
nofollow
Content-Length
192111
X-Amz-Cf-Id
J8vXlICgn9PeSdxu6YHCc7VbsWYbfFsPuQZqJEwpMOIAa7zAKFomfQ==
Expires
Fri, 01 Jul 2022 14:31:05 GMT
sdk.js
connect.facebook.net/en_US/ 		230 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=2ece56952e597a74e7405e7cf7099970
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f045:10:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ce3a22a2879492cce202147e0b9c804168cfca918f0e22c56f698a2ae86fc6f4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Origin
https://www.krtv.com
Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
OHIrp6of3450cX8JQFBP7A==
cross-origin-resource-policy
cross-origin
expires
Fri, 12 Aug 2022 04:33:58 GMT
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
68274
x-fb-rlafr
0
x-fb-debug
PXPDpfIDkn4Wcv4SZdTZ9cxPwDHxfS14pOB7h9DoYGw0sqCA7/oZ1Lo2D3PY3qGkABnDHeHx76lNt3divy53UQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coop_report"
x-fb-content-md5
e5bc7b6ddddcbf7650177fa987ce65c9
cross-origin-opener-policy
same-origin-allow-popups
date
Thu, 12 Aug 2021 05:30:55 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"acb6c4c243ec155b8ac4ee4fb4187d6f"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
analytics.js
www.google-analytics.com/ 		48 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M3XW6HF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 13 Jul 2021 18:24:06 GMT
server
Golfe2
age
1034
date
Thu, 12 Aug 2021 05:13:41 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19672
expires
Thu, 12 Aug 2021 07:13:41 GMT
activityi;dc_pre=CK789M_gqvICFZPQ1QodAQwGqw;src=4394967;type=wftx;cat=pc_tt0;ord=8460480683144;gtm=2wg8b0;auiddc=1047019986.1628746255;u1=U.S.%20and%20the%20World;u2=Accenture%20restores%20systems%...
4394967.fls.doubleclick.net/ Frame 844C
Redirect Chain
  • https://4394967.fls.doubleclick.net/activityi;src=4394967;type=wftx;cat=pc_tt0;ord=8460480683144;gtm=2wg8b0;auiddc=1047019986.1628746255;u1=U.S.%20and%20the%20World;u2=Accenture%20restores%20system...
  • https://4394967.fls.doubleclick.net/activityi;dc_pre=CK789M_gqvICFZPQ1QodAQwGqw;src=4394967;type=wftx;cat=pc_tt0;ord=8460480683144;gtm=2wg8b0;auiddc=1047019986.1628746255;u1=U.S.%20and%20the%20Worl...
668 B
507 B 		Document
General
Check archive.org
Download Go to
Full URL
https://4394967.fls.doubleclick.net/activityi;dc_pre=CK789M_gqvICFZPQ1QodAQwGqw;src=4394967;type=wftx;cat=pc_tt0;ord=8460480683144;gtm=2wg8b0;auiddc=1047019986.1628746255;u1=U.S.%20and%20the%20World;u2=Accenture%20restores%20systems%20following%20reported%20ransomware%20attack;ps=1;~oref=https%3A%2F%2Fwww.krtv.com%2Fnews%2Fnational%2Faccenture-restores-systems-following-reported-ransomware-attack?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M3XW6HF
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
142.250.181.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f6.1e100.net
Software
cafe /
Resource Hash
5c41ce85ab80f4262a27a648688e43af509e8a17dcec23f43afd61d2df3bcda4
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
4394967.fls.doubleclick.net
:scheme
https
:path
/activityi;dc_pre=CK789M_gqvICFZPQ1QodAQwGqw;src=4394967;type=wftx;cat=pc_tt0;ord=8460480683144;gtm=2wg8b0;auiddc=1047019986.1628746255;u1=U.S.%20and%20the%20World;u2=Accenture%20restores%20systems%20following%20reported%20ransomware%20attack;ps=1;~oref=https%3A%2F%2Fwww.krtv.com%2Fnews%2Fnational%2Faccenture-restores-systems-following-reported-ransomware-attack?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.krtv.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
about:blank

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Thu, 12 Aug 2021 05:30:55 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
strict-transport-security
max-age=21600
content-type
text/html; charset=UTF-8
pragma
no-cache
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
482
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Thu, 12-Aug-2021 05:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Thu, 12 Aug 2021 05:30:55 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
follow-only-when-prerender-shown
1
strict-transport-security
max-age=21600
location
https://4394967.fls.doubleclick.net/activityi;dc_pre=CK789M_gqvICFZPQ1QodAQwGqw;src=4394967;type=wftx;cat=pc_tt0;ord=8460480683144;gtm=2wg8b0;auiddc=1047019986.1628746255;u1=U.S.%20and%20the%20World;u2=Accenture%20restores%20systems%20following%20reported%20ransomware%20attack;ps=1;~oref=https%3A%2F%2Fwww.krtv.com%2Fnews%2Fnational%2Faccenture-restores-systems-following-reported-ransomware-attack?
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
beacon.js
sb.scorecardresearch.com/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: www.krtv.com
URL: https://www.krtv.com/news/national/accenture-restores-systems-following-reported-ransomware-attack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.73.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 05:24:11 GMT
via
1.1 e328b143eb69c36369a2def78300d502.cloudfront.net (CloudFront)
etag
"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
713
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
AMS1-C1
accept-ranges
bytes
content-length
1469
x-amz-cf-id
FNbCojBbw6XZHukCQV107CevtPcgj3nYgLh6zXWaBnNzKFYmjrxckg==
quant.js
secure.quantserve.com/ 		24 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: www.krtv.com
URL: https://www.krtv.com/news/national/accenture-restores-systems-following-reported-ransomware-attack
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
95b17ad661699c049d42195b8ccd1d855045a1fcfbd20d8609a6d87fa5703810

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 05:30:55 GMT
content-encoding
gzip
etag
"lp772EpWKwf8Kq7YKMhbuw=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
expires
Thu, 19 Aug 2021 05:30:55 GMT
activityi;register_conversion=1;src=4394967;type=wftx;cat=pc_tt0;ord=8460480683144;gtm=2wg8b0;auiddc=1047019986.1628746255;u1=U.S.%20and%20the%20World;u2=Accenture%20restores%20systems%20following%...
4394967.fls.doubleclick.net/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://4394967.fls.doubleclick.net/activityi;register_conversion=1;src=4394967;type=wftx;cat=pc_tt0;ord=8460480683144;gtm=2wg8b0;auiddc=1047019986.1628746255;u1=U.S.%20and%20the%20World;u2=Accenture%20restores%20systems%20following%20reported%20ransomware%20attack;ps=1;~oref=https%3A%2F%2Fwww.krtv.com%2Fnews%2Fnational%2Faccenture-restores-systems-following-reported-ransomware-attack?
Requested by
Host: www.krtv.com
URL: https://www.krtv.com/news/national/accenture-restores-systems-following-reported-ransomware-attack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.230 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f6.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
load_tags.js
pymx5.com/scripts/ 		9 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pymx5.com/scripts/load_tags.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M3XW6HF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.203.93 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
93.203.227.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
492f490d3a8cae053f8ab9f525210cfcd792987a02d65783aa81ce4edf926fa2

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 04:39:22 GMT
age
3093
x-guploader-uploadid
ADPycdtbjoKPoFw-gJ8_fRJ3FsoBybvplQTuqGinoQbD-uxOf6wnzmmv0oZ1k_q26gOG0kiqfuYbGBVLn4E37V_TNSKylKKEOw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
clear
content-length
8946
last-modified
Mon, 30 Nov 2020 10:13:10 GMT
server
UploadServer
etag
"f6b06694767e707999eecbe9538b403a"
x-goog-hash
crc32c=xz4nKQ==, md5=9rBmlHZ+cHmZ7svpU4tAOg==
x-goog-generation
1606731190093338
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
8946
accept-ranges
bytes
content-type
application/javascript
expires
Thu, 12 Aug 2021 05:39:22 GMT
linkid.js
www.google-analytics.com/plugins/ua/ 		2 KB
882 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 05:00:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
age
1805
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
859
x-xss-protection
0
expires
Thu, 12 Aug 2021 06:00:50 GMT
config
c.amazon-adsystem.com/cdn/prod/ 		0
302 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=3295&u=https%3A%2F%2Fwww.krtv.com%2Fnews%2Fnational%2Faccenture-restores-systems-following-reported-ransomware-attack
Requested by
Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.44.170 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-44-170.mrs52.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 05:30:55 GMT
via
1.1 4d1daf728c8f336e79bd83ec18bb8cb0.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
MRS52-P1
x-cache
Miss from cloudfront
access-control-allow-origin
https://www.krtv.com
cache-control
max-age=86087, s-maxage=86400
access-control-allow-credentials
true
x-amz-cf-id
JNeaEHlN0_CIQqK2FMW0jZa7BwZNdY1wADZQSqYcgBhJoA8EHXMB5g==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.44.170 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-44-170.mrs52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
UwMoja_wiYmXZ_L.v58hX8_8XzeYFzV9
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
x-amz-cf-pop
MRS52-P1
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Thu, 01 Jul 2021 22:05:10 GMT
server
AmazonS3
date
Thu, 12 Aug 2021 05:30:55 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 70c565ac15f71f0aa26aecd3763d4108.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-id
Lqg2NCBPPjSxHyeA7-iYvkrWP53ebXfyfrjIhgzSBn4fxbHfCyKr5g==
collect
stats.g.doubleclick.net/j/ 		1 B
85 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-10036014-7&cid=1106780276.1628746255&jid=1429372781&gjid=1946537468&_gid=1564097119.1628746255&_u=aGBAgAAjAAAAAE~&z=1997651627
Requested by
Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 12 Aug 2021 05:30:55 GMT
content-type
text/plain
access-control-allow-origin
https://www.krtv.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
67 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-40066851-1&cid=1106780276.1628746255&jid=2027750223&gjid=1868557664&_gid=1564097119.1628746255&_u=aGDAiAAjBAAAAE~&z=1832892149
Requested by
Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 12 Aug 2021 05:30:55 GMT
content-type
text/plain
access-control-allow-origin
https://www.krtv.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
67 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j92&tid=UA-29521121-4&cid=1106780276.1628746255&jid=938736000&gjid=465479790&_gid=1564097119.1628746255&_u=aGDAiAAjBAAAAE~&z=521179750
Requested by
Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c1b::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 12 Aug 2021 05:30:55 GMT
content-type
text/plain
access-control-allow-origin
https://www.krtv.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j92&a=341697297&t=pageview&_s=1&dl=https%3A%2F%2Fwww.krtv.com%2Fnews%2Fnational%2Faccenture-restores-systems-following-reported-ransomware-attack&ul=en-us&de=UTF-8&dt=Accenture%20restores%20systems%20following%20reported%20ransomware%20attack&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgAAj~&jid=1429372781&gjid=1946537468&cid=1106780276.1628746255&tid=UA-10036014-7&_gid=1564097119.1628746255&gtm=2wg8b0M3XW6HF&cd20=2039&cd21=Scripps%20National&cd22=&cd23=U.S.%20and%20the%20World&cd24=U.S.%20and%20the%20World&cd25=false&cd26=&cd30=&cd31=true&cd34=false&z=1315147770
Requested by
Host: www.krtv.com
URL: https://www.krtv.com/news/national/accenture-restores-systems-following-reported-ransomware-attack
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Aug 2021 18:52:00 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
38335
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j92&a=341697297&t=pageview&_s=1&dl=https%3A%2F%2Fwww.krtv.com%2Fnews%2Fnational%2Faccenture-restores-systems-following-reported-ransomware-attack&ul=en-us&de=UTF-8&dt=Accenture%20restores%20systems%20following%20reported%20ransomware%20attack&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAiAAjBAAAAE~&jid=2027750223&gjid=1868557664&cid=1106780276.1628746255&tid=UA-40066851-1&_gid=1564097119.1628746255&gtm=2wg8b0M3XW6HF&cd20=2039&cd21=Scripps%20National&cd22=&cd23=U.S.%20and%20the%20World&cd24=U.S.%20and%20the%20World&cd25=false&cd26=&cd30=&cd31=true&cd34=false&z=180823476
Requested by
Host: www.krtv.com
URL: https://www.krtv.com/news/national/accenture-restores-systems-following-reported-ransomware-attack
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Aug 2021 18:52:00 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
38335
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j92&a=341697297&t=pageview&_s=1&dl=https%3A%2F%2Fwww.krtv.com%2Fnews%2Fnational%2Faccenture-restores-systems-following-reported-ransomware-attack&ul=en-us&de=UTF-8&dt=Accenture%20restores%20systems%20following%20reported%20ransomware%20attack&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAiAAjBAAAAE~&jid=938736000&gjid=465479790&cid=1106780276.1628746255&tid=UA-29521121-4&_gid=1564097119.1628746255&gtm=2wg8b0M3XW6HF&cd20=2039&cd21=Scripps%20National&cd22=&cd23=U.S.%20and%20the%20World&cd24=U.S.%20and%20the%20World&cd25=false&cd26=&cd30=&cd31=true&z=1672938076
Requested by
Host: www.krtv.com
URL: https://www.krtv.com/news/national/accenture-restores-systems-following-reported-ransomware-attack
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Aug 2021 18:52:00 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
38335
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
rules-p-cfh7-Kj7hw4Cs.js
rules.quantcount.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-cfh7-Kj7hw4Cs.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:f200:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f2dcd9cd8327f9a74903074baf5a2af793df8d8a706c220e2ab4516e775596eb

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 04:41:40 GMT
content-encoding
gzip
age
2998
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
last-modified
Wed, 30 Aug 2017 16:19:22 GMT
server
AmazonS3
etag
W/"021b7e04f30cea21812673c831b1b679"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 3ffec0ecfde687fb371812ad42f5cfc2.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
AMS1-C1
x-amz-cf-id
3LKl-wb5e3yp-Ou3Whm5oM_hAtv-WmLAO21WaSbq1J975HyEyQVncA==
put.html
widgets.outbrain.com/nanoWidget/externals/cookie/ Frame 735F 		416 B
798 B 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
4f3b933077b738b503f7543ffc82fa0a061f0fe7d0ff1470865fde561a324bcc

Request headers

:method
GET
:authority
widgets.outbrain.com
:scheme
https
:path
/nanoWidget/externals/cookie/put.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.krtv.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.krtv.com/

Response headers

accept-ranges
bytes
content-type
text/html
etag
"c0311cf15c21ddda054005e92fad3f9e:1628667696.08352"
last-modified
Wed, 11 Aug 2021 07:19:55 GMT
server
AkamaiNetStorage
content-length
416
cache-control
max-age=345600
date
Thu, 12 Aug 2021 05:30:55 GMT
timing-allow-origin
* *
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
set-cookie
akacd_widgets_routing=1628746255~rv=48~id=295674b61a97f5b3f4386eae4574ec00; path=/; Expires=Thu, 12 Aug 2021 05:30:55 GMT; Secure; SameSite=None
d3d3LmtydHYuY29t
tcheck.outbrainimg.com/tcheck/check/ 		15 B
462 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tcheck.outbrainimg.com/tcheck/check/d3d3LmtydHYuY29t
Requested by
Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-28.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 12 Aug 2021 05:30:55 GMT
ETag
W/"f-ayLlCL3PuzXSThdu78iReSEjl6Y"
Access-Control-Max-Age
43200
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=26870
Access-Control-Allow-Credentials
false
Connection
keep-alive
X-TraceId
56a296f26e2d053b26137d69c8c3fbbb
Content-Length
15
Expires
Thu, 12 Aug 2021 12:58:45 GMT
/
api.ewscloud.com/prod/scheduler/v1/com.krtv/schedules/current/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.ewscloud.com/prod/scheduler/v1/com.krtv/schedules/current/?type=web
Protocol
H2
Server
52.84.45.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-45-26.mrs52.r.cloudfront.net
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
GET
Access-Control-Request-Headers
authorization
Origin
https://www.krtv.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

content-type
application/json
content-length
0
date
Thu, 12 Aug 2021 05:30:55 GMT
x-amzn-requestid
6b41c07a-38fa-4ec3-9cc0-cb7afc3bb70c
access-control-allow-origin
*
access-control-allow-headers
Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
x-amz-apigw-id
D8DChHJzIAMFUiA=
access-control-allow-methods
GET,OPTIONS
x-amzn-trace-id
Root=1-6114b20f-0672cae04ce6fcc004aec02f
x-cache
Miss from cloudfront
via
1.1 54ba4737103cb6263e414e602fbbe752.cloudfront.net (CloudFront)
x-amz-cf-pop
MRS52-P1
x-amz-cf-id
QmKTHjO0dlkdWEEuiUBOmBl4n8nsctUuN4cjttwX14L7yZkOr9JTkQ==
Cookie set weather
www.krtv.com/ 		70 KB
70 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.krtv.com/weather?_renderer=json
Requested by
Host: ewscripps.brightspotcdn.com
URL: https://ewscripps.brightspotcdn.com/resource/0000017a-a079-deca-affa-e67d326f0000/styleguide/All.min.16f3eda5f509cd80c92941c92c424b30.gz.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-66.fra2.r.cloudfront.net
Software
Apache Tomcat / Brightspot
Resource Hash
df5d11692cde87d55a9418a593b1c7e5f28e0956a883f3f9fa89c481c0d3a934

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.krtv.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
empty
Referer
https://www.krtv.com/news/national/accenture-restores-systems-following-reported-ransomware-attack
Cookie
JSESSIONID=3C8186E5DE25A9741B15F0DBA678D3AD; _gcl_au=1.1.1047019986.1628746255; _ga=GA1.2.1106780276.1628746255; _gid=GA1.2.1564097119.1628746255; _dc_gtm_UA-10036014-7=1; _dc_gtm_UA-40066851-1=1; _dc_gtm_UA-29521121-4=1
Connection
keep-alive
Referer
https://www.krtv.com/news/national/accenture-restores-systems-following-reported-ransomware-attack
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 12 Aug 2021 05:28:07 GMT
Via
1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
Server
Apache Tomcat
Cache-Control
max-age=240
Age
167
X-Powered-By
Brightspot
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Content-Type
application/json;charset=UTF-8
Set-Cookie
JSESSIONID=8D1719116DBA77150A220249F7698707; Path=/; HttpOnly
Connection
keep-alive
X-Amz-Cf-Pop
FRA2-C2
X-Robots-Tag
nofollow
X-Amz-Cf-Id
-dQdhpJfW3DdbGjDXhBHo7UpjOqrIoaLT-EVf5nCV7fApjGMG8k6ZA==
Cookie set breaking-news-alerts
www.krtv.com/ 		63 KB
63 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.krtv.com/breaking-news-alerts?_renderer=json
Requested by
Host: ewscripps.brightspotcdn.com
URL: https://ewscripps.brightspotcdn.com/resource/0000017a-a079-deca-affa-e67d326f0000/styleguide/All.min.16f3eda5f509cd80c92941c92c424b30.gz.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-66.fra2.r.cloudfront.net
Software
Apache Tomcat / Brightspot
Resource Hash
4cb0164cdc62dd7241cccf4f447b52b8f122a9381fc86c3e3404fabbb7bec34a

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.krtv.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
empty
Referer
https://www.krtv.com/news/national/accenture-restores-systems-following-reported-ransomware-attack
Cookie
JSESSIONID=3C8186E5DE25A9741B15F0DBA678D3AD; _gcl_au=1.1.1047019986.1628746255; _ga=GA1.2.1106780276.1628746255; _gid=GA1.2.1564097119.1628746255; _dc_gtm_UA-10036014-7=1; _dc_gtm_UA-40066851-1=1; _dc_gtm_UA-29521121-4=1
Connection
keep-alive
Referer
https://www.krtv.com/news/national/accenture-restores-systems-following-reported-ransomware-attack
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 12 Aug 2021 05:29:53 GMT
Via
1.1 a32f966fc5896281eb3de44fd8f57d40.cloudfront.net (CloudFront)
Server
Apache Tomcat
Cache-Control
max-age=240
Age
61
X-Powered-By
Brightspot
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Content-Type
application/json;charset=UTF-8
Set-Cookie
JSESSIONID=21DB5A67AE12C4BE3484B89F497E0EA6; Path=/; HttpOnly
Connection
keep-alive
X-Amz-Cf-Pop
FRA2-C2
X-Robots-Tag
nofollow
X-Amz-Cf-Id
h3DejXh_6aeQNcsnWt0GkdSjjvjHkoZJynyZFZYJZwiOiQkUq_e6VA==
Cookie set alerts
www.krtv.com/weather/ 		59 KB
60 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.krtv.com/weather/alerts?_renderer=json
Requested by
Host: ewscripps.brightspotcdn.com
URL: https://ewscripps.brightspotcdn.com/resource/0000017a-a079-deca-affa-e67d326f0000/styleguide/All.min.16f3eda5f509cd80c92941c92c424b30.gz.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-66.fra2.r.cloudfront.net
Software
Apache Tomcat / Brightspot
Resource Hash
ce2a1377e9be924867757f46c64a9e6d2ac1935cec1c365164d19f2ebfd67b5f

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.krtv.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
empty
Referer
https://www.krtv.com/news/national/accenture-restores-systems-following-reported-ransomware-attack
Cookie
JSESSIONID=3C8186E5DE25A9741B15F0DBA678D3AD; _gcl_au=1.1.1047019986.1628746255; _ga=GA1.2.1106780276.1628746255; _gid=GA1.2.1564097119.1628746255; _dc_gtm_UA-10036014-7=1; _dc_gtm_UA-40066851-1=1; _dc_gtm_UA-29521121-4=1
Connection
keep-alive
Referer
https://www.krtv.com/news/national/accenture-restores-systems-following-reported-ransomware-attack
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 12 Aug 2021 05:29:54 GMT
Via
1.1 27f665df26bde4a7226480b4a2890ff9.cloudfront.net (CloudFront)
Server
Apache Tomcat
Cache-Control
max-age=240
Age
61
X-Powered-By
Brightspot
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Content-Type
application/json;charset=UTF-8
Set-Cookie
JSESSIONID=EB32C9A87E0ADF7396D4FE98531F2592; Path=/; HttpOnly
Connection
keep-alive
X-Amz-Cf-Pop
FRA2-C2
X-Robots-Tag
nofollow
X-Amz-Cf-Id
C-Z0Brz8di967IZWJoY5m-lTP9OUBKcicMDbt_l4-dimeVcfCsmmnQ==
school-closings-delays
www.krtv.com/weather/ 		56 KB
57 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.krtv.com/weather/school-closings-delays?_renderer=json
Requested by
Host: ewscripps.brightspotcdn.com
URL: https://ewscripps.brightspotcdn.com/resource/0000017a-a079-deca-affa-e67d326f0000/styleguide/All.min.16f3eda5f509cd80c92941c92c424b30.gz.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-66.fra2.r.cloudfront.net
Software
Apache Tomcat / Brightspot
Resource Hash
8dd721a21437ba0442c069f8ddd5e40589a3684c6ce93327bbc0d5254fbec4ed

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
www.krtv.com
Accept-Language
en-US
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
empty
Referer
https://www.krtv.com/news/national/accenture-restores-systems-following-reported-ransomware-attack
Cookie
JSESSIONID=3C8186E5DE25A9741B15F0DBA678D3AD; _gcl_au=1.1.1047019986.1628746255; _ga=GA1.2.1106780276.1628746255; _gid=GA1.2.1564097119.1628746255; _dc_gtm_UA-10036014-7=1; _dc_gtm_UA-40066851-1=1; _dc_gtm_UA-29521121-4=1
Connection
keep-alive
Referer
https://www.krtv.com/news/national/accenture-restores-systems-following-reported-ransomware-attack
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 12 Aug 2021 05:29:54 GMT
Via
1.1 96c1c36adc76f99239fd3220e5be7e6a.cloudfront.net (CloudFront)
Connection
keep-alive
Server
Apache Tomcat
Age
61
X-Powered-By
Brightspot
Transfer-Encoding
chunked
X-Cache
Error from cloudfront
Content-Type
application/json;charset=UTF-8
Cache-Control
max-age=240
X-Amz-Cf-Pop
FRA2-C2
X-Robots-Tag
nofollow
X-Amz-Cf-Id
KbyZSxEqSP5oQ-EZnC3C2DeDBKudxHNordNVvBoCukcNfECKwTer6w==
/
api.ewscloud.com/prod/scheduler/v1/com.krtv/schedules/current/ 		4 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.ewscloud.com/prod/scheduler/v1/com.krtv/schedules/current/?type=web
Requested by
Host: ewscripps.brightspotcdn.com
URL: https://ewscripps.brightspotcdn.com/resource/0000017a-a079-deca-affa-e67d326f0000/styleguide/All.min.16f3eda5f509cd80c92941c92c424b30.gz.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.45.26 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-45-26.mrs52.r.cloudfront.net
Software
/
Resource Hash
6189faedf95ece8384bb7c38c5b297d05e347323d1a771e7b68f69656a7571f8

Request headers

Authorization
Token bc22df1e0efb4dcb53f2438a4b71da118f05788c
Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 05:30:56 GMT
via
1.1 54ba4737103cb6263e414e602fbbe752.cloudfront.net (CloudFront)
x-amz-cf-pop
MRS52-P1
x-amzn-requestid
d0d6c957-f06a-4da4-a6e6-2865c34ef555
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
x-amzn-trace-id
Root=1-6114b210-6ccedc535c20d61f0036857f
x-amz-apigw-id
D8DClHVNoAMFSXA=
content-length
3746
x-amz-cf-id
fFQlNWz2t7j3N6JKFHvRrbnzteZxEiZwEe-YnWTou8OgIPVPbd7R6g==
px.gif
widget-pixels.outbrain.com/widget/detect/ 		43 B
451 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1&rn=10.8167100229054
Requested by
Host: www.krtv.com
URL: https://www.krtv.com/news/national/accenture-restores-systems-following-reported-ransomware-attack
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 05:30:55 GMT
last-modified
Wed, 30 Sep 2020 14:22:29 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods
GET,POST
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
43
expires
Sat, 11 Sep 2021 05:30:55 GMT
v2
mb.moatads.com/yi/ 		307 B
482 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mb.moatads.com/yi/v2?ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-shc9GZ%2BZ4OBI7PZR7NeP1dVlogBIfVcrVAZRAnlp9pAdeA81EcR7fkgw&sc=1&os=1-qg%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=(Gm%2B%5Eh%3A)jA&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.krtv.com%2Fnews%2Fnational%2Faccenture-restores-systems-following-reported-ransomware-attack&pcode=crackedscrippsdfpprebidheader262014341684&callback=MoatNadoAllJsonpRequest_51587396
Requested by
Host: sejs.moatads.com
URL: https://sejs.moatads.com/crackedscrippsdfpprebidheader262014341684/yi.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.179.78.10 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-179-78-10.eu-west-2.compute.amazonaws.com
Software
TornadoServer/4.5.3 /
Resource Hash
26f24f5485d38cd92cc0615d5a9e2d667173e3dd035b0bbbd05938c562e5d5c1

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 05:30:55 GMT
cache-control
max-age=900
server
TornadoServer/4.5.3
timing-allow-origin
*
etag
"ef81981048d430f31c2da124afbdfacecb4be4e4"
content-length
307
content-type
text/html; charset=UTF-8
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&t=1628746255601&de=573800968911&d=CRACKED_SCRIPPS_DFP_PREBID_HEADER1%3ADesktop%3A-%3A-&i=YIELD_INTELLIGENCE_INTERNAL1&sgs=5&ar=4790001-clean&iw=40ef2d8&zMoatRendered=0&zMoatSlotTargetingLoaded=0&zMoatSlotTargetingSet=0&zMoatPageDataTargetingSet=0&zMoatSafetyTargetingSet=0&zMoatEmptySlot=0&zMoatNadoDataLoadTime=Not%20Loaded&zMoatAllDataLoadTime=Not%20Loaded&bo=krtv.com&bd=krtv.com%2Fnews%2Fnational%2Faccenture-restores-systems-following-reported-ransomware-attack&ac=1&bq=11&f=0&na=1003261519&cs=0
Requested by
Host: www.krtv.com
URL: https://www.krtv.com/news/national/accenture-restores-systems-following-reported-ransomware-attack
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Aug 2021 05:30:55 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 12 Aug 2021 05:30:55 GMT
pixel;r=731939830;labels=Cracked.Article%20Title.Accenture%20restores%20systems%20following%20reported%20ransomware%20attack;rf=0;a=p-cfh7-Kj7hw4Cs;url=https%3A%2F%2Fwww.krtv.com%2Fnews%2Fnational%...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=731939830;labels=Cracked.Article%20Title.Accenture%20restores%20systems%20following%20reported%20ransomware%20attack;rf=0;a=p-cfh7-Kj7hw4Cs;url=https%3A%2F%2Fwww.krtv.com%2Fnews%2Fnational%2Faccenture-restores-systems-following-reported-ransomware-attack;uht=2;fpan=1;fpa=P0-558986191-1628746255664;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=eccc2c00-20210811224039;cm=;gdpr=0;ref=;d=krtv.com;je=0;sr=1600x1200x24;dst=1;et=1628746255663;tzo=-120;ogl=title.Accenture%20restores%20systems%20following%20reported%20ransomware%20attack%2Curl.https%3A%2F%2Fwww%252Ekrtv%252Ecom%2Fnews%2Fnational%2Faccenture-restores-systems-following-reported%2Cimage.https%3A%2F%2Fewscripps%252Ebrightspotcdn%252Ecom%2Fdims4%2Fdefault%2Ff49ca25%2F2147483647%2Fstrip%2Ftrue%2F%2Cimage%3Aurl.https%3A%2F%2Fewscripps%252Ebrightspotcdn%252Ecom%2Fdims4%2Fdefault%2Ff49ca25%2F2147483647%2Fstrip%2Ftrue%2F%2Cimage%3Asecure_url.https%3A%2F%2Fewscripps%252Ebrightspotcdn%252Ecom%2Fdims4%2Fdefault%2Ff49ca25%2F2147483647%2Fstrip%2Ftrue%2F%2Cimage%3Awidth.1200%2Cimage%3Aheight.630%2Cimage%3Atype.image%2Fpng%2Cimage%3Aalt.Data%20Services%20Cyberattack%2Cdescription.Accenture%20says%20its%20systems%20are%20back%20up%20a%20running%20following%20a%20ransomware%20attack%252E%2Csite_name.KRTV%2Ctype.article%2Cdescription.Accenture%20says%20its%20systems%20are%20back%20up%20a%20running%20following%20a%20ransomware%20attack%252E
Requested by
Host: www.krtv.com
URL: https://www.krtv.com/news/national/accenture-restores-systems-following-reported-ransomware-attack
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Aug 2021 05:30:55 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=6036471&ns__t=1628746255673&ns_c=UTF-8&cv=3.5&c8=Accenture%20restores%20systems%20following%20reported%20ransomware%20attack&c7=https%3A%2F%2Fwww.krtv.com...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6036471&ns__t=1628746255673&ns_c=UTF-8&cv=3.5&c8=Accenture%20restores%20systems%20following%20reported%20ransomware%20attack&c7=https%3A%2F%2Fwww.krtv.co...
64 B
327 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=6036471&ns__t=1628746255673&ns_c=UTF-8&cv=3.5&c8=Accenture%20restores%20systems%20following%20reported%20ransomware%20attack&c7=https%3A%2F%2Fwww.krtv.com%2Fnews%2Fnational%2Faccenture-restores-systems-following-reported-ransomware-attack&c9=
Requested by
Host: www.krtv.com
URL: https://www.krtv.com/news/national/accenture-restores-systems-following-reported-ransomware-attack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.73.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 05:30:55 GMT
via
1.1 e328b143eb69c36369a2def78300d502.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-C1
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
J4vAPOmgUrrTef2uBimLbN4d6sdOnWB00S_de5eBjrea6UVHAateiQ==

Redirect headers

date
Thu, 12 Aug 2021 05:30:55 GMT
via
1.1 e328b143eb69c36369a2def78300d502.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=2&c2=6036471&ns__t=1628746255673&ns_c=UTF-8&cv=3.5&c8=Accenture%20restores%20systems%20following%20reported%20ransomware%20attack&c7=https%3A%2F%2Fwww.krtv.com%2Fnews%2Fnational%2Faccenture-restores-systems-following-reported-ransomware-attack&c9=
content-length
308
x-amz-cf-id
u1sLQAJY35R5r-XoBSugy54-97OPT1VQE_5EJ0KLvG86ktfaoQ2hJg==
clear.png
static.ewscloud.com/weathercenter/prod/static/weathericons/nighttime/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.ewscloud.com/weathercenter/prod/static/weathericons/nighttime/clear.png
Requested by
Host: www.krtv.com
URL: https://www.krtv.com/news/national/accenture-restores-systems-following-reported-ransomware-attack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:bc00:10:618e:d880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2878c06eaa36809d2bf556a97ac803fa0870241e075817b5310e9b0410cc66d4

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
.HbbaRWpPdhGeJRB7rl_25yBf846TA3R
via
1.1 d7e55181ad8192e74c103c6003cd4d9c.cloudfront.net (CloudFront)
last-modified
Tue, 04 May 2021 14:04:23 GMT
server
AmazonS3
age
118
etag
"fc75b0aa31f555c7c7e2145d8789524c"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=86400
date
Thu, 12 Aug 2021 05:29:51 GMT
x-amz-replication-status
COMPLETED
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-length
2382
x-amz-cf-id
5C2sUe5hnVjFLNuzZuwxKh3ELMMLXAKhwufG6XvCdRQtWbPkHQT0tQ==
/
p1.parsely.com/plogger/ 		43 B
259 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p1.parsely.com/plogger/?rand=1628746255690&plid=25126775&idsite=krtv.com&url=https%3A%2F%2Fwww.krtv.com%2Fnews%2Fnational%2Faccenture-restores-systems-following-reported-ransomware-attack&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fwww.krtv.com%2Fnews%2Fnational%2Faccenture-restores-systems-following-reported-ransomware-attack&sref=&sts=1628746255683&slts=0&title=Accenture+restores+systems+following+reported+ransomware+attack&date=Thu+Aug+12+2021+07%3A30%3A55+GMT%2B0200+(Central+European+Summer+Time)&action=pageview&pvid=33548196&u=pid%3D09c81f702306ab799c27fc78496e749a
Requested by
Host: www.krtv.com
URL: https://www.krtv.com/news/national/accenture-restores-systems-following-reported-ransomware-attack
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.205.167.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-205-167-202.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 12 Aug 2021 05:30:56 GMT
Cache-Control
no-cache
Last-Modified
Thursday, 12-Aug-2021 05:30:56 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
load_optional_tags
api.pymx5.com/v1/sites/ 		0
719 B 		Script
General
Check archive.org
Download Go to
Full URL
https://api.pymx5.com/v1/sites/load_optional_tags
Requested by
Host: pymx5.com
URL: https://pymx5.com/scripts/load_tags.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.74.203 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
203.74.96.34.bc.googleusercontent.com
Software
nginx/1.13.7 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 05:30:55 GMT
via
1.1 google
server
nginx/1.13.7
x-frame-options
SAMEORIGIN
allow
GET, HEAD, OPTIONS
content-type
text/html; charset=utf-8
alt-svc
clear
content-length
0
connatix.playspace.css
cds.connatix.com/p/126004/ 		95 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/126004/connatix.playspace.css
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.14.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
60748fdd53c96d1eca2671628730f0a745d86d8223bc86f1d77d9b691920d8f9

