www.fox13now.com Open in urlscan Pro
13.32.99.93 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://click.oi.com.br/ls/click?upn=5zCDL-2BIpvU4z1elswBBmmTinI5M7jgVe7J8tz5U5f57bXY9Cj4YlOizeuxQkpfcCk-2B7bL-2BOloBfXo...
Effective URL:
https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Submission Tags: falconsandbox
Submission: On February 25 via api (February 25th 2023, 12:10:58 am UTC) from US — Scanned from DE

Summary HTTP 327 Redirects Links 27 Behaviour Indicators

Summary

This website contacted 81 IPs in 11 countries across 62 domains to perform 327 HTTP transactions. The main IP is 13.32.99.93, located in United States and belongs to AMAZON-02, US. The main domain is www.fox13now.com. The Cisco Umbrella rank of the primary domain is 249526.
TLS certificate: Issued by Amazon RSA 2048 M02 on December 20th 2022. Valid for: a year.

This is the only time www.fox13now.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	167.89.115.120 167.89.115.120	11377 (SENDGRID) (SENDGRID)
6	13.32.99.93 13.32.99.93	16509 (AMAZON-02) (AMAZON-02)
7	65.9.66.23 65.9.66.23	16509 (AMAZON-02) (AMAZON-02)
3	2600:9000:223... 2600:9000:223e:c000:13:a391:88c0:21	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700::68... 2606:4700::6813:bc61	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a02:26f0:350... 2a02:26f0:3500:16::215:14a0	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2606:4700:e2:... 2606:4700:e2::ac40:840f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
42	2.18.37.67 2.18.37.67	16625 (AKAMAI-AS) (AKAMAI-AS)
1	18.66.122.56 18.66.122.56	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:831::2008	15169 (GOOGLE) (GOOGLE)
3	2606:4700:303... 2606:4700:3032::ac43:cb69	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::6812:2b9e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	52.222.209.55 52.222.209.55	16509 (AMAZON-02) (AMAZON-02)
1	23.35.228.23 23.35.228.23	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:1495	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	34.160.158.95 34.160.158.95	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	65.9.61.60 65.9.61.60	16509 (AMAZON-02) (AMAZON-02)
1 2	104.18.22.41 104.18.22.41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	151.101.66.137 151.101.66.137	54113 (FASTLY) (FASTLY)
1	23.203.124.21 23.203.124.21	16625 (AKAMAI-AS) (AKAMAI-AS)
2	65.9.66.75 65.9.66.75	16509 (AMAZON-02) (AMAZON-02)
1 2	2606:4700:20:... 2606:4700:20::681a:68b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	54.83.185.72 54.83.185.72	14618 (AMAZON-AES) (AMAZON-AES)
5	23.203.125.156 23.203.125.156	16625 (AKAMAI-AS) (AKAMAI-AS)
5	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
2	13.32.99.90 13.32.99.90	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:206... 2600:9000:206f:1a00:10:618e:d880:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700:20:... 2606:4700:20::681a:246	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.185.102 142.250.185.102	15169 (GOOGLE) (GOOGLE)
1	52.17.99.225 52.17.99.225	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:206... 2600:9000:206f:1c00:1a:ba5c:3900:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2600:1f18:e8a... 2600:1f18:e8a:cd04:9b88:a313:d24d:af44	14618 (AMAZON-AES) (AMAZON-AES)
2	130.211.23.194 130.211.23.194	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:402... 2a00:1450:4025:401::9b	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
3 7	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
24	64.202.112.95 64.202.112.95	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
8	146.75.122.132 146.75.122.132	54113 (FASTLY) (FASTLY)
5	52.15.102.142 52.15.102.142	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
9	104.18.23.41 104.18.23.41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	65.9.71.208 65.9.71.208	16509 (AMAZON-02) (AMAZON-02)
3	34.107.148.139 34.107.148.139	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	35.156.32.230 35.156.32.230	16509 (AMAZON-02) (AMAZON-02)
18	54.86.73.72 54.86.73.72	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:806::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:400d:804::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:80e::200a	15169 (GOOGLE) (GOOGLE)
38	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	185.170.62.108 185.170.62.108	27381 (CASALE-MEDIA) (CASALE-MEDIA)
10	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:80a::2003	15169 (GOOGLE) (GOOGLE)
1 2	104.18.25.185 104.18.25.185	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
4 5	142.250.180.194 142.250.180.194	15169 (GOOGLE) (GOOGLE)
1 4	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1 2	52.46.130.91 52.46.130.91	16509 (AMAZON-02) (AMAZON-02)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	2a05:d018:cc3... 2a05:d018:cc3:fe04:4794:ab03:2c09:5455	16509 (AMAZON-02) (AMAZON-02)
1 1	193.0.160.130 193.0.160.130	54312 (ROCKETFUEL) (ROCKETFUEL)
1	104.18.10.47 104.18.10.47	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	216.52.2.16 216.52.2.16	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
3 3	3.125.185.236 3.125.185.236	16509 (AMAZON-02) (AMAZON-02)
3 3	52.29.114.79 52.29.114.79	16509 (AMAZON-02) (AMAZON-02)
1 3	54.170.158.38 54.170.158.38	16509 (AMAZON-02) (AMAZON-02)
3 3	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
3 3	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
2	37.157.6.247 37.157.6.247	198622 (ADFORM) (ADFORM)
2	52.58.53.4 52.58.53.4	16509 (AMAZON-02) (AMAZON-02)
2	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
3	23.35.236.201 23.35.236.201	16625 (AKAMAI-AS) (AKAMAI-AS)
3 3	37.252.171.149 37.252.171.149	29990 (ASN-APPNEX) (ASN-APPNEX)
1	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3 4	37.157.5.141 37.157.5.141	198622 (ADFORM) (ADFORM)
1 1	185.29.132.241 185.29.132.241	30419 (MEDIAMATH...) (MEDIAMATH-INC)
5	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	213.155.156.168 213.155.156.168	1299 (TWELVE99 ...) (TWELVE99 Arelion)
1	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	141.94.171.215 141.94.171.215	16276 (OVH) (OVH)
2 2	35.201.96.126 35.201.96.126	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	185.64.189.229 185.64.189.229	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	34.91.62.186 34.91.62.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a05:d018:d29... 2a05:d018:d29:3602:81a6:56d8:c5db:8c4d	16509 (AMAZON-02) (AMAZON-02)
2 2	3.71.149.231 3.71.149.231	16509 (AMAZON-02) (AMAZON-02)
2	198.47.127.20 198.47.127.20	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	104.18.24.185 104.18.24.185	13335 (CLOUDFLAR...) (CLOUDFLARENET)
327	81

1 167.89.115.120 (Herndon, United States) 1 redirects

ASN11377 (SENDGRID, US)
PTR: o16789115x120.outbound-mail.sendgrid.net

click.oi.com.br	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 13.32.99.93 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-93.fra60.r.cloudfront.net

www.fox13now.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 65.9.66.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-23.fra56.r.cloudfront.net

ewscripps.brightspotcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:223e:c000:13:a391:88c0:21 (United States)

ASN16509 (AMAZON-02, US)

d3plfjw9uod7ab.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6813:bc61 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.cookielaw.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:26f0:3500:16::215:14a0 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:e2::ac40:840f (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

42 2.18.37.67 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-37-67.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widget-pixels.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.122.56 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-56.fra60.r.cloudfront.net

assets.scrippsdigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3032::ac43:cb69 (United States)

ASN13335 (CLOUDFLARENET, US)

analyticssystems.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:2b9e (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.222.209.55 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-209-55.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.228.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-228-23.deploy.static.akamaitechnologies.com

warp.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:1495 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.160.158.95 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 95.158.160.34.bc.googleusercontent.com

aswpsdkus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.61.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-61-60.fra56.r.cloudfront.net

cdn.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.22.41 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

cd.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
capi.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 151.101.66.137 (United States)

ASN54113 (FASTLY, US)

cds.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.203.124.21 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-203-124-21.deploy.static.akamaitechnologies.com

hbx.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.66.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-75.fra56.r.cloudfront.net

api.ewscloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:68b (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.83.185.72 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-83-185-72.compute-1.amazonaws.com

prod.us-east-1.cxm-bcn.publisher-services.amazon.dev	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.203.125.156 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-203-125-156.deploy.static.akamaitechnologies.com

tcheck.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.99.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-90.fra60.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:1a00:10:618e:d880:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.ewscloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:246 (United States)

ASN13335 (CLOUDFLARENET, US)

ad-delivery.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.102 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.17.99.225 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-99-225.eu-west-1.compute.amazonaws.com

p1.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:1c00:1a:ba5c:3900:93a1 (United States)

ASN16509 (AMAZON-02, US)

rock.defybrick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:e8a:cd04:9b88:a313:d24d:af44 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

flint.defybrick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 130.211.23.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.23.211.130.bc.googleusercontent.com

api.btloader.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4025:401::9b (Den Helder, Netherlands)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 64.202.112.95 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

log.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mcdp-nydc1.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
amplify-imp.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b1-nydc1.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
b1t-nydc1.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 146.75.122.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

odb.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mv.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
zem.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.15.102.142 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-15-102-142.us-east-2.compute.amazonaws.com

capi-tier-2-us-east-2.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 104.18.23.41 (None, )

ASN13335 (CLOUDFLARENET, US)

vid.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 65.9.71.208 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-71-208.fra56.r.cloudfront.net

aax-dtb-cf.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.107.148.139 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 139.148.107.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.156.32.230 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-32-230.eu-central-1.compute.amazonaws.com

grid.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 54.86.73.72 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-86-73-72.compute-1.amazonaws.com

bidder.newspassid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400d:804::2001 (Ireland)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80e::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.170.62.108 (Canada)

ASN27381 (CASALE-MEDIA, CA)

a5086.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80a::2003 (Ireland)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.25.185 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.180.194 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: bud02s33-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.80.39.216 (Canada) 1 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.46.130.91 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:cc3:fe04:4794:ab03:2c09:5455 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.130 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.10.47 (None, )

ASN13335 (CLOUDFLARENET, US)

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.16 (United States)

ASN30282 (AS-INAPCDN-OCY, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.125.185.236 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-185-236.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.29.114.79 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-114-79.eu-central-1.compute.amazonaws.com

ad2.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.170.158.38 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-170-158-38.eu-west-1.compute.amazonaws.com

ads.avct.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.186.253.211 (Kansas City, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.248.245.213 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.247 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.58.53.4 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-53-4.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.35.236.201 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-201.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.171.149 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.5.141 (Denmark) 3 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.241 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.168 (Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-168.teliacarrier-cust.com

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.94.171.215 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: pikafka-eu-9.cloudy.ovh

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.96.126 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 126.96.201.35.bc.googleusercontent.com

visitor.fiftyt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.229 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

aud.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.91.62.186 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3602:81a6:56d8:c5db:8c4d (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.71.149.231 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.47.127.20 (United States)