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 05:30:55 GMT
content-encoding
br
last-modified
Mon, 09 Aug 2021 18:27:54 GMT
age
161082
etag
"2d5d1c3d89cc4965db765c1c8754e68e"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate= 31557600, immutable,max-age=31557600
accept-ranges
bytes
content-length
13297
test.html
widgets.outbrain.com/nanoWidget/externals/cookie/ Frame 735F 		610 B
992 B 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/externals/cookie/test.html
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
6139e1fc0d3709eebbe2b18510cf24361b9f8a538c3529a73c282bafe6c78474

Request headers

:method
GET
:authority
widgets.outbrain.com
:scheme
https
:path
/nanoWidget/externals/cookie/test.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
thirdparty=yes
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://widgets.outbrain.com/nanoWidget/externals/cookie/put.html

Response headers

accept-ranges
bytes
content-type
text/html
etag
"48053d50141031b1511dbd30f9a31288:1628667696.827271"
last-modified
Wed, 11 Aug 2021 07:19:55 GMT
server
AkamaiNetStorage
content-length
610
cache-control
max-age=345600
date
Thu, 12 Aug 2021 05:30:55 GMT
timing-allow-origin
* *
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
set-cookie
akacd_widgets_routing=1628746255~rv=31~id=4d4109d670ff5587628897c2ddc802b0; path=/; Expires=Thu, 12 Aug 2021 05:30:55 GMT; Secure; SameSite=None
dc_pre=CK789M_gqvICFZPQ1QodAQwGqw;src=4394967;type=wftx;cat=pc_tt0;ord=8460480683144;gtm=2wg8b0;auiddc=1047019986.1628746255;u1=U.S.%20and%20the%20World;u2=Accenture%20restores%20systems%20followin...
adservice.google.com/ddm/fls/i/ Frame EABA 		667 B
714 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/ddm/fls/i/dc_pre=CK789M_gqvICFZPQ1QodAQwGqw;src=4394967;type=wftx;cat=pc_tt0;ord=8460480683144;gtm=2wg8b0;auiddc=1047019986.1628746255;u1=U.S.%20and%20the%20World;u2=Accenture%20restores%20systems%20following%20reported%20ransomware%20attack;ps=1;~oref=https%3A%2F%2Fwww.krtv.com%2Fnews%2Fnational%2Faccenture-restores-systems-following-reported-ransomware-attack
Requested by
Host: 4394967.fls.doubleclick.net
URL: https://4394967.fls.doubleclick.net/activityi;dc_pre=CK789M_gqvICFZPQ1QodAQwGqw;src=4394967;type=wftx;cat=pc_tt0;ord=8460480683144;gtm=2wg8b0;auiddc=1047019986.1628746255;u1=U.S.%20and%20the%20World;u2=Accenture%20restores%20systems%20following%20reported%20ransomware%20attack;ps=1;~oref=https%3A%2F%2Fwww.krtv.com%2Fnews%2Fnational%2Faccenture-restores-systems-following-reported-ransomware-attack?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b809664efa1a4bf3f8e5e39cadeb294cdc3cba6c6e3b501d2965bf6ce7162bef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
adservice.google.com
:scheme
https
:path
/ddm/fls/i/dc_pre=CK789M_gqvICFZPQ1QodAQwGqw;src=4394967;type=wftx;cat=pc_tt0;ord=8460480683144;gtm=2wg8b0;auiddc=1047019986.1628746255;u1=U.S.%20and%20the%20World;u2=Accenture%20restores%20systems%20following%20reported%20ransomware%20attack;ps=1;~oref=https%3A%2F%2Fwww.krtv.com%2Fnews%2Fnational%2Faccenture-restores-systems-following-reported-ransomware-attack
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://4394967.fls.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://4394967.fls.doubleclick.net/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Thu, 12 Aug 2021 05:30:55 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
pragma
no-cache
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
481
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
placement_invocation
ob.cheqzone.com/ 		50 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ob.cheqzone.com/placement_invocation?id=65349&idx=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.45.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-45-81.mrs52.r.cloudfront.net
Software
/
Resource Hash
5e0aeb27ad5ec940a7b1049848d9ac96fcc00a34653745b7796d695f9f25f508

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 11 Aug 2021 21:22:48 GMT
content-encoding
gzip
cheq_headers_order
Content-Type Cache-Control Expires Etag Content-Length Content-Encoding Date Connection
age
29287
etag
"c62f-zfp6hy/A0Hu4xWYKZo/YBOKVxgM"
x-cache
Hit from cloudfront
content-type
text/javascript; charset=utf-8
via
1.1 dc3ba3079f46dad6613a8162e38ac6d1.cloudfront.net (CloudFront)
cache-control
max-age=43200
x-amz-cf-pop
MRS52-P1
content-length
19216
x-amz-cf-id
6UKLrVZZA6f2HN5HpUIdj0yQeLUNR0QNl_NK1ID8NBDUoa_o2ewHZg==
expires
Thu, 12 Aug 2021 09:22:48 GMT
story
capi.connatix.com/core/ Frame B15F 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/story?v=126004
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.22.136.188 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-22-136-188.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
0e188644d0ee61c4f8d1630a46fbdbf0b8f9f6dff789fb98fa30e985fa8143c0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data

Response headers

Date
Thu, 12 Aug 2021 05:30:56 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
multipart/form-data
Access-Control-Allow-Origin
https://www.krtv.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
1106
dc_pre=CK789M_gqvICFZPQ1QodAQwGqw;src=4394967;type=wftx;cat=pc_tt0;ord=8460480683144;gtm=2wg8b0;auiddc=1047019986.1628746255;u1=U.S.%20and%20the%20World;u2=Accenture%20restores%20systems%20followin...
adservice.google.de/ddm/fls/i/ Frame B1B1 		194 B
931 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/ddm/fls/i/dc_pre=CK789M_gqvICFZPQ1QodAQwGqw;src=4394967;type=wftx;cat=pc_tt0;ord=8460480683144;gtm=2wg8b0;auiddc=1047019986.1628746255;u1=U.S.%20and%20the%20World;u2=Accenture%20restores%20systems%20following%20reported%20ransomware%20attack;ps=1;~oref=https%3A%2F%2Fwww.krtv.com%2Fnews%2Fnational%2Faccenture-restores-systems-following-reported-ransomware-attack
Requested by
Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CK789M_gqvICFZPQ1QodAQwGqw;src=4394967;type=wftx;cat=pc_tt0;ord=8460480683144;gtm=2wg8b0;auiddc=1047019986.1628746255;u1=U.S.%20and%20the%20World;u2=Accenture%20restores%20systems%20following%20reported%20ransomware%20attack;ps=1;~oref=https%3A%2F%2Fwww.krtv.com%2Fnews%2Fnational%2Faccenture-restores-systems-following-reported-ransomware-attack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
adservice.google.de
:scheme
https
:path
/ddm/fls/i/dc_pre=CK789M_gqvICFZPQ1QodAQwGqw;src=4394967;type=wftx;cat=pc_tt0;ord=8460480683144;gtm=2wg8b0;auiddc=1047019986.1628746255;u1=U.S.%20and%20the%20World;u2=Accenture%20restores%20systems%20following%20reported%20ransomware%20attack;ps=1;~oref=https%3A%2F%2Fwww.krtv.com%2Fnews%2Fnational%2Faccenture-restores-systems-following-reported-ransomware-attack
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://adservice.google.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://adservice.google.com/

Response headers

p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
date
Thu, 12 Aug 2021 05:30:55 GMT
expires
Thu, 12 Aug 2021 05:30:55 GMT
cache-control
private, max-age=0
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
177
x-xss-protection
0
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		71 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: www.krtv.com
URL: https://www.krtv.com/news/national/accenture-restores-systems-following-reported-ransomware-attack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
sffe /
Resource Hash
03ec76fca8eea3040fd2d7c8feb79f412d256c3efa56f1703187544109c6ab5c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 05:30:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"956 / 10 of 1000 / last-modified: 1628719812"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25183
x-xss-protection
0
expires
Thu, 12 Aug 2021 05:30:56 GMT
show_pla
obs.cheqzone.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://obs.cheqzone.com/show_pla?id=65349&url=https%3A%2F%2Fwww.krtv.com%2Fnews%2Fnational%2Faccenture-restores-systems-following-reported-ransomware-attack&sf=0&k=&idx=0&ch=&ext=&np=linux%20x86_64&nv=google%20inc.&rand=03620979203605010265958036096985845020099251767902218379581928721607&nc=0&tsf=0&tsfmi=&pv=0&cb=1628746256149&ref=&pit=1&hl=2&op=0&fs=1600x1200&ss=1600x1200&pre=0&jsonp=OBR.extern.onCheqResponse&mr=&ag=2826626440&at=&bid=e30%3D&di=W1siZWYiLDQ3MTRdLFsxMiwie1wiZVwiOjAsXCJ3Z2xcIjoxfSJdLFstMSwiLSJdLFstMiwiMTEs%0D%0AWEh4ZzFqMHpFbEFRd0oxUUVja3Z6b3ZiY0FJWlNFRWpBaEpJUVFCd2dsOUY0Q0JBZ1FXZ2lkMExI%0D%0AQkJlT0dqYnZYM3FZeU02Lyt2enZTN0dvWEd3aC8rYk1samJUeWFvN09QZiJdLFstMywiW10iXSxb%0D%0ALTQsIi0iXSxbLTUsIi0iXSxbLTYsIntcIndcIjpbXCIwXCIsXCJjb3JlXCIsXCJfX2NvcmUtanNf%0D%0Ac2hhcmVkX19cIixcImdsb2JhbFwiLFwiU3lzdGVtXCIsXCJhc2FwXCIsXCJPYnNlcnZhYmxlXCIs%0D%0AXCJzZXRJbW1lZGlhdGVcIixcImNsZWFySW1tZWRpYXRlXCIsXCJyZWdlbmVyYXRvclJ1bnRpbWVc%0D%0AIixcIl9iYWJlbFBvbHlmaWxsXCIsXCJTY3JpcHBzQWRMaWJcIixcImRheXNTaW5jZVB1Ymxpc2hl%0D%0AZFwiLFwiZGF0ZVB1Ymxpc2hlZFwiLFwicHVibGlzaGVkVGltZVwiLFwibW9kaWZpZWRUaW1lXCIs%0D%0AXCJnZXRDb29raWVcIixcImd0bU9ialwiLFwiY2FsbExldHRlcnNcIixcImpzVGFnc1wiLFwianNQ%0D%0AdWJsaXNoRGF0ZVwiLFwianNVcGRhdGVEYXRlXCIsXCJqc0lzQnJlYWtpbmdcIixcImpzSXNBbGVy%0D%0AdFwiLFwianNBdXRob3JzXCIsXCJqc0hhc1ZpZGVvXCIsXCJqc1NlY3Rpb25cIixcImpzUGFnZVR5%0D%0AcGVcIixcImpzRGlzYWJsZVByZXJvbGxBZHNcIixcImpzRGlzYWJsZURpc3BsYXlBZHNcIixcImpz%0D%0ARGlzYWJsZUlubGluZVZpZGVvQWRzXCIsXCJqc0ZuYW1lXCIsXCJkYXRhTGF5ZXJcIixcIl9feHNo%0D%0AanJ5aGRoamt1ZWhkXCIsXCJvblJlYWR5XCIsXCJPbmVUcnVzdFN0dWJcIixcIk9uZXRydXN0QWN0%0D%0AaXZlR3JvdXBzXCIsXCJPcHRhbm9uQWN0aXZlR3JvdXBzXCIsXCJPcHRhbm9uV3JhcHBlclwiLFwi%0D%0AZGRsc1wiLFwiYWRzT25QYWdlXCIsXCJJU19DTVNcIixcIkFkRGVidWdnZXJcIixcIlNjcmlwcHNV%0D%0AdGlsc1wiLFwiU3RpY2t5UmlnaHRSYWlsXCIsXCJzVXNlckh1YlwiLFwiQWRUYXJnZXRpbmdQYXJh%0D%0AbXNcIixcIkR5bmFtaWNUYXJnZXRpbmdQYXJhbXNcIixcIlNjcmlwcHNPdXRzdHJlYW1QbGF5ZXJc%0D%0AIixcIlNjcmlwcHNBZHNMaWJcIl0sXCJuXCI6W10sXCJkXCI6W119Il0sWy03LCItIl0sWy04LCIt%0D%0AIl0sWy05LCItIl0sWy0xMCwiLSJdLFstMTEsIntcInRcIjpcIlwiLFwibVwiOltcImRlc2NyaXB0%0D%0AaW9uXCIsXCJrZXl3b3Jkc1wiLFwib2c6dGl0bGVcIixcIm9nOmRlc2NyaXB0aW9uXCIsXCJ0d2l0%0D%0AdGVyOmRlc2NyaXB0aW9uXCIsXCJ0d2l0dGVyOnRpdGxlXCIsXCJvZzpkZXNjcmlwdGlvblwiLFwi%0D%0AZGVzY3JpcHRpb25cIixcInBhcnNlbHktdGl0bGVcIl19Il0sWy0xMiwibnVsbCJdLFstMTMsIi0i%0D%0AXSxbLTE0LCJ7XCJvXCI6MC4wMDUwNTA1MDUwNTA1MDUwNTF9Il0sWy0xNSwiLSJdLFstMTYsIjAi%0D%0AXSxbLTE3LCIxNiJdLFstMTgsIlswLDAsMCwxXSJdLFstMTksIlswLDAsMCwwLDAsMCwxLDI0LDI0%0D%0ALFwiLVwiLDE2MDAsMTIwMCwxNjAwLDEyMDAsMTYwMCwxMjAwLDE2MDAsMTIwMCwwLDAsMCwwLFwi%0D%0ALVwiLFwiLVwiXSJdLFstMjAsIjExMDY3ODAyNzYuMTYyODc0NjI1NSJdLFstMjEsIjBXdG5lbmlX%0D%0AIl0sWy0yMiwiW1wiblwiLFwiblwiXSJdLFstMjMsIisiXSxbLTI0LCJbXSJdLFstMjUsIi0iXSxb%0D%0ALTI2LCJ7XCJ0amhzXCI6MjE3MDAwMDAsXCJ1amhzXCI6MTgyMDAwMDAsXCJqaHNsXCI6Mzc2MDAw%0D%0AMDAwMH0iXSxbLTI3LCJbMCw5LjIsMCxcIjRnXCIsbnVsbF0iXSxbLTI4LCJlbi1VUyJdLFstMjks%0D%0AIntcInZcIjpbMiwyLDIsMiwwLDAsMCwyLDAsMiwwLDIsMCwwLDIsMiwyLDIsMF19Il0sWy0zMCwi%0D%0AW1widlwiLDBdIl0sWy0zMSwidHJ1ZSJdLFstMzIsIjIiXSxbLTMzLCItIl0sWy0zNCwiLSJdLFst%0D%0AMzUsIlsxNjI4NzQ2MjU2MDc3LC0yXSJdLFstMzYsIltcIjQvM1wiLFwiNC8zXCJdIl0sWy0zNywi%0D%0ALSJdLFstMzgsImksLTEsLTEsMCwwLDAsMCwxMyw4NiwyNzUsMzc0LDAsNzUyLjksNzUyLjksMTQ2%0D%0ANywxNDY3Il0sWy0zOSwiW1wiMjAwMzAxMDdcIiwwLFwiR2Vja29cIixcIk5ldHNjYXBlXCIsXCJN%0D%0Ab3ppbGxhXCIsbnVsbCxudWxsLHRydWUsOCxmYWxzZSxudWxsLDBdIl0sWy00MCwiMzMiXSxbLTQx%0D%0ALCItIl0sWy00MiwiMTcyNDI5NzY1MyJdLFstNDMsIjAwMDAwMDAxMDAwMDAwMDAwMDExMTAxMTAw%0D%0AIl0sWy00NCwiMCwwLDAsNSJdLFstNDUsIjYyMCwwLDAsMCwwLDAsNzYyLDAsNjQ4LDAsMCwwLDAs%0D%0AMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCJdLFstNDYsIjAiXSxbLTQ3LCJF%0D%0AdXJvcGUvQmVybGluLGVuLVVTLGxhdG4sZ3JlZ29yeSJdLFstNDgsIjAsMCJdLFstNDksIi0iXSxb%0D%0AImJuY2giLDEwN11d&tsfu=&fst=1600x1200&dep=0&cpos=%5B%7B%22x%22%3A325%2C%22y%22%3A1807%2C%22w%22%3A610%2C%22h%22%3A0%7D%2C%7B%22w%22%3A1600%2C%22h%22%3A1200%7D%5D&ver=41&cri=hKqSjgOPz5&sdd=%7B%7D&pto=1540
Requested by
Host: ob.cheqzone.com
URL: https://ob.cheqzone.com/placement_invocation?id=65349&idx=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:1f18:e8a:cd02:882c:d916:bae1:7722 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
63833d74b6bdc529965ae967e77df9569c0a3e691140ab5638a26e529c7555f5

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Aug 2021 05:30:56 GMT
content-encoding
gzip
content-type
text/javascript
cache-control
no-cache, no-store, must-revalidate
cheq_headers_order
Set-Cookie Content-Type Cache-Control Pragma Expires Content-Length Content-Encoding Date Connection
content-length
1582
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_2021080901.js
securepubads.g.doubleclick.net/gpt/ 		330 KB
115 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
sffe /
Resource Hash
ee42c91f297eb0f204bf184600c3194d54e6908830639db14e37b5b158ea0ee7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 05:30:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 09 Aug 2021 08:37:52 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, immutable, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
117636
x-xss-protection
0
expires
Thu, 12 Aug 2021 05:30:56 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		124 B
119 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.krtv.com
Requested by
Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
c3d5307e98b5782dbd6185b174503328853b41ac59c1afa89a0803ae30fe7cfc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 12 Aug 2021 05:30:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
94
x-xss-protection
0
expires
Thu, 12 Aug 2021 05:30:56 GMT
log
hblg.media.net/ 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/log?logid=kfk&evtid=flog&itype=HB&abte=SSP_CLIENT&adbd=0&adt=desktop&cid=8CU6Q6626&ct=WARSAW&cc=PL&ugd=4&app=0&pht=1200&pid=8PRL4E7N3&dn=krtv.com&servname=ssp-serving-96599896c-5mcsj&sd=1&svr=080513_276_080513_246_ssp&sc=&version=4&vh=1200&vw=1600&vsid=&vid=00001628746256220032612948489599&sspAbBucket=CONTROL&npa=0&lw=1&dapp=green&rtype=&lbr=0&itypeid=1&mnkv=&pabte=&floc_id=&floc_ver=&gdpr_enf=1&csex=0&gdfstr=Y-N&gdpr=1&csstr=&tcf_cmp=&tcf_status=&tcf_prp=&suc=0&usp_enf=1&usp_status=0&usp_ldf=&usp_string=&ufca=-1&coppa_status=&coppa_applied=&gfundl=700&gtd=&inid=&ngfundl=1000&rdl=700&id_details=&a=0&r=209&lper=1&pc=&requrl=https%3A%2F%2Fwww.krtv.com%2Fnews%2Fnational%2Faccenture-restores-systems-following-reported-ransomware-attack&kwrf=
Requested by
Host: www.krtv.com
URL: https://www.krtv.com/news/national/accenture-restores-systems-following-reported-ransomware-attack
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Jetty(9.4.35.v20201120) /
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Aug 2021 05:30:56 GMT
server
Jetty(9.4.35.v20201120)
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Thu, 12 Aug 2021 05:30:56 GMT
dwce_cheq_events
log.outbrainimg.com/loggerServices/ 		4 B
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1628746256318&sessionId=4fa771f6-83b0-2790-cceb-e74a59cd7ec5&url=www.krtv.com&cheqSource=1&cheqEvent=0&exitReason=3
Requested by
Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.191 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 12 Aug 2021 05:30:56 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
bf191e8523c92b58654c2a42cca673fb
Content-Length
4
Expires
0
get
odb.outbrain.com/utils/ 		27 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.krtv.com%2Fnews%2Fnational%2Faccenture-restores-systems-following-reported-ransomware-attack&idx=0&rand=98131&key=NANOWDGT01&widgetJSId=AR_11&va=true&et=true&format=html&pdobuid=-1&adblck=false&abwl=false&clid=4fa771f6-83b0-2790-cceb-e74a59cd7ec5&fdu=www.krtv.com&px=325&py=1807&vpd=607&cw=610&settings=true&recs=true&version=2000411&sig=0WtneniW&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.14.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ef8420787a590b66f273a31b81974a10422ec45818a3517b954e5322e6e6fa84

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 05:30:56 GMT
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, FRA, Europe1
x-cache
MISS, MISS
p3p
policyref="http://www.outbrain.com/w3c/p3p.xml",CP="NOI NID CURa DEVa TAIa PSAa PSDa OUR IND UNI"
backend-ip
157.52.117.74
x-cache-hits
0, 0
x-traceid
ccfc1c27263560b080670811b96d272c
content-encoding
gzip
content-length
6396
x-served-by
cache-lga21974-LGA, cache-fra19183-FRA
x-timer
S1628746256.436665,VS0,VE229
vary
Accept-Encoding, User-Agent
content-type
text/javascript; charset=UTF-8
accept-ranges
bytes
expires
Thu, 01 Jan 1970 00:00:00 GMT
show_companion_ad.js
pagead2.googlesyndication.com/pagead/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_companion_ad.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7313b1057f6543d7eb7acaa080be92b436473884cc71a5b0bdf5ece0d5e0aa4d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 05:13:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1073
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5950
x-xss-protection
0
server
cafe
etag
3337145904970783249
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Thu, 12 Aug 2021 06:13:03 GMT
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3295&u=https%3A%2F%2Fwww.krtv.com%2Fnews%2Fnational%2Faccenture-restores-systems-following-reported-ransomware-attack&pid=xxT7UZuUGhpeg&cb=0&ws=1600x1200&v=7.67.00&t=1500&slots=%5B%7B%22sd%22%3A%22MAD_INVIEW%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%2C%7B%22sd%22%3A%22MAD_RIGHT_RAIL%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%7D%5D&cfgv=0&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.44.170 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-44-170.mrs52.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 05:30:56 GMT
via
1.1 4d1daf728c8f336e79bd83ec18bb8cb0.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
MRS52-P1
vary
User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.krtv.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
uqXlfUwvNm47DT8NlIWhjCPECDs3v5FbU2klQxu0RLHlp59peXcojg==
imp
g2.gumgum.com/hbid/ 		496 B
987 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?t=oei8ag5f&pi=3&si=112971&bf=728x90&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.krtv.com%2Fnews%2Fnational%2Faccenture-restores-systems-following-reported-ransomware-attack&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.43.0%22%7D&ogu=https%3A%2F%2Fwww.krtv.com%2Fnews%2Fnational%2Faccenture-restores-systems-following-reported-ransomware-attack&ns=9421
Requested by
Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.122.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-122-11.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
5911eba3c91531aaa709b04de95cc385b974a1e4e90ecf51db7e22eb8a7d49d0

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 12 Aug 2021 05:30:56 GMT
content-encoding
gzip
server
nginx
timing-allow-origin
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.krtv.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
expires
0
imp
g2.gumgum.com/hbid/ 		496 B
985 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?t=oei8ag5f&pi=3&si=112970&bf=300x600%2C300x250&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.krtv.com%2Fnews%2Fnational%2Faccenture-restores-systems-following-reported-ransomware-attack&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.43.0%22%7D&ogu=https%3A%2F%2Fwww.krtv.com%2Fnews%2Fnational%2Faccenture-restores-systems-following-reported-ransomware-attack&ns=9421
Requested by
Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.122.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-122-11.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b23f778c2a41524161fad6ea39aacf3e56bbed4c58d5c1f325266c1c250958f4

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 12 Aug 2021 05:30:56 GMT
content-encoding
gzip
server
nginx
timing-allow-origin
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.krtv.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
expires
0
v2
e.serverbid.com/api/ 		711 B
982 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://e.serverbid.com/api/v2
Requested by
Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
134.209.129.254 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
1385a4f55db1166435032cd0c1d542629ccc77f520fb0d3702e1d2da2f514a24

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.krtv.com
date
Thu, 12 Aug 2021 05:30:56 GMT
access-control-allow-credentials
true
content-length
711
vary
Origin
content-type
application/json
arj
ewscripps-d.openx.net/w/1.0/ 		172 B
355 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ewscripps-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.krtv.com%2Fnews%2Fnational%2Faccenture-restores-systems-following-reported-ransomware-attack&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=e9ef77c3-3a78-46a9-ba3a-9f3bed4c32aa%2C60f2bc2d-51dc-49c3-85f6-8408e7203c57&nocache=1628746256377&pubcid=c5dd7890-a104-4582-a979-e18129248296&aus=728x90%7C300x600%2C300x250&divids=MAD_INVIEW%2CMAD_RIGHT_RAIL&aucs=%252F6088%252Fssp.krtv%252Finview-bottom%2C%252F6088%252Fssp.krtv%252Fnews%252Fnational%252Fdetail&auid=544041458%2C544041455
Requested by
Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.213.0 /
Resource Hash
c4393bab8e3cbe1ab454d4c9bfb26d278bf18ca9912531399b5d3d410c2fffc4

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 12 Aug 2021 05:30:56 GMT
content-encoding
gzip
server
OXGW/16.213.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.krtv.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
163
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
472 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969c0301797961d75b628785af0038&pos=8a969c0301797961d75b6291459e005f&cmd=bid&secure=1
Requested by
Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
83dc4b47b1406a1a8ea9e95686012f7d3b8ebf5e4dc440115de2434dc0ff8586

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 12 Aug 2021 05:30:56 GMT
Server
ATS/7.1.2.128
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://www.krtv.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
472 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969c0301797961d75b628785af0038&pos=8a9691c501797961dc1a6291419a0055&cmd=bid&secure=1
Requested by
Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
4fbd1abb85a4ddc9515263b7855a65dfffd0ee76b017bee71fc80e6c892ec422

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 12 Aug 2021 05:30:56 GMT
Server
ATS/7.1.2.128
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://www.krtv.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
fastlane.json
fastlane.rubiconproject.com/a/api/ 		482 B
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=5776&site_id=361740&zone_id=1953942%3B1953940&size_id=2%3B15&alt_size_ids=%3B10&eid_pubcid.org=c5dd7890-a104-4582-a979-e18129248296%5E1&rf=https%3A%2F%2Fwww.krtv.com%2Fnews%2Fnational%2Faccenture-restores-systems-following-reported-ransomware-attack&tg_i.aupname=%2F6088%2Fssp.krtv%26mad_inview%3B%2F6088%2Fssp.krtv%26mad_right_rail&tg_i.dfp_ad_unit_code=6088%2Fssp.krtv%2Finview-bottom%3B6088%2Fssp.krtv%2Fnews%2Fnational%2Fdetail&tg_i.pbadslot=6088%2Fssp.krtv%2Finview-bottom%3B6088%2Fssp.krtv%2Fnews%2Fnational%2Fdetail&tk_flint=dmpbjs_v4.43.0&x_source.tid=e9ef77c3-3a78-46a9-ba3a-9f3bed4c32aa%3B60f2bc2d-51dc-49c3-85f6-8408e7203c57&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=2&rand=0.6848416505287238
Requested by
Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
9d3992f423374028889f884d242a5f52547df37181b5025b9c2257dd417b7f72

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 12 Aug 2021 05:30:56 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.krtv.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
482
Expires
Wed, 17 Sep 1975 21:32:10 GMT
hb
ssc.33across.com/api/v1/ 		66 B
365 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=aJeyQEByqr67OuaKj0P0Le
Requested by
Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.110.21 Crown Point, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip21.67-202-110.static.steadfastdns.net
Software
/ 33Across
Resource Hash
78e45f1a9d79569ee363be655966b191f468f9243485353670fb4362b53eaaf8

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 12 Aug 2021 05:30:56 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.krtv.com
access-control-allow-credentials
true
hb
ssc.33across.com/api/v1/ 		66 B
342 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=aFPcv0Byqr67OuaKj0P0Le
Requested by
Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.110.21 Crown Point, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip21.67-202-110.static.steadfastdns.net
Software
/ 33Across
Resource Hash
08da225adb5b49c6c83324eebfaf2636b92d58e902ed5d7314c4768ae957b433

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 12 Aug 2021 05:30:56 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.krtv.com
access-control-allow-credentials
true
auction
tlx.3lift.com/header/ 		19 B
507 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=4.43.0&referrer=https%3A%2F%2Fwww.krtv.com%2Fnews%2Fnational%2Faccenture-restores-systems-following-reported-ransomware-attack&tmax=2000
Requested by
Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.154.195 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-154-195.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 12 Aug 2021 05:30:56 GMT
x-auction-status
12, 12
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.krtv.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		19 B
694 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 12 Aug 2021 05:30:56 GMT
X-Proxy-Origin
194.99.105.99; 194.99.105.99; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
964a09f4-6632-41a8-9723-dc763f44a195
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.krtv.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
369 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=3295&u=https%3A%2F%2Fwww.krtv.com%2Fnews%2Fnational%2Faccenture-restores-systems-following-reported-ransomware-attack&pid=xxT7UZuUGhpeg&cb=1&ws=1600x1200&v=7.67.00&t=1500&slots=%5B%7B%22sd%22%3A%22MAD_INLINE%22%2C%22s%22%3A%5B%22300x250%22%5D%7D%2C%7B%22sd%22%3A%22MAD_HEADER%22%2C%22s%22%3A%5B%22970x250%22%2C%22728x90%22%2C%22970x90%22%2C%22994x30%22%2C%2210x1%22%5D%7D%5D&cfgv=0&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.84.44.170 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-84-44-170.mrs52.r.cloudfront.net
Software
Server /
Resource Hash
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 05:30:56 GMT
via
1.1 4d1daf728c8f336e79bd83ec18bb8cb0.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
MRS52-P1
vary
User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.krtv.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
g8yDE12-stoTlxg0LxJOF8HM3PKEYwZBiIkBrgaGDxauzKCbE5psig==
auction
tlx.3lift.com/header/ 		19 B
491 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=4.43.0&referrer=https%3A%2F%2Fwww.krtv.com%2Fnews%2Fnational%2Faccenture-restores-systems-following-reported-ransomware-attack&tmax=2000
Requested by
Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.154.195 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-154-195.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 12 Aug 2021 05:30:56 GMT
x-auction-status
12
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
access-control-allow-origin
https://www.krtv.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
hb
ssc.33across.com/api/v1/ 		66 B
342 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=azIy8WByqr67OuaKj0P0Le
Requested by
Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.110.21 Crown Point, United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip21.67-202-110.static.steadfastdns.net
Software
/ 33Across
Resource Hash
6a04a424227ba1d1982d9236e175dddf86e7ce93aff79fde4ca9bcabc709f650

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 12 Aug 2021 05:30:56 GMT
content-encoding
gzip
status
200 OK
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.krtv.com
access-control-allow-credentials
true
imp
g2.gumgum.com/hbid/ 		496 B
986 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?pubId=13797&pi=3&si=217103&bf=300x250&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.krtv.com%2Fnews%2Fnational%2Faccenture-restores-systems-following-reported-ransomware-attack&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.43.0%22%7D&ogu=https%3A%2F%2Fwww.krtv.com%2Fnews%2Fnational%2Faccenture-restores-systems-following-reported-ransomware-attack&ns=9421
Requested by
Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.122.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-122-11.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
ddf5fc36a558109eb7bc393a2cb5ea939c7fd40a39cc703bed0a23f5dd76325f

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 12 Aug 2021 05:30:56 GMT
content-encoding
gzip
server
nginx
timing-allow-origin
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.krtv.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
expires
0
imp
g2.gumgum.com/hbid/ 		496 B
987 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/hbid/imp?t=oei8ag5f&pi=3&si=112968&bf=970x250%2C728x90%2C970x90&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.krtv.com%2Fnews%2Fnational%2Faccenture-restores-systems-following-reported-ransomware-attack&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%2C%22pbv%22%3A%224.43.0%22%7D&ogu=https%3A%2F%2Fwww.krtv.com%2Fnews%2Fnational%2Faccenture-restores-systems-following-reported-ransomware-attack&ns=9421
Requested by
Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.122.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-122-11.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
c1ea91d083eed7e91dbc621a9e14331c182d7e85df17322c5e787f2e60337330

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 12 Aug 2021 05:30:56 GMT
content-encoding
gzip
server
nginx
timing-allow-origin
*
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://www.krtv.com
cache-control
private, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
expires
0
v2
e.serverbid.com/api/ 		711 B
982 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://e.serverbid.com/api/v2
Requested by
Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
134.209.129.254 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
1385a4f55db1166435032cd0c1d542629ccc77f520fb0d3702e1d2da2f514a24