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.24.185 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

ssum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
54	outbrain.com widgets.outbrain.com — Cisco Umbrella Rank: 1404 widget-pixels.outbrain.com — Cisco Umbrella Rank: 3312 odb.outbrain.com — Cisco Umbrella Rank: 1596 mcdp-nydc1.outbrain.com — Cisco Umbrella Rank: 6045 mv.outbrain.com — Cisco Umbrella Rank: 2946 amplify-imp.outbrain.com — Cisco Umbrella Rank: 4634	169 KB
51	googlesyndication.com e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 140 pagead2.googlesyndication.com — Cisco Umbrella Rank: 102	291 KB
25	doubleclick.net 4 redirects ad.doubleclick.net — Cisco Umbrella Rank: 171 stats.g.doubleclick.net — Cisco Umbrella Rank: 77 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184 googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 cm.g.doubleclick.net — Cisco Umbrella Rank: 202	259 KB
25	connatix.com 1 redirects cd.connatix.com — Cisco Umbrella Rank: 2942 cds.connatix.com — Cisco Umbrella Rank: 3010 capi.connatix.com — Cisco Umbrella Rank: 3072 capi-tier-2-us-east-2.connatix.com — Cisco Umbrella Rank: 4495 vid.connatix.com — Cisco Umbrella Rank: 3664 img.connatix.com — Cisco Umbrella Rank: 3549	486 KB
18	newspassid.com bidder.newspassid.com — Cisco Umbrella Rank: 21128	40 KB
13	outbrainimg.com tcheck.outbrainimg.com — Cisco Umbrella Rank: 9335 log.outbrainimg.com — Cisco Umbrella Rank: 2582 zem.outbrainimg.com — Cisco Umbrella Rank: 2756 images.outbrainimg.com — Cisco Umbrella Rank: 2329	145 KB
12	pubmatic.com ads.pubmatic.com — Cisco Umbrella Rank: 457 image6.pubmatic.com — Cisco Umbrella Rank: 725 simage2.pubmatic.com — Cisco Umbrella Rank: 668 image2.pubmatic.com — Cisco Umbrella Rank: 846 aud.pubmatic.com — Cisco Umbrella Rank: 4167 image4.pubmatic.com — Cisco Umbrella Rank: 938 simage4.pubmatic.com	32 KB
12	zemanta.com b1-nydc1.zemanta.com — Cisco Umbrella Rank: 5135 b1t-nydc1.zemanta.com — Cisco Umbrella Rank: 4661	1 KB
9	casalemedia.com 4 redirects a5086.casalemedia.com — Cisco Umbrella Rank: 274242 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 431 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 531 ssum.casalemedia.com — Cisco Umbrella Rank: 1316	6 KB
8	google.com 3 redirects www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 73	1 KB
8	amazon-adsystem.com 1 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 282 aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 476 s.amazon-adsystem.com — Cisco Umbrella Rank: 267	53 KB
7	brightspotcdn.com ewscripps.brightspotcdn.com — Cisco Umbrella Rank: 28132	375 KB
6	adform.net 3 redirects cm.adform.net — Cisco Umbrella Rank: 1244 c1.adform.net — Cisco Umbrella Rank: 590	2 KB
6	typekit.net use.typekit.net — Cisco Umbrella Rank: 440 p.typekit.net — Cisco Umbrella Rank: 568	69 KB
6	fox13now.com www.fox13now.com — Cisco Umbrella Rank: 249526	347 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 391	110 KB
5	bidswitch.net 3 redirects grid.bidswitch.net — Cisco Umbrella Rank: 874 x.bidswitch.net — Cisco Umbrella Rank: 277	2 KB
5	googleapis.com imasdk.googleapis.com — Cisco Umbrella Rank: 442 fonts.googleapis.com — Cisco Umbrella Rank: 36	789 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 30	21 KB
5	media.net warp.media.net — Cisco Umbrella Rank: 2437 hbx.media.net — Cisco Umbrella Rank: 1383 prebid.media.net — Cisco Umbrella Rank: 1219	154 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 183	172 KB
4	btloader.com 1 redirects btloader.com — Cisco Umbrella Rank: 795 api.btloader.com — Cisco Umbrella Rank: 895	8 KB
3	yahoo.com 2 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 439 ups.analytics.yahoo.com — Cisco Umbrella Rank: 265	1 KB
3	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 203	3 KB
3	3lift.com 3 redirects eb2.3lift.com — Cisco Umbrella Rank: 338	1 KB
3	openx.net 3 redirects rtb.openx.net — Cisco Umbrella Rank: 1367	693 B
3	avct.cloud 1 redirects ads.avct.cloud — Cisco Umbrella Rank: 3607	535 B
3	360yield.com 3 redirects ad2.360yield.com — Cisco Umbrella Rank: 15181	905 B
3	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 296	793 B
3	defybrick.com rock.defybrick.com — Cisco Umbrella Rank: 9500 flint.defybrick.com — Cisco Umbrella Rank: 9116	20 KB
3	ewscloud.com api.ewscloud.com — Cisco Umbrella Rank: 37054 static.ewscloud.com — Cisco Umbrella Rank: 45362	11 KB
3	analyticssystems.net analyticssystems.net — Cisco Umbrella Rank: 9939	1 KB
3	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 856	132 KB
3	cookielaw.org cdn.cookielaw.org — Cisco Umbrella Rank: 372	15 KB
3	cloudfront.net d3plfjw9uod7ab.cloudfront.net	63 KB
2	fiftyt.com 2 redirects visitor.fiftyt.com — Cisco Umbrella Rank: 3661	1 KB
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 4426	560 B
2	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 313	478 B
2	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 518	69 B
2	lijit.com ap.lijit.com — Cisco Umbrella Rank: 589	554 B
2	google.de www.google.de — Cisco Umbrella Rank: 6149 adservice.google.de — Cisco Umbrella Rank: 8947	939 B
2	ad-delivery.net ad-delivery.net — Cisco Umbrella Rank: 902	1 KB
2	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 152	2 KB
2	amazon.dev prod.us-east-1.cxm-bcn.publisher-services.amazon.dev — Cisco Umbrella Rank: 673	453 B
2	parsely.com cdn.parsely.com — Cisco Umbrella Rank: 2681 p1.parsely.com — Cisco Umbrella Rank: 2081	24 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 151	87 KB
1	simpli.fi um.simpli.fi — Cisco Umbrella Rank: 730	612 B
1	onaudience.com 1 redirects pixel.onaudience.com — Cisco Umbrella Rank: 2072	419 B
1	criteo.com dis.criteo.com — Cisco Umbrella Rank: 686	363 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 459	725 B
1	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 608	352 B
1	rfihub.com 1 redirects p.rfihub.com — Cisco Umbrella Rank: 770	759 B
1	adroll.com d.adroll.com — Cisco Umbrella Rank: 1452	181 B
1	taboola.com sync.taboola.com — Cisco Umbrella Rank: 930	99 B
1	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 755	425 B
1	gstatic.com fonts.gstatic.com	28 KB
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 271	17 KB
1	aswpsdkus.com aswpsdkus.com — Cisco Umbrella Rank: 5863	42 KB
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 603	252 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 44	48 KB
1	scrippsdigital.com assets.scrippsdigital.com — Cisco Umbrella Rank: 36792	4 KB
1	oi.com.br 1 redirects click.oi.com.br	292 B
327	62

	Domain	Requested by
41	widgets.outbrain.com	www.fox13now.com d3plfjw9uod7ab.cloudfront.net widgets.outbrain.com
38	tpc.googlesyndication.com	www.fox13now.com e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net d3plfjw9uod7ab.cloudfront.net
18	bidder.newspassid.com	warp.media.net bidder.newspassid.com
10	pagead2.googlesyndication.com	e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net securepubads.g.doubleclick.net www.googletagservices.com
9	vid.connatix.com	cd.connatix.com www.fox13now.com
8	googleads.g.doubleclick.net	www.fox13now.com e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com googleads.g.doubleclick.net
8	securepubads.g.doubleclick.net	d3plfjw9uod7ab.cloudfront.net www.googletagservices.com securepubads.g.doubleclick.net www.fox13now.com
7	www.google.com	3 redirects www.fox13now.com e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com googleads.g.doubleclick.net d3plfjw9uod7ab.cloudfront.net
7	ewscripps.brightspotcdn.com	www.fox13now.com
6	b1t-nydc1.zemanta.com	widgets.outbrain.com
6	b1-nydc1.zemanta.com	widgets.outbrain.com
6	amplify-imp.outbrain.com	widgets.outbrain.com
6	zem.outbrainimg.com	www.fox13now.com
6	img.connatix.com	www.fox13now.com
6	www.fox13now.com	www.fox13now.com ewscripps.brightspotcdn.com
5	cm.g.doubleclick.net	4 redirects ssum-sec.casalemedia.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	capi-tier-2-us-east-2.connatix.com	cd.connatix.com
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.fox13now.com
5	use.typekit.net	www.fox13now.com use.typekit.net
4	c1.adform.net	3 redirects ads.pubmatic.com
4	dsum-sec.casalemedia.com	1 redirects ssum-sec.casalemedia.com
4	images.outbrainimg.com	www.fox13now.com
4	mcdp-nydc1.outbrain.com	widgets.outbrain.com
4	imasdk.googleapis.com	cd.connatix.com imasdk.googleapis.com
4	www.googletagservices.com	warp.media.net e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com googleads.g.doubleclick.net
3	image2.pubmatic.com	ads.pubmatic.com
3	ib.adnxs.com	3 redirects
3	ads.pubmatic.com	bidder.newspassid.com
3	eb2.3lift.com	3 redirects
3	rtb.openx.net	3 redirects
3	ads.avct.cloud	1 redirects
3	ad2.360yield.com	3 redirects
3	x.bidswitch.net	3 redirects
3	match.adsrvr.org	ssum-sec.casalemedia.com
3	e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com	securepubads.g.doubleclick.net d3plfjw9uod7ab.cloudfront.net
3	prebid.media.net	warp.media.net
3	aax-dtb-cf.amazon-adsystem.com	c.amazon-adsystem.com
3	stats.g.doubleclick.net	www.google-analytics.com
3	cds.connatix.com	www.fox13now.com cd.connatix.com d3plfjw9uod7ab.cloudfront.net
3	c.amazon-adsystem.com	www.fox13now.com c.amazon-adsystem.com
3	analyticssystems.net	www.fox13now.com e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com
3	use.fontawesome.com	www.fox13now.com use.fontawesome.com
3	cdn.cookielaw.org	www.fox13now.com cdn.cookielaw.org
3	d3plfjw9uod7ab.cloudfront.net	www.fox13now.com e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com
2	ssum.casalemedia.com	2 redirects
2	ups.analytics.yahoo.com	2 redirects
2	visitor.fiftyt.com	2 redirects
2	d5p.de17a.com	2 redirects
2	simage2.pubmatic.com	ads.pubmatic.com
2	pixel.rubiconproject.com
2	match.sharethrough.com
2	cm.adform.net	bidder.newspassid.com
2	ap.lijit.com
2	s.amazon-adsystem.com	1 redirects ssum-sec.casalemedia.com
2	ssum-sec.casalemedia.com	1 redirects e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com
2	grid.bidswitch.net	warp.media.net
2	log.outbrainimg.com	widgets.outbrain.com
2	api.btloader.com	btloader.com
2	flint.defybrick.com	d3plfjw9uod7ab.cloudfront.net www.fox13now.com
2	ad-delivery.net	www.fox13now.com
2	sb.scorecardresearch.com	www.fox13now.com
2	prod.us-east-1.cxm-bcn.publisher-services.amazon.dev	c.amazon-adsystem.com
2	btloader.com	1 redirects www.fox13now.com
2	api.ewscloud.com	ewscripps.brightspotcdn.com
2	connect.facebook.net	www.fox13now.com connect.facebook.net
1	simage4.pubmatic.com	ads.pubmatic.com
1	image4.pubmatic.com
1	pr-bh.ybp.yahoo.com
1	um.simpli.fi
1	aud.pubmatic.com
1	pixel.onaudience.com	1 redirects
1	dis.criteo.com	ads.pubmatic.com
1	sync.mathtag.com	1 redirects
1	image6.pubmatic.com	ads.pubmatic.com
1	js-sec.indexww.com	ssum-sec.casalemedia.com
1	p.rfihub.com	1 redirects
1	d.adroll.com	ssum-sec.casalemedia.com
1	sync.taboola.com	ssum-sec.casalemedia.com
1	ad.turn.com	1 redirects
1	fonts.gstatic.com	fonts.googleapis.com
1	a5086.casalemedia.com	e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com
1	fonts.googleapis.com	securepubads.g.doubleclick.net
1	adservice.google.com	d3plfjw9uod7ab.cloudfront.net
1	adservice.google.de	d3plfjw9uod7ab.cloudfront.net
1	s0.2mdn.net	imasdk.googleapis.com
1	mv.outbrain.com	d3plfjw9uod7ab.cloudfront.net
1	odb.outbrain.com	d3plfjw9uod7ab.cloudfront.net
1	capi.connatix.com	cd.connatix.com
1	www.google.de	www.fox13now.com
1	rock.defybrick.com	d3plfjw9uod7ab.cloudfront.net
1	p1.parsely.com	www.fox13now.com
1	ad.doubleclick.net	www.fox13now.com
1	static.ewscloud.com	www.fox13now.com
1	widget-pixels.outbrain.com	www.fox13now.com
1	tcheck.outbrainimg.com	widgets.outbrain.com
1	hbx.media.net	warp.media.net
1	cd.connatix.com	1 redirects
1	cdn.parsely.com	www.fox13now.com
1	aswpsdkus.com	d3plfjw9uod7ab.cloudfront.net
1	p.typekit.net	use.typekit.net
1	warp.media.net	d3plfjw9uod7ab.cloudfront.net
1	geolocation.onetrust.com	cdn.cookielaw.org
1	www.googletagmanager.com	www.fox13now.com
1	assets.scrippsdigital.com	www.fox13now.com
1	click.oi.com.br	1 redirects
327	106