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.krtv.com
date
Thu, 12 Aug 2021 05:30:56 GMT
access-control-allow-credentials
true
content-length
711
vary
Origin
content-type
application/json
prebid
ib.adnxs.com/ut/v3/ 		19 B
694 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 12 Aug 2021 05:30:56 GMT
X-Proxy-Origin
194.99.105.99; 194.99.105.99; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
8581d6e7-fc5f-4bd0-ab03-b1d46b2a26cf
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://www.krtv.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
arj
ewscripps-d.openx.net/w/1.0/ 		172 B
557 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ewscripps-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.krtv.com%2Fnews%2Fnational%2Faccenture-restores-systems-following-reported-ransomware-attack&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=59c31570-8992-4b3a-b3ab-21ff5c6050ca&nocache=1628746256406&pubcid=c5dd7890-a104-4582-a979-e18129248296&aus=970x250%2C728x90%2C970x90&divids=MAD_HEADER&aucs=%252F6088%252Fssp.krtv%252Fnews%252Fnational%252Fdetail&auid=544041449
Requested by
Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.213.0 /
Resource Hash
0d52ad67d89c86e0123addae1ebe00d234c624062b85a12de2504bc0731f2bd8

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 12 Aug 2021 05:30:56 GMT
content-encoding
gzip
server
OXGW/16.213.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.krtv.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
clear
content-length
163
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		500 B
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=5776&site_id=361740&zone_id=2090274%3B1953936&size_id=15%3B2&alt_size_ids=%3B55%2C57&eid_pubcid.org=c5dd7890-a104-4582-a979-e18129248296%5E1&rf=https%3A%2F%2Fwww.krtv.com%2Fnews%2Fnational%2Faccenture-restores-systems-following-reported-ransomware-attack&tg_i.aupname=%2F6088%2Fssp.krtv%26mad_inline%3B%2F6088%2Fssp.krtv%26mad_header&tg_i.dfp_ad_unit_code=6088%2Fssp.krtv%2Fnews%2Fnational%2Fdetail&tg_i.pbadslot=6088%2Fssp.krtv%2Fnews%2Fnational%2Fdetail&tk_flint=dmpbjs_v4.43.0&x_source.tid=b63ac22a-5044-4d38-855a-3a3d5f717ab7%3B59c31570-8992-4b3a-b3ab-21ff5c6050ca&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=2&rand=0.12064936516174618
Requested by
Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.144.140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
b45f731b0db4a8fa2a358bfde1bf33b1947c1805c7799ed35dad399f36d57e66

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 12 Aug 2021 05:30:56 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://www.krtv.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Keep-Alive
timeout=5
Content-Length
500
Expires
Wed, 17 Sep 1975 21:32:10 GMT
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
472 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a969c0301797961d75b628785af0038&pos=8a969c0301797961d75b62924f9e00b1&cmd=bid&secure=1
Requested by
Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/7.1.2.128 /
Resource Hash
92815a3668e47d2eddf36d55a6822a2567ceee248fe54e263b369277e76026ed

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 12 Aug 2021 05:30:56 GMT
Server
ATS/7.1.2.128
Age
0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST,GET,HEAD,OPTIONS
Content-Type
application/json;charset=utf-8
Access-Control-Allow-Origin
https://www.krtv.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
62
blockedDomains_3.bin
lit.connatix.com/08d73d33-9bb5-9b21-f035-1721d593115a/ Frame B15F 		54 B
316 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lit.connatix.com/08d73d33-9bb5-9b21-f035-1721d593115a/blockedDomains_3.bin
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.14.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e87e082f0cd8c67e281641290266747af1638390bb86573db02e43ee9faae667

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 05:30:56 GMT
content-encoding
gzip
fastly-restarts
1
last-modified
Mon, 21 Jun 2021 21:16:16 GMT
age
4434060
etag
"5248073488c33d1429a8387fe5bf6cda"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate= 31557600, immutable,max-age=31557600
accept-ranges
bytes
content-length
63
sr
capi.connatix.com/tr/ Frame B15F 		0
293 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/sr?v=126004
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.22.136.188 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-22-136-188.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data

Response headers

Date
Thu, 12 Aug 2021 05:30:56 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
multipart/form-data
Access-Control-Allow-Origin
https://www.krtv.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
04b4eb51-404a-43eb-a5fa-b19965df25d0.bin
vid.connatix.com/d7a009c2-4d20-4d8f-9657-3d04b3ea8823/ Frame B15F 		7 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/d7a009c2-4d20-4d8f-9657-3d04b3ea8823/04b4eb51-404a-43eb-a5fa-b19965df25d0.bin
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6a756a7522276c72ecdb8d2ed7c6869260750c8f93b1d56ab6b11417f7264bc4

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 05:30:56 GMT
content-encoding
gzip
last-modified
Thu, 12 Aug 2021 03:18:44 GMT
age
7850
etag
"f27f0b4cfa5053078b39011ed6a4a290"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET, HEAD
content-type
application/octet-stream
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate= 31557600, immutable,max-age=31557600
accept-ranges
bytes
content-length
1322
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame B15F 		341 KB
118 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1d6d3b9f8e0313f53a32160e14ffb19c80aa84fc2534b3d4acdfe8880059d83f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 05:30:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
120564
x-xss-protection
0
expires
Thu, 12 Aug 2021 05:30:56 GMT
dwce_cheq_events
log.outbrainimg.com/loggerServices/ 		4 B
325 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1628746256506&sessionId=4fa771f6-83b0-2790-cceb-e74a59cd7ec5&url=www.krtv.com&cheqSource=1&cheqEvent=2&responseTime=688
Requested by
Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.191 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 12 Aug 2021 05:30:56 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
50bcd69e95a2e825c4c637f21ef3ad86
Content-Length
4
Expires
0
imp.gif
obs.cheqzone.com/tracker/ 		43 B
135 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://obs.cheqzone.com/tracker/imp.gif?e=37dfbd8ee84e001368e6c031ec458f9b9225c24f567d51c5c30f41b0254384cfa532ff1a285aa40e98d022e0b44dc87ea4a36fde4c1b8c682309094d0ba0bfea9475489e91da563e351aff717718956a8b70cd0130003f8101424d3f065cc3bf775d36fa26e877cb55e2cc7ce2586fb01f6f3903d053f054abd1c5d52fe87547ed62d2f1157f84163312714593d60632fd78afe7dfe1474ab9488bbd39e821da61c45085052aae2d05f91e46042cc95b32b49affa125be2ab8589801f95c0c2cf38e6b256a655c9b6599857ea95a61a7d4f232331e32d786302080903b477442750c1bef8828796d76e4ba152cebfea755c9a444771e2bb5a5a384800cc6b9a326f746c0016537dd9fcfe6ad6b89cc9133d56c5384e6c1250616e9656ca0990a63ecc89825d957bd1fad811bc551c8c96dd82a77c3d835d27794d5bafbdbbae74b2ca37ee7bcab2b523cbed06bc2b34be7431206d65a5ad385c38681eb923bce6a88dee2dd2fe87b2130842c2b9490cb4e26d1e829ac51b5c2179620f927161901ca63ff439cd0be71f8df78d209f2c3d5cb719a154560f21318546b5833cbaf75bf48d8cf8969a69f64fa9c3acd92eeb16d88a1f152767999a64f5fcaa10e5513bbe8ef3af865ddb302b8fd6ce73cff73d106800995f96284457aa3ffd033226e24477b580705b6f3d839c008b6595c017ca9f710818a120fe2aa9de6ae66a9eef8ff86fdb3f24b4620f84580aa446883457918d660416c6af67bb36b1fc2eadd7e8c60d33996a82acda4109f7b0d4c3c102f0196d290ae2e6747c80a4f94cfcbfee1d8590182a2fe28d4892639ab8d57622da0cf8e442bf365c00a8308a07f8918db85&cb=1628746256506&cri=hKqSjgOPz5
Requested by
Host: www.krtv.com
URL: https://www.krtv.com/news/national/accenture-restores-systems-following-reported-ransomware-attack
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2600:1f18:e8a:cd02:882c:d916:bae1:7722 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Aug 2021 05:30:56 GMT
cache-control
no-cache, no-store, must-revalidate
cheq_headers_order
Cache-Control Pragma Expires Content-Type Date Connection Content-Length
content-type
image/gif
content-length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
bridge3.474.0_en.html
imasdk.googleapis.com/js/core/ Frame D723 		579 KB
190 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.474.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d64b05fc43fc4c439d6d5f3b9e81f9bbb182b04c146dd8847f5723907600f79d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.474.0_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.krtv.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.krtv.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
194966
date
Wed, 11 Aug 2021 09:18:39 GMT
expires
Thu, 11 Aug 2022 09:18:39 GMT
last-modified
Mon, 09 Aug 2021 21:33:13 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
72737
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame B15F 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 05:30:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
expires
Thu, 12 Aug 2021 05:30:56 GMT
bridge3.474.0_en.html
imasdk.googleapis.com/js/core/ Frame CD28 		579 KB
190 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.474.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d64b05fc43fc4c439d6d5f3b9e81f9bbb182b04c146dd8847f5723907600f79d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.474.0_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.krtv.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.krtv.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
194966
date
Wed, 11 Aug 2021 09:18:39 GMT
expires
Thu, 11 Aug 2022 09:18:39 GMT
last-modified
Mon, 09 Aug 2021 21:33:13 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
72737
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
bridge3.474.0_en.html
imasdk.googleapis.com/js/core/ Frame 56FB 		579 KB
190 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.474.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d64b05fc43fc4c439d6d5f3b9e81f9bbb182b04c146dd8847f5723907600f79d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
imasdk.googleapis.com
:scheme
https
:path
/js/core/bridge3.474.0_en.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.krtv.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.krtv.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
194966
date
Wed, 11 Aug 2021 09:18:39 GMT
expires
Thu, 11 Aug 2022 09:18:39 GMT
last-modified
Mon, 09 Aug 2021 21:33:13 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
72737
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 05AB 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 04:44:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2757
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12603
x-xss-protection
0
last-modified
Mon, 14 Dec 2020 16:45:56 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Thu, 12 Aug 2021 05:44:59 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 70F3 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 04:44:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2757
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12603
x-xss-protection
0
last-modified
Mon, 14 Dec 2020 16:45:56 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Thu, 12 Aug 2021 05:44:59 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame C007 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 04:44:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2757
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12603
x-xss-protection
0
last-modified
Mon, 14 Dec 2020 16:45:56 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Thu, 12 Aug 2021 05:44:59 GMT
ob_smartFeedLogo.min.svg
widgets.outbrain.com/images/widgetIcons/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/ob_smartFeedLogo.min.svg
Requested by
Host: www.krtv.com
URL: https://www.krtv.com/news/national/accenture-restores-systems-following-reported-ransomware-attack
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
8050f05c230d74be333b63cef230e786094e9100f55fa19c6c0831e95870768d

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 05:30:56 GMT
last-modified
Thu, 24 Jun 2021 14:35:21 GMT
server
AkamaiNetStorage
etag
"f370d19306add072a726e7f4ade8dc57:1624546051.286567"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
7090
expires
Sat, 11 Sep 2021 05:30:56 GMT
achoice.svg
widgets.outbrain.com/images/widgetIcons/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by
Host: www.krtv.com
URL: https://www.krtv.com/news/national/accenture-restores-systems-following-reported-ransomware-attack
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 05:30:56 GMT
last-modified
Thu, 24 Jun 2021 14:35:21 GMT
server
AkamaiNetStorage
etag
"9d26fa4e7238ed94f1d0d92afb453b3e:1624546014.914244"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
2735
expires
Sat, 11 Sep 2021 05:30:56 GMT
l
mcdp-nydc1.outbrain.com/ 		2 B
292 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mcdp-nydc1.outbrain.com/l?token=faaf9ddc39e63ff0dd1c56b89d756980_34971_1628746256615&tm=1193&eT=0&widgetWidth=610&widgetHeight=187&widgetX=325&widgetY=2266&tpcs=0&wRV=2000411&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&cheq=2&rtt=452&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
70.42.32.159 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin
*
Date
Thu, 12 Aug 2021 05:30:57 GMT
content-encoding
gzip
X-TraceId
70c208363f4aea1bee272f8377167096
Content-Type
text/plain; charset=UTF-8
Content-Length
28
access-control-expose-headers
content-range
obUserSync.html
widgets.outbrain.com/widgetOBUserSync/ Frame 017F 		16 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
7089c796d42d5291ff30fc68dae8c6eb7421a981e50a97be21e944a14a748e37

Request headers

:method
GET
:authority
widgets.outbrain.com
:scheme
https
:path
/widgetOBUserSync/obUserSync.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.krtv.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.krtv.com/

Response headers

accept-ranges
bytes
content-type
text/html
etag
"726142524cccddd57bfda1d4261e4542:1628517003.883745"
last-modified
Mon, 09 Aug 2021 13:49:56 GMT
server
AkamaiNetStorage
vary
Accept-Encoding
content-encoding
gzip
cache-control
max-age=86400
expires
Fri, 13 Aug 2021 05:30:56 GMT
date
Thu, 12 Aug 2021 05:30:56 GMT
content-length
5598
timing-allow-origin
* *
access-control-allow-credentials
false
access-control-allow-methods
GET,POST
access-control-allow-origin
*
set-cookie
akacd_widgets_routing=1628746256~rv=16~id=c2417cf618b142a10276687500ca3131; path=/; Expires=Thu, 12 Aug 2021 05:30:56 GMT; Secure; SameSite=None
streamFeed.js
widgets.outbrain.com/nanoWidget/2000411/module/ 		56 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.outbrain.com/nanoWidget/2000411/module/streamFeed.js?e=1
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-190.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
d832de4bd32996eb1682ccfc3671070cb2ff81240cf9dd8825b9fb41e83bdd4e

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 05:30:56 GMT
content-encoding
gzip
last-modified
Wed, 11 Aug 2021 07:19:55 GMT
server
AkamaiNetStorage
etag
"82de6b1eb5d5829f4d8f583429a6742a:1628667614.425088"
vary
Accept-Encoding
access-control-allow-methods
GET,POST
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=345600
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
18470
eyJpdSI6Ijg4ZTg3MWQzZmRhNGVlNGEyMzYzZGJhODczNDQzMjZiY2M1YmIxN2M3MDc4MWI0ZWE3OTBjZmM0YTZlYTUyNjUiLCJ3IjoyNDAsImgiOjEzNSwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.outbrainimg.com/transform/v3/eyJpdSI6Ijg4ZTg3MWQzZmRhNGVlNGEyMzYzZGJhODczNDQzMjZiY2M1YmIxN2M3MDc4MWI0ZWE3OTBjZmM0YTZlYTUyNjUiLCJ3IjoyNDAsImgiOjEzNSwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by
Host: www.krtv.com
URL: https://www.krtv.com/news/national/accenture-restores-systems-following-reported-ransomware-attack
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-28.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f8255630ee1ad75043942dec345def487b735ee2bba1556e85a9f0847a24f2ba

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 05:30:57 GMT
cache-control
max-age=2462400
last-modified
Tue, 10 Aug 2021 14:58:03 GMT
x-traceid
1de7e026705aaaa17d44a20645fb929
timing-allow-origin
*
content-length
23512
content-type
image/webp
integrator.js
adservice.google.pl/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.pl/adsid/integrator.js?domain=www.krtv.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 12 Aug 2021 05:30:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.krtv.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 12 Aug 2021 05:30:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		62 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3168326454339857&correlator=1746153428242740&output=ldjh&impl=fifs&eid=31062148%2C31062188%2C21068030%2C20211866%2C31062248&vrg=2021080901&ptt=17&sc=1&sfv=1-0-38&ecs=20210812&iu_parts=6088%2Cssp.krtv%2Cnews%2Cnational%2Cdetail&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2C%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=300x250%2C970x250%7C728x90%7C970x90%7C994x30%7C10x1&prev_scp=kw%3DDid%2520the%2520ransomware%2520attack%2520affect%2520assenture%252CWhat%2520company%2520was%2520hit%2520by%2520a%2520ransomware%2520attack%252CWhat%2520is%2520a%2520ransomware%2520attack%26categories%3Du.s.%2520and%2520the%2520world%26pt%3Ddetail%252Cfalse%26fname%3Daccenture-restores-systems-following-reported-ransomware-attack%26site%3Dprod%26device%3Ddesktop%26pos%3Dabove%252C2%26au%3Dnews%252Fnational%252Fdetail%26refresh%3D0%26temp%3D60-69%26weather%3Dclear%26m_mv%3DslotNoHistData%26m_gv%3DslotNoHistData%26amznbid%3D2%26amznp%3D2%7Ckw%3DDid%2520the%2520ransomware%2520attack%2520affect%2520assenture%252CWhat%2520company%2520was%2520hit%2520by%2520a%2520ransomware%2520attack%252CWhat%2520is%2520a%2520ransomware%2520attack%26categories%3Du.s.%2520and%2520the%2520world%26pt%3Ddetail%252Cfalse%26fname%3Daccenture-restores-systems-following-reported-ransomware-attack%26site%3Dprod%26device%3Ddesktop%26pos%3Dabove%252C2%26au%3Dnews%252Fnational%252Fdetail%26refresh%3D0%26temp%3D60-69%26weather%3Dclear%26m_mv%3DslotNoHistData%26m_gv%3DslotNoHistData%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData&cookie_enabled=1&bc=31&abxe=1&lmt=1628746256&dt=1628746256824&dlt=1628746254947&idt=1388&frm=20&biw=1600&bih=1200&oid=3&adxs=325%2C-12245933&adys=1971%2C-12245933&adks=2480863677%2C2499695696&ucis=1%7C2&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.krtv.com%2Fnews%2Fnational%2Faccenture-restores-systems-following-reported-ransomware-attack&vis=1&dmc=8&scr_x=0&scr_y=0&psz=610x30%7C1500x0&msz=610x30%7C970x0&ga_vid=1106780276.1628746255&ga_sid=1628746257&ga_hid=341697297&ga_fc=false&fws=4%2C132&ohw=1070%2C1600&btvi=1%7C-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
d031cfa0b3ffa85e6992c7670701a4c9269b5205ea8417c1b7df078d3a4bc1f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 05:30:57 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12633
x-xss-protection
0
google-lineitem-id
5622845236,5659808055
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138340446145,138305138268
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.krtv.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
9e10fba2caf64a2003141bd5460a3e52.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D677 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://9e10fba2caf64a2003141bd5460a3e52.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
9e10fba2caf64a2003141bd5460a3e52.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.krtv.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.krtv.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Thu, 12 Aug 2021 05:30:56 GMT
expires
Fri, 12 Aug 2022 05:30:56 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
ads
securepubads.g.doubleclick.net/gampad/ 		141 KB
35 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3168326454339857&correlator=4189657935116433&output=ldjh&impl=fifs&eid=31062148%2C31062188%2C21068030%2C20211866%2C31062248&vrg=2021080901&ptt=17&sc=1&sfv=1-0-38&ecs=20210812&iu_parts=6088%2Cssp.krtv%2Cinview-bottom%2Cnews%2Cnational%2Cdetail&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2F4%2F5&prev_iu_szs=728x90%2C300x600%7C300x250&prev_scp=kw%3DDid%2520the%2520ransomware%2520attack%2520affect%2520assenture%252CWhat%2520company%2520was%2520hit%2520by%2520a%2520ransomware%2520attack%252CWhat%2520is%2520a%2520ransomware%2520attack%26categories%3Du.s.%2520and%2520the%2520world%26pt%3Ddetail%252Cfalse%26fname%3Daccenture-restores-systems-following-reported-ransomware-attack%26site%3Dprod%26device%3Ddesktop%26pos%3Dabove%252C1%26au%3Dnews%252Fnational%252Fdetail%26refresh%3D0%26temp%3D60-69%26weather%3Dclear%26m_mv%3DslotNoHistData%26m_gv%3DslotNoHistData%26amznbid%3D2%26amznp%3D2%7Ckw%3DDid%2520the%2520ransomware%2520attack%2520affect%2520assenture%252CWhat%2520company%2520was%2520hit%2520by%2520a%2520ransomware%2520attack%252CWhat%2520is%2520a%2520ransomware%2520attack%26categories%3Du.s.%2520and%2520the%2520world%26pt%3Ddetail%252Cfalse%26fname%3Daccenture-restores-systems-following-reported-ransomware-attack%26site%3Dprod%26device%3Ddesktop%26pos%3Dabove%252C1%26au%3Dnews%252Fnational%252Fdetail%26refresh%3D0%26temp%3D60-69%26weather%3Dclear%26m_mv%3DslotNoHistData%26m_gv%3DslotNoHistData%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=m_data%3D1%26m_safety%3Dsafe%26m_categories%3Dmoat_safe%26m_mv%3DnoHistData%26m_gv%3DnoHistData&cookie_enabled=1&bc=31&abxe=1&lmt=1628746256&dt=1628746256842&dlt=1628746254947&idt=1388&frm=20&biw=1600&bih=1200&oid=3&adxs=-12245933%2C975&adys=-12245933%2C888&adks=3550835547%2C973898831&ucis=3%7C4&ifi=3&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.krtv.com%2Fnews%2Fnational%2Faccenture-restores-systems-following-reported-ransomware-attack&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x0%7C300x30&msz=1600x-1%7C300x30&ga_vid=1106780276.1628746255&ga_sid=1628746257&ga_hid=341697297&ga_fc=false&fws=644%2C4&ohw=1600%2C1070&btvi=-1%7C0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..
Requested by
Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
1c7478b420a4a6a35f4e6696e4fc5bdd2966e110e1b14b6bd003c160d9466edb
Security Headers
Name Value
Content-Security-Policy child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5987506414646646927/728x90/728x90_wawel_.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5987506414646646927/728x90/728x90_wawel_.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CNbbydDgqvICFb3Guwgd-SgADA&gqi=&layout=/sadbundle/%24csp%253Der3%24/5987506414646646927/728x90/728x90_wawel_.html
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5987506414646646927/728x90/728x90_wawel_.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/5987506414646646927/728x90/728x90_wawel_.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CNbbydDgqvICFb3Guwgd-SgADA&gqi=&layout=/sadbundle/%24csp%253Der3%24/5987506414646646927/728x90/728x90_wawel_.html
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
google-creative-id
-1,138340446145
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35830
x-xss-protection
0
google-lineitem-id
-1,5622845236
pragma
no-cache
server
cafe
google-mediationtag-id
-2
date
Thu, 12 Aug 2021 05:30:57 GMT
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.krtv.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ao
capi.connatix.com/tr/ Frame B15F 		0
293 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/ao?v=126004
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.22.136.188 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-22-136-188.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data

Response headers

Date
Thu, 12 Aug 2021 05:30:56 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
multipart/form-data
Access-Control-Allow-Origin
https://www.krtv.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
g
capi.connatix.com/rtb/ Frame B15F 		194 B
415 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/rtb/g?v=126004
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.22.136.188 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-22-136-188.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
4d628beb65d976eea6cbacedd1b2df781aec53144e2bef80a4c7d54666a02b07

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data

Response headers

Date
Thu, 12 Aug 2021 05:30:57 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
multipart/form-data
Access-Control-Allow-Origin
https://www.krtv.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
141
ps
capi.connatix.com/tr/ Frame B15F 		0
293 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/ps?v=126004
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.22.136.188 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-22-136-188.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data

Response headers

Date
Thu, 12 Aug 2021 05:30:57 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
multipart/form-data
Access-Control-Allow-Origin
https://www.krtv.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
13a145b3-3acd-4d5a-843a-52a95ace97b8.jpg
img.connatix.com/d7a009c2-4d20-4d8f-9657-3d04b3ea8823/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/d7a009c2-4d20-4d8f-9657-3d04b3ea8823/13a145b3-3acd-4d5a-843a-52a95ace97b8.jpg?crop=600:338,smart&width=600&height=338&format=jpeg&quality=60&fit=crop
Requested by
Host: www.krtv.com
URL: https://www.krtv.com/news/national/accenture-restores-systems-following-reported-ransomware-attack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
aa230dbc2e6dbb83a6847e51b732aeac804ef9ddb6cefac140ca3f01c73f63b5

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 05:30:58 GMT
age
7349
etag
"NVhQtNRNEx9AlB0qyAv+e4vvAKd8W/42wrcIKJL4Em8"
access-control-max-age
86400
fastly-io-info
ifsz=63948 idim=1280x720 ifmt=jpeg ofsz=26704 odim=600x338 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/jpeg
content-length
26704
9a38d4cd-9a9a-438e-a98b-17bf7a956704.jpg
img.connatix.com/d7a009c2-4d20-4d8f-9657-3d04b3ea8823/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/d7a009c2-4d20-4d8f-9657-3d04b3ea8823/9a38d4cd-9a9a-438e-a98b-17bf7a956704.jpg?crop=600:338,smart&width=600&height=338&format=jpeg&quality=60&fit=crop
Requested by
Host: www.krtv.com
URL: https://www.krtv.com/news/national/accenture-restores-systems-following-reported-ransomware-attack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
8eb8f70a2bca6a89ab22a65dc25e24ff758a400b26bbcfbefc08f4495c224b8d

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 05:30:58 GMT
age
7349
etag
"ZDeaIrgNfjUnubiOxsCPe0WWUsugAo3UxsB04irjQkE"
access-control-max-age
86400
fastly-io-info
ifsz=89561 idim=1280x720 ifmt=jpeg ofsz=31374 odim=600x338 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/jpeg
content-length
31374
64e4cb3c-dd9e-47fb-a9f8-73277494fd64.jpg
img.connatix.com/d7a009c2-4d20-4d8f-9657-3d04b3ea8823/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/d7a009c2-4d20-4d8f-9657-3d04b3ea8823/64e4cb3c-dd9e-47fb-a9f8-73277494fd64.jpg?crop=600:338,smart&width=600&height=338&format=jpeg&quality=60&fit=crop
Requested by
Host: www.krtv.com
URL: https://www.krtv.com/news/national/accenture-restores-systems-following-reported-ransomware-attack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7dba2207d5d1a8f277b88b6b88789f16b4e27ffc538afd3a60f6bcbeb65b6e84

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 05:30:58 GMT
age
7348
etag
"+XX8Y8HedvcCnoHPs6Jo7o0EHbMVXnFKnl/pqnT/WUo"
access-control-max-age
86400
fastly-io-info
ifsz=93633 idim=1280x720 ifmt=jpeg ofsz=32561 odim=600x338 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/jpeg
content-length
32561
ff4ffc9c-7e8c-4bbe-9540-2c0051029c18.jpg
img.connatix.com/d7a009c2-4d20-4d8f-9657-3d04b3ea8823/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/d7a009c2-4d20-4d8f-9657-3d04b3ea8823/ff4ffc9c-7e8c-4bbe-9540-2c0051029c18.jpg?crop=600:338,smart&width=600&height=338&format=jpeg&quality=60&fit=crop
Requested by
Host: www.krtv.com
URL: https://www.krtv.com/news/national/accenture-restores-systems-following-reported-ransomware-attack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
5b954d6ada36a93220095ee44d51ade4f29853b00d76774a98c04193172d813d

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 05:30:58 GMT
age
7348
etag
"QQgd9nFrXV/67PxKzkBkK+M3dLCzdk5Rv4N+PSWrB64"
access-control-max-age
86400
fastly-io-info
ifsz=32786 idim=1280x720 ifmt=jpeg ofsz=9075 odim=600x338 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/jpeg
content-length
9075
aafccbac-ca5e-4a38-a3fd-b0cde82e5559.jpg
img.connatix.com/d7a009c2-4d20-4d8f-9657-3d04b3ea8823/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/d7a009c2-4d20-4d8f-9657-3d04b3ea8823/aafccbac-ca5e-4a38-a3fd-b0cde82e5559.jpg?crop=600:338,smart&width=600&height=338&format=jpeg&quality=60&fit=crop
Requested by
Host: www.krtv.com
URL: https://www.krtv.com/news/national/accenture-restores-systems-following-reported-ransomware-attack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
12a6209d4ab9b696ebeb6d314847185740cadbc1720b21eb0e03ab0de8b7205d

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 05:30:58 GMT
age
7348
etag
"DMa1jmkYcVfxcf/Sor1dMDB4NXEv94fkzhAEUZv3rzs"
access-control-max-age
86400
fastly-io-info
ifsz=95761 idim=1280x720 ifmt=jpeg ofsz=33957 odim=600x338 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/jpeg
content-length
33957
13a145b3-3acd-4d5a-843a-52a95ace97b8.jpg
img.connatix.com/d7a009c2-4d20-4d8f-9657-3d04b3ea8823/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/d7a009c2-4d20-4d8f-9657-3d04b3ea8823/13a145b3-3acd-4d5a-843a-52a95ace97b8.jpg?crop=600:410,smart&width=600&height=410&format=jpeg&quality=60&fit=crop
Requested by
Host: www.krtv.com
URL: https://www.krtv.com/news/national/accenture-restores-systems-following-reported-ransomware-attack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
1e6e3a3cd926b14f0f80fdc2d09ea42cb7e51f933ddda26b2683b010c7595927

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 05:30:58 GMT
age
7349
etag
"G97DfRh/6+2pbtlUjT7+ZCGMe8cunMxdF2MnDLMI5H8"
access-control-max-age
86400
fastly-io-info
ifsz=63948 idim=1280x720 ifmt=jpeg ofsz=28478 odim=600x410 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/jpeg
content-length
28478
19e380df-4ec7-4388-b718-703a37009a33_360_h264.mp4
vid.connatix.com/d7a009c2-4d20-4d8f-9657-3d04b3ea8823/ 		92 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/d7a009c2-4d20-4d8f-9657-3d04b3ea8823/19e380df-4ec7-4388-b718-703a37009a33_360_h264.mp4
Requested by
Host: www.krtv.com
URL: https://www.krtv.com/news/national/accenture-restores-systems-following-reported-ransomware-attack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.krtv.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

date
Thu, 12 Aug 2021 05:30:57 GMT
last-modified
Thu, 12 Aug 2021 03:17:12 GMT
age
7850
etag
"6103b1717d80756ad25667b10e04db3e"
access-control-max-age
86400
content-type
video/mp4
Content-Range
bytes 0-926756/926757
cache-control
public,max-stale=31557600,stale-while-revalidate= 31557600, immutable,max-age=31557600
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
926757
2aa3498a-9f70-4a78-a5e5-12bf5c71108d_360_h264.mp4
vid.connatix.com/d7a009c2-4d20-4d8f-9657-3d04b3ea8823/ 		115 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/d7a009c2-4d20-4d8f-9657-3d04b3ea8823/2aa3498a-9f70-4a78-a5e5-12bf5c71108d_360_h264.mp4
Requested by
Host: www.krtv.com
URL: https://www.krtv.com/news/national/accenture-restores-systems-following-reported-ransomware-attack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.krtv.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

date
Thu, 12 Aug 2021 05:30:57 GMT
last-modified
Thu, 12 Aug 2021 03:18:22 GMT
age
7850
etag
"2bfdacb0a59fff574ac17a53258c9a49"
access-control-max-age
86400
content-type
video/mp4
Content-Range
bytes 0-864376/864377
cache-control
public,max-stale=31557600,stale-while-revalidate= 31557600, immutable,max-age=31557600
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
864377
65598c17-f040-475b-aaf7-125b0ec77098_360_h264.mp4
vid.connatix.com/d7a009c2-4d20-4d8f-9657-3d04b3ea8823/ 		64 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/d7a009c2-4d20-4d8f-9657-3d04b3ea8823/65598c17-f040-475b-aaf7-125b0ec77098_360_h264.mp4
Requested by
Host: www.krtv.com
URL: https://www.krtv.com/news/national/accenture-restores-systems-following-reported-ransomware-attack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.krtv.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

date
Thu, 12 Aug 2021 05:30:57 GMT
last-modified
Thu, 12 Aug 2021 03:17:05 GMT
age
7850
etag
"a061b99d7fdc252c97870917fbfb6cdc"
access-control-max-age
86400
content-type
video/mp4
Content-Range
bytes 0-823162/823163
cache-control
public,max-stale=31557600,stale-while-revalidate= 31557600, immutable,max-age=31557600
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
823163
309f1c5b-e0cf-4ed6-b621-f98eb6ab56b5_360_h264.mp4
vid.connatix.com/d7a009c2-4d20-4d8f-9657-3d04b3ea8823/ 		64 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/d7a009c2-4d20-4d8f-9657-3d04b3ea8823/309f1c5b-e0cf-4ed6-b621-f98eb6ab56b5_360_h264.mp4
Requested by
Host: www.krtv.com
URL: https://www.krtv.com/news/national/accenture-restores-systems-following-reported-ransomware-attack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.krtv.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

date
Thu, 12 Aug 2021 05:30:57 GMT
last-modified
Thu, 12 Aug 2021 03:16:51 GMT
age
7850
etag
"20741aca10d3b224badd6b913524d70f"
access-control-max-age
86400
content-type
video/mp4
Content-Range
bytes 0-1033466/1033467
cache-control
public,max-stale=31557600,stale-while-revalidate= 31557600, immutable,max-age=31557600
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
1033467
5c947d14-58b7-4ad2-a922-5612684d3a30_360_h264.mp4
vid.connatix.com/d7a009c2-4d20-4d8f-9657-3d04b3ea8823/ 		64 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/d7a009c2-4d20-4d8f-9657-3d04b3ea8823/5c947d14-58b7-4ad2-a922-5612684d3a30_360_h264.mp4
Requested by
Host: www.krtv.com
URL: https://www.krtv.com/news/national/accenture-restores-systems-following-reported-ransomware-attack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.krtv.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=0-

Response headers

date
Thu, 12 Aug 2021 05:30:57 GMT
last-modified
Thu, 12 Aug 2021 03:17:00 GMT
age
7850
etag
"5edb87f957173d12a667e131b0b9e1d5"
access-control-max-age
86400
content-type
video/mp4
Content-Range
bytes 0-878857/878858
cache-control
public,max-stale=31557600,stale-while-revalidate= 31557600, immutable,max-age=31557600
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
878858
get
mv.outbrain.com/Multivac/api/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mv.outbrain.com/Multivac/api/get?url=https%3A%2F%2Fwww.krtv.com%2Fnews%2Fnational%2Faccenture-restores-systems-following-reported-ransomware-attack&settings=true&recs=true&widgetJSId=AR_11&key=NANOWDGT01&version=2000411&apv=true&sig=0WtneniW&format=html&rand=38638&pdobuid=-1&osLang=en-US&va=true&et=true&cmpStat=0&ccpaStat=0&scrW=1600&scrH=1200&t=ZmFhZjlkZGMzOWU2M2ZmMGRkMWM1NmI4OWQ3NTY5ODA=&winW=1600&winH=1200&adblck=false&abwl=false&secured=true&feedIdx=0&lastIdx=0&lastCardIdx=0&fAB=11523-77045&layeredTestInfo=11523-77045-&clss=9YLYf5neb5ZnJLRKf3agOg%2FkJyFFqfsvf3uKV3FFMIyupt8a9rx8qwlyj121Z4g4ZLan05o8FkgkY7OR&pcer=p%3DJXTlnKhxjTeGNCjFTwthXg0Br0JcZsjd-36AYJkFvIY%26c%3D1814a393%26v%3D3&dpr=1&cw=610
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/2000411/module/streamFeed.js?e=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
b150e9b51d0826ff08bcf6befab2e4b0be6d6440007fb9d06f8dd1664c90af57