This site contains links to these domains. Also see Links.

Domain
scripps.wd5.myworkdayjobs.com
www.facebook.com
twitter.com
givingpledge.org
x-default-stgec.uplynk.com
www.outbrain.com
r1-usc1.zemanta.com
www.clicktraceclick.com
support.fox13now.com
publicfiles.fcc.gov
www.instagram.com
scripps.com

Subject Issuer	Validity	Valid
*.scrippsnationalnews.com Amazon RSA 2048 M02	`2022-12-20` - `2024-01-18`	a year	crt.sh
ewscripps.brightspotcdn.com Amazon	`2022-04-30` - `2023-05-29`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
cookielaw.org Cloudflare Inc ECC CA-3	`2022-05-01` - `2023-05-01`	a year	crt.sh
use.typekit.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-14` - `2023-10-15`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-06` - `2023-06-05`	a year	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-09` - `2024-02-11`	a year	crt.sh
*.scrippsdigital.com Amazon	`2022-07-09` - `2023-08-07`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-12-13` - `2023-12-13`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-18`	a year	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-01-10` - `2023-03-04`	2 months	crt.sh
aswpsdkus.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-06` - `2024-02-08`	a year	crt.sh
*.parsely.com Amazon RSA 2048 M01	`2023-02-24` - `2023-07-04`	4 months	crt.sh
*.ewscloud.com Amazon RSA 2048 M02	`2023-02-22` - `2023-10-13`	8 months	crt.sh
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev Amazon RSA 2048 M02	`2022-12-27` - `2024-01-25`	a year	crt.sh
*.outbrainimg.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-11` - `2023-03-15`	a year	crt.sh
*.scorecardresearch.com Amazon	`2022-12-30` - `2024-01-28`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
rock.defybrick.com Amazon RSA 2048 M01	`2023-02-21` - `2023-06-07`	4 months	crt.sh
*.defybrick.com ZeroSSL ECC Domain Secure Site CA	`2023-01-16` - `2023-04-16`	3 months	crt.sh
api.btloader.com GTS CA 1D4	`2023-02-16` - `2023-05-17`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.connatix.com Go Daddy Secure Certificate Authority - G2	`2022-08-22` - `2023-09-23`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon	`2022-06-15` - `2023-06-15`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2022-04-05` - `2023-05-04`	a year	crt.sh
bidder.newspassid.com Amazon	`2022-03-14` - `2023-04-11`	a year	crt.sh
*.google.de GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
casalemedia.com Go Daddy Secure Certificate Authority - G2	`2022-12-13` - `2024-01-13`	a year	crt.sh
*.zemanta.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-16` - `2023-09-06`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.taboola.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
d.adroll.com Amazon RSA 2048 M01	`2022-11-08` - `2023-12-07`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2022-06-27` - `2023-06-05`	a year	crt.sh
*.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-05-18` - `2023-06-16`	a year	crt.sh
*.avct.cloud R3	`2022-12-31` - `2023-03-31`	3 months	crt.sh
*.sharethrough.com Amazon RSA 2048 M02	`2023-02-10` - `2023-08-12`	6 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-25` - `2024-01-24`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-09-20` - `2023-09-20`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-04` - `2023-03-31`	3 months	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2022-11-07` - `2023-12-08`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2022-11-08` - `2023-05-03`	6 months	crt.sh