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 05:30:57 GMT
via
1.1 varnish, 1.1 varnish
traffic-path
NYDC1, LGA, HHN, Europe1
x-timer
S1628746257.299939,VS0,VE181
accept-ranges
bytes
vary
Accept-Encoding, User-Agent
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
backend-ip
157.52.117.27
expires
Thu, 01 Jan 1970 00:00:00 GMT
x-cache-hits
0, 0
x-traceid
50d2f4aa7685d20378379b42360bab1a
content-encoding
gzip
content-length
1531
x-served-by
cache-lga21927-LGA, cache-hhn4032-HHN
beacon.js
sb.scorecardresearch.com/ Frame 017F 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.73.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 05:24:11 GMT
via
1.1 e328b143eb69c36369a2def78300d502.cloudfront.net (CloudFront)
etag
"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
714
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
AMS1-C1
accept-ranges
bytes
content-length
1469
x-amz-cf-id
B4kxkyZMDO7Vza87qZmw8MUEDeQrx4v81h0w8g6oOvp6yiUw-mg5eg==
b
sb.scorecardresearch.com/ Frame 017F 		0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=7&c2=14320224&c3=34971&cs_ucfr=1&ns__t=1628746256983&ns_c=UTF-8&ns_if=1&cv=3.5&c8=OB%20user%20sync&c7=https%3A%2F%2Fwidgets.outbrain.com%2FwidgetOBUserSync%2FobUserSync.html%23pid%3D34971%26dmpenabled%3Dfalse%26filterDMP%3D%26csenabled%3Dtrue%26d%3D%26obcnsnt%3Dfalse%26gdpr%3D1%26cmpNeeded%3Dfalse%26gdprVer%3Dnull%26ccpa%3D1---%26country%3DPL&c9=https%3A%2F%2Fwww.krtv.com%2F
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/widgetOBUserSync/obUserSync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.73.82 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://widgets.outbrain.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 05:30:57 GMT
via
1.1 e328b143eb69c36369a2def78300d502.cloudfront.net (CloudFront)
x-amz-cf-pop
AMS1-C1
etag
W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id
lr6mJ5EiN1x7Q5CJoBlfEf4EVD3RHWQpCiyIMr0q25UBNKVBiTEQ2A==
x-cache
Miss from cloudfront
pw.js
includemodal.global.ssl.fastly.net/ Frame 0360 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://includemodal.global.ssl.fastly.net/pw.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
82c9a9d618cff7524ed4bd447c2ab28e8135b770ee14267e4dc699d1c3a0d20a

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Zi6SAP3F02lE40PrkD.rE0hX9.xAg1QP
Content-Encoding
gzip
ETag
"57fc0e97a8dfc61ae25824300663d895"
Age
1976
X-Cache
HIT
Connection
keep-alive
Content-Length
9175
x-amz-id-2
K8yyKnkzBEDWGN4ntWjadeALa/NyAFEqhciEwBH9zbrf16yCQAKXhxDQDN7oxPEn6sGIYBM0Uu4=
X-Served-By
cache-hhn4042-HHN
Last-Modified
Thu, 08 Jul 2021 04:21:17 GMT
Server
AmazonS3
X-Timer
S1628746257.287806,VS0,VE0
Date
Thu, 12 Aug 2021 05:30:57 GMT
Vary
Accept-Encoding
x-amz-request-id
H1Y2MT0EV1BD3WTQ
Via
1.1 varnish
Accept-Ranges
bytes
Content-Type
application/javascript
X-Cache-Hits
28
moatad.js
z.moatads.com/ewscrippsdfp76939516016/ Frame 0360 		304 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/ewscrippsdfp76939516016/moatad.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
df662c66d54c4aa2a02ee601df418a868a32985c67a2a31d70092fbd810d05e5

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 05:30:57 GMT
content-encoding
gzip
last-modified
Tue, 10 Aug 2021 14:37:11 GMT
server
AmazonS3
x-amz-request-id
4M7SRNYYMHS1QK5H
etag
"b4f6ffcdbedd52b0ab6e85c39ffcf4f2"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=10106
accept-ranges
bytes
content-length
105321
x-amz-id-2
1HceoD2Vq9U8VIFKSTNeCLjlsxfVA13kvFpwIvIvUbu7L7Jkeci08/o9+rA/FhmExV17lQ5t1e8=
9626570800496866571
tpc.googlesyndication.com/simgad/ Frame 0360 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/9626570800496866571
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ac24f6da3052bc282c8a798d300917cd82ed03e88fce74804dc42666b77ede00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Aug 2021 14:34:59 GMT
x-content-type-options
nosniff
age
485758
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49003
x-xss-protection
0
last-modified
Wed, 17 Feb 2021 16:31:40 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 06 Aug 2022 14:34:59 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/ Frame 0360 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 05:16:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
870
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 26 Aug 2021 05:16:27 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0360 		124 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87e9cb4cbda54b2611883c0963d41adcd7c9d4eda558e452c76991b875eeffad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 05:30:57 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1628508775336984"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38212
x-xss-protection
0
expires
Thu, 12 Aug 2021 05:30:57 GMT
l
www.google.com/ads/measurement/ Frame 0360 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaS6JeKQ1g6-byNwJLIv9PIXIdqArz3pZftZdlv8OrGYn9-YifiRLcsEa4fzU8lnSNCr_7tdaYP9Q3x1SQmQd5ELt0aTYQ
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
event
prebid-a.rubiconproject.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Server
35.156.113.115 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-113-115.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.krtv.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 12 Aug 2021 05:30:57 GMT
content-length
0
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
access-control-allow-origin
*
access-control-allow-methods
POST
access-control-allow-headers
content-type
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
moatad.js
z.moatads.com/ewscrippsdfp76939516016/ Frame 5451 		304 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/ewscrippsdfp76939516016/moatad.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
df662c66d54c4aa2a02ee601df418a868a32985c67a2a31d70092fbd810d05e5

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 05:30:57 GMT
content-encoding
gzip
last-modified
Tue, 10 Aug 2021 14:37:11 GMT
server
AmazonS3
x-amz-request-id
4M7SRNYYMHS1QK5H
etag
"b4f6ffcdbedd52b0ab6e85c39ffcf4f2"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=10106
accept-ranges
bytes
content-length
105321
x-amz-id-2
1HceoD2Vq9U8VIFKSTNeCLjlsxfVA13kvFpwIvIvUbu7L7Jkeci08/o9+rA/FhmExV17lQ5t1e8=
pw.js
includemodal.global.ssl.fastly.net/ Frame 5451 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://includemodal.global.ssl.fastly.net/pw.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
82c9a9d618cff7524ed4bd447c2ab28e8135b770ee14267e4dc699d1c3a0d20a

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Zi6SAP3F02lE40PrkD.rE0hX9.xAg1QP
Content-Encoding
gzip
ETag
"57fc0e97a8dfc61ae25824300663d895"
Age
1976
X-Cache
HIT
Connection
keep-alive
Content-Length
9175
x-amz-id-2
K8yyKnkzBEDWGN4ntWjadeALa/NyAFEqhciEwBH9zbrf16yCQAKXhxDQDN7oxPEn6sGIYBM0Uu4=
X-Served-By
cache-hhn4042-HHN
Last-Modified
Thu, 08 Jul 2021 04:21:17 GMT
Server
AmazonS3
X-Timer
S1628746257.335216,VS0,VE0
Date
Thu, 12 Aug 2021 05:30:57 GMT
Vary
Accept-Encoding
x-amz-request-id
H1Y2MT0EV1BD3WTQ
Via
1.1 varnish
Accept-Ranges
bytes
Content-Type
application/javascript
X-Cache-Hits
29
scripps_wallpaper_driver_v3.js
videoads.ewscloud.com/agency/retention/wallpaper/js/ Frame 5451 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://videoads.ewscloud.com/agency/retention/wallpaper/js/scripps_wallpaper_driver_v3.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-30.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a5e7bdeec32432f86e9a8349a1c2e359270a67e6b3a2b99a4058e2a977ff16a8

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
xV3Yy3zwRNCozBwOBhgVxeQFeXhU6_Bd
Via
1.1 eb1a8c1b1275e33a016e623478052111.cloudfront.net (CloudFront)
Last-Modified
Sat, 13 Mar 2021 01:12:33 GMT
Server
AmazonS3
Age
659
ETag
"03e4d7fd33600d00fb6034924ed4cd39"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Connection
keep-alive
Date
Thu, 12 Aug 2021 05:27:15 GMT
x-amz-replication-status
COMPLETED
X-Amz-Cf-Pop
FRA2-C2
Accept-Ranges
bytes
Content-Length
2692
X-Amz-Cf-Id
r0_1DvcgItSzTP97Z_cXRO48FYUB8hI-EphLmsU2Vlok-faXGVQBhw==
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 5451 		124 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87e9cb4cbda54b2611883c0963d41adcd7c9d4eda558e452c76991b875eeffad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 05:30:57 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1628508775336984"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38212
x-xss-protection
0
expires
Thu, 12 Aug 2021 05:30:57 GMT
osd.js
www.googletagservices.com/activeview/js/current/ 		73 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eecda7280d7a8779cb5ff8bf7459b430bf970052106a1c4b186ff2eddd8c82d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 05:30:57 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1628508781313717"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27998
x-xss-protection
0
expires
Thu, 12 Aug 2021 05:30:57 GMT
event
prebid-a.rubiconproject.com/ 		61 B
236 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Requested by
Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.113.115 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-113-115.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
edda75d7dc3a6104c5af0f926c5ae645ae25eb8c4f8a601c6d5293378e858a5c

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Thu, 12 Aug 2021 05:30:57 GMT
content-length
61
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/json;charset=UTF-8
container.html
9e10fba2caf64a2003141bd5460a3e52.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame EAFC 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://9e10fba2caf64a2003141bd5460a3e52.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
9e10fba2caf64a2003141bd5460a3e52.safeframe.googlesyndication.com
:scheme
https
:path
/safeframe/1-0-38/html/container.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.krtv.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.krtv.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
3108
date
Thu, 12 Aug 2021 05:30:56 GMT
expires
Fri, 12 Aug 2022 05:30:56 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, immutable, max-age=31536000
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
event
prebid-a.rubiconproject.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Protocol
H2
Server
35.156.113.115 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-113-115.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://www.krtv.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

date
Thu, 12 Aug 2021 05:30:57 GMT
content-length
0
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
access-control-allow-origin
*
access-control-allow-methods
POST
access-control-allow-headers
content-type
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
pw.js
includemodal.global.ssl.fastly.net/ Frame 54C4 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://includemodal.global.ssl.fastly.net/pw.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.1.194 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
82c9a9d618cff7524ed4bd447c2ab28e8135b770ee14267e4dc699d1c3a0d20a

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
Zi6SAP3F02lE40PrkD.rE0hX9.xAg1QP
Content-Encoding
gzip
ETag
"57fc0e97a8dfc61ae25824300663d895"
Age
1976
X-Cache
HIT
Connection
keep-alive
Content-Length
9175
x-amz-id-2
K8yyKnkzBEDWGN4ntWjadeALa/NyAFEqhciEwBH9zbrf16yCQAKXhxDQDN7oxPEn6sGIYBM0Uu4=
X-Served-By
cache-hhn4042-HHN
Last-Modified
Thu, 08 Jul 2021 04:21:17 GMT
Server
AmazonS3
X-Timer
S1628746257.387001,VS0,VE0
Date
Thu, 12 Aug 2021 05:30:57 GMT
Vary
Accept-Encoding
x-amz-request-id
H1Y2MT0EV1BD3WTQ
Via
1.1 varnish
Accept-Ranges
bytes
Content-Type
application/javascript
X-Cache-Hits
30
moatad.js
z.moatads.com/ewscrippsdfp76939516016/ Frame 54C4 		304 KB
103 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/ewscrippsdfp76939516016/moatad.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
df662c66d54c4aa2a02ee601df418a868a32985c67a2a31d70092fbd810d05e5

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 05:30:57 GMT
content-encoding
gzip
last-modified
Tue, 10 Aug 2021 14:37:11 GMT
server
AmazonS3
x-amz-request-id
4M7SRNYYMHS1QK5H
etag
"b4f6ffcdbedd52b0ab6e85c39ffcf4f2"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=10106
accept-ranges
bytes
content-length
105321
x-amz-id-2
1HceoD2Vq9U8VIFKSTNeCLjlsxfVA13kvFpwIvIvUbu7L7Jkeci08/o9+rA/FhmExV17lQ5t1e8=
9626570800496866571
tpc.googlesyndication.com/simgad/ Frame 54C4 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/9626570800496866571
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ac24f6da3052bc282c8a798d300917cd82ed03e88fce74804dc42666b77ede00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 06 Aug 2021 14:34:59 GMT
x-content-type-options
nosniff
age
485758
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49003
x-xss-protection
0
last-modified
Wed, 17 Feb 2021 16:31:40 GMT
server
sffe
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 06 Aug 2022 14:34:59 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/ Frame 54C4 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/window_focus_fy2019.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 05:18:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
748
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 26 Aug 2021 05:18:29 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 54C4 		124 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87e9cb4cbda54b2611883c0963d41adcd7c9d4eda558e452c76991b875eeffad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 05:30:57 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1628508775336984"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38212
x-xss-protection
0
expires
Thu, 12 Aug 2021 05:30:57 GMT
l
www.google.com/ads/measurement/ Frame 54C4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ9HmwmzrPh1Mq5ZmmoobfbFVJdsknnv-wD9f4Z3Wy9sVKfdtcuMZza3SL9EcgRyhQ1BiHMLhNcurdFBNoAi-_WiV5cag
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=17&i=CRACKED_SCRIPPS_DFP_PREBID_HEADER1&hp=1&zMoatAdUnit1=ssp.krtv&zMoatAdUnit2=inview-bottom&wf=1&ra=3&pxm=3&sgs=3&vb=4&kq=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&bq=11&f=0&j=&t=1628746255601&de=360691635100&rx=181927217430&m=0&ar=4790001-clean&iw=40ef2d8&q=1&cb=0&cu=1628746255601&ll=2&lm=0&ln=0&em=0&en=0&d=16839141%3A237842901%3A5250393788%3A138298488418&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.krtv.com%2Fnews%2Fnational%2Faccenture-restores-systems-following-reported-ransomware-attack&id=1&ii=4&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&gw=crackedscrippsdfpprebidheader262014341684&fd=1&ac=1&it=500&zMoatpage=-&zMoatpos=above%2C1&zMoatpt=detail%2Cfalse&pe=1%3A753%3A753%3A0%3A749&fs=193790&na=2095379016&cs=0
Requested by
Host: www.krtv.com
URL: https://www.krtv.com/news/national/accenture-restores-systems-following-reported-ransomware-attack
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Aug 2021 05:30:57 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 12 Aug 2021 05:30:57 GMT
event
prebid-a.rubiconproject.com/ 		61 B
236 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-a.rubiconproject.com/event
Requested by
Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.156.113.115 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-113-115.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
edda75d7dc3a6104c5af0f926c5ae645ae25eb8c4f8a601c6d5293378e858a5c

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Thu, 12 Aug 2021 05:30:57 GMT
content-length
61
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
application/json;charset=UTF-8
adview
securepubads.g.doubleclick.net/pagead/ Frame EAFC 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CrFa1ELIUYdaTN72N7_UP-dGAYNrFndpj2LXl1PkNurSs564PEAEg5pSFGGDp5MmF2BqgAfDokKADyAEJqQIkUx4n9zORPuACAKgDAcgDCKoEswJP0AxT9d4zy6SF_j4cwL38sYs6rsXkO3xImRTaJDm7gB1fzTWqmbaNvv9kRn0teJHDnFil1uypLnFZOUvT6PKOeRbdr_Q228n6MYhKJwAZ9m0vOPNo1B4u8jdgqn2EjF5TDa4dSr0Oz9T37xSTG4nwqp5FdkcE0lA8AWywmHOBTvguXmTfuPjxxo3Rbq59YdMViDxHqip9cHxBgG-y2yQn6hu6hlkale6x_vXzGqkIs86PJEbWksGqywjNhkkq7KNbx0jsN01sFKRY3_Df6xmeJRsa3Nb9RkJVqa_gGdJuJgqOD4N0qJm2PvxUWDIS0WY4IDFFoPXN_7owOELedMh_0E8buz3FL0LiosMgjYGqA9hGUZML7G7OSQ3_LdSXBbNDL3CJzEZN7P81cAFiabg3bwkbwATT27qd5QPgBAGSBQQIBBgBkgUECAUYBKAGLoAH-JbvX6gH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHBBDVpgLSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTk5NjgzMDYwODIwNDg0MjeACgPICwHYEw3QFQGYFgGAFwGyFx4KHAgAEhRwdWItODQxNDYyNzI4MDA1NDU5MxitixE&sigh=CVXSNuDEp5o&template_id=419
Requested by
Host: www.krtv.com
URL: https://www.krtv.com/news/national/accenture-restores-systems-following-reported-ransomware-attack
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Referer
https://9e10fba2caf64a2003141bd5460a3e52.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210809/r20110914/ Frame EAFC 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210809/r20110914/abg_lite_fy2019.js
Requested by
Host: 9e10fba2caf64a2003141bd5460a3e52.safeframe.googlesyndication.com
URL: https://9e10fba2caf64a2003141bd5460a3e52.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
83cd4afc0672833e8ac46854de805cda18237894e6d5193111af3e2e866a7a3a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9e10fba2caf64a2003141bd5460a3e52.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 05:28:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
144
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7614
x-xss-protection
0
server
cafe
etag
9899176843389144697
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 26 Aug 2021 05:28:33 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/ Frame EAFC 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/window_focus_fy2019.js
Requested by
Host: 9e10fba2caf64a2003141bd5460a3e52.safeframe.googlesyndication.com
URL: https://9e10fba2caf64a2003141bd5460a3e52.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9e10fba2caf64a2003141bd5460a3e52.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 05:18:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
748
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1339
x-xss-protection
0
server
cafe
etag
2275704724217174249
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 26 Aug 2021 05:18:29 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame EAFC 		124 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 9e10fba2caf64a2003141bd5460a3e52.safeframe.googlesyndication.com
URL: https://9e10fba2caf64a2003141bd5460a3e52.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87e9cb4cbda54b2611883c0963d41adcd7c9d4eda558e452c76991b875eeffad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9e10fba2caf64a2003141bd5460a3e52.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 05:30:57 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1628508775336984"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38212
x-xss-protection
0
expires
Thu, 12 Aug 2021 05:30:57 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/ Frame EAFC 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20210809/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 9e10fba2caf64a2003141bd5460a3e52.safeframe.googlesyndication.com
URL: https://9e10fba2caf64a2003141bd5460a3e52.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c30f9db6ce74a9fadf8de7de2ae7e23428d3c043f576184c391908f8154d2f7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9e10fba2caf64a2003141bd5460a3e52.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 05:25:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
351
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6204
x-xss-protection
0
server
cafe
etag
11055049251678278959
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 26 Aug 2021 05:25:06 GMT
l
www.google.com/ads/measurement/ Frame EAFC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTDdDpkeYZhAACI5FWQ7wZY_jgY2AnwRWKj0Mp1THPrQtZ629Aiyno0LoL6MavaHH7BymWWbfGmSCx9E8PYJItJCvTV-Q
Requested by
Host: 9e10fba2caf64a2003141bd5460a3e52.safeframe.googlesyndication.com
URL: https://9e10fba2caf64a2003141bd5460a3e52.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://9e10fba2caf64a2003141bd5460a3e52.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
view
securepubads.g.doubleclick.net/pcs/ Frame 0360 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstkUqkGUKgrITRTf2NO98--locqH-tnLfE5ssOIaLghCbeI2w1c3gSvd9Czt71IkkJRSWq6lqCzctfXXfaf-zffHMCfaFrTiGLEFjqx-hvKRvu0Ow-VOmGcmr0QN7ccE0RUrZHdsrnAzN2vSn0Wk665wdW8rOkmHa75vpYaDHZgZWhlTANDOcx-FZaL6ZtAxqHLxoZZg1J9ynifviEKsHx-zsgeQYT1wkCmyLNWUDdHseRB6-ei5MsAwRG2VXW3THSK6lU9kn87-n6jcWPK9CERIXPhzNwBkv3sbiO2OuPKEgZdWiKGmqV167mjMDbIndT6eVdm83Y&sig=Cg0ArKJSzBMGV7fRuV3AEAE&adurl=
Requested by
Host: www.krtv.com
URL: https://www.krtv.com/news/national/accenture-restores-systems-following-reported-ransomware-attack
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 12 Aug 2021 05:30:57 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
view
securepubads.g.doubleclick.net/pcs/ Frame 0360 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssMdqfh5lz775cE0wTzk5vnczwiachzMOPPYlGIPWzZDzxNbp9UFkna8q0366L0nbTuJS5lDwmZYc9QPY7YU364hBO5wZP40EyEr0ay8TNrb-HB7NPQEyLVj4YCyqxsbG2aDiqZWiTcENl3tB_3WUUHIt7lePaWGdyevbjLnFf-Y1Jasxi3fAs2sdj3wwudlp-gEKWZusfPhcTCO-04dZLLWVNVVjBFJdcsg0Yb7Hqf_7S32dPzCJQQA1eUdeeKYDB7JgbRXTEUh7D-K4lK3TNs6tg7Bc0DJjnhq4OQ0XclA4hr9ifUPzSiTCij-OsZ8XXeqEIBWTezTg&sig=Cg0ArKJSzGohJc05H-V4EAE&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 12 Aug 2021 05:30:57 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Thu, 12 Aug 2021 05:30:57 GMT
/
includemodal.com/service/imp/ff983cd0-6c28-474c-9cc4-7a5281d11e05/ Frame 0360 		42 B
132 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/service/imp/ff983cd0-6c28-474c-9cc4-7a5281d11e05/?rand=910749&referer=https://www.krtv.com/news/national/accenture-restores-systems-following-reported-ransomware-attack
Requested by
Host: www.krtv.com
URL: https://www.krtv.com/news/national/accenture-restores-systems-following-reported-ransomware-attack
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.119.22.231 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-119-22-231.us-east-2.compute.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 05:30:57 GMT
server
nginx/1.10.3 (Ubuntu)
content-length
42
content-type
image/gif
truncated
/ Frame 0360 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c19c8d3e884b312a53f113c54c234333a4d410cd00986263a193b35258aced09

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 5451 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvD_BJTIppMeMPxdWS2lNhyGrjEyb3Pt2tOnSFHFh8BJ9pBAIg10aoNKSfMQAIzogzyMD823yo3zcmw4Mm4e-5SPqfnFN6Y0fXjz9ZFFqwPJMTHCEexnaglqZ6-cluj8aG-WaVNnCXq_d14lQ05qmnqWCTpLK3vTP0JCUB8RuZH2m_SgBxibrLS6DWSnxCbGd_7ZqGslyNxfqU9LCBDLTe_eLdHSHd1n53fQvebzMMNKJ_SHNriO_Ch_w73Xe6JksOuORkSCFFjddRMZPBpqjSzbOmMOq2FkU1X1y16z7zr0Ahbc9fP0nDu_gz168D6f7op9WxPh8Y&sig=Cg0ArKJSzPdwfjzvL6FeEAE&urlfix=1&adurl=
Requested by
Host: www.krtv.com
URL: https://www.krtv.com/news/national/accenture-restores-systems-following-reported-ransomware-attack
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 12 Aug 2021 05:30:57 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
82897ea9-9a64-4558-9643-090994d6f825
https://www.krtv.com/ Frame 0360 		2 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.krtv.com/82897ea9-9a64-4558-9643-090994d6f825
Requested by
Host: www.krtv.com
URL: https://www.krtv.com/news/national/accenture-restores-systems-following-reported-ransomware-attack
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
785feac29ca49a8578ef880c201e269990a0a95a9d4de72503191cba3694a0e3

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
1590
Content-Type
application/javascript
1920x1400.jpg
videoads.ewscloud.com/agency/dca_projects/42000_44000/42098_KRTV_JNL_Auto_Repair/ 		440 KB
440 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://videoads.ewscloud.com/agency/dca_projects/42000_44000/42098_KRTV_JNL_Auto_Repair/1920x1400.jpg
Requested by
Host: www.krtv.com
URL: https://www.krtv.com/news/national/accenture-restores-systems-following-reported-ransomware-attack
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-30.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
37db9030137409c98fd2c5cb865fdf660d9311136497b1c91f7af119fbd68628

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id
KJ4B35TMb8oEiqM.4Ks1lzasxA6fAYt3
Via
1.1 eb1a8c1b1275e33a016e623478052111.cloudfront.net (CloudFront)
Last-Modified
Thu, 20 Feb 2020 15:04:36 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA2-C2
ETag
"74ceef943d8e5f2caebb73fc5010ce88"
X-Cache
RefreshHit from cloudfront
Content-Type
image/jpeg
Date
Thu, 12 Aug 2021 05:30:58 GMT
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
450270
X-Amz-Cf-Id
JeHrttO0v0eyYuPJBC-wMZ4xp6XgxzMJcdWYdyBXZs2elYw0rpEekQ==
/
includemodal.com/service/imp/ff983cd0-6c28-474c-9cc4-7a5281d11e05/ Frame 5451 		42 B
132 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/service/imp/ff983cd0-6c28-474c-9cc4-7a5281d11e05/?rand=876126&referer=https://www.krtv.com/news/national/accenture-restores-systems-following-reported-ransomware-attack
Requested by
Host: www.krtv.com
URL: https://www.krtv.com/news/national/accenture-restores-systems-following-reported-ransomware-attack
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.119.22.231 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-119-22-231.us-east-2.compute.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 05:30:57 GMT
server
nginx/1.10.3 (Ubuntu)
content-length
42
content-type
image/gif
truncated
/ Frame 5451 		207 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3301aec2d0144f8e224b35457ce9efed6bd9df1eaae3c57cc22d6210c2bd1bae

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 54C4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvSwFPGcFXCgsYbn7EmwFzRrjJDRWni4Y8VG8peyH4usZA9ami-ChSA2l4ciKuT3purkVrebSVtep80g5ayWI--_JJYKbO2iWjhR48oE-3h39LWT5T2PpCXro8SX3XzQru-hr5aydRb2jZrf44bDFFVEKXOPL96arYv7k3t9Nr3lM5LKJJHJ16EMC8249H3-Riq7MpOUlqb3lFJh0M4FGbVbQgXwbUhKJm57q6FUsSJKciK6X-_EjNTVRb7bm05uaKIA13YkHKymOBBmqAbt6jwJ8wJyeDYujHy3HFLIcIsB-7yPbmelU9uhwmyx7gQFSUj3DBEoDc&sig=Cg0ArKJSzFzRWg2jWB7hEAE&adurl=
Requested by
Host: www.krtv.com
URL: https://www.krtv.com/news/national/accenture-restores-systems-following-reported-ransomware-attack
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 12 Aug 2021 05:30:57 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
view
securepubads.g.doubleclick.net/pcs/ Frame 54C4 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuAuqynVNEu_Xz-VQ0DEv-fD7pT1_N5OEdDcK833WC00k5q11Uz9U3I-NXIiqBkAhXymesoeCUDxKbWZx9jHrAsWsn_7ZD4Aa15eFzELQhKjIhvl3bVNa20WwXP2K3TdOGgLizAdM93eHb7Z9t0HAxVfnb-HX-f-uddEqKHWsRKXc5mQPmszKMzn3fiJkbyK-xtwEOKEmA9TU03l8YPTcLK_k8mpOkgTvoCRT8-Rw7qFIZLr607kmchmsi6BWSeqBOxvMT64OuUDAfWFmvihZBPX0dc2pq-KwXjl5WQ656xsi4NlqXG-FMcrM6Q8qRzIzqPjx5-vxR8zg&sig=Cg0ArKJSzCK6v5WPtyP6EAE&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 12 Aug 2021 05:30:57 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Thu, 12 Aug 2021 05:30:57 GMT
/
includemodal.com/service/imp/ff983cd0-6c28-474c-9cc4-7a5281d11e05/ Frame 54C4 		42 B
133 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://includemodal.com/service/imp/ff983cd0-6c28-474c-9cc4-7a5281d11e05/?rand=149841&referer=https://www.krtv.com/news/national/accenture-restores-systems-following-reported-ransomware-attack
Requested by
Host: www.krtv.com
URL: https://www.krtv.com/news/national/accenture-restores-systems-following-reported-ransomware-attack
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.119.22.231 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-119-22-231.us-east-2.compute.amazonaws.com
Software
nginx/1.10.3 (Ubuntu) /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 05:30:57 GMT
server
nginx/1.10.3 (Ubuntu)
content-length
42
content-type
image/gif
truncated
/ Frame 54C4 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8b27ee447f7907101fd819173f01f91f4627b14017ec1d29820eb799ffcf52cb

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
2f0dd15b-4062-4681-baef-d49a3f4b98b3
https://www.krtv.com/ Frame 5451 		2 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.krtv.com/2f0dd15b-4062-4681-baef-d49a3f4b98b3
Requested by
Host: www.krtv.com
URL: https://www.krtv.com/news/national/accenture-restores-systems-following-reported-ransomware-attack
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
785feac29ca49a8578ef880c201e269990a0a95a9d4de72503191cba3694a0e3

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
1590
Content-Type
application/javascript
9d03e38f-0a23-4085-a295-f7a09542db15
https://www.krtv.com/ Frame 54C4 		2 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.krtv.com/9d03e38f-0a23-4085-a295-f7a09542db15
Requested by
Host: www.krtv.com
URL: https://www.krtv.com/news/national/accenture-restores-systems-following-reported-ransomware-attack
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
785feac29ca49a8578ef880c201e269990a0a95a9d4de72503191cba3694a0e3

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length
1590
Content-Type
application/javascript
s
googleads.g.doubleclick.net/pagead/drt/ Frame 0726 		143 B
230 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: 9e10fba2caf64a2003141bd5460a3e52.safeframe.googlesyndication.com
URL: https://9e10fba2caf64a2003141bd5460a3e52.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/s?v=r20120211
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://9e10fba2caf64a2003141bd5460a3e52.safeframe.googlesyndication.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUn1gIaz7GDwVuVtXZ6vgymorpsfmEzH3_xqw_tAn6fGC9sy7iAhW8V8WX-Rfyc
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://9e10fba2caf64a2003141bd5460a3e52.safeframe.googlesyndication.com/

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Thu, 12 Aug 2021 04:42:57 GMT
server
safe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
2880
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame EAFC 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0e5d14114cdc0eb27dc770531c9fb8b6097cbb65105574b6041de663e5e63d9d

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type
image/png
widgetGlobalEvent
log.outbrainimg.com/loggerServices/ 		4 B
325 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=050337248db9bd6bc75423f39688e2f4&pvId=faaf9ddc39e63ff0dd1c56b89d756980&sid=5385788&pid=34971&idx=2&wId=974&pad=0&org=0&tm=2076&eT=0&cnsnt=no_consent&widgetWidth=575&widgetHeight=0&widgetX=332&widgetY=3045&wRV=2000411&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&rtt=724&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.191 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 12 Aug 2021 05:30:57 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
fdba58faea274de476a0b4e8c15fab2f
Content-Length
4
Expires
0
widgetGlobalEvent
log.outbrainimg.com/loggerServices/ 		4 B
325 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=3582a5ab7bbd43223f3354b25ff2f50a&pvId=faaf9ddc39e63ff0dd1c56b89d756980&sid=5385788&pid=34971&idx=3&wId=975&pad=0&org=0&tm=2078&eT=0&cnsnt=no_consent&widgetWidth=575&widgetHeight=0&widgetX=332&widgetY=3045&wRV=2000411&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&rtt=724&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.191 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 12 Aug 2021 05:30:57 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
de3182c08b90f2e5e09cecb799d359f7
Content-Length
4
Expires
0
widgetGlobalEvent
log.outbrainimg.com/loggerServices/ 		4 B
325 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=2489159a76ca5fafd96221f1eb58b1ee&pvId=faaf9ddc39e63ff0dd1c56b89d756980&sid=5385788&pid=34971&idx=4&wId=974&pad=0&org=0&tm=2078&eT=0&cnsnt=no_consent&widgetWidth=575&widgetHeight=0&widgetX=332&widgetY=3045&wRV=2000411&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&rtt=724&ab=0&wl=0
Requested by
Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.191 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 12 Aug 2021 05:30:57 GMT
Access-Control-Allow-Methods
GET,POST
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
X-TraceId
2514e0b25f1aa2d1f3c57fc81f864940
Content-Length
4
Expires
0
19e380df-4ec7-4388-b718-703a37009a33_360_h264.mp4
vid.connatix.com/d7a009c2-4d20-4d8f-9657-3d04b3ea8823/ 		99 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/d7a009c2-4d20-4d8f-9657-3d04b3ea8823/19e380df-4ec7-4388-b718-703a37009a33_360_h264.mp4
Requested by
Host: www.krtv.com
URL: https://www.krtv.com/news/national/accenture-restores-systems-following-reported-ransomware-attack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.krtv.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=65536-

Response headers

date
Thu, 12 Aug 2021 05:30:57 GMT
last-modified
Thu, 12 Aug 2021 03:17:12 GMT
age
7850
etag
"6103b1717d80756ad25667b10e04db3e"
access-control-max-age
86400
content-type
video/mp4
Content-Range
bytes 65536-926756/926757
cache-control
public,max-stale=31557600,stale-while-revalidate= 31557600, immutable,max-age=31557600
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
861221
2aa3498a-9f70-4a78-a5e5-12bf5c71108d_360_h264.mp4
vid.connatix.com/d7a009c2-4d20-4d8f-9657-3d04b3ea8823/ 		128 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/d7a009c2-4d20-4d8f-9657-3d04b3ea8823/2aa3498a-9f70-4a78-a5e5-12bf5c71108d_360_h264.mp4
Requested by
Host: www.krtv.com
URL: https://www.krtv.com/news/national/accenture-restores-systems-following-reported-ransomware-attack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.krtv.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=98304-