This page contains 44 frames:

Primary Page: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Frame ID: 19211223018B4CC8E149473F83915E95
Requests: 124 HTTP requests in this frame

Frame: https://cds.connatix.com/p/233833/connatix.playspace.dc.js?tier=1
Frame ID: 3A0B4FBAF9A79261446A65048B1BB6D2
Requests: 11 HTTP requests in this frame

Frame: https://hbx.media.net/checksync.php?cid=8CU2N1270&cs=16&cv=37&hb=1&vsSync=1&refUrl=&gdpr=1&gdprconsent=0&usp_status=0&usp_consent=0&coppa=1
Frame ID: EAB01D0656ED198DC5CBAB779B16748B
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.557.0_en.html
Frame ID: 1504B25E8C65D5711C5541743007F3B5
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.557.0_en.html
Frame ID: 28B9CE4909C2B686A834676FEFC9AB52
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.557.0_en.html
Frame ID: BA3503DC3B95ACDBAF440F4F10DFD822
Requests: 1 HTTP requests in this frame

Frame: https://e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 817647074AA75C66441CADC871CF3CB9
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: F02E0D911C5188F0C1EF3387EE12B4E1
Requests: 3 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: 2BC43D494F8CAB42ABECC1891D9E7E11
Requests: 3 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: F8E069C0F4F71B1B840C7277F223017D
Requests: 3 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: B38F78EB05C5FF456629572C40F13E17
Requests: 3 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: EE9A4D7E0559C0067C49ACC3E279C897
Requests: 3 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: F4D0A97CC6B8DA40C75991547E3B65FF
Requests: 3 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: 932999AAB49B9E04CF2DF2674768C6C4
Requests: 3 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: E0B645573853063A1AA0A5318C570574
Requests: 3 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: D02CD2542875660EC52EAB5C2127DB1A
Requests: 3 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: 40CE1DE3E1AECE223ADADC3BD631CD37
Requests: 3 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: B0111D5FE285E8083BDDF3754EB32185
Requests: 3 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: 07D88679555AECA6E1CAF86F00DB4AB9
Requests: 3 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: 4DAEA70C8110EFAD0A8A5AF09BA7992A
Requests: 3 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: E16B3CA5E8D9614B627B8D55AF3E3B42
Requests: 3 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: AF5DD360C233A3486B2CAE043DB73F5E
Requests: 3 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: 955DB9BDBCDB81DAE339C73F459891B0
Requests: 3 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: 8B638F08E15381BE22097490EBD5F932
Requests: 3 HTTP requests in this frame

Frame: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Frame ID: 7E844EE50D05914056ACF2E9F8A9FD36
Requests: 3 HTTP requests in this frame

Frame: https://e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 3DD133378F148C216E253D18B17A1072
Requests: 15 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012302031721000/amp4ads-v0.mjs
Frame ID: 1D86E1804E07A5323DD1588F67DEFE12
Requests: 13 HTTP requests in this frame