Response headers

date
Thu, 12 Aug 2021 05:30:57 GMT
last-modified
Thu, 12 Aug 2021 03:18:22 GMT
age
7850
etag
"2bfdacb0a59fff574ac17a53258c9a49"
access-control-max-age
86400
content-type
video/mp4
Content-Range
bytes 98304-864376/864377
cache-control
public,max-stale=31557600,stale-while-revalidate= 31557600, immutable,max-age=31557600
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
766073
65598c17-f040-475b-aaf7-125b0ec77098_360_h264.mp4
vid.connatix.com/d7a009c2-4d20-4d8f-9657-3d04b3ea8823/ 		128 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/d7a009c2-4d20-4d8f-9657-3d04b3ea8823/65598c17-f040-475b-aaf7-125b0ec77098_360_h264.mp4
Requested by
Host: www.krtv.com
URL: https://www.krtv.com/news/national/accenture-restores-systems-following-reported-ransomware-attack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.krtv.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=65536-

Response headers

date
Thu, 12 Aug 2021 05:30:57 GMT
last-modified
Thu, 12 Aug 2021 03:17:05 GMT
age
7850
etag
"a061b99d7fdc252c97870917fbfb6cdc"
access-control-max-age
86400
content-type
video/mp4
Content-Range
bytes 65536-823162/823163
cache-control
public,max-stale=31557600,stale-while-revalidate= 31557600, immutable,max-age=31557600
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
757627
309f1c5b-e0cf-4ed6-b621-f98eb6ab56b5_360_h264.mp4
vid.connatix.com/d7a009c2-4d20-4d8f-9657-3d04b3ea8823/ 		180 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/d7a009c2-4d20-4d8f-9657-3d04b3ea8823/309f1c5b-e0cf-4ed6-b621-f98eb6ab56b5_360_h264.mp4
Requested by
Host: www.krtv.com
URL: https://www.krtv.com/news/national/accenture-restores-systems-following-reported-ransomware-attack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.krtv.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=65536-

Response headers

date
Thu, 12 Aug 2021 05:30:57 GMT
last-modified
Thu, 12 Aug 2021 03:16:51 GMT
age
7850
etag
"20741aca10d3b224badd6b913524d70f"
access-control-max-age
86400
content-type
video/mp4
Content-Range
bytes 65536-1033466/1033467
cache-control
public,max-stale=31557600,stale-while-revalidate= 31557600, immutable,max-age=31557600
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
967931
5c947d14-58b7-4ad2-a922-5612684d3a30_360_h264.mp4
vid.connatix.com/d7a009c2-4d20-4d8f-9657-3d04b3ea8823/ 		128 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/d7a009c2-4d20-4d8f-9657-3d04b3ea8823/5c947d14-58b7-4ad2-a922-5612684d3a30_360_h264.mp4
Requested by
Host: www.krtv.com
URL: https://www.krtv.com/news/national/accenture-restores-systems-following-reported-ransomware-attack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.krtv.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=65536-

Response headers

date
Thu, 12 Aug 2021 05:30:57 GMT
last-modified
Thu, 12 Aug 2021 03:17:00 GMT
age
7850
etag
"5edb87f957173d12a667e131b0b9e1d5"
access-control-max-age
86400
content-type
video/mp4
Content-Range
bytes 65536-878857/878858
cache-control
public,max-stale=31557600,stale-while-revalidate= 31557600, immutable,max-age=31557600
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
813322
si
googleads.g.doubleclick.net/pagead/drt/ Frame 0726
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si
Requested by
Host: 9e10fba2caf64a2003141bd5460a3e52.safeframe.googlesyndication.com
URL: https://9e10fba2caf64a2003141bd5460a3e52.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
safe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/drt/si
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://googleads.g.doubleclick.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
IDE=AHWqTUn1gIaz7GDwVuVtXZ6vgymorpsfmEzH3_xqw_tAn6fGC9sy7iAhW8V8WX-Rfyc
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Thu, 12 Aug 2021 05:30:57 GMT
server
safe
content-length
0
x-xss-protection
0
set-cookie
DSID=NO_DATA; expires=Thu, 12-Aug-2021 06:30:57 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Thu, 12 Aug 2021 05:30:57 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Thu, 12 Aug 2021 05:30:57 GMT
server
safe
content-length
246
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
19e380df-4ec7-4388-b718-703a37009a33_360_h264.mp4
vid.connatix.com/d7a009c2-4d20-4d8f-9657-3d04b3ea8823/ 		64 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/d7a009c2-4d20-4d8f-9657-3d04b3ea8823/19e380df-4ec7-4388-b718-703a37009a33_360_h264.mp4
Requested by
Host: www.krtv.com
URL: https://www.krtv.com/news/national/accenture-restores-systems-following-reported-ransomware-attack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.krtv.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=163840-

Response headers

date
Thu, 12 Aug 2021 05:30:57 GMT
last-modified
Thu, 12 Aug 2021 03:17:12 GMT
age
7850
etag
"6103b1717d80756ad25667b10e04db3e"
access-control-max-age
86400
content-type
video/mp4
Content-Range
bytes 163840-926756/926757
cache-control
public,max-stale=31557600,stale-while-revalidate= 31557600, immutable,max-age=31557600
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
762917
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=0&q=0&hp=1&zMoatAdUnit1=ssp.krtv&zMoatAdUnit2=inview-bottom&wf=1&ra=3&pxm=3&sgs=3&vb=4&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2F9e10fba2caf64a2003141bd5460a3e52.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&i=CRACKED_SCRIPPS_DFP_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-shc9GZ%2BZ4OBI7PZR7NeP1dVlogBIfVcrVAZRAnlp9pAdeA81EcR7fkgw&sc=1&os=1-qg%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=(Gm%2B%5Eh%3A)jA&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.krtv.com%2Fnews%2Fnational%2Faccenture-restores-systems-following-reported-ransomware-attack&pcode=crackedscrippsdfpprebidheader262014341684&ql=&qo=0&vf=1&vg=100&bq=11&zMoatpage=-&zMoatpos=above%2C1&zMoatpt=detail%2Cfalse&g=0&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&rm=1&fy=436&gp=1106&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.krtv.com%2Fnews%2Fnational%2Faccenture-restores-systems-following-reported-ransomware-attack&id=1&ii=4&f=0&j=&t=1628746255601&de=360691635100&rx=181927217430&cu=1628746255601&m=2227&ar=4790001-clean&iw=40ef2d8&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=1106&lb=3539&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A753%3A753%3A0%3A749&as=0&ag=52&an=0&gf=52&gg=0&ix=52&ic=52&ez=1&aj=1&pg=100&pf=0&ib=1&cc=0&bw=52&bx=0&dj=1&im=0&in=0&pd=0&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=103&cd=0&ah=103&am=0&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=16839141%3A237842901%3A5250393788%3A138298488418&gw=crackedscrippsdfpprebidheader262014341684&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=193790&na=1078609457&cs=0
Requested by
Host: www.krtv.com
URL: https://www.krtv.com/news/national/accenture-restores-systems-following-reported-ransomware-attack
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Aug 2021 05:30:57 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 12 Aug 2021 05:30:57 GMT
65598c17-f040-475b-aaf7-125b0ec77098_360_h264.mp4
vid.connatix.com/d7a009c2-4d20-4d8f-9657-3d04b3ea8823/ 		64 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/d7a009c2-4d20-4d8f-9657-3d04b3ea8823/65598c17-f040-475b-aaf7-125b0ec77098_360_h264.mp4
Requested by
Host: www.krtv.com
URL: https://www.krtv.com/news/national/accenture-restores-systems-following-reported-ransomware-attack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.krtv.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=196608-

Response headers

date
Thu, 12 Aug 2021 05:30:57 GMT
last-modified
Thu, 12 Aug 2021 03:17:05 GMT
age
7851
etag
"a061b99d7fdc252c97870917fbfb6cdc"
access-control-max-age
86400
content-type
video/mp4
Content-Range
bytes 196608-823162/823163
cache-control
public,max-stale=31557600,stale-while-revalidate= 31557600, immutable,max-age=31557600
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
626555
view
securepubads.g.doubleclick.net/pcs/ Frame 5451 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssc8ygzQfv4YWDljewqz95zaXgPcwVnaJRFkw5Qapo6wY74wo4wXnsvMNGfOtkPWuydBFs4UVELOHb9lGZUenm6yzwt8YoU5n4BKYfB0fRcJbudk_SrdKfyHwhG2VH6IIPl_ng-uEdkxbobe8MaJiHPQ3fyM_IPRnuoRaz9dz5Tkz-sAxakmaB7Xk3nysEW80HB0ranaoQMyLsZMgYTBC_w9zkodzHxFoPLmvdYpm5UhBo1ImLF5btI8RlRA6WQCE5mLo1sZL9Db1uTNOPjLK74QLEgCUprco-iXAyq_NPsvfHBkUca_kt4TD4lS747sHcjofUIuyZvjQ&sig=Cg0ArKJSzFpC4iR9WzeVEAE&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 12 Aug 2021 05:30:58 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Thu, 12 Aug 2021 05:30:58 GMT
309f1c5b-e0cf-4ed6-b621-f98eb6ab56b5_360_h264.mp4
vid.connatix.com/d7a009c2-4d20-4d8f-9657-3d04b3ea8823/ 		64 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/d7a009c2-4d20-4d8f-9657-3d04b3ea8823/309f1c5b-e0cf-4ed6-b621-f98eb6ab56b5_360_h264.mp4
Requested by
Host: www.krtv.com
URL: https://www.krtv.com/news/national/accenture-restores-systems-following-reported-ransomware-attack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.krtv.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=229376-

Response headers

date
Thu, 12 Aug 2021 05:30:58 GMT
last-modified
Thu, 12 Aug 2021 03:16:51 GMT
age
7851
etag
"20741aca10d3b224badd6b913524d70f"
access-control-max-age
86400
content-type
video/mp4
Content-Range
bytes 229376-1033466/1033467
cache-control
public,max-stale=31557600,stale-while-revalidate= 31557600, immutable,max-age=31557600
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
804091
5c947d14-58b7-4ad2-a922-5612684d3a30_360_h264.mp4
vid.connatix.com/d7a009c2-4d20-4d8f-9657-3d04b3ea8823/ 		64 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/d7a009c2-4d20-4d8f-9657-3d04b3ea8823/5c947d14-58b7-4ad2-a922-5612684d3a30_360_h264.mp4
Requested by
Host: www.krtv.com
URL: https://www.krtv.com/news/national/accenture-restores-systems-following-reported-ransomware-attack
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.krtv.com/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range
bytes=196608-

Response headers

date
Thu, 12 Aug 2021 05:30:58 GMT
last-modified
Thu, 12 Aug 2021 03:17:00 GMT
age
7851
etag
"5edb87f957173d12a667e131b0b9e1d5"
access-control-max-age
86400
content-type
video/mp4
Content-Range
bytes 196608-878857/878858
cache-control
public,max-stale=31557600,stale-while-revalidate= 31557600, immutable,max-age=31557600
accept-ranges
bytes
access-control-allow-origin
*
Content-Length
682250
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021080901&st=env
Requested by
Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/scsp.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f5f8493869b9584732ab263256b198d44d6a3a59bf00f901a73aabddffeff3ea
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 12 Aug 2021 05:30:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8430
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021080901.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 05:30:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
expires
Thu, 12 Aug 2021 05:30:58 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 3835 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.krtv.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.krtv.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5029
date
Wed, 11 Aug 2021 13:59:36 GMT
expires
Thu, 11 Aug 2022 13:59:36 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
55882
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 14EB 		783 B
530 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
aa040944e0cf5a59b412ba42615540ae809dbcd8950dc4139193478c14b85bbe
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-xbaiaehhdxs1++V4k9Ka6g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.krtv.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.krtv.com/

Response headers

expires
Thu, 12 Aug 2021 05:30:58 GMT
date
Thu, 12 Aug 2021 05:30:58 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-xbaiaehhdxs1++V4k9Ka6g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
511
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
O2l1W4tcrMlErSQCfrpxGkyfOY9pZOaE8-TKtI4Qkek.js
pagead2.googlesyndication.com/bg/ Frame 3835 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/O2l1W4tcrMlErSQCfrpxGkyfOY9pZOaE8-TKtI4Qkek.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b69755b8b5cacc944ad24027eba711a4c9f398f6964e684f3e4cab48e1091e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 10 Aug 2021 17:27:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
129781
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13203
x-xss-protection
0
last-modified
Tue, 03 Aug 2021 09:38:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 10 Aug 2022 17:27:57 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021080901&jk=3168326454339857&bg=!4eKl4qbNAAbOj6irzo87ACkAdvg8WrKszET53SibX0WotLSDItTokzmWrDYAWLLaQgjMmEhp5YI5VQIAAABcUgAAAAxoAQeZAm95WJVjrMjiTD-z43PxivBFmP2ry0MzbGFi-JybKv0j8--nyQZYWFCc37kSUs8Zn2o_cC5o2kioOB3Uf1IpECiEkf3D9sDOku79jsXkZJGuvO6tAuOjucVx7QE1ieYnOlGqJqdmHzBCQQiu1wUnSwcT4qop6ruNeLblXD6sXPn-soB4CaX5GRxER7i5BKaPeOU0HTEzGZiuWxnsvfRMVgo5XZH2J2mPsbJOScj-nHwRtrA4UpvyV0IqrO0lHE4Fs2HCHJyRzfnQxWEvzOfRMb7xApYCHd00IWQPUea8JVwYhMqnyCZKamQSEwTTXh0OQ-ycHTfiGYvWYZE02r-KuL80ZL601nMrAUzjdIiNk4gncgGV5omvpJydKWOEMSDcTt39FTja0JP3Tb9wHFtROJJwBjhDQ5qnQs_AP6j3susPCYlOqbfmkO06jX7qU6zg1cnp1XDYoN-lVywYYMaDbhhlkAt3_6CZImVJDGlwFkeQlMz4uxFCo6tKAOBI3ZnlFcviktbEuhw9XWaeEgLANPQYW4npWZmzYTtviu1NJozzu9XxNG1mhbiUjG8Jttqvq_-obI4yjtP0FHQfK5_jACOjixOCXxrAmOpY0_7sFOAqfGy305c10QjH8C3lNFJSHMzz2R9vJp85W9N8Vs7QbVdi7ipav2py0hM4b8261SLJhgnaKkKNZND4rx2hrqv9OBrjhU61qvRKKwmj6WQMITAdQF-G05sXuMEZqgoWEThoEVjdQ_LpIIRjA6xEYczyxdhwlW2P3VQf_uxBzrAUnE1Qsa2Dr2HK1NRu-7QiuAP5xmnhm6kgBGL5lAWxfY0P2A
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Aug 2021 05:30:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame EAFC 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssO5mAqWZGvr-h_YsoZW34bBMooZwx6G6-a91rzqOf22DwPhZxfKXrYDd_3qjZoTeIsDE9DzByNtrAW-0DSafpDicraIrrydZQDKKe9XoryK8ujft6rt-LxQBXSVQ&sai=AMfl-YSLzpgDIePzPPk6ZRgx0KVxuelaDOmY9hIW5_-7sD3gMpEmJthekj_MHJ9-YYkzCidJ-T6iBSbD_XUbf6w5rPQtdv7QgnCE4xL-_DbgcfdLPz1X6SayviPJBcc&sig=Cg0ArKJSzBLJMHpnTwKhEAE&cid=CAASF-Ro-gcW50X09nfqlUM2F6e670ZzhAf0&id=lidar2&mcvt=1000&p=1106,436,1196,1164&asp=1106,436,1196,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210809&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=3550835547&rs=4&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1628746257306&dlt=15&rpt=305&isd=0&lsd=0&msd=0&r=v&speed=1
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://9e10fba2caf64a2003141bd5460a3e52.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Aug 2021 05:30:58 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=0&hp=1&zMoatAdUnit1=ssp.krtv&zMoatAdUnit2=inview-bottom&wf=1&ra=3&pxm=3&sgs=3&vb=4&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CRACKED_SCRIPPS_DFP_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-shc9GZ%2BZ4OBI7PZR7NeP1dVlogBIfVcrVAZRAnlp9pAdeA81EcR7fkgw&sc=1&os=1-qg%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=(Gm%2B%5Eh%3A)jA&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.krtv.com%2Fnews%2Fnational%2Faccenture-restores-systems-following-reported-ransomware-attack&pcode=crackedscrippsdfpprebidheader262014341684&ql=&qo=0&vf=1&vg=100&bq=11&zMoatpage=-&zMoatpos=above%2C1&zMoatpt=detail%2Cfalse&g=1&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&rm=1&fy=436&gp=1106&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.krtv.com%2Fnews%2Fnational%2Faccenture-restores-systems-following-reported-ransomware-attack&id=1&ii=4&f=0&j=&t=1628746255601&de=360691635100&rx=181927217430&cu=1628746255601&m=3323&ar=4790001-clean&iw=40ef2d8&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=1106&lb=3538&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A753%3A753%3A3682%3A749&as=1&ag=1153&an=52&gi=1&gf=1153&gg=52&ix=1153&ic=1153&ez=1&ck=1153&kw=1003&aj=1&pg=100&pf=100&ib=1&cc=1&bw=1153&bx=52&ci=1153&jz=1003&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1003&cd=103&ah=1003&am=103&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=16839141%3A237842901%3A5250393788%3A138298488418&gw=crackedscrippsdfpprebidheader262014341684&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=193790&na=635498256&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Aug 2021 05:30:58 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 12 Aug 2021 05:30:58 GMT
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=5&q=0&hp=1&zMoatAdUnit1=ssp.krtv&zMoatAdUnit2=inview-bottom&wf=1&ra=3&pxm=3&sgs=3&vb=4&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CRACKED_SCRIPPS_DFP_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-shc9GZ%2BZ4OBI7PZR7NeP1dVlogBIfVcrVAZRAnlp9pAdeA81EcR7fkgw&sc=1&os=1-qg%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=(Gm%2B%5Eh%3A)jA&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.krtv.com%2Fnews%2Fnational%2Faccenture-restores-systems-following-reported-ransomware-attack&pcode=crackedscrippsdfpprebidheader262014341684&ql=&qo=0&vf=1&vg=100&bq=11&zMoatpage=-&zMoatpos=above%2C1&zMoatpt=detail%2Cfalse&g=2&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&rm=1&fy=436&gp=1106&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.krtv.com%2Fnews%2Fnational%2Faccenture-restores-systems-following-reported-ransomware-attack&id=1&ii=4&f=0&j=&t=1628746255601&de=360691635100&rx=181927217430&cu=1628746255601&m=3324&ar=4790001-clean&iw=40ef2d8&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=1106&lb=3538&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A753%3A753%3A3682%3A749&as=1&ag=1153&an=1153&gi=1&gf=1153&gg=1153&ix=1153&ic=1153&ez=1&ck=1153&kw=1003&aj=1&pg=100&pf=100&ib=1&cc=1&bw=1153&bx=1153&ci=1153&jz=1003&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1003&cd=1003&ah=1003&am=1003&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=16839141%3A237842901%3A5250393788%3A138298488418&gw=crackedscrippsdfpprebidheader262014341684&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=193790&na=1218760526&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Aug 2021 05:30:59 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 12 Aug 2021 05:30:59 GMT
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=37&q=1&hp=1&zMoatAdUnit1=ssp.krtv&zMoatAdUnit2=inview-bottom&wf=1&ra=3&pxm=3&sgs=3&vb=4&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CRACKED_SCRIPPS_DFP_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-shc9GZ%2BZ4OBI7PZR7NeP1dVlogBIfVcrVAZRAnlp9pAdeA81EcR7fkgw&sc=1&os=1-qg%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=(Gm%2B%5Eh%3A)jA&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.krtv.com%2Fnews%2Fnational%2Faccenture-restores-systems-following-reported-ransomware-attack&pcode=crackedscrippsdfpprebidheader262014341684&ql=&qo=0&vf=1&vg=100&bq=11&zMoatpage=-&zMoatpos=above%2C1&zMoatpt=detail%2Cfalse&g=3&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&rm=1&fy=436&gp=1106&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.krtv.com%2Fnews%2Fnational%2Faccenture-restores-systems-following-reported-ransomware-attack&id=1&ii=4&f=0&j=&t=1628746255601&de=360691635100&rx=181927217430&cu=1628746255601&m=3325&ar=4790001-clean&iw=40ef2d8&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=1106&lb=3538&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A753%3A753%3A3682%3A749&as=1&ag=1153&an=1153&gi=1&gf=1153&gg=1153&ix=1153&ic=1153&ez=1&ck=1153&kw=1003&aj=1&pg=100&pf=100&ib=1&cc=1&bw=1153&bx=1153&ci=1153&jz=1003&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=1003&cd=1003&ah=1003&am=1003&xd=00&rf=0&re=0&wb=1&cl=0&at=0&d=16839141%3A237842901%3A5250393788%3A138298488418&gw=crackedscrippsdfpprebidheader262014341684&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=193790&na=1127025614&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Aug 2021 05:30:59 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 12 Aug 2021 05:30:59 GMT
sync
eb2.3lift.com/ Frame A9F5 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
c45da4e3c4cc8a66bfb06fbcf8235cb7e1902394f92f69cc5e8139169ab684b6

Request headers

:method
GET
:authority
eb2.3lift.com
:scheme
https
:path
/sync?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.krtv.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
tluid=12189579334791352893
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.krtv.com/

Response headers

date
Thu, 12 Aug 2021 05:31:01 GMT
content-type
text/html; charset=utf-8
content-length
479
set-cookie
sync=CgoIgQIQpMvexrMvCgoIkQIQpMvexrMvCgoI4gEQpMvexrMvCgoIkgIQpMvexrMvCgoI5gEQpMvexrMvCgoIhwIQpMvexrMvCgkIOhCky97Gsy8KCQgLEKTL3sazLwoJCF8QpMvexrMvCgkIHxCky97Gsy8=; Max-Age=7776000; Expires=Wed, 10 Nov 2021 05:31:01 GMT; Path=/sync; Domain=.3lift.com; SameSite=None; Secure tluid=12189579334791352893; Max-Age=7776000; Expires=Wed, 10 Nov 2021 05:31:01 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
content-encoding
gzip
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control
no-cache, no-store, must-revalidate
pd
eu-u.openx.net/w/1.0/ Frame 4B01 		668 B
731 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=6&ph=244d878b-1cc7-43a5-9a4f-43a0e7f860dd&gdpr=1
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.213.0 /
Resource Hash
da91ed7249f7d0f1ead03c4f8df8bb2a3eef18213824412f2fbb4bda67248122

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?plm=6&ph=244d878b-1cc7-43a5-9a4f-43a0e7f860dd&gdpr=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.krtv.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=c5dd7890-a104-4582-a979-e18129248296|1628746256
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.krtv.com/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=c5dd7890-a104-4582-a979-e18129248296|1628746256; Version=1; Expires=Fri, 12-Aug-2022 05:31:01 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1628746261|gekin0vNiygu; Version=1; Expires=Fri, 27-Aug-2021 05:31:01 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.213.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Thu, 12 Aug 2021 05:31:01 GMT
content-type
text/html
content-length
421
content-encoding
gzip
via
1.1 google
alt-svc
clear
2000248.html
serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/ Frame 9AA0
Redirect Chain
  • https://sync.serverbid.com/ss/2000248.html
  • https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
4 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
d47b0a558d4b3c185baeca529965752d946921f4a10cb7c442b9bbee6985c4a5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Host
serverbid-sync.nyc3.cdn.digitaloceanspaces.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.krtv.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.krtv.com/

Response headers

Date
Thu, 12 Aug 2021 05:31:02 GMT
Connection
Keep-Alive
Cache-Control
max-age=36440
Content-Length
4376
Content-Type
text/html
Last-Modified
Thu, 31 Jan 2019 14:12:06 GMT
Accept-Ranges
bytes
etag
"8ca299ba400101b6642362a2bceff771"
x-amz-request-id
tx000000000000004855730-006113eeee-5550cd3-nyc3a
strict-transport-security
max-age=15552000; includeSubDomains; preload
age
204
Vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW
1628746262.dop023.lo4.t,1628746262.cds231.lo4.shn,1628746262.dop023.lo4.t,1628746262.cds053.lo4.c

Redirect headers

content-length
0
location
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
cache-control
no-cache
async_usersync.html
acdn.adnxs.com/dmp/ Frame F512 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.krtv.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.krtv.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.13.10
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Fri, 30 Jul 2021 04:43:13 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Thu, 12 Aug 2021 05:31:01 GMT
Age
2842
X-Served-By
cache-lga21963-LGA, cache-fra19143-FRA
X-Cache
HIT, HIT
X-Cache-Hits
1, 19972
X-Timer
S1628746262.923911,VS0,VE0
Vary
Accept-Encoding
/
ssc-cms.33across.com/ps/ Frame 2962 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=azIy8WByqr67OuaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
208.100.17.174 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip174.208-100-17.static.steadfastdns.net
Software
33XP004 /
Resource Hash

Request headers

:method
GET
:authority
ssc-cms.33across.com
:scheme
https
:path
/ps/?m=xch&rt=html&ru=deb&id=azIy8WByqr67OuaKj0P0Le&gdpr_consent=undefined&us_privacy=undefined
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.krtv.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.krtv.com/

Response headers

x-33x-status
2000208
server
33XP004
date
Thu, 12 Aug 2021 05:31:01 GMT
sync
eb2.3lift.com/ Frame 8607 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
c45da4e3c4cc8a66bfb06fbcf8235cb7e1902394f92f69cc5e8139169ab684b6

Request headers

:method
GET
:authority
eb2.3lift.com
:scheme
https
:path
/sync?
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.krtv.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
tluid=12189579334791352893
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.krtv.com/

Response headers

date
Thu, 12 Aug 2021 05:31:01 GMT
content-type
text/html; charset=utf-8
content-length
479
set-cookie
sync=CgoIgQIQpsvexrMvCgoIkQIQpsvexrMvCgoI4gEQpsvexrMvCgoIkgIQpsvexrMvCgoI5gEQpsvexrMvCgoIhwIQpsvexrMvCgkIOhCmy97Gsy8KCQgLEKbL3sazLwoJCF8QpsvexrMvCgkIHxCmy97Gsy8=; Max-Age=7776000; Expires=Wed, 10 Nov 2021 05:31:01 GMT; Path=/sync; Domain=.3lift.com; SameSite=None; Secure tluid=12189579334791352893; Max-Age=7776000; Expires=Wed, 10 Nov 2021 05:31:01 GMT; Path=/; Domain=.3lift.com; SameSite=None; Secure
content-encoding
gzip
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control
no-cache, no-store, must-revalidate
2000248.html
serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/ Frame E465
Redirect Chain
  • https://sync.serverbid.com/ss/2000248.html
  • https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
4 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
map2.hwcdn.net
Software
/
Resource Hash
d47b0a558d4b3c185baeca529965752d946921f4a10cb7c442b9bbee6985c4a5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

Host
serverbid-sync.nyc3.cdn.digitaloceanspaces.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.krtv.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.krtv.com/

Response headers

Date
Thu, 12 Aug 2021 05:31:02 GMT
Connection
Keep-Alive
Cache-Control
max-age=36440
Content-Length
4376
Content-Type
text/html
Last-Modified
Thu, 31 Jan 2019 14:12:06 GMT
Accept-Ranges
bytes
etag
"8ca299ba400101b6642362a2bceff771"
x-amz-request-id
tx000000000000004855730-006113eeee-5550cd3-nyc3a
strict-transport-security
max-age=15552000; includeSubDomains; preload
age
204
Vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW
1628746262.dop023.lo4.t,1628746262.cds231.lo4.shn,1628746262.dop023.lo4.t,1628746262.cds053.lo4.c

Redirect headers

content-length
0
location
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
cache-control
no-cache
pd
eu-u.openx.net/w/1.0/ Frame 74CB 		668 B
720 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=6&ph=244d878b-1cc7-43a5-9a4f-43a0e7f860dd&gdpr=1
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.213.0 /
Resource Hash
da91ed7249f7d0f1ead03c4f8df8bb2a3eef18213824412f2fbb4bda67248122

Request headers

:method
GET
:authority
eu-u.openx.net
:scheme
https
:path
/w/1.0/pd?plm=6&ph=244d878b-1cc7-43a5-9a4f-43a0e7f860dd&gdpr=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.krtv.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
i=c5dd7890-a104-4582-a979-e18129248296|1628746256
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.krtv.com/

Response headers

vary
Accept, Accept-Encoding
set-cookie
i=c5dd7890-a104-4582-a979-e18129248296|1628746256; Version=1; Expires=Fri, 12-Aug-2022 05:31:01 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1628746261|gekin0vNiygu; Version=1; Expires=Fri, 27-Aug-2021 05:31:01 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server
OXGW/16.213.0
p3p
CP="CUR ADM OUR NOR STA NID"
date
Thu, 12 Aug 2021 05:31:01 GMT
content-type
text/html
content-length
421
content-encoding
gzip
via
1.1 google
alt-svc
clear
usync.html
eus.rubiconproject.com/ Frame 5F63 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.krtv.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
rsid=1|AIfsdBUH+v3fWCPuzNowDE/csJlhOqmt0nZRUZWfOgh1poCfUm/pXMGaZ9WE5/rIRx3CvDzGDmXGQhinMyiRFxj1oVYGhl0PykR7JZeOex0hvG2vYKQxffShJKG3Nw==; ses2=; vis2=361740^1; ses15=; vis15=361740^1; khaos=KS8HGUSZ-B-JYH3; audit=1|hLZGFuTafB23Z0i1SyacCJqpp78UDnSwLdjvSH1/Z71e4ZptzlLxCwiT5hq+N+VPaNgdOVL2Yy93sD/dBAXvNNAPlTu0R9RN
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.krtv.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 12 Aug 2021 05:31:01 GMT
Connection
keep-alive
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 965C 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: ads.rubiconproject.com
URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.krtv.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.krtv.com/