Frame: https://e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 2E87D237FCFDBFBAA875BCEE51414CFB
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adfetch?adk=366289824&adsafe=medium&client=ca-pub-5722610347565274&format=970x250_as&ip=2a03:1b20:6::&output=html&unviewed_position_start=1&url=https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth&sub_client=bidder-195620&aceid=MDesFQAlGLQAnxy0ACJqNAHvejQBWH00AeuBNAHGgzQB1IM0AUGFNAGJhTQBuIU0AbyFNAHehTQB7YU0AfeFNAEWhjQBGYY0ARqGNAEnhjQBKIY0AS6GNAE4hjQBPoY0AUGGNAFEhjQBU4Y0AXqGNAFLc0EBU3NBAVVzQQGrRlQBRPUeAjjIXAIs_IgCeECqAidCqgIHTaoCBVGqAhtRqgI7WqoC0GGqAhJoqgKUaqoC_XiqAoCbqgKBm6oCgpuqAlqgqgKiqKoCuLCqApaxqgLb1qoCyeKqAqDlqgJH-KoCqvqqAr_6qgIl-6oCQfuqAlkTqwJwGasCfRyrAg8hqwKDJ6sCXCirAvsrqwLuLKsCnDCrAnAyqwJ5M6sChzOrAl41qwINPKsCIzyrArQ8qwKCPasCXD6rAts_qwI_QasCkkGrAglDqwJpQ6sCiUSrAn5FqwLhRasCG0arAkBIqwJ1SKsCkEqrAmNLqwI-TKsCSUyrAohNqwLDTasC702rAmBOqwLSTqsC3U6rAhZPqwKwT6sCtk-rAsxPqwJmUKsCE1GrAllRqwIFUqsCUlKrAv9SqwILU6sCSlOrApFTqwLpU6sC8FOrArJUqwI1VasCOlWrAmpVqwKAVasCI1arAm9WqwLyVqsCblerAjZYqwJEWKsC6lirAgdZqwLfWqsCVlurAl1bqwKLW6sCG1yrAi9cqwJhXKsCHF6rAlFeqwJK7QUDTO0FA8WyxQXinPsS0qv7EtSs-xK2sPsSP7H7Ei_J-xKc8vsSgPX7EpT2-xIv-PsS_gD8Ek4I_BIpCvwSPQr8EvMK_BJ2C_wSfAv8EsIL_BLdDPwSbg38EnYN_BLTDfwS-FZrGqi8_yM&awbid_c=AKAmf-CtKmA5aBJZlP2NZhKP8EhYdvvxInh67653xGjs2X5OAqVH9QMcNyzDvCXiRCiGhO9DuUdrUA31ZmTa7Ujy6QUnvsBS7U9qin_liyaptXhnnfDjjCZzhYLltO9A7jItACwqGu_EdDYWt8sDWIs9Y0mA9xj5Sxboid5RnbN06lM3k0_8j64&awbid_d=AKAmf-DrTM6imjRxh9E5j6Hx7MT31AjEZmPyS5S0gpzqv0QCGeEWVcTTTP594meuMm5Ks3BYHRTUkNjVmnzfZqV-UQmwiLA9YzFIqJV9z0u6KPpWNtGL62eu9-dH_jWP-IM8Yk1cFqj4bVCYHxPNaudMtXWhmJOHEQGO4sDtmBB2bdHfW6BNg4AFAafsvlBc_9vEL4oM-UX2tujOu_jyufOYADE52-LEnWsMimYlCoNWeW4hdM_2WSakc_-tfssXZkiWhsVhjZTKUsuvNnbkx3Gp5JZp-iRPWSEuaCzWC4xIW1HILC5vCiRmixsFm4fbdFIpLyklYNvNHetKjQN-tglW9bZ0Bwt4LPxLXKtSJPXXz-Gf6R5FQDRc1kIyMw5aNsfvS_ZYrgI9QKunuBwbeZ8U0G8TI_jW7l3HJUQhF858qiTXt2nTIEONzPjT466CVhH2ns0Jh64lVqTDr2BN3CJUpn1-GV2PZRTfQAutrc0sKKGxWKeLXcVPwM-rm_HymqrAEVV2GirRguOgFusKLa4WTyTOQ0LYsGNz1cub2BjZsoIrTzJXFPplwLn3OSOp7DbKiIMuwrurPFYNGqeX_ibQwvl0MhOWzXICz3C43lCjgIsQjnOz78tC9KA8Rtb1cRHrIYCLmGWM51lAaVOXXLh0A3HbzRypHHOzjrPxNd6vlH98kdNqqwnwB5Y3e5gR_Qiu3a0b8MdsF0vwHXy64ZYlvFpn8oDgQW2Ikme0PXHZWN8GYs5wcgSmH9ed_EoHM7u0bjaP6C4ymx0jP14PGxldwpEJ-v_3Ka4d-1PSX_m27Hfj5oQ779VVm9nbjUrslYRE1CcGlAqxmMIHDep6aoxv_ivl2E5GeA&cid=CAQSGwDUE5ymYuZn00neL0jhwbsRLwTUaHM77XG_gRgBIAo&exk=378098682&rfl=https%3A%2F%2Fwww.fox13now.com%2F&a_pr=13:Y_lSCwAAAAAKQC_eWBVRFyBKnp4MkFPIWaRFkg
Frame ID: 85D3E6182BA2DEFBB8FD8762168BB5D7
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16109559932968589349/index.html?v=b208246486
Frame ID: 2AADAAEA0B7E9F983D89F6059E766803
Requests: 23 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 43F7D297540C4D3C3FF5222E7EB89637
Requests: 2 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=184986&us_privacy=&gdpr_consent=&gdpr=1&gpp=&gpp_sid=&C=1
Frame ID: 4447CACB46F1A7E3D7865C3FF1D22F0E
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: C007A1F12C47441BF1A50F377384F557
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/6N6xbrRFdMEff8Jis_shwjAW5G8di4zE4BhK3Aw40Jc.js
Frame ID: 9987C2727B38A63688CEEA940087C88E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 9D50C6FFC20B62EA21E8EC243C489506
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B2DD4293407DAA519D9A6E76AB56EB3A
Requests: 2 HTTP requests in this frame

Frame: https://bidder.newspassid.com/static/load-cookie.html?usp_consent=1---&publisherId=NPID10000004&siteId=4204204280&cb=1677283851706&bidder=newspassid
Frame ID: 458C33C3E52691BA5E0D00B8529568A0
Requests: 13 HTTP requests in this frame

Frame: https://bidder.newspassid.com/static/load-cookie.html?usp_consent=1---&publisherId=NPID10000004&siteId=4204204280&cb=1677283851669&bidder=newspassid
Frame ID: 089D950052CE5019685CC05DBF1A3898
Requests: 13 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=&us_privacy=pbs-newspassidhttps%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-newspassid%26uid%3D
Frame ID: 53A947C198C1908B11A40CEAF31C642B
Requests: 13 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=2E674B7D-E498-49AE-B388-AD3A14A44BB8&gdpr=0&gdpr_consent=
Frame ID: EB1051E60375AF7D65151847172288E4
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:b74063f9-5211-4000-9586-efffbc006724&gdpr=0&gdpr_consent=
Frame ID: 6CD299B199034D498ED2BB16D23D4825
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=508936005087428824
Frame ID: 118BBA578C8CB950B0CF68273B625B6D
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 3A31D07B7ED89C7B790546E23BEC1DC9
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=&us_privacy=pbs-newspassidhttps%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-newspassid%26uid%3D
Frame ID: 997A895C6EEF54C7A3079E4944D136A2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Billionaire Utahn to give away 90% of his wealth

Page URL History Show full URLs

http://click.oi.com.br/ls/click?upn=5zCDL-2BIpvU4z1elswBBmmTinI5M7jgVe7J8tz5U5f57bXY9Cj4YlOizeuxQkp... HTTP 302
https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth Page URL

Detected technologies

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cdn\.cookielaw\.org
otSDKStub\.js

Outbrain (Widgets) Expand

Overall confidence: 100%
Detected patterns

widgets\.outbrain\.com/outbrain\.js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

Page Statistics

327
Requests

91 %
HTTPS

36 %
IPv6

62
Domains

106
Subdomains

81
IPs

11
Countries

4027 kB
Transfer

14658 kB
Size

54
Cookies

27 Outgoing links

These are links going to different origins than the main page.

URL: https://scripps.wd5.myworkdayjobs.com/Scripps_Careers
Title: Careers Search

Search URL Search Domain Scan URL

URL: https://www.facebook.com/dialog/share?app_id=765516083862087&display=popup&href=https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth&text=Billionaire%20Utahn%20to%20give%20away%2090%25%20of%20his%20wealth
Title: Tweet

Search URL Search Domain Scan URL

URL: https://givingpledge.org/Pledger.aspx?id=430
Title: announced Tuesday

Search URL Search Domain Scan URL

URL: https://givingpledge.org/About.aspx
Title: The Giving Pledge

Search URL Search Domain Scan URL

URL: https://x-default-stgec.uplynk.com/ausw/slices/667/ef205c0e5ea14d77944cbd6904335118/66732693886c424bae2c712e6d31d0f2/66732693886c424bae2c712e6d31d0f2_e.mp4?traffic_source=Connatix
Title: Watch More

Search URL Search Domain Scan URL

URL: https://x-default-stgec.uplynk.com/ausw/slices/389/ef205c0e5ea14d77944cbd6904335118/389998f37b984c81b78a541e910db5e4/389998f37b984c81b78a541e910db5e4_e.mp4?traffic_source=Connatix
Title: Watch More

Search URL Search Domain Scan URL

URL: https://x-default-stgec.uplynk.com/ausw/slices/a32/ef205c0e5ea14d77944cbd6904335118/a326451dc5264add93453fff5b51a964/a326451dc5264add93453fff5b51a964_e.mp4?traffic_source=Connatix
Title: Watch More

Search URL Search Domain Scan URL

URL: https://x-default-stgec.uplynk.com/ausw/slices/97b/ef205c0e5ea14d77944cbd6904335118/97b259a11d35413f9257cb1e8247cee2/97b259a11d35413f9257cb1e8247cee2_e.mp4?traffic_source=Connatix
Title: Watch More

Search URL Search Domain Scan URL

URL: https://x-default-stgec.uplynk.com/ausw/slices/a05/ef205c0e5ea14d77944cbd6904335118/a05e1d7a014546e9a4d84e8309549a1b/a05e1d7a014546e9a4d84e8309549a1b_e.mp4?traffic_source=Connatix
Title: Watch More

Search URL Search Domain Scan URL

URL: https://x-default-stgec.uplynk.com/ausw/slices/8a9/ef205c0e5ea14d77944cbd6904335118/8a91b0498fd34f98bb37572c8507be01/8a91b0498fd34f98bb37572c8507be01_e.mp4?traffic_source=Connatix
Title: Watch More

Search URL Search Domain Scan URL

URL: https://givingpledge.org/Home.aspx
Title: Hundreds of other billionaires

Search URL Search Domain Scan URL

URL: https://www.outbrain.com/what-is/default/en

Search URL Search Domain Scan URL

URL: https://r1-usc1.zemanta.com/rp2/b1_outbrainrtb/12034998/82913422/6DTUZXVLJP2YQ4TGMQTBCEQKE2O6L4C57MROCG4HFVCPMELBZDWO7BC7TRKYFNPQBTN7B4CPBRDGLL7UM63V3XNAINQHLF2VTDOXVJUK5P3TMGBP3ROISUMKDODQOTXR5OOUMVLFARMHHXGCHGIIQMG5ITZAMTPUGVBUYPKTLM4KAZELFWRJKFAJPNYKMUG4CPOTVNE6KLGTMTJYO6PQSROYNDFNEM7OS4FJBEDJWT3IUJQ6S6MGADLLQHW35U6SXPFDSYTNJP4E5RGQGENYXJS33CZJVX5QSMB447NVJ4R6U3NKOY5UXENYXAO5NGLNOWO2RR5XRXQOTMZQOSFFNMEPULI2STPAVBPHMH5QEX5MZTYZ5X72WVAE3PJWNYCBU2NIDYLS6LTVTP4UQLLVJZPTUXJHKAM4GR63NN5YUEHJQ7MHF3YQSAPSTLJ25KCCWLJWTBERTFRIXKAOUZRMU4YHAPOBE53XH5Y2UWZ67YHNX6WYN2DS7EM757ESR3FFK57KVJHZRQ2NSO5EUWGZ5ENFIKSWVLPDUJX2YIKDCKGS4T2HMYGGWUSQO7TEZARS7STSKTICXIUELOJZRATIJ47OWW75EA2I67B6UQEL6PYKWHIBJZUMNUQNVRENAZX3YESQKABCBX77BMLSN4EQESJ7SFXR533U5AJO6EIQ2YSTIZXDXUHRGGV7BGL3RC43WE6IBFENCYLU6JSLARDU3KNCQ42XBFAGBHJKLXRVTRJG33HI7PNQ7HLZNO6HMXRFFTOO65HAHKHAOWFMDZCU3SCIQ2W246ONFOHA2LJN5ZOWZRMVUJ3Q/?obOrigUrl=true
Title: How pink hydrogen could add to the nuclear renaissance Paid Content: MHISpectra

Search URL Search Domain Scan URL

URL: https://r1-usc1.zemanta.com/rp2/b1_outbrainrtb/37954294/115180472/63T5LGB2TGZMKBHWVRL4RH57HW5PFDQWYFOC6LCYHMBMMKH5UJCUFBQQ3QHDX4ISB5TOFW74BDMKSBSMAISZ5GUOSM7HERYGGORMFJFR5ULMI