Response headers

Connection
keep-alive
Content-Length
17053
Server
nginx/1.13.10
Content-Type
text/html
Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
W/"5fc7ff8f-cf34"
Expires
Fri, 30 Jul 2021 04:43:13 GMT
Cache-Control
max-age=86402
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Thu, 12 Aug 2021 05:31:01 GMT
Age
2842
X-Served-By
cache-lga21963-LGA, cache-fra19126-FRA
X-Cache
HIT, HIT
X-Cache-Hits
1, 20969
X-Timer
S1628746262.930359,VS0,VE0
Vary
Accept-Encoding
us.php
gu.dyntrk.com/adx/id5/
Redirect Chain
  • https://id5-sync.com/s/441/9.gif?puid=e_a5d69ec2-5f44-4c84-b86d-bcc92c2660de&gdpr=1&gdpr_consent=
  • https://id5-sync.com/c/441/441/9/1.gif?puid=e_a5d69ec2-5f44-4c84-b86d-bcc92c2660de&gdpr=1&gdpr_consent=
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMO70RTxCj3h-5KTHm9aL377wUnbgDpb3l5vtVTcQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F8%2F2.gif%3Fpuid%3D...
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMO70RTxCj3h-5KTHm9aL377wUnbgDpb3l5vtVTcQ&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F8%2F2.gif%3Fp...
  • https://id5-sync.com/cq/441/124/8/2.gif?puid=cedfd0f8-5cd2-4f98-b4a9-b62a0047b522&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&domid=1033
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domi...
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=103...
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEDm-3ujVvzWwM4nSVRZYbP0&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0Rv...
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=7280709557202271541&opid=apx&ops=&utidl=tech:goo:CAESEDm-3ujVvzWwM4nSVRZYbP0&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0a...
  • https://id5-sync.com/qp/18.gif?puid=vec%3A19794773729&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/6/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
  • https://id5-sync.com/c/441/19/6/4.gif?puid=692ae379967479d50e535a76ae029d4b&gdpr=1&gdpr_consent=
  • https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F101%2F5%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F101%2F5%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://id5-sync.com/c/441/101/5/5.gif?puid=14570cc5-10d6-4205-b7c1-f36d5c658820&gdpr=1&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F108%2F4%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_con...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F108%2F4%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gd...
  • https://id5-sync.com/c/441/108/4/6.gif?puid=503c55bd-cbe4-44eb-b954-a7638c0905bc&gdpr=1&gdpr_consent=
  • https://gu.dyntrk.com/adx/id5/us.php?dynk=id5&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F118%2F3%2F7.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
0
0
6.gif
id5-sync.com/c/441/108/4/
Redirect Chain
  • https://id5-sync.com/s/441/9.gif?puid=e_e840fc71-5321-45b7-aa8f-29f6d4e82716&gdpr=1&gdpr_consent=
  • https://id5-sync.com/c/441/441/9/1.gif?puid=e_e840fc71-5321-45b7-aa8f-29f6d4e82716&gdpr=1&gdpr_consent=
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOM0Ct4udViql8x_5SjSq13pSRs66x1P3GBu4oTA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F8%2F2.gif%3Fpuid%3D...
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOM0Ct4udViql8x_5SjSq13pSRs66x1P3GBu4oTA&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F8%2F2.gif%3Fp...
  • https://id5-sync.com/cq/441/124/8/2.gif?puid=7687bbde-459c-47ff-8157-0e8faa6f8451&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&domid=1033
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domi...
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=103...
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEDm-3ujVvzWwM4nSVRZYbP0&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0Rv...
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=7280709557202271541&opid=apx&ops=&utidl=tech:goo:CAESEDm-3ujVvzWwM4nSVRZYbP0&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0a...
  • https://id5-sync.com/qp/18.gif?puid=vec%3A19794773729&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/6/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
  • https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/6/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
  • https://id5-sync.com/c/441/19/6/4.gif?puid=692ae379967479d50e535a76ae029d4b&gdpr=1&gdpr_consent=
  • https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F101%2F5%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F101%2F5%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://id5-sync.com/c/441/101/5/5.gif?puid=3da05643-f3dc-428a-b528-5343108e2250&gdpr=1&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F108%2F4%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_con...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F108%2F4%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gd...
  • https://id5-sync.com/c/441/108/4/6.gif?puid=503c55bd-cbe4-44eb-b954-a7638c0905bc&gdpr=1&gdpr_consent=
0
0
6.gif
id5-sync.com/c/441/108/4/
Redirect Chain
  • https://id5-sync.com/s/441/9.gif?puid=e_5dfb82c6-ff87-4d20-b127-38caf8ad5951&gdpr=1&gdpr_consent=
  • https://id5-sync.com/c/441/441/9/1.gif?puid=e_5dfb82c6-ff87-4d20-b127-38caf8ad5951&gdpr=1&gdpr_consent=
  • https://ice.360yield.com/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOG7l8XZH2hdp_tDalfs91sIc8qjk0khMyhmrKFg&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F8%2F2.gif%3Fpuid%3D...
  • https://ice.360yield.com/ul_cb/match?publisher_dsp_id=79&dsp_callback=1&external_user_id=ID5-ZHMOG7l8XZH2hdp_tDalfs91sIc8qjk0khMyhmrKFg&r=https%3A%2F%2Fid5-sync.com%2Fcq%2F441%2F124%2F8%2F2.gif%3Fp...
  • https://id5-sync.com/cq/441/124/8/2.gif?puid=cedfd0f8-5cd2-4f98-b4a9-b62a0047b522&gdpr=1&gdpr_consent=&gdpr=1&gdpr_consent=
  • https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=id517&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY
  • https://cookie-matching.mediarithmics.com/v1/get_or_create?sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&domid=1033
  • https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domi...
  • https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY&action=GET_ID&opid=goo&etid=&domid=103...
  • https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESEDm-3ujVvzWwM4nSVRZYbP0&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0Rv...
  • https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=7280709557202271541&opid=apx&ops=&utidl=tech:goo:CAESEDm-3ujVvzWwM4nSVRZYbP0&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0a...
  • https://id5-sync.com/qp/18.gif?puid=vec%3A19794773729&sd=Y2FzY2FkZXNSZW1haW5pbmc9NyZjYXNjYWRlc0RvbmU9MyZpbml0aWF0aW5nUGFydG5lcj00NDEmZm9ybWF0PWdpZiY
  • https://sync.crwdcntrl.net/map/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/6/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
  • https://sync.crwdcntrl.net/map/ct=y/c=13953/tp=IDFI/gdpr=1/gdpr_consent=?https://id5-sync.com/c/441/19/6/4.gif?puid=${profile_id}&gdpr=1&gdpr_consent=
  • https://id5-sync.com/c/441/19/6/4.gif?puid=692ae379967479d50e535a76ae029d4b&gdpr=1&gdpr_consent=
  • https://ads.creative-serving.com/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F101%2F5%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://ads.creative-serving.com/ul_cb/id5_cm?callback=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F101%2F5%2F5.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
  • https://id5-sync.com/c/441/101/5/5.gif?puid=46cf6519-8fd1-4a9d-a47a-b03ed1090b4f&gdpr=1&gdpr_consent=
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F108%2F4%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gdpr_con...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2922&partner_url=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F108%2F4%2F6.gif%3Fpuid%3D%24%7BTA_DEVICE_ID%7D%26gdpr%3D1%26gdpr_consent%3D&gdpr=1&gd...
  • https://id5-sync.com/c/441/108/4/6.gif?puid=503c55bd-cbe4-44eb-b954-a7638c0905bc&gdpr=1&gdpr_consent=
0
0
sd
eu-u.openx.net/w/1.0/ Frame 4B01
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=22456114-b216-4200-9dcf-e8ea5ff4350b
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=22456114-b216-4200-9dcf-e8ea5ff4350b
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=244d878b-1cc7-43a5-9a4f-43a0e7f860dd&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.213.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Aug 2021 05:31:02 GMT
via
1.1 google
server
OXGW/16.213.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Thu, 12 Aug 2021 05:30:21 GMT
Server
MT3 3831 a91c15f master cdg-pixel-x25
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=22456114-b216-4200-9dcf-e8ea5ff4350b
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 12 Aug 2021 05:30:20 GMT
sd
us-u.openx.net/w/1.0/ Frame 4B01
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=GBkroEwaKvIDSSnyGB83okhLIq0DSy73GR8ORh6Z
43 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=GBkroEwaKvIDSSnyGB83okhLIq0DSy73GR8ORh6Z
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=244d878b-1cc7-43a5-9a4f-43a0e7f860dd&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.213.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Aug 2021 05:31:01 GMT
via
1.1 google
server
OXGW/16.213.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 12 Aug 2021 05:31:01 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=GBkroEwaKvIDSSnyGB83okhLIq0DSy73GR8ORh6Z
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 4B01
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8268701735968554551
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8268701735968554551
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=244d878b-1cc7-43a5-9a4f-43a0e7f860dd&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.213.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Aug 2021 05:31:02 GMT
via
1.1 google
server
OXGW/16.213.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 12 Aug 2021 05:31:02 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8268701735968554551
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame 4B01 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=167147c9-0883-7a75-f3af-29694d03b16b&gdpr=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=244d878b-1cc7-43a5-9a4f-43a0e7f860dd&gdpr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Aug 2021 05:31:02 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 4B01 		170 B
523 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=M2ExZTk0MDMtYzFmNC0yNGQxLWU2NGYtNzNkMDg3ZTE3ZjBi
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=244d878b-1cc7-43a5-9a4f-43a0e7f860dd&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Aug 2021 05:31:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 4B01
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEH_d28JKXnuN-3pbCSzians&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEH_d28JKXnuN-3pbCSzians&google_cver=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=244d878b-1cc7-43a5-9a4f-43a0e7f860dd&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.213.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Aug 2021 05:31:02 GMT
via
1.1 google
server
OXGW/16.213.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 12 Aug 2021 05:31:01 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEH_d28JKXnuN-3pbCSzians&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 74CB
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=a8a66114-b216-4600-8eb7-d3f32f273575
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=a8a66114-b216-4600-8eb7-d3f32f273575
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=244d878b-1cc7-43a5-9a4f-43a0e7f860dd&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.213.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Aug 2021 05:31:02 GMT
via
1.1 google
server
OXGW/16.213.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Thu, 12 Aug 2021 05:30:21 GMT
Server
MT3 3831 a91c15f master cdg-pixel-x16
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=a8a66114-b216-4600-8eb7-d3f32f273575
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 12 Aug 2021 05:30:20 GMT
sd
us-u.openx.net/w/1.0/ Frame 74CB
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
  • https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=GBkroEwaKvIDSSnyGB83okhLIq0DSy73GR8ORh6Z
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=GBkroEwaKvIDSSnyGB83okhLIq0DSy73GR8ORh6Z
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=244d878b-1cc7-43a5-9a4f-43a0e7f860dd&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.213.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Aug 2021 05:31:01 GMT
via
1.1 google
server
OXGW/16.213.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 12 Aug 2021 05:31:01 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=GBkroEwaKvIDSSnyGB83okhLIq0DSy73GR8ORh6Z
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame 74CB
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5749842285205543521
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5749842285205543521
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=244d878b-1cc7-43a5-9a4f-43a0e7f860dd&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.213.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Aug 2021 05:31:02 GMT
via
1.1 google
server
OXGW/16.213.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 12 Aug 2021 05:31:02 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5749842285205543521
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame 74CB 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=167147c9-0883-7a75-f3af-29694d03b16b&gdpr=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=244d878b-1cc7-43a5-9a4f-43a0e7f860dd&gdpr=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Aug 2021 05:31:02 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 74CB 		170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=M2ExZTk0MDMtYzFmNC0yNGQxLWU2NGYtNzNkMDg3ZTE3ZjBi
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=244d878b-1cc7-43a5-9a4f-43a0e7f860dd&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Aug 2021 05:31:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 74CB
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEH_d28JKXnuN-3pbCSzians&google_cver=1
43 B
106 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEH_d28JKXnuN-3pbCSzians&google_cver=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=244d878b-1cc7-43a5-9a4f-43a0e7f860dd&gdpr=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/16.213.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Aug 2021 05:31:02 GMT
via
1.1 google
server
OXGW/16.213.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
clear
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 12 Aug 2021 05:31:01 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEH_d28JKXnuN-3pbCSzians&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame 8607 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Aug 2021 05:31:02 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
xuid
eb2.3lift.com/ Frame 8607
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESELHTymWOFlJ72dIr6QHGLyA&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESELHTymWOFlJ72dIr6QHGLyA&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 05:31:02 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Thu, 12 Aug 2021 05:31:01 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESELHTymWOFlJ72dIr6QHGLyA&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 8607
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTIxODk1NzkzMzQ3OTEzNTI4OTM%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTIxODk1NzkzMzQ3OTEzNTI4OTM%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Aug 2021 05:31:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTIxODk1NzkzMzQ3OTEzNTI4OTM%3D
date
Thu, 12 Aug 2021 05:31:01 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
c.gif
c.bing.com/ Frame 8607 		42 B
466 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=12189579334791352893&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Aug 2021 05:31:01 GMT
etag
"9d284f105d6fd71:0"
last-modified
Fri, 02 Jul 2021 16:12:32 GMT
x-msedge-ref
Ref A: 56EE39F543E84E46B7B13B9C102F3B50 Ref B: FRAEDGE1420 Ref C: 2021-08-12T05:31:01Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
xuid
eb2.3lift.com/ Frame 8607
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/12189579334791352893?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-fV3Afo1E2oQrTcjix8MrhINLN.qTVGuaQzIks3n3qg--~A&dongle=0883
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-fV3Afo1E2oQrTcjix8MrhINLN.qTVGuaQzIks3n3qg--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 05:31:02 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Thu, 12 Aug 2021 05:31:02 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-fV3Afo1E2oQrTcjix8MrhINLN.qTVGuaQzIks3n3qg--~A&dongle=0883
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 8607
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=1%26gdpr_consent=
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Feb2.3lift.com%252Fxuid%253Fmid%253D3335%2526xuid%253D%2524UID%2526dongle%253D4d58%2526gdpr%3D1%2526gdpr_consent%3D
  • https://eb2.3lift.com/xuid?mid=3335&xuid=5217591311189622766&dongle=4d58&gdpr=1&gdpr_consent=
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=5217591311189622766&dongle=4d58&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 05:31:02 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Thu, 12 Aug 2021 05:31:02 GMT
X-Proxy-Origin
194.99.105.99; 194.99.105.99; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
8c9eb5ec-7c90-4225-9efe-7031b9453e41
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://eb2.3lift.com/xuid?mid=3335&xuid=5217591311189622766&dongle=4d58&gdpr=1&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
iu3
s.amazon-adsystem.com/ Frame 8607
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=12189579334791352893
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=12189579334791352893&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=12189579334791352893&dcc=t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Thu, 12 Aug 2021 05:31:02 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
6PWAAF55YTVWX4NHAHYE
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=12189579334791352893&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame 8607
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 05:31:02 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Pragma
no-cache
Date
Thu, 12 Aug 2021 05:31:02 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
95
Content-Type
text/html; charset=utf-8
setuid
ib.adnxs.com/prebid/ Frame 8607 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=1&gdpr_consent=&uid=12189579334791352893
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
setuid
ib.adnxs.com/prebid/ Frame 8607 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift&gdpr=1&gdpr_consent=&uid=12189579334791352893
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
generic
match.adsrvr.org/track/cmf/ Frame A9F5 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Aug 2021 05:31:02 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
xuid
eb2.3lift.com/ Frame A9F5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=5989&xuid=CAESELHTymWOFlJ72dIr6QHGLyA&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESELHTymWOFlJ72dIr6QHGLyA&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 05:31:02 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma
no-cache
date
Thu, 12 Aug 2021 05:31:02 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESELHTymWOFlJ72dIr6QHGLyA&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
332
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame A9F5
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTIxODk1NzkzMzQ3OTEzNTI4OTM%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTIxODk1NzkzMzQ3OTEzNTI4OTM%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Aug 2021 05:31:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTIxODk1NzkzMzQ3OTEzNTI4OTM%3D
date
Thu, 12 Aug 2021 05:31:01 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
c.gif
c.bing.com/ Frame A9F5 		42 B
246 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=12189579334791352893&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Aug 2021 05:31:01 GMT
etag
"9d284f105d6fd71:0"
last-modified
Fri, 02 Jul 2021 16:12:32 GMT
x-msedge-ref
Ref A: 308BC266F8CE456D9ACB90DB3C3C32CE Ref B: FRAEDGE1420 Ref C: 2021-08-12T05:31:01Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
xuid
eb2.3lift.com/ Frame A9F5
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/12189579334791352893?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-LhVzfn9E2oSBLUWNmZMbZv5lqo43HsrU8RdknFj8vA--~A&dongle=0883
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-LhVzfn9E2oSBLUWNmZMbZv5lqo43HsrU8RdknFj8vA--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 05:31:02 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Thu, 12 Aug 2021 05:31:02 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-LhVzfn9E2oSBLUWNmZMbZv5lqo43HsrU8RdknFj8vA--~A&dongle=0883
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame A9F5
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Feb2.3lift.com%2Fxuid%3Fmid%3D3335%26xuid%3D%24UID%26dongle%3D4d58%26gdpr=1%26gdpr_consent=
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Feb2.3lift.com%252Fxuid%253Fmid%253D3335%2526xuid%253D%2524UID%2526dongle%253D4d58%2526gdpr%3D1%2526gdpr_consent%3D
  • https://eb2.3lift.com/xuid?mid=3335&xuid=7135838635284570558&dongle=4d58&gdpr=1&gdpr_consent=
37 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=3335&xuid=7135838635284570558&dongle=4d58&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 05:31:02 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma
no-cache
Date
Thu, 12 Aug 2021 05:31:02 GMT
X-Proxy-Origin
194.99.105.99; 194.99.105.99; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
0a329928-3b8c-4e72-8370-eee09a4c27d3
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://eb2.3lift.com/xuid?mid=3335&xuid=7135838635284570558&dongle=4d58&gdpr=1&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
iu3
s.amazon-adsystem.com/ Frame A9F5
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=12189579334791352893
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=12189579334791352893&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=12189579334791352893&dcc=t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
209.54.177.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Thu, 12 Aug 2021 05:31:02 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
SFN92EG4SQ57G543ABK0
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=12189579334791352893&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
xuid
eb2.3lift.com/ Frame A9F5
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 05:31:02 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Pragma
no-cache
Date
Thu, 12 Aug 2021 05:31:02 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
95
Content-Type
text/html; charset=utf-8
setuid
ib.adnxs.com/prebid/ Frame A9F5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift_native&gdpr=1&gdpr_consent=&uid=12189579334791352893
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
setuid
ib.adnxs.com/prebid/ Frame A9F5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/prebid/setuid?bidder=triplelift&gdpr=1&gdpr_consent=&uid=12189579334791352893
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers
usync.js
eus.rubiconproject.com/ Frame 5F63 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
b0a7438fc8cab82d754146a72ab30a81c3edece242c9e72effdea4128bd212e1

Request headers

Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 12 Aug 2021 05:31:01 GMT
Content-Encoding
gzip
Last-Modified
Mon, 12 Jul 2021 17:07:27 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=25553
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9360
Expires
Thu, 12 Aug 2021 12:36:54 GMT
bounce
ib.adnxs.com/ Frame F512
Redirect Chain
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
0
803 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 12 Aug 2021 05:31:02 GMT
X-Proxy-Origin
194.99.105.99; 194.99.105.99; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
5b6c2dca-fde6-4652-b834-0fd1642f34ee
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 12 Aug 2021 05:31:02 GMT
X-Proxy-Origin
194.99.105.99; 194.99.105.99; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
c9e87dc8-a612-4d05-8f72-a614d9f54795
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bounce
ib.adnxs.com/ Frame 965C
Redirect Chain
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
0
803 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 12 Aug 2021 05:31:02 GMT
X-Proxy-Origin
194.99.105.99; 194.99.105.99; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
0d8aebe3-4297-41be-8035-12ab8efb50af
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 12 Aug 2021 05:31:02 GMT
X-Proxy-Origin
194.99.105.99; 194.99.105.99; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
096efb34-58df-4644-8036-3b1cddfc4e43
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rubicon
match.adsrvr.org/track/cmf/ Frame 5F63 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.242.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Aug 2021 05:31:02 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
v1
ads.yahoo.com/cms/ Frame 5F63
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KS8HGUSZ-B-JYH3&sigv=1&esig=2~790cdc58fd48216ddd8209b0d903114102e8b294
0
445 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KS8HGUSZ-B-JYH3&sigv=1&esig=2~790cdc58fd48216ddd8209b0d903114102e8b294
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1288:80:800::7001 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 05:31:02 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KS8HGUSZ-B-JYH3&sigv=1&esig=2~790cdc58fd48216ddd8209b0d903114102e8b294
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 5F63
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=a8a66114-b216-4600-8eb7-d3f32f273575
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=a8a66114-b216-4600-8eb7-d3f32f273575
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Content-Type
image/gif

Redirect headers

Date
Thu, 12 Aug 2021 05:30:22 GMT
Server
MT3 3831 a91c15f master cdg-pixel-x25
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=a8a66114-b216-4600-8eb7-d3f32f273575
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 12 Aug 2021 05:30:21 GMT
pixel
cm.g.doubleclick.net/ Frame 5F63
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZjFmODZjNjUwZDgwNzE1ZGZiNTI4OTI2OGFiZWNlZmQyNGU5NTRjMg
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZjFmODZjNjUwZDgwNzE1ZGZiNTI4OTI2OGFiZWNlZmQyNGU5NTRjMg
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Aug 2021 05:31:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=ZjFmODZjNjUwZDgwNzE1ZGZiNTI4OTI2OGFiZWNlZmQyNGU5NTRjMg
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
pixel
cm.g.doubleclick.net/ Frame 5F63
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1M4SEdVU1otQi1KWUgz
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1M4SEdVU1otQi1KWUgz
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Aug 2021 05:31:02 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1M4SEdVU1otQi1KWUgz
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
66ef90d06496cfd000aab8206f2b6221
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
709414.gif
id.rlcdn.com/ Frame 5F63 		0
66 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 05:31:03 GMT
via
1.1 google
alt-svc
clear
content-length
0
tap.php
pixel.rubiconproject.com/ Frame 5F63
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/nGq6-A1jLb-jVp_dwGHZBg?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1630162021251744290
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1630162021251744290
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Content-Type
image/gif

Redirect headers

date
Thu, 12 Aug 2021 05:31:02 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=1630162021251744290
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
tap.php
pixel.rubiconproject.com/ Frame 5F63
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D
  • https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&_test=YRSyFwADtLyELAA4
  • https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YRSyFwADtLyELAA4&_test=YRSyFwADtLyELAA4
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YRSyFwADtLyELAA4&_test=YRSyFwADtLyELAA4
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
78e3bdce5107450057bade54d54a0a7e
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 12 Aug 2021 05:31:03 GMT
via
1.1 varnish
server
Varnish
x-timer
S1628746263.394939,VS0,VE0
x-served-by
cache-fra19129-FRA
x-cache
HIT
location
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YRSyFwADtLyELAA4&_test=YRSyFwADtLyELAA4
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
usync.html
eus.rubiconproject.com/ Frame 99CE
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17632&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
rsid=1|AIfsdBUH+v3fWCPuzNowDE/csJlhOqmt0nZRUZWfOgh1poCfUm/pXMGaZ9WE5/rIRx3CvDzGDmXGQhinMyiRFxj1oVYGhl0PykR7JZeOex0hvG2vYKQxffShJKG3Nw==; ses2=; vis2=361740^1; ses15=; vis15=361740^1; khaos=KS8HGUSZ-B-JYH3; audit=1|hLZGFuTafB23Z0i1SyacCJqpp78UDnSwLdjvSH1/Z71e4ZptzlLxCwiT5hq+N+VPaNgdOVL2Yy93sD/dBAXvNNAPlTu0R9RN; pux=1512%3D101790%262307%3D101790%262974%3D101790%263778%3D101790%26brx%3D101790%262249-DV360-Hosted%3D101790%26goog%3D101790%26idl%3D101790%26
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 12 Aug 2021 05:31:02 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Date
Thu, 12 Aug 2021 05:31:02 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C844 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=43999
expires
Thu, 12 Aug 2021 17:44:21 GMT
date
Thu, 12 Aug 2021 05:31:02 GMT
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 3C3C 		995 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.13.10 /
Resource Hash
8730c26defc411dd8a51f1da47e5ae3804fab6868f7914a26b09d8e0791bbe39

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
uuid2=7280709557202271541
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/

Response headers

Connection
keep-alive
Content-Length
506
Server
nginx/1.13.10
Content-Type
text/html
Last-Modified
Fri, 20 May 2016 02:07:09 GMT
ETag
W/"573e714d-3e3"
Expires
Thu, 06 May 2021 05:24:22 GMT
Cache-Control
max-age=31536000
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Thu, 12 Aug 2021 05:31:02 GMT
Age
8467600
X-Served-By
cache-lga21975-LGA, cache-fra19126-FRA
X-Cache
HIT, HIT
X-Cache-Hits
11367, 807
X-Timer
S1628746262.459129,VS0,VE0
Vary
Accept-Encoding
i.gif
e.serverbid.com/udb/9969/sync/ Frame 9AA0
Redirect Chain
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D%24%7BUID%7D
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=19&userId=2fafc806-b11c-499c-9823-e97ccc5873e6
0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=19&userId=2fafc806-b11c-499c-9823-e97ccc5873e6
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
134.209.129.254 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 05:31:02 GMT
content-length
0

Redirect headers

pragma
no-cache
date
Thu, 12 Aug 2021 05:31:02 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=19&userId=2fafc806-b11c-499c-9823-e97ccc5873e6
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
0
x-request-id
h24k59b9sf4h1bdfudqmn9kljutc2sko
i.gif
e.serverbid.com/udb/9969/sync/ Frame 9AA0
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D28%26userId%3D%24UID
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=7280709557202271541
0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=7280709557202271541
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
134.209.129.254 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 05:31:02 GMT
content-length
0

Redirect headers

Pragma
no-cache
Date
Thu, 12 Aug 2021 05:31:02 GMT
X-Proxy-Origin
194.99.105.99; 194.99.105.99; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
fd160bd2-69c7-4368-b65d-8e99a17c70d7
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=7280709557202271541
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
i.gif
e.serverbid.com/udb/9969/sync/ Frame 9AA0
Redirect Chain
  • https://pixel.advertising.com/ups/56621/occ
  • https://pixel.advertising.com/ups/56621/occ?verify=true
  • https://ups.analytics.yahoo.com/ups/56621/occ?apid=UP7d68f55d-fb2e-11eb-a2a4-069952163948
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UP7d68f55d-fb2e-11eb-a2a4-069952163948
0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UP7d68f55d-fb2e-11eb-a2a4-069952163948
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
134.209.129.254 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 05:31:05 GMT
content-length
0

Redirect headers

Date
Thu, 12 Aug 2021 05:31:05 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UP7d68f55d-fb2e-11eb-a2a4-069952163948
Connection
keep-alive
Content-Length
0
i.gif
e.serverbid.com/udb/9969/sync/ Frame 9AA0
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
  • https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D&C=1
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YRSyGRtJR2S6K9qnaNd5YwAA%261145
0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YRSyGRtJR2S6K9qnaNd5YwAA%261145
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
134.209.129.254 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 05:31:05 GMT
content-length
0

Redirect headers

Pragma
no-cache
Date
Thu, 12 Aug 2021 05:31:05 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YRSyGRtJR2S6K9qnaNd5YwAA%261145
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
282
Expires
Thu, 12 Aug 2021 05:31:05 GMT
i.gif
e.serverbid.com/udb/9969/sync/ Frame 9AA0
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D24%26userId%3D%24UID
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D24%26userId%3D%24UID&sovrn_retry=true
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=24&userId=e2ac2ea0a6023cf1804d8a4d
0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=24&userId=e2ac2ea0a6023cf1804d8a4d
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
134.209.129.254 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 05:31:09 GMT
content-length
0

Redirect headers

Date
Thu, 12 Aug 2021 05:31:09 GMT
Server
nginx
Location
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=24&userId=e2ac2ea0a6023cf1804d8a4d
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
usa
sync.go.sonobi.com/ Frame 9AA0 		0
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/usa?https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=38&userId=
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Madrid, Spain, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 12 Aug 2021 05:31:09 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
ue1-sb1-1cd679e0-b266-4a2b-80db-f162c5621762
p.adsymptotic.com/d/px/ Frame 9AA0
Redirect Chain
  • https://e.serverbid.com/udb/9969/match?redir=https://p.adsymptotic.com/d/px/?_pid=15964%26_rand=0.7497890313207147%26_psign=7af0e337a8b79b30c2c8126809252942%26_puuid=
  • https://p.adsymptotic.com/d/px/ue1-sb1-1cd679e0-b266-4a2b-80db-f162c5621762
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px/ue1-sb1-1cd679e0-b266-4a2b-80db-f162c5621762
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.100.194 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

location
https://p.adsymptotic.com/d/px/ue1-sb1-1cd679e0-b266-4a2b-80db-f162c5621762
cache-control
no-cache
content-length
0
i.gif
e.serverbid.com/udb/9969/sync/ Frame E465
Redirect Chain
  • https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D19%26userId%3D%24%7BUID%7D
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=19&userId=2fafc806-b11c-499c-9823-e97ccc5873e6
0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=19&userId=2fafc806-b11c-499c-9823-e97ccc5873e6
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
134.209.129.254 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 05:31:02 GMT
content-length
0

Redirect headers

pragma
no-cache
date
Thu, 12 Aug 2021 05:31:01 GMT
via
1.1 google
server
Cowboy
access-control-allow-origin
null
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=19&userId=2fafc806-b11c-499c-9823-e97ccc5873e6
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
0
x-request-id
up6su9je17qhbspfjpk0p6bd3bm3dbdv
i.gif
e.serverbid.com/udb/9969/sync/ Frame E465
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D28%26userId%3D%24UID
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=7280709557202271541
0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=7280709557202271541
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
134.209.129.254 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 05:31:02 GMT
content-length
0

Redirect headers

Pragma
no-cache
Date
Thu, 12 Aug 2021 05:31:02 GMT
X-Proxy-Origin
194.99.105.99; 194.99.105.99; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
a5a346e2-7432-46b7-afe9-71ddf49b4920
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=28&userId=7280709557202271541
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
i.gif
e.serverbid.com/udb/9969/sync/ Frame E465
Redirect Chain
  • https://pixel.advertising.com/ups/56621/occ
  • https://pixel.advertising.com/ups/56621/occ?verify=true
  • https://ups.analytics.yahoo.com/ups/56621/occ?apid=UP7d691c4f-fb2e-11eb-99fb-069fb351cf48
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UP7d691c4f-fb2e-11eb-99fb-069fb351cf48
0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UP7d691c4f-fb2e-11eb-99fb-069fb351cf48
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
134.209.129.254 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 05:31:05 GMT
content-length
0

Redirect headers

Date
Thu, 12 Aug 2021 05:31:05 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UP7d691c4f-fb2e-11eb-99fb-069fb351cf48
Connection
keep-alive
Content-Length
0
i.gif
e.serverbid.com/udb/9969/sync/ Frame E465
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D
  • https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D1%26userId%3D&C=1
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YRSyGR0kvKzH2S5.fi9BBwAA%261137
0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YRSyGR0kvKzH2S5.fi9BBwAA%261137
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
134.209.129.254 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 05:31:05 GMT
content-length
0

Redirect headers

Pragma
no-cache
Date
Thu, 12 Aug 2021 05:31:05 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=1&userId=YRSyGR0kvKzH2S5.fi9BBwAA%261137
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
282
Expires
Thu, 12 Aug 2021 05:31:05 GMT
i.gif
e.serverbid.com/udb/9969/sync/ Frame E465
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D24%26userId%3D%24UID
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D24%26userId%3D%24UID&sovrn_retry=true
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=24&userId=e5e998a4b6df9061af3ae0bd
0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=24&userId=e5e998a4b6df9061af3ae0bd
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
134.209.129.254 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 05:31:09 GMT
content-length
0

Redirect headers

Date
Thu, 12 Aug 2021 05:31:09 GMT
Server
nginx
Location
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=24&userId=e5e998a4b6df9061af3ae0bd
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap3ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
0
usa
sync.go.sonobi.com/ Frame E465 		0
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/usa?https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=38&userId=
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Madrid, Spain, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 12 Aug 2021 05:31:09 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-129
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame 78F7
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=17632&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host
eus.rubiconproject.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
rsid=1|AIfsdBUH+v3fWCPuzNowDE/csJlhOqmt0nZRUZWfOgh1poCfUm/pXMGaZ9WE5/rIRx3CvDzGDmXGQhinMyiRFxj1oVYGhl0PykR7JZeOex0hvG2vYKQxffShJKG3Nw==; ses2=; vis2=361740^1; ses15=; vis15=361740^1; khaos=KS8HGUSZ-B-JYH3; audit=1|hLZGFuTafB23Z0i1SyacCJqpp78UDnSwLdjvSH1/Z71e4ZptzlLxCwiT5hq+N+VPaNgdOVL2Yy93sD/dBAXvNNAPlTu0R9RN; pux=1512%3D101790%262307%3D101790%262974%3D101790%263778%3D101790%26brx%3D101790%262249-DV360-Hosted%3D101790%26goog%3D101790%26idl%3D101790%26
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 23 Feb 2021 20:47:52 GMT
ETag
"402b0-119-5bc0708346e00"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 12 Aug 2021 05:31:02 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

Server
AkamaiGHost
Content-Length
0
Location
https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Date
Thu, 12 Aug 2021 05:31:02 GMT
Connection
keep-alive
Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 659C 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba

Request headers

:method
GET
:authority
ads.pubmatic.com
:scheme
https
:path
/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/

Response headers

last-modified
Tue, 15 Jun 2021 06:08:03 GMT
etag
"1300708-3945-5c4c7cc02bd56"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5054
content-type
text/html; charset=UTF-8
cache-control
max-age=43999
expires
Thu, 12 Aug 2021 17:44:21 GMT
date
Thu, 12 Aug 2021 05:31:02 GMT
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame ED2E 		995 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.13.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.13.10 /
Resource Hash
8730c26defc411dd8a51f1da47e5ae3804fab6868f7914a26b09d8e0791bbe39

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
uuid2=7280709557202271541
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/

Response headers

Connection
keep-alive
Content-Length
506
Server
nginx/1.13.10
Content-Type
text/html
Last-Modified
Fri, 20 May 2016 02:07:09 GMT
ETag
W/"573e714d-3e3"
Expires
Thu, 06 May 2021 05:24:22 GMT
Cache-Control
max-age=31536000
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish, 1.1 varnish
Accept-Ranges
bytes
Date
Thu, 12 Aug 2021 05:31:02 GMT
Age
8467600
X-Served-By
cache-lga21975-LGA, cache-fra19126-FRA
X-Cache
HIT, HIT
X-Cache-Hits
11367, 808
X-Timer
S1628746263.510202,VS0,VE0
Vary
Accept-Encoding
ue1-sb1-1cd679e0-b266-4a2b-80db-f162c5621762
p.adsymptotic.com/d/px/ Frame E465
Redirect Chain
  • https://e.serverbid.com/udb/9969/match?redir=https://p.adsymptotic.com/d/px/?_pid=15964%26_rand=0.4457179237831399%26_psign=7af0e337a8b79b30c2c8126809252942%26_puuid=
  • https://p.adsymptotic.com/d/px/ue1-sb1-1cd679e0-b266-4a2b-80db-f162c5621762
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.adsymptotic.com/d/px/ue1-sb1-1cd679e0-b266-4a2b-80db-f162c5621762
Requested by
Host: serverbid-sync.nyc3.cdn.digitaloceanspaces.com
URL: https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/ss/2000248.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.100.194 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://serverbid-sync.nyc3.cdn.digitaloceanspaces.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

location
https://p.adsymptotic.com/d/px/ue1-sb1-1cd679e0-b266-4a2b-80db-f162c5621762
cache-control
no-cache
content-length
0
async_usersync
secure.adnxs.com/ Frame 3C3C 		0
731 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/async_usersync?cbfn=AN_async_load
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 12 Aug 2021 05:31:03 GMT
X-Proxy-Origin
194.99.105.99; 194.99.105.99; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
40fcf237-3842-40d5-8386-fd543dfe2aef
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
secure.adnxs.com/ Frame ED2E 		0
731 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/async_usersync?cbfn=AN_async_load
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 12 Aug 2021 05:31:03 GMT
X-Proxy-Origin
194.99.105.99; 194.99.105.99; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
06e60cd1-4ad4-4486-a60b-473f328948ee
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 99CE 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
b0a7438fc8cab82d754146a72ab30a81c3edece242c9e72effdea4128bd212e1

Request headers

Referer
https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 12 Aug 2021 05:31:02 GMT
Content-Encoding
gzip
Last-Modified
Mon, 12 Jul 2021 17:07:27 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=25552
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9360
Expires
Thu, 12 Aug 2021 12:36:54 GMT
usync.js
eus.rubiconproject.com/ Frame 78F7 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-109-78-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
b0a7438fc8cab82d754146a72ab30a81c3edece242c9e72effdea4128bd212e1

Request headers

Referer
https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 12 Aug 2021 05:31:02 GMT
Content-Encoding
gzip
Last-Modified
Mon, 12 Jul 2021 17:07:27 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=25552
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9360
Expires
Thu, 12 Aug 2021 12:36:54 GMT
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 99CE 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=17632
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=17632&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.151.80 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
0228ab361cece0438ff9eb16e4e5890e
Content-Type
image/gif
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 78F7 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=17632
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_GCM
Server
69.173.151.80 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
19ea072139d67f7022c6e463249c998e
Content-Type
image/gif
PugMaster
image6.pubmatic.com/AdServer/ Frame C844 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=35957162&p=156319&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
c2d31208249367f54bd479cdc4000246b87603771157fbb4fd19123e437e24e5

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 05:31:02 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=0&hp=1&zMoatAdUnit1=ssp.krtv&zMoatAdUnit2=inview-bottom&wf=1&ra=3&pxm=3&sgs=3&vb=4&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CRACKED_SCRIPPS_DFP_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-shc9GZ%2BZ4OBI7PZR7NeP1dVlogBIfVcrVAZRAnlp9pAdeA81EcR7fkgw&sc=1&os=1-qg%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=(Gm%2B%5Eh%3A)jA&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.krtv.com%2Fnews%2Fnational%2Faccenture-restores-systems-following-reported-ransomware-attack&pcode=crackedscrippsdfpprebidheader262014341684&ql=&qo=0&vf=1&vg=100&bq=11&zMoatpage=-&zMoatpos=above%2C1&zMoatpt=detail%2Cfalse&g=4&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&rm=1&fy=436&gp=1105&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.krtv.com%2Fnews%2Fnational%2Faccenture-restores-systems-following-reported-ransomware-attack&id=1&ii=4&f=0&j=&t=1628746255601&de=360691635100&rx=181927217430&cu=1628746255601&m=7338&ar=4790001-clean&iw=40ef2d8&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=1105&lb=3538&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A753%3A753%3A3682%3A749&as=1&ag=5167&an=1153&gi=1&gf=5167&gg=1153&ix=5167&ic=5167&ez=1&ck=1153&kw=1003&aj=1&pg=100&pf=100&ib=1&cc=1&bw=5167&bx=1153&ci=1153&jz=1003&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5018&cd=1003&ah=5018&am=1003&xd=00&rf=0&re=0&wb=2&cl=0&at=0&d=16839141%3A237842901%3A5250393788%3A138298488418&gw=crackedscrippsdfpprebidheader262014341684&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=193790&na=214864451&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Aug 2021 05:31:02 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 12 Aug 2021 05:31:02 GMT
async_usersync
ib.adnxs.com/ Frame F512 		0
731 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 12 Aug 2021 05:31:03 GMT
X-Proxy-Origin
194.99.105.99; 194.99.105.99; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
4dead642-fa62-4bd8-8056-ac285b4624bd
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 965C 		0
731 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.50 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
728.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.17.9 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 12 Aug 2021 05:31:03 GMT
X-Proxy-Origin
194.99.105.99; 194.99.105.99; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
1056834c-8fcf-4135-8869-548d88193af6
Server
nginx/1.17.9
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
match
c1.adform.net/serving/cookie/ Frame 9793 		35 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=32F0BC0C-2763-4FAF-9C87-B4A19F5371E3
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
c1.adform.net
:scheme
https
:path
/serving/cookie/match?party=14&cid=32F0BC0C-2763-4FAF-9C87-B4A19F5371E3
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
C=1; uid=8268701735968554551
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Thu, 12 Aug 2021 05:31:03 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, no-transform
pragma
no-cache
expires
-1
set-cookie
uid=8268701735968554551; expires=Mon, 11 Oct 2021 05:31:03 GMT; domain=adform.net; path=/; secure; samesite=none
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
strict-transport-security
max-age=31536000; includeSubDomains
pubmatic
d5p.de17a.com/getuid/ Frame F30A 		35 B
134 B 		Document
General
Check archive.org
Download Go to
Full URL
https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
213.155.156.168 Uppsala, Sweden, ASN1299 (TELIANET Telia Carrier, SE),
Reverse DNS
213-155-156-168.teliacarrier-cust.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

:method
GET
:authority
d5p.de17a.com
:scheme
https
:path
/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

content-length
35
content-type
image/gif
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
dis.criteo.com/dis/ Frame 5EA2 		43 B
360 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.151 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method
GET
:authority
dis.criteo.com
:scheme
https
:path
/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

cache-control
no-cache
pragma
no-cache
content-type
image/gif
expires
Thu, 12 Aug 2021 00:00:00 GMT
server
Microsoft-IIS/10.0
x-errorlevel
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1273
x-powered-by
ASP.NET
date
Thu, 12 Aug 2021 05:31:02 GMT
content-length
43
Pug
simage2.pubmatic.com/AdServer/ Frame D2CF
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6995411933071341714
42 B
520 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6995411933071341714
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6995411933071341714
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=32F0BC0C-2763-4FAF-9C87-B4A19F5371E3; chkChromeAb67Sec=1; DPSync3=1629936000%3A197_219_201%7C1628812800%3A174; SyncRTB3=1629936000%3A21_234_13_54_8_165_176_220_161_3_81_55_88_230_204_7_56_71_22_99_231_166_189%7C1629331200%3A15_223_2_67%7C1631318400%3A203%7C1629590400%3A63%7C1630022400%3A35
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Thu, 12 Aug 2021 05:31:06 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_1101=23040-6995411933071341714; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 11-Sep-2021 05:31:06 GMT; path=/ PugT=1628746266; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 11-Sep-2021 05:31:06 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 10-Nov-2021 05:31:06 GMT; path=/
x-lat
lhrpug008:0:413
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

Server
nginx
Date
Thu, 12 Aug 2021 05:31:03 GMT
Transfer-Encoding
chunked
Connection
keep-alive
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie
UserID1=6995411933071341714; Max-Age=7776000; domain=.adfarm1.adition.com; Path=/; SameSite=None; Secure
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6995411933071341714
redir
rtb-csync.smartadserver.com/ Frame 827D
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCNXYwN0NLV1FBQUZsb3VOdU9tZw&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAB5v07CKWQAAFlouNuOmg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_curre...
43 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAB5v07CKWQAAFlouNuOmg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.89 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Host
rtb-csync.smartadserver.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Thu, 12 Aug 2021 05:31:06 GMT
content-type
image/gif
transfer-encoding
chunked

Redirect headers

Date
Thu, 12 Aug 2021 05:31:06 GMT
location
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAB5v07CKWQAAFlouNuOmg&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
Content-Length
0
Connection
keep-alive
Pug
simage2.pubmatic.com/AdServer/ Frame E765
Redirect Chain
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
0
88 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=32F0BC0C-2763-4FAF-9C87-B4A19F5371E3; chkChromeAb67Sec=1; DPSync3=1629936000%3A197_219_201%7C1628812800%3A174; SyncRTB3=1629936000%3A21_234_13_54_8_165_176_220_161_3_81_55_88_230_204_7_56_71_22_99_231_166_189%7C1629331200%3A15_223_2_67%7C1631318400%3A203%7C1629590400%3A63%7C1630022400%3A35
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Thu, 12 Aug 2021 05:31:06 GMT
content-type
text/html; charset=utf-8
x-lat
lhrpug009:2:320
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private
content-encoding
gzip

Redirect headers

set-cookie
viewer_token=74962f41-d34f-46ab-b05b-6522da448b71; path=/; domain=csync.loopme.me; Expires=Sun, 12-Sep-2021 05:31:03 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
content-length
0
date
Thu, 12 Aug 2021 05:31:03 GMT
server
_
Pug
simage2.pubmatic.com/AdServer/ Frame E87E
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=5819635973
  • https://sync.1rx.io/usersync/tradedesk/d31170c9-dbb0-4d16-ad6c-fdcb20ff1c48
  • https://sync.targeting.unrulymedia.com/csync/RX-0ea0ee20-602f-4486-8077-c2bad2c143a5-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-0ea0ee20-602f-4486-8077-c2bad2c143a5-003
42 B
346 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-0ea0ee20-602f-4486-8077-c2bad2c143a5-003
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-0ea0ee20-602f-4486-8077-c2bad2c143a5-003
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=32F0BC0C-2763-4FAF-9C87-B4A19F5371E3; chkChromeAb67Sec=1; DPSync3=1629936000%3A197_219_201%7C1628812800%3A174; SyncRTB3=1629936000%3A21_234_13_54_8_165_176_220_161_3_81_55_88_230_204_7_56_71_22_99_231_166_189%7C1629331200%3A15_223_2_67%7C1631318400%3A203%7C1629590400%3A63%7C1630022400%3A35; KRTBCOOKIE_153=19420-zhnezJoa357VSdyezh_Czp5L18HVS9ubzx_RV5bP&KRTB&22979-zhnezJoa357VSdyezh_Czp5L18HVS9ubzx_RV5bP; PUBMDCID=3; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_57=22776-7280709557202271541; KRTBCOOKIE_80=22987-CAESEGrnO-MNcGz2iMKsAbhrDsY&KRTB&16514-CAESEGrnO-MNcGz2iMKsAbhrDsY&KRTB&23025-CAESEGrnO-MNcGz2iMKsAbhrDsY; SPugT=1628746265; KRTBCOOKIE_409=22966-q2iV2DJwua4Cbk8F8XwmXTDr; PugT=1628746266; KRTBCOOKIE_1101=23040-6995411933071341714; KRTBCOOKIE_466=16530-b1a97c2c-ece5-4c2e-9953-d3d90341f8d8; KRTBCOOKIE_22=14911-2802036076063539463; KRTBCOOKIE_218=22978-YRSyFwADiZ7T3QAC&KRTB&23194-YRSyFwADiZ7T3QAC&KRTB&23209-YRSyFwADiZ7T3QAC&KRTB&23244-YRSyFwADiZ7T3QAC; KRTBCOOKIE_27=16735-uid:a8a66114-b216-4600-8eb7-d3f32f273575&KRTB&16736-uid:a8a66114-b216-4600-8eb7-d3f32f273575&KRTB&23019-uid:a8a66114-b216-4600-8eb7-d3f32f273575&KRTB&23114-uid:a8a66114-b216-4600-8eb7-d3f32f273575; KRTBCOOKIE_377=6810-d31170c9-dbb0-4d16-ad6c-fdcb20ff1c48&KRTB&22918-d31170c9-dbb0-4d16-ad6c-fdcb20ff1c48&KRTB&23031-d31170c9-dbb0-4d16-ad6c-fdcb20ff1c48; KRTBCOOKIE_391=22924-8268701735968554551&KRTB&23263-8268701735968554551; KRTBCOOKIE_1074=22956-e_209115a7-4780-47b6-b5e2-fa15e7e1787f
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Thu, 12 Aug 2021 05:31:10 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_594=17105-RX-0ea0ee20-602f-4486-8077-c2bad2c143a5-003&KRTB&17107-RX-0ea0ee20-602f-4486-8077-c2bad2c143a5-003; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 10-Nov-2021 05:31:10 GMT; path=/ PugT=1628746270; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 11-Sep-2021 05:31:10 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 10-Nov-2021 05:31:10 GMT; path=/
x-lat
lhrpug017:0:462
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
Tengine
date
Thu, 12 Aug 2021 05:31:10 GMT
content-type
text/html
set-cookie
_rxuuid=%7B%22rx_uuid%22%3A%22RX-0ea0ee20-602f-4486-8077-c2bad2c143a5-003%22%7D; path=/; expires=Fri, 12 Aug 2022 05:31:10 GMT; domain=.targeting.unrulymedia.com; samesite=none; secure; httponly
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-0ea0ee20-602f-4486-8077-c2bad2c143a5-003
etag
RX0ea0ee20602f44868077c2bad2c143a5003
dpe
ad4m.at/ad/ Frame 947B 		42 B
974 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3039::6815:c073 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method
GET
:authority
ad4m.at
:scheme
https
:path
/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Thu, 12 Aug 2021 05:31:03 GMT
content-type
image/gif
content-length
42
report-to
{"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires
0
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy
block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy
same-origin
pragma
no-cache
surrogate-control
no-store
x-fastcgi-cache
BYPASS
x-backend-server
adsrv-7b12
via
1.1 google
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
67d750b1186915e8-ARN
Pug
image2.pubmatic.com/AdServer/ Frame D9B3
Redirect Chain
  • https://green.erne.co/pubmatic/cm?
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=q2iV2DJwua4Cbk8F8XwmXTDr
42 B
372 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=q2iV2DJwua4Cbk8F8XwmXTDr
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

:method
GET
:authority
image2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=q2iV2DJwua4Cbk8F8XwmXTDr
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=32F0BC0C-2763-4FAF-9C87-B4A19F5371E3; chkChromeAb67Sec=1; DPSync3=1629936000%3A197_219_201%7C1628812800%3A174; SyncRTB3=1629936000%3A21_234_13_54_8_165_176_220_161_3_81_55_88_230_204_7_56_71_22_99_231_166_189%7C1629331200%3A15_223_2_67%7C1631318400%3A203%7C1629590400%3A63%7C1630022400%3A35; KRTBCOOKIE_153=19420-zhnezJoa357VSdyezh_Czp5L18HVS9ubzx_RV5bP&KRTB&22979-zhnezJoa357VSdyezh_Czp5L18HVS9ubzx_RV5bP; PugT=1628746264; PUBMDCID=3; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_57=22776-7280709557202271541; KRTBCOOKIE_80=22987-CAESEGrnO-MNcGz2iMKsAbhrDsY&KRTB&16514-CAESEGrnO-MNcGz2iMKsAbhrDsY&KRTB&23025-CAESEGrnO-MNcGz2iMKsAbhrDsY; SPugT=1628746265
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Thu, 12 Aug 2021 05:31:06 GMT
content-type
image/gif; charset=utf-8
content-length
42
set-cookie
KRTBCOOKIE_409=22966-q2iV2DJwua4Cbk8F8XwmXTDr; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 11-Sep-2021 05:31:06 GMT; path=/ PugT=1628746266; domain=pubmatic.com; SameSite=None; secure; expires=Sat, 11-Sep-2021 05:31:06 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 10-Nov-2021 05:31:06 GMT; path=/
x-lat
lhrpug017:0:304
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

server
openresty
date
Thu, 12 Aug 2021 05:31:06 GMT
content-length
0
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
set-cookie
u=q2iV2DJwua4Cbk8F8XwmXTDr; Max-Age=31536000; Domain=.erne.co; Path=/; Secure; SameSite=None
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=q2iV2DJwua4Cbk8F8XwmXTDr
strict-transport-security
max-age=0; includeSubDomains;
bridge
cm.adgrx.com/ Frame 2968 		43 B
408 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.231.181.122 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Host
cm.adgrx.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://ads.pubmatic.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

Date
Thu, 12 Aug 2021 05:31:10 GMT
Content-Type
image/gif
Content-Length
43
Connection
keep-alive
server
Cowboy
X-RealServer-NX
ams-delivery-3
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Pragma
no-cache
Expires
Thu, 23 Sep 2004 17:42:04 GMT
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Pug
simage2.pubmatic.com/AdServer/ Frame 5327
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%%
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=DSouyefzClMM&pid=557219
1 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=DSouyefzClMM&pid=557219
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

:method
GET
:authority
simage2.pubmatic.com
:scheme
https
:path
/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=DSouyefzClMM&pid=557219
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
KADUSERCOOKIE=32F0BC0C-2763-4FAF-9C87-B4A19F5371E3; chkChromeAb67Sec=1; DPSync3=1629936000%3A197_219_201%7C1628812800%3A174; SyncRTB3=1629936000%3A21_234_13_54_8_165_176_220_161_3_81_55_88_230_204_7_56_71_22_99_231_166_189%7C1629331200%3A15_223_2_67%7C1631318400%3A203%7C1629590400%3A63%7C1630022400%3A35; KRTBCOOKIE_153=19420-zhnezJoa357VSdyezh_Czp5L18HVS9ubzx_RV5bP&KRTB&22979-zhnezJoa357VSdyezh_Czp5L18HVS9ubzx_RV5bP; PUBMDCID=3; KRTBCOOKIE_188=3189-no-consent; KRTBCOOKIE_57=22776-7280709557202271541; KRTBCOOKIE_80=22987-CAESEGrnO-MNcGz2iMKsAbhrDsY&KRTB&16514-CAESEGrnO-MNcGz2iMKsAbhrDsY&KRTB&23025-CAESEGrnO-MNcGz2iMKsAbhrDsY; SPugT=1628746265; KRTBCOOKIE_409=22966-q2iV2DJwua4Cbk8F8XwmXTDr; PugT=1628746266; KRTBCOOKIE_1101=23040-6995411933071341714; KRTBCOOKIE_466=16530-b1a97c2c-ece5-4c2e-9953-d3d90341f8d8; KRTBCOOKIE_22=14911-2802036076063539463; KRTBCOOKIE_218=22978-YRSyFwADiZ7T3QAC&KRTB&23194-YRSyFwADiZ7T3QAC&KRTB&23209-YRSyFwADiZ7T3QAC&KRTB&23244-YRSyFwADiZ7T3QAC; KRTBCOOKIE_27=16735-uid:a8a66114-b216-4600-8eb7-d3f32f273575&KRTB&16736-uid:a8a66114-b216-4600-8eb7-d3f32f273575&KRTB&23019-uid:a8a66114-b216-4600-8eb7-d3f32f273575&KRTB&23114-uid:a8a66114-b216-4600-8eb7-d3f32f273575; KRTBCOOKIE_377=6810-d31170c9-dbb0-4d16-ad6c-fdcb20ff1c48&KRTB&22918-d31170c9-dbb0-4d16-ad6c-fdcb20ff1c48&KRTB&23031-d31170c9-dbb0-4d16-ad6c-fdcb20ff1c48; KRTBCOOKIE_391=22924-8268701735968554551&KRTB&23263-8268701735968554551; KRTBCOOKIE_1074=22956-e_209115a7-4780-47b6-b5e2-fa15e7e1787f
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

server
nginx
date
Thu, 12 Aug 2021 05:31:10 GMT
content-type
text/html; charset=utf-8
content-length
1
set-cookie
PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 10-Nov-2021 05:31:10 GMT; path=/
x-lat
lhrpug001:0:369
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-store, no-cache, private

Redirect headers

p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cw-server
bh-deployment-84459f4bbf-mxbgh
cache-control
private, max-age=0, no-cache, no-store
expires
-1
content-language
en-US
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=DSouyefzClMM&pid=557219
server
Jetty(9.4.14.v20181114)
strict-transport-security
max-age=15768000
set-cookie
INGRESSCOOKIE=e682dbb7d1672424; path=/; HttpOnly; Secure; SameSite=None
i.match
s.tribalfusion.com/z/ Frame 74EA
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
440 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

:method
GET
:authority
s.tribalfusion.com
:scheme
https
:path
/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
ANON_ID=aMnoeUR3YWy7UXuTub7Q3bA9beNTEySaIUOAATbh
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

date
Thu, 12 Aug 2021 05:31:04 GMT
content-type
image/gif; charset=utf-8
content-length
43
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
302
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
set-cookie
ANON_ID=aNnseFyg6AarA7u8QGNxXsrZaTFnU4ppxjZcsrdNLTdQYHM72RXw3GtvZb76yeacSevlqZc3rP5kZah4K2CMCcGDP; path=/; domain=.tribalfusion.com; expires=Wed, 10-Nov-2021 05:31:03 GMT; SameSite=None; Secure; ANON_ID_old=aNnseFyg6AarA7u8QGNxXsrZaTFnU4ppxjZcsrdNLTdQYHM72RXw3GtvZb76yeacSevlqZc3rP5kZah4K2CMCcGDP; path=/; domain=.tribalfusion.com; expires=Wed, 10-Nov-2021 05:31:03 GMT;
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
67d750b1c896fa18-AMS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400

Redirect headers

date
Thu, 12 Aug 2021 05:31:03 GMT
content-type
text/html
p3p
CP="NOI DEVo TAIa OUR BUS"
x-function
206
x-reuse-index
2634
cache-control
no-cache private
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
set-cookie
ANON_ID=aMnoeUR3YWy7UXuTub7Q3bA9beNTEySaIUOAATbh; path=/; domain=.tribalfusion.com; expires=Wed, 10-Nov-2021 05:31:03 GMT; SameSite=None; Secure; ANON_ID_old=aMnoeUR3YWy7UXuTub7Q3bA9beNTEySaIUOAATbh; path=/; domain=.tribalfusion.com; expires=Wed, 10-Nov-2021 05:31:03 GMT;
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
67d750b0adf6fa18-AMS
alt-svc
h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
141
match.deepintent.com/usersync/ Frame 8740 		0
44 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw%26piggybackCookie%3D%24%7BDI_USER_ID%7D&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
match.deepintent.com
:scheme
https
:path
/usersync/141?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw%26piggybackCookie%3D%24%7BDI_USER_ID%7D&gdpr=0&gdpr_consent=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

content-length
0
date
Thu, 12 Aug 2021 05:31:04 GMT
server
b
i.gif
e.serverbid.com/udb/9969/sync/ Frame 8C4B 		0
44 B 		Document
General
Check archive.org
Download Go to
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=4&userId=32F0BC0C-2763-4FAF-9C87-B4A19F5371E3
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
134.209.129.254 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
e.serverbid.com
:scheme
https
:path
/udb/9969/sync/i.gif?partnerId=4&userId=32F0BC0C-2763-4FAF-9C87-B4A19F5371E3
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://ads.pubmatic.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
azk=ue1-sb1-1cd679e0-b266-4a2b-80db-f162c5621762
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://ads.pubmatic.com/

Response headers

content-length
0
date
Thu, 12 Aug 2021 05:31:02 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame C844
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=MvC8DCdjT6-ch7Shn1Nx4w%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 05:31:03 GMT
content-encoding
gzip
last-modified
Tue, 15 Jun 2021 06:08:03 GMT
server
Apache/2.2.15 (CentOS)
etag
"1300708-3945-5c4c7cc02bd56"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=43998
accept-ranges
bytes
content-type
text/html; charset=UTF-8
content-length
5054
expires
Thu, 12 Aug 2021 17:44:21 GMT

Redirect headers

pragma
no-cache
date
Thu, 12 Aug 2021 05:31:03 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame C844
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=a8a66114-b216-4600-8eb7-d3f32f273575
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=a8a66114-b216-4600-8eb7-d3f32f273575
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 05:31:02 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Thu, 12 Aug 2021 05:30:23 GMT
Server
MT3 3831 a91c15f master cdg-pixel-x28
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=a8a66114-b216-4600-8eb7-d3f32f273575
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 12 Aug 2021 05:30:22 GMT
mw
mwzeom.zeotap.com/ Frame C844
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=32F0BC0C-2763-4FAF-9C87-B4A19F5371E3
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=692ae379967479d50e535a76ae029d4b
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1
  • https://pixel.onaudience.com/?partner=147&mapped=d31170c9-dbb0-4d16-ad6c-fdcb20ff1c48&icm
  • https://spl.zeotap.com/?zdid=1332&zcluid=749a0b42e6d35195
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=9cdf5c21-2b1e-403f-6b7a-d659d8e839f3&reqId=e4d5d1d4-d449-4975-5fdb-a8c642ed7c42&zclui...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESEMSHh9yiaFGJnhT-U6mRTSA&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=9cdf5c21-2b1e-403f-6b7a-d659d8e839f3&reqId=e4d5d1d4-d449-4975-5fdb-a8c...
95 B
164 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESEMSHh9yiaFGJnhT-U6mRTSA&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=9cdf5c21-2b1e-403f-6b7a-d659d8e839f3&reqId=e4d5d1d4-d449-4975-5fdb-a8c642ed7c42&zcluid=749a0b42e6d35195&zdid=1332
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 05:31:05 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
67d750bd79ed0d4e-ARN
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Thu, 12 Aug 2021 05:31:05 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://mwzeom.zeotap.com/mw?google_gid=CAESEMSHh9yiaFGJnhT-U6mRTSA&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=9cdf5c21-2b1e-403f-6b7a-d659d8e839f3&reqId=e4d5d1d4-d449-4975-5fdb-a8c642ed7c42&zcluid=749a0b42e6d35195&zdid=1332
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
469
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame C844
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MzJGMEJDMEMtMjc2My00RkFGLTlDODctQjRBMTlGNTM3MUUz&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
42 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 05:31:04 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug006:0:436
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 12 Aug 2021 05:31:03 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame C844
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGrnO-MNcGz2iMKsAbhrDsY&google_cver=1
42 B
281 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGrnO-MNcGz2iMKsAbhrDsY&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 05:31:04 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug013:0:435
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 12 Aug 2021 05:31:03 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEGrnO-MNcGz2iMKsAbhrDsY&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame C844 		43 B
609 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
159.253.128.188 Amsterdam, Netherlands, ASN36351 (SOFTLAYER, US),
Reverse DNS
bc.80.fd9f.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 05:31:04 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Wed, 11 Aug 2021 05:31:04 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame C844
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:a8a66114-b216-4600-8eb7-d3f32f273575&gdpr=0&gdpr_consent=
42 B
340 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:a8a66114-b216-4600-8eb7-d3f32f273575&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 05:31:06 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug006:0:524
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Thu, 12 Aug 2021 05:30:23 GMT
Server
MT3 3831 a91c15f master cdg-pixel-x31
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:a8a66114-b216-4600-8eb7-d3f32f273575&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 12 Aug 2021 05:30:22 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame C844
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8268701735968554551
42 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8268701735968554551
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 05:31:06 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug013:0:543
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 12 Aug 2021 05:31:03 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=8268701735968554551
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
simage2.pubmatic.com/AdServer/ Frame C844
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=d31170c9-dbb0-4d16-ad6c-fdcb20ff1c48
42 B
292 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=d31170c9-dbb0-4d16-ad6c-fdcb20ff1c48
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 05:31:06 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug019:0:481
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 12 Aug 2021 05:31:03 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=d31170c9-dbb0-4d16-ad6c-fdcb20ff1c48
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
313
Pug
image2.pubmatic.com/AdServer/ Frame C844
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7280709557202271541&gdpr=0&gdpr_consent=
42 B
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7280709557202271541&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 05:31:04 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug019:0:411
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma
no-cache
Date
Thu, 12 Aug 2021 05:31:03 GMT
X-Proxy-Origin
194.99.105.99; 194.99.105.99; 728.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid
84537902-6191-4cad-aa4d-5539cf540dca
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=7280709557202271541&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
32F0BC0C-2763-4FAF-9C87-B4A19F5371E3
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame C844 		43 B
203 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/32F0BC0C-2763-4FAF-9C87-B4A19F5371E3?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1288:110:c305::8000 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 05:31:03 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
expires
Thu, 01 Jan 1970 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame C844
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=32F0BC0C-2763-4FAF-9C87-B4A19F5371E3&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-E6EA00JE2uVT7j7h32akdBx4paybLNg-~A&gdpr=0&gdpr_consent=
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-E6EA00JE2uVT7j7h32akdBx4paybLNg-~A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 05:31:03 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Thu, 12 Aug 2021 05:31:04 GMT
Server
ATS/7.1.2.128
Age
0
Strict-Transport-Security
max-age=31536000
P3P
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-E6EA00JE2uVT7j7h32akdBx4paybLNg-~A&gdpr=0&gdpr_consent=
Connection
keep-alive
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame C844
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/ul_cb/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=pubmatic
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=1870471597376003085&expires=30&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=b1a97c2c-ece5-4c2e-9953-d3d90341f8d8&gdpr=&gdpr_consent=&gdpr_pd=
1 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=b1a97c2c-ece5-4c2e-9953-d3d90341f8d8&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 05:31:06 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug011:0:400
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=b1a97c2c-ece5-4c2e-9953-d3d90341f8d8&gdpr=&gdpr_consent=&gdpr_pd=
date
Thu, 12 Aug 2021 05:31:04 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
Pug
image2.pubmatic.com/AdServer/ Frame C844
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=zhnezJoa357VSdyezh_Czp5L18HVS9ubzx_RV5bP
42 B
581 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=zhnezJoa357VSdyezh_Czp5L18HVS9ubzx_RV5bP
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 05:31:04 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug010:0:362
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 12 Aug 2021 05:31:03 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=zhnezJoa357VSdyezh_Czp5L18HVS9ubzx_RV5bP
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame C844
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2802036076063539463&gdpr=0&gdpr_consent=&us_privacy=
1 B
168 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2802036076063539463&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 05:31:06 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug014:0:383
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=2802036076063539463&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Thu, 12 Aug 2021 05:31:02 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame C844
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YRSyFwADiZ7T3QAC&gdpr=0&gdpr_consent=&_test=YRSyFwADiZ7T3QAC
1 B
238 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YRSyFwADiZ7T3QAC&gdpr=0&gdpr_consent=&_test=YRSyFwADiZ7T3QAC
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 05:31:06 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug010:0:376
server
nginx
content-type
text/html; charset=utf-8
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 12 Aug 2021 05:31:03 GMT
via
1.1 varnish
server
Varnish
x-timer
S1628746263.402678,VS0,VE0
x-served-by
cache-fra19129-FRA
x-cache
HIT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YRSyFwADiZ7T3QAC&gdpr=0&gdpr_consent=&_test=YRSyFwADiZ7T3QAC
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
current
pubmatic-match.dotomi.com/match/bounce/ Frame C844 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=32F0BC0C-2763-4FAF-9C87-B4A19F5371E3&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:13::1370 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Aug 2021 05:31:04 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame C844
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:230cd2d3-1488-4a81-8676-8e7e0612cdd8&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:230cd2d3-1488-4a81-8676-8e7e0612cdd8&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 05:31:06 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug012:0:360
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:230cd2d3-1488-4a81-8676-8e7e0612cdd8&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Thu, 12 Aug 2021 05:31:04 GMT
Server
Apache/2.4.41 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Pug
image2.pubmatic.com/AdServer/ Frame C844
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
42 B
203 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 05:31:04 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug012:0:382
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Thu, 12 Aug 2021 05:31:04 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame C844
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7280709557202271541
0
0
Pug
simage2.pubmatic.com/AdServer/ Frame C844
Redirect Chain
  • https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_209115a7-4780-47b6-b5e2-fa15e7e1787f
42 B
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_209115a7-4780-47b6-b5e2-fa15e7e1787f
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 05:31:06 GMT
cache-control
no-store, no-cache, private
x-lat
lhrpug020:0:738
server
nginx
content-type
image/gif; charset=utf-8
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_209115a7-4780-47b6-b5e2-fa15e7e1787f
date
Thu, 12 Aug 2021 05:31:04 GMT
p3p
CP="This is not a P3P policy"
server
nginx
timing-allow-origin
*
content-length
0
content-language
en-US
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=9&q=1&hp=1&zMoatAdUnit1=ssp.krtv&zMoatAdUnit2=inview-bottom&wf=1&ra=3&pxm=3&sgs=3&vb=4&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=-&i=CRACKED_SCRIPPS_DFP_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-shc9GZ%2BZ4OBI7PZR7NeP1dVlogBIfVcrVAZRAnlp9pAdeA81EcR7fkgw&sc=1&os=1-qg%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=(Gm%2B%5Eh%3A)jA&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.krtv.com%2Fnews%2Fnational%2Faccenture-restores-systems-following-reported-ransomware-attack&pcode=crackedscrippsdfpprebidheader262014341684&ql=&qo=0&vf=1&vg=100&bq=11&zMoatpage=-&zMoatpos=above%2C1&zMoatpt=detail%2Cfalse&g=5&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&rm=1&fy=436&gp=1105&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.krtv.com%2Fnews%2Fnational%2Faccenture-restores-systems-following-reported-ransomware-attack&id=1&ii=4&f=0&j=&t=1628746255601&de=360691635100&rx=181927217430&cu=1628746255601&m=7539&ar=4790001-clean&iw=40ef2d8&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=1105&lb=3538&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A753%3A753%3A3682%3A749&as=1&ag=5368&an=5167&gi=1&gf=5368&gg=5167&ix=5368&ic=5368&ez=1&ck=1153&kw=1003&aj=1&pg=100&pf=100&ib=1&cc=1&bw=5368&bx=5167&ci=1153&jz=1003&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=5218&cd=5018&ah=5218&am=5018&xd=00&rf=0&re=0&wb=2&cl=0&at=0&d=16839141%3A237842901%3A5250393788%3A138298488418&gw=crackedscrippsdfpprebidheader262014341684&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=193790&na=1996463376&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Aug 2021 05:31:03 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 12 Aug 2021 05:31:03 GMT
st
capi.connatix.com/tr/ Frame B15F 		0
293 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/st?v=126004
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.22.136.188 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-22-136-188.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data

Response headers

Date
Thu, 12 Aug 2021 05:31:03 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
multipart/form-data
Access-Control-Allow-Origin
https://www.krtv.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
SPug
simage4.pubmatic.com/AdServer/ Frame C844 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156319&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&predirect=https%3A%2F%2Fe.serverbid.com%2Fudb%2F9969%2Fsync%2Fi.gif%3FpartnerId%3D4%26userId%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 12 Aug 2021 05:31:05 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
g
capi.connatix.com/rtb/ Frame B15F 		130 B
415 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/rtb/g?v=126004
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.22.136.188 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-22-136-188.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
39a476dc1f2864fe392a6c7adb5fb772306b7a2ad574cb75229e95fd1b862667

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data

Response headers

Date
Thu, 12 Aug 2021 05:31:07 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
multipart/form-data
Access-Control-Allow-Origin
https://www.krtv.com
transfer-encoding
chunked
Connection
keep-alive
Access-Control-Allow-Credentials
true
pixel.gif
px.moatads.com/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.moatads.com/pixel.gif?e=25&q=2&hp=1&zMoatAdUnit1=ssp.krtv&zMoatAdUnit2=inview-bottom&wf=1&ra=3&pxm=3&sgs=3&vb=4&kq=1&lo=1&uk=null&pk=1&wk=1&rk=1&tk=0&ak=https%3A%2F%2F9e10fba2caf64a2003141bd5460a3e52.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&i=CRACKED_SCRIPPS_DFP_PREBID_HEADER1&ol=0&qn=%604%7BZEYwoqI%24%5BK%2BdLLU)%2CMm~t8!Z.%5BMhS%3A15.sn_003etW6~P6Jn)s)wC%24GL3jX%7BQqDOJ%3Eoy)G3p%2FhFjrR8D4Sq_GVK61%5Dml%22ZzTm!ja8V%22%3BU%5DDTg%7Df%2FH%40%26%2Bc%5B5IUOG(%2CWV%7BGrV~1HmDkP8D4rUDtmxT%3Bwv%40V374BKm55%3D%261fp%5BoU5tWhX%3C%3Ce%24%26~1%3Axkr%2BUe31k5X%5BG%5E%5B)%2C2iVSX%3C_Y%7B!7IQ3HbmUZzCFm%5Du!x2l.uBlTVU%2F.%3Dh%3Ft%40yUtKC&tf=1_nMzjG---CSa7H-1SJH-bW7qhB-LRwqH-nMzjG-&vi=111111&rc=0%2C0%2C0%2C0%2C0%2C1%2C0%2C0%2Cprobably%2Cprobably&rb=1-shc9GZ%2BZ4OBI7PZR7NeP1dVlogBIfVcrVAZRAnlp9pAdeA81EcR7fkgw&sc=1&os=1-qg%3D%3D&qp=00000&is=BBBBB2BBEYBvGl2BBCBBtUTE1RmsqbKW8BsrBu0rCFE48CRBeeBS2hWTMBBQeQBBn2soYggyUig0CBlWZ0uBBCCCCCCOgRBBiOfnE6Bkg7OxBb8MxOtJYHCBdm5kBhBBC9Y8oBXckXBR76iUUsJBCBBBBBBBBBWBSqj3BBBZeGV2BBBCMciUBBBjgEBBBBBB94UMgTdJMtEcpMBBBQBBBniOccBBBBBB47kNBBBBBBBBBBBBBhcjG6BBJM2L4Bk8BwCBQmIoRBBCzBz1BBCTClBBrbBBC4ehueB57NG9aJfR0BqBBiuwBBBB&iv=8&qt=0&gz=0&hh=0&hn=0&tw=(Gm%2B%5Eh%3A)jA&qc=0&qd=0&qf=1600&qe=1200&qh=1600&qg=1200&qm=-120&qa=1600&qb=1200&qi=1600&qj=1200&to=000&po=1-0020002000002120&vy=&qr=0&url=https%3A%2F%2Fwww.krtv.com%2Fnews%2Fnational%2Faccenture-restores-systems-following-reported-ransomware-attack&pcode=crackedscrippsdfpprebidheader262014341684&ql=&qo=0&vf=1&vg=100&bq=11&zMoatpage=-&zMoatpos=above%2C1&zMoatpt=detail%2Cfalse&g=6&hq=0&hs=0&hu=0&hr=0&ht=0&dnt=0&h=90&w=728&rm=1&fy=436&gp=1105&zGSRS=1&zGSRC=1&gu=https%3A%2F%2Fwww.krtv.com%2Fnews%2Fnational%2Faccenture-restores-systems-following-reported-ransomware-attack&id=1&ii=4&f=0&j=&t=1628746255601&de=360691635100&rx=181927217430&cu=1628746255601&m=12352&ar=4790001-clean&iw=40ef2d8&cb=0&ll=2&lm=0&ln=0&gh=1&xx=undefined%3A871043678126&td=1&lk=1105&lb=3538&le=1&ch=0&vv=1&vw=1%3A0%3A0&vp=100&vx=100%3A-%3A-&pe=1%3A753%3A753%3A3682%3A749&as=1&ag=10182&an=5368&gi=1&gf=10182&gg=5368&ix=10182&ic=10182&ez=1&ck=1153&kw=1003&aj=1&pg=100&pf=100&ib=1&cc=1&bw=10182&bx=5368&ci=1153&jz=1003&dj=1&im=1&in=1&pd=1&nb=1&em=0&en=0&st=1&su=1&of=1&oz=1&oe=0%3A0%3A0%3Anull%3A-1%3Anull%3A-1%3Anull%3A-1&bu=10032&cd=5218&ah=10032&am=5218&xd=00&rf=0&re=0&wb=2&cl=0&at=0&d=16839141%3A237842901%3A5250393788%3A138298488418&gw=crackedscrippsdfpprebidheader262014341684&zMoatOrigSlicer1=undefined&zMoatOrigSlicer2=undefined&hv=findIframeAds&ab=2&ac=1&fd=1&kt=strict&it=500&fz=1&oq=1&ot=ff&zMoatJS=3%3A-&tc=0&fs=193790&na=1991136276&cs=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-40.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://www.krtv.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 12 Aug 2021 05:31:07 GMT
last-modified
Fri, 20 May 2016 15:16:00 GMT
server
AkamaiNetStorage
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
accept-ranges
bytes
content-length
43
expires
Thu, 12 Aug 2021 05:31:07 GMT
st
capi.connatix.com/tr/ Frame B15F 		0
293 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/tr/st?v=126004
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.22.136.188 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-22-136-188.us-east-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data

Response headers

Date
Thu, 12 Aug 2021 05:31:11 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
multipart/form-data
Access-Control-Allow-Origin
https://www.krtv.com
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
gu.dyntrk.com
URL
https://gu.dyntrk.com/adx/id5/us.php?dynk=id5&gdpr=1&gdpr_consent=&callback=https%3A%2F%2Fid5-sync.com%2Fc%2F441%2F118%2F3%2F7.gif%3Fpuid%3D%5BUID%5D%26gdpr%3D1%26gdpr_consent%3D
Domain
id5-sync.com
URL
https://id5-sync.com/c/441/108/4/6.gif?puid=503c55bd-cbe4-44eb-b954-a7638c0905bc&gdpr=1&gdpr_consent=
Domain
id5-sync.com
URL
https://id5-sync.com/c/441/108/4/6.gif?puid=503c55bd-cbe4-44eb-b954-a7638c0905bc&gdpr=1&gdpr_consent=
Domain
simage2.pubmatic.com
URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=7280709557202271541

Verdicts & Comments Add Verdict or Comment

200 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| core object| __core-js_shared__ object| global object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| ScrippsAdLib string| daysSincePublished number| datePublished object| publishedTime object| modifiedTime function| getCookie object| gtmObj string| callLetters string| jsTags string| jsPublishDate string| jsUpdateDate string| jsIsBreaking string| jsIsAlert string| jsAuthors string| jsHasVideo string| jsSection string| jsPageType string| jsDisablePrerollAds string| jsDisableDisplayAds string| jsDisableInlineVideoAds string| jsFname object| dataLayer boolean| __xshjryhdhjkuehd function| onReady object| OneTrustStub string| OnetrustActiveGroups string| OptanonActiveGroups function| OptanonWrapper object| ddls object| adsOnPage boolean| IS_CMS object| AdDebugger object| ScrippsUtils object| StickyRightRail object| sUserHub object| AdTargetingParams object| DynamicTargetingParams object| ScrippsOutstreamPlayer object| ScrippsAdsLib object| ImageLazyLoad object| googletag function| moatYieldReady object| apstag object| advBidxc object| pbjs object| ScrippsAdUtils function| _getCurrentAdInfo function| fbAsyncInit function| ready function| loadChartbeat object| _ff983cd0-6c28-474c-9cc4-7a5281d11e05 function| cnxps string| contentType object| FB object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| _comscore object| _qevents function| ia undefined| define function| ReconnectingWebSocket object| ScrippsUserHub object| gaplugins object| gaGlobal object| gaData function| pbjsChunk object| _pbjsGlobals boolean| apstagLOADED function| quantserve function| __qc object| ezt object| _qoptions function| qtrack object| OBR string| OB_releaseVer function| OBR$ object| OB_PROXY object| outbrain object| outbrain_rater object| HeaderSM undefined| ct undefined| et undefined| hourElapsed undefined| msg undefined| pixelDomain undefined| isDomless undefined| documentReferrer undefined| isBeta undefined| viewHash undefined| tagType undefined| pxSrc undefined| moat_px object| Moat#G26 object| MoatSuperV26 object| MoatNadoAllJsonpRequest_51587396 object| Moat#PML#26#1.2 boolean| Moat#EVA object| moatPrebidApi string| pubcidCookie function| udm_ object| ns_p object| COMSCORE string| jsWxTemp string| jsWxCond function| _typeof object| PARSELY object| _0x5193 function| _0x27fd object| eventsUUIDGen function| uuidGenv4 function| uuidGenerator object| weightedFilter function| getOGTags object| loadTags object| cnx_usr_storage object| __ctcg_65349_0_exec object| ggeac object| google_js_reporting_queue function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter undefined| google_measure_js_timing object| _ScrippsAdLib string| jsInitialBreakpoint number| google_srt function| googleCompanionsServicePresent function| googleGetCompanionAdSlots function| googleSetCompanionAdContents function| google_companion_error object| cnxEnfStorage function| cnxsetTimeout function| cnxsetInterval object| cnxPlugins number| google_global_correlator object| closure_lm_401930 object| googleToken object| googleIMState function| processGoogleToken number| __google_ad_urls_id number| google_unique_id object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms object| google_image_requests function| cnxAddEventListener

17 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: DSID
Value: NO_DATA
.doubleclick.net/ Name: IDE
Value: AHWqTUn1gIaz7GDwVuVtXZ6vgymorpsfmEzH3_xqw_tAn6fGC9sy7iAhW8V8WX-Rfyc
.krtv.com/ Name: pbjs_pubcommonID
Value: c5dd7890-a104-4582-a979-e18129248296
www.krtv.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
www.krtv.com/ Name: mnet_session_depth
Value: 1%7C1628746256221
.krtv.com/ Name: _gcl_au
Value: 1.1.1047019986.1628746255
.krtv.com/ Name: _ga
Value: GA1.2.1106780276.1628746255
.krtv.com/ Name: __qca
Value: P0-558986191-1628746255664
.krtv.com/news/national Name: _dlt
Value: 1
www.krtv.com/ Name: JSESSIONID
Value: EB32C9A87E0ADF7396D4FE98531F2592
.krtv.com/ Name: _parsely_visitor
Value: {%22id%22:%22pid=09c81f702306ab799c27fc78496e749a%22%2C%22session_count%22:1%2C%22last_session_ts%22:1628746255683}
.krtv.com/ Name: _dc_gtm_UA-29521121-4
Value: 1
.krtv.com/ Name: __gads
Value: ID=42ec43241a72ddc4:T=1628746256:S=ALNI_MYDAjAVRyUZF2ZwA-XfdzKbsTByvw
.krtv.com/ Name: _dc_gtm_UA-40066851-1
Value: 1
.krtv.com/ Name: _parsely_session
Value: {%22sid%22:1%2C%22surl%22:%22https://www.krtv.com/news/national/accenture-restores-systems-following-reported-ransomware-attack%22%2C%22sref%22:%22%22%2C%22sts%22:1628746255683%2C%22slts%22:0}
.krtv.com/ Name: _dc_gtm_UA-10036014-7
Value: 1
.krtv.com/ Name: _gid
Value: GA1.2.1564097119.1628746255

26 Console Messages

Source Level URL
Text
console-api log URL: https://ewscripps.brightspotcdn.com/resource/0000017a-a079-deca-affa-e67d326f0000/styleguide/All.min.16f3eda5f509cd80c92941c92c424b30.gz.js(Line 10)
Message:
we are running the javascript modules
console-api warning URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js(Line 5)
Message:
fun-hooks: referenced 'registerAdserver' but it was never created
console-api warning URL: https://ads.rubiconproject.com/prebid/5776_Scripps_Local_Stations.js(Line 5)
Message:
fun-hooks: referenced 'adpod' but it was never created
console-api log URL: https://ewscripps.brightspotcdn.com/resource/0000017a-a079-deca-affa-e67d326f0000/styleguide/All.min.16f3eda5f509cd80c92941c92c424b30.gz.js(Line 7)
Message:
starting the state machine
console-api log URL: https://ewscripps.brightspotcdn.com/resource/0000017a-a079-deca-affa-e67d326f0000/styleguide/All.min.16f3eda5f509cd80c92941c92c424b30.gz.js(Line 9)
Message:
gooooood
console-api log URL: https://ewscripps.brightspotcdn.com/resource/0000017a-a079-deca-affa-e67d326f0000/styleguide/All.min.16f3eda5f509cd80c92941c92c424b30.gz.js(Line 9)
Message:
returning data
console-api log URL: https://ewscripps.brightspotcdn.com/resource/0000017a-a079-deca-affa-e67d326f0000/styleguide/All.min.16f3eda5f509cd80c92941c92c424b30.gz.js(Line 9)
Message:
[object Object]
console-api log URL: https://ewscripps.brightspotcdn.com/resource/0000017a-a079-deca-affa-e67d326f0000/styleguide/All.min.16f3eda5f509cd80c92941c92c424b30.gz.js(Line 7)
Message:
[object Object]
console-api log URL: https://ewscripps.brightspotcdn.com/resource/0000017a-a079-deca-affa-e67d326f0000/styleguide/All.min.16f3eda5f509cd80c92941c92c424b30.gz.js(Line 9)
Message:
returning data
console-api log URL: https://ewscripps.brightspotcdn.com/resource/0000017a-a079-deca-affa-e67d326f0000/styleguide/All.min.16f3eda5f509cd80c92941c92c424b30.gz.js(Line 9)
Message:
[object Object]
console-api log URL: https://ewscripps.brightspotcdn.com/resource/0000017a-a079-deca-affa-e67d326f0000/styleguide/All.min.16f3eda5f509cd80c92941c92c424b30.gz.js(Line 7)
Message:
[object Object]
console-api log URL: https://ewscripps.brightspotcdn.com/resource/0000017a-a079-deca-affa-e67d326f0000/styleguide/All.min.16f3eda5f509cd80c92941c92c424b30.gz.js(Line 9)
Message:
returning data
console-api log URL: https://ewscripps.brightspotcdn.com/resource/0000017a-a079-deca-affa-e67d326f0000/styleguide/All.min.16f3eda5f509cd80c92941c92c424b30.gz.js(Line 9)
Message:
[object Object]
console-api log URL: https://ewscripps.brightspotcdn.com/resource/0000017a-a079-deca-affa-e67d326f0000/styleguide/All.min.16f3eda5f509cd80c92941c92c424b30.gz.js(Line 7)
Message:
[object Object]
console-api log URL: https://ewscripps.brightspotcdn.com/resource/0000017a-a079-deca-affa-e67d326f0000/styleguide/All.min.16f3eda5f509cd80c92941c92c424b30.gz.js(Line 9)
Message:
returning data
console-api log URL: https://ewscripps.brightspotcdn.com/resource/0000017a-a079-deca-affa-e67d326f0000/styleguide/All.min.16f3eda5f509cd80c92941c92c424b30.gz.js(Line 9)
Message:
[object Object]
console-api log URL: https://ewscripps.brightspotcdn.com/resource/0000017a-a079-deca-affa-e67d326f0000/styleguide/All.min.16f3eda5f509cd80c92941c92c424b30.gz.js(Line 7)
Message:
[object Object]
console-api log URL: https://ewscripps.brightspotcdn.com/resource/0000017a-a079-deca-affa-e67d326f0000/styleguide/All.min.16f3eda5f509cd80c92941c92c424b30.gz.js(Line 7)
Message:
[object Object]
console-api log URL: https://ewscripps.brightspotcdn.com/resource/0000017a-a079-deca-affa-e67d326f0000/styleguide/All.min.16f3eda5f509cd80c92941c92c424b30.gz.js(Line 7)
Message:
the end of fetchschedules
console-api log URL: https://ewscripps.brightspotcdn.com/resource/0000017a-a079-deca-affa-e67d326f0000/styleguide/All.min.16f3eda5f509cd80c92941c92c424b30.gz.js(Line 7)
Message:
STATE ISlive
console-api log URL: https://ewscripps.brightspotcdn.com/resource/0000017a-a079-deca-affa-e67d326f0000/styleguide/All.min.16f3eda5f509cd80c92941c92c424b30.gz.js(Line 7)
Message:
WE ARE TOGGLING LIVE
console-api log URL: https://ewscripps.brightspotcdn.com/resource/0000017a-a079-deca-affa-e67d326f0000/styleguide/All.min.16f3eda5f509cd80c92941c92c424b30.gz.js(Line 7)
Message:
TOGGLING ELEMENTS
console-api log URL: https://ewscripps.brightspotcdn.com/resource/0000017a-a079-deca-affa-e67d326f0000/styleguide/All.min.16f3eda5f509cd80c92941c92c424b30.gz.js(Line 7)
Message:
TOGGLING ELEMENTS
console-api log URL: https://ewscripps.brightspotcdn.com/resource/0000017a-a079-deca-affa-e67d326f0000/styleguide/All.min.16f3eda5f509cd80c92941c92c424b30.gz.js(Line 7)
Message:
REMOVING HIDDENhttps://www.krtv.com/live
console-api log URL: https://ewscripps.brightspotcdn.com/resource/0000017a-a079-deca-affa-e67d326f0000/styleguide/All.min.16f3eda5f509cd80c92941c92c424b30.gz.js(Line 7)
Message:
REMOVING HIDDENhttps://www.krtv.com/live
console-api log URL: https://ewscripps.brightspotcdn.com/resource/0000017a-a079-deca-affa-e67d326f0000/styleguide/All.min.16f3eda5f509cd80c92941c92c424b30.gz.js(Line 7)
Message:
REMOVING HIDDENhttps://www.krtv.com/live

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4394967.fls.doubleclick.net
9e10fba2caf64a2003141bd5460a3e52.safeframe.googlesyndication.com
a.tribalfusion.com
acdn.adnxs.com
ad.turn.com
ad4m.at
ads.pubmatic.com
ads.rubiconproject.com
ads.yahoo.com
adservice.google.com
adservice.google.de
adservice.google.pl
ap.lijit.com
api.ewscloud.com
api.pymx5.com
assets.scrippsdigital.com
b1sync.zemanta.com
bh.contextweb.com
c.amazon-adsystem.com
c.bing.com
c1.adform.net
c2shb.ssp.yahoo.com
capi.connatix.com
cd.connatix.com
cdn.cookielaw.org
cdn.parsely.com
cds.connatix.com
cm.adgrx.com
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
csync.loopme.me
d25dfknw9ghxs6.cloudfront.net
d2s8wlbatk24s7.cloudfront.net
d5p.de17a.com
dis.criteo.com
dsp.adfarm1.adition.com
e.serverbid.com
eb2.3lift.com
eu-u.openx.net
eus.rubiconproject.com
ewscripps-d.openx.net
ewscripps.brightspotcdn.com
fastlane.rubiconproject.com
g2.gumgum.com
googleads.g.doubleclick.net
green.erne.co
gu.dyntrk.com
hblg.media.net
ib.adnxs.com
id.rlcdn.com
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
images.outbrainimg.com
imasdk.googleapis.com
img.connatix.com
includemodal.com
includemodal.global.ssl.fastly.net
lit.connatix.com
log.outbrainimg.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
mb.moatads.com
mcdp-nydc1.outbrain.com
mv.outbrain.com
mwzeom.zeotap.com
ob.cheqzone.com
obs.cheqzone.com
odb.outbrain.com
p.adsymptotic.com
p.rfihub.com
p.typekit.net
p1.parsely.com
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel.advertising.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
prebid-a.rubiconproject.com
pubmatic-match.dotomi.com
px.moatads.com
pymx5.com
rtb-csync.smartadserver.com
rtb.gumgum.com
rtb.openx.net
rules.quantcount.com
s.amazon-adsystem.com
s.skimresources.com
s.tribalfusion.com
s0.2mdn.net
sb.scorecardresearch.com
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
sejs.moatads.com
serverbid-sync.nyc3.cdn.digitaloceanspaces.com
simage2.pubmatic.com
simage4.pubmatic.com
spl.zeotap.com
ssc-cms.33across.com
ssc.33across.com
ssum-sec.casalemedia.com
static.ewscloud.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.crwdcntrl.net
sync.go.sonobi.com
sync.mathtag.com
sync.serverbid.com
sync.targeting.unrulymedia.com
tcheck.outbrainimg.com
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
use.fontawesome.com
use.typekit.net
vid.connatix.com
videoads.ewscloud.com
widget-pixels.outbrain.com
widgets.outbrain.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.krtv.com
x.bidswitch.net
z.moatads.com
gu.dyntrk.com
id5-sync.com
simage2.pubmatic.com
104.109.78.125
104.18.100.194
13.224.193.18
13.224.193.67
13.225.78.30
13.225.78.66
13.248.242.197
13.248.245.213
134.209.129.254
142.250.181.230
151.101.1.194
151.101.114.132
151.101.13.108
151.101.14.132
151.101.14.137
151.101.14.49
151.101.194.137
151.139.128.11
159.253.128.188
162.55.6.212
167.172.1.14
169.197.150.7
172.217.18.98
173.231.181.122
178.162.133.149
178.250.2.151
178.62.202.251
18.119.22.231
18.156.0.31
18.156.195.47
18.159.140.98
185.29.135.234
185.33.221.50
185.64.190.78
185.64.190.80
185.64.190.81
185.86.139.89
193.0.160.128
198.148.27.140
2.18.232.28
2.18.233.180
2.18.234.190
2.18.234.21
2.18.235.40
2.18.235.93
2.19.35.65
2001:678:cb4:bbbb::11
205.185.216.10
208.100.17.174
209.54.177.54
213.155.156.168
213.19.147.44
213.19.147.45
216.58.212.162
2600:1f18:e8a:cd02:882c:d916:bae1:7722
2600:9000:20eb:bc00:10:618e:d880:93a1
2600:9000:2104:f200:6:44e3:f8c0:93a1
2600:9000:2181:9c00:9:4c16:5180:21
2600:9000:21f3:3e00:d:77c3:2dc0:21
2606:4700:10::6816:1857
2606:4700:3037::6815:4e07
2606:4700:3039::6815:c073
2606:4700::6810:9440
2606:4700::6812:c05
2620:116:800d:21:f916:5049:f87f:108e
2620:1ec:c11::200
2a00:1288:110:c305::8000
2a00:1288:80:800::7001
2a00:1450:4001:800::2001
2a00:1450:4001:809::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:810::200a
2a00:1450:4001:810::200e
2a00:1450:4001:811::2002
2a00:1450:4001:812::2002
2a00:1450:4001:812::2004
2a00:1450:4001:827::2002
2a00:1450:4001:827::2006
2a00:1450:4001:828::200e
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2008
2a00:1450:4001:831::2001
2a00:1450:400c:c1b::9c
2a02:26f0:6c00:2ae::19fd
2a02:26f0:6c00::210:ba0b
2a02:fa8:8806:13::1370
2a03:2880:f045:10:face:b00c:0:3
3.22.136.188
34.254.122.11
34.96.74.203
35.156.113.115
35.179.78.10
35.186.253.211
35.227.203.93
35.244.159.8
35.244.174.68
37.157.6.247
37.252.173.27
51.79.83.225
52.16.214.249
52.205.167.202
52.208.103.128
52.28.154.195
52.58.229.235
52.84.254.59
52.84.44.170
52.84.45.26
52.84.45.81
64.202.112.191
64.202.112.63
65.9.73.82
66.155.71.150
67.202.110.21
69.173.144.138
69.173.144.140
69.173.144.165
69.173.151.80
70.42.32.159
72.251.249.9
85.114.159.118
94.23.171.206
03ec76fca8eea3040fd2d7c8feb79f412d256c3efa56f1703187544109c6ab5c
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
08da225adb5b49c6c83324eebfaf2636b92d58e902ed5d7314c4768ae957b433
08fcdd6f9b764f048f0e87f97e3d752ad6be37290960cd8982d023f258daf343
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0d52ad67d89c86e0123addae1ebe00d234c624062b85a12de2504bc0731f2bd8
0e188644d0ee61c4f8d1630a46fbdbf0b8f9f6dff789fb98fa30e985fa8143c0
0e45f3b0dad8aa0528790a6dd6dd2831bb8547129bd1320c10fd120118f44616
0e5d14114cdc0eb27dc770531c9fb8b6097cbb65105574b6041de663e5e63d9d
12a6209d4ab9b696ebeb6d314847185740cadbc1720b21eb0e03ab0de8b7205d
1385a4f55db1166435032cd0c1d542629ccc77f520fb0d3702e1d2da2f514a24
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1c7478b420a4a6a35f4e6696e4fc5bdd2966e110e1b14b6bd003c160d9466edb
1d6d3b9f8e0313f53a32160e14ffb19c80aa84fc2534b3d4acdfe8880059d83f
1e6e3a3cd926b14f0f80fdc2d09ea42cb7e51f933ddda26b2683b010c7595927
2295c7a89c8ac4a19e2641283109be472d8f58bd78e42a38a0d16e34203e4bba
2405bd02584cae91a0a4c434fec3e72f392d07e1bedc993c3b16baa7800bbdfd
2418ec657ce8bb25dee8ddb0ac29cb2379a43b4f115b653ef974d3c9fc52e649
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
26f24f5485d38cd92cc0615d5a9e2d667173e3dd035b0bbbd05938c562e5d5c1
2878c06eaa36809d2bf556a97ac803fa0870241e075817b5310e9b0410cc66d4
2b3b50b597de335d60cf0e350ba8c9dcf253e46802253d0f8be115a32dff0408
2b55d3dd1d2068b741f65d275b9824b39528bfebb1e20ba4892a0a5c61d110e9
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3301aec2d0144f8e224b35457ce9efed6bd9df1eaae3c57cc22d6210c2bd1bae
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
37db9030137409c98fd2c5cb865fdf660d9311136497b1c91f7af119fbd68628
39a476dc1f2864fe392a6c7adb5fb772306b7a2ad574cb75229e95fd1b862667
39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f
3b69755b8b5cacc944ad24027eba711a4c9f398f6964e684f3e4cab48e1091e9
3c30f9db6ce74a9fadf8de7de2ae7e23428d3c043f576184c391908f8154d2f7
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492f490d3a8cae053f8ab9f525210cfcd792987a02d65783aa81ce4edf926fa2
4cb0164cdc62dd7241cccf4f447b52b8f122a9381fc86c3e3404fabbb7bec34a
4d628beb65d976eea6cbacedd1b2df781aec53144e2bef80a4c7d54666a02b07
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f3b933077b738b503f7543ffc82fa0a061f0fe7d0ff1470865fde561a324bcc
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
4fbd1abb85a4ddc9515263b7855a65dfffd0ee76b017bee71fc80e6c892ec422
54a0343a97a9a8aa61a47abc9a313208d2e46da82c1c367e7d3a58d7c29b1f30
5677aa88ac39e3584fb6d8065b625efb3b02ef3b177ac08b7d33754566c90878
5911eba3c91531aaa709b04de95cc385b974a1e4e90ecf51db7e22eb8a7d49d0
59dbf94902b840941928e4a105a7735cf7004fede4db8d8f05ddaad42fb9bdbf
5b954d6ada36a93220095ee44d51ade4f29853b00d76774a98c04193172d813d
5c41ce85ab80f4262a27a648688e43af509e8a17dcec23f43afd61d2df3bcda4
5e0aeb27ad5ec940a7b1049848d9ac96fcc00a34653745b7796d695f9f25f508
60748fdd53c96d1eca2671628730f0a745d86d8223bc86f1d77d9b691920d8f9
6139e1fc0d3709eebbe2b18510cf24361b9f8a538c3529a73c282bafe6c78474
6189faedf95ece8384bb7c38c5b297d05e347323d1a771e7b68f69656a7571f8
62b5e7ae9e2ed60dcd7cb2e0823dd0884575f2176aff629f2df1e912dfae20e1
63833d74b6bdc529965ae967e77df9569c0a3e691140ab5638a26e529c7555f5
665af9ef2ede0924b37aaed3dd3a36b04fc5d2c9b5e933299ae2a29ed27d9155
6a04a424227ba1d1982d9236e175dddf86e7ce93aff79fde4ca9bcabc709f650
6a756a7522276c72ecdb8d2ed7c6869260750c8f93b1d56ab6b11417f7264bc4
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7089c796d42d5291ff30fc68dae8c6eb7421a981e50a97be21e944a14a748e37
7313b1057f6543d7eb7acaa080be92b436473884cc71a5b0bdf5ece0d5e0aa4d
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
785feac29ca49a8578ef880c201e269990a0a95a9d4de72503191cba3694a0e3
78e45f1a9d79569ee363be655966b191f468f9243485353670fb4362b53eaaf8
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7dba2207d5d1a8f277b88b6b88789f16b4e27ffc538afd3a60f6bcbeb65b6e84
7e394b958e395a75d071e997ea19587d9f3c795189f10ea59ac145af052039ba
8050f05c230d74be333b63cef230e786094e9100f55fa19c6c0831e95870768d
82c9a9d618cff7524ed4bd447c2ab28e8135b770ee14267e4dc699d1c3a0d20a
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83cd4afc0672833e8ac46854de805cda18237894e6d5193111af3e2e866a7a3a
83dc4b47b1406a1a8ea9e95686012f7d3b8ebf5e4dc440115de2434dc0ff8586
8730c26defc411dd8a51f1da47e5ae3804fab6868f7914a26b09d8e0791bbe39
87e9cb4cbda54b2611883c0963d41adcd7c9d4eda558e452c76991b875eeffad
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8aa51a5c311e967514749fe34ba1463f33792a7115be91cc4a7c351d9582f220
8b27ee447f7907101fd819173f01f91f4627b14017ec1d29820eb799ffcf52cb
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dd721a21437ba0442c069f8ddd5e40589a3684c6ce93327bbc0d5254fbec4ed
8eb8f70a2bca6a89ab22a65dc25e24ff758a400b26bbcfbefc08f4495c224b8d
90c902cc470819e7e9e454542d3bf7ce8a4ececad1943fd0f46ecf0424cd08fd
92815a3668e47d2eddf36d55a6822a2567ceee248fe54e263b369277e76026ed
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
9592b27c145acee477908583cbdf62f5ce13238a120afaec8e6632e4678baccd
95b17ad661699c049d42195b8ccd1d855045a1fcfbd20d8609a6d87fa5703810
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9d3992f423374028889f884d242a5f52547df37181b5025b9c2257dd417b7f72
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5e7bdeec32432f86e9a8349a1c2e359270a67e6b3a2b99a4058e2a977ff16a8
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a83079124373d924ad1402fbc08d2e24d0043234d4c26565f1c368745f55f5d9
aa040944e0cf5a59b412ba42615540ae809dbcd8950dc4139193478c14b85bbe
aa230dbc2e6dbb83a6847e51b732aeac804ef9ddb6cefac140ca3f01c73f63b5
ac24f6da3052bc282c8a798d300917cd82ed03e88fce74804dc42666b77ede00
b0a7438fc8cab82d754146a72ab30a81c3edece242c9e72effdea4128bd212e1
b0e29423b61fdebc4ed8d19a3d8c453ba15c15e6179d55b70a2770b2ddfabeda
b150e9b51d0826ff08bcf6befab2e4b0be6d6440007fb9d06f8dd1664c90af57
b23f778c2a41524161fad6ea39aacf3e56bbed4c58d5c1f325266c1c250958f4
b2ea528c721f576ba4e001b5052a7d85e3baf21554eb6a7200aa613fa1823ccd
b45f731b0db4a8fa2a358bfde1bf33b1947c1805c7799ed35dad399f36d57e66
b4e3bb3288c44d1effbc6f8d234ff9254eaf981fc08a63650ea2145a0db0e3ce
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
b809664efa1a4bf3f8e5e39cadeb294cdc3cba6c6e3b501d2965bf6ce7162bef
bb052f15833736c0fa25ff211b6059c74d575ad96edadfd8ab81e9bf45abafaa
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c105e92e6d74d51c6452e1a43eebcfc303d88f98aed8c41c8c63b26f5793adca
c19c8d3e884b312a53f113c54c234333a4d410cd00986263a193b35258aced09
c1ea91d083eed7e91dbc621a9e14331c182d7e85df17322c5e787f2e60337330
c2d31208249367f54bd479cdc4000246b87603771157fbb4fd19123e437e24e5
c3d5307e98b5782dbd6185b174503328853b41ac59c1afa89a0803ae30fe7cfc
c4393bab8e3cbe1ab454d4c9bfb26d278bf18ca9912531399b5d3d410c2fffc4
c45da4e3c4cc8a66bfb06fbcf8235cb7e1902394f92f69cc5e8139169ab684b6
ca970a739804e821a54849f66454b2306dd35d688afafb094be7082b6c973ba1
ce2a1377e9be924867757f46c64a9e6d2ac1935cec1c365164d19f2ebfd67b5f
ce3a22a2879492cce202147e0b9c804168cfca918f0e22c56f698a2ae86fc6f4
ce91e2144ea27f82292ef2c87c5d9e1d0b9994df63836130293865aca18fc550
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d031cfa0b3ffa85e6992c7670701a4c9269b5205ea8417c1b7df078d3a4bc1f2
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d47b0a558d4b3c185baeca529965752d946921f4a10cb7c442b9bbee6985c4a5
d64b05fc43fc4c439d6d5f3b9e81f9bbb182b04c146dd8847f5723907600f79d
d66c157e60a88623fc6bb87393d303096b3a2db235ad33c1cdb80ed71ee38c42
d832de4bd32996eb1682ccfc3671070cb2ff81240cf9dd8825b9fb41e83bdd4e
da91ed7249f7d0f1ead03c4f8df8bb2a3eef18213824412f2fbb4bda67248122
dc127490c65389fe71cc9a2dc9d694692d50ef2389143b6eca3ad6e3223ede4a
ddf5fc36a558109eb7bc393a2cb5ea939c7fd40a39cc703bed0a23f5dd76325f
df5d11692cde87d55a9418a593b1c7e5f28e0956a883f3f9fa89c481c0d3a934
df662c66d54c4aa2a02ee601df418a868a32985c67a2a31d70092fbd810d05e5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4447831baf6690d632168390edfd95679cb7b5a09aec2c54d47b0a2343e54aa
e61660c659c426e45bce2937dddb01af6b550502a2904546575c1ec2ba1121dd
e75d314fab0c1fb09c90b1ee7051ca57bd554017c874d96d113356b28ba57928
e7a1375f883984026b922acfbe7cbc0bd02effdbfbfdde9354922a6055502624
e87e082f0cd8c67e281641290266747af1638390bb86573db02e43ee9faae667
edda75d7dc3a6104c5af0f926c5ae645ae25eb8c4f8a601c6d5293378e858a5c
ee42c91f297eb0f204bf184600c3194d54e6908830639db14e37b5b158ea0ee7
eecda7280d7a8779cb5ff8bf7459b430bf970052106a1c4b186ff2eddd8c82d7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef8420787a590b66f273a31b81974a10422ec45818a3517b954e5322e6e6fa84
f2dcd9cd8327f9a74903074baf5a2af793df8d8a706c220e2ab4516e775596eb
f5f8493869b9584732ab263256b198d44d6a3a59bf00f901a73aabddffeff3ea
f8255630ee1ad75043942dec345def487b735ee2bba1556e85a9f0847a24f2ba
f94366efc6314725e16b4002b1e6903913b1f6d9f5757aec611205dcd0db3596
ff74753c4fc2b91dda33e4656268727e261ffe843483731e1dd652451f0657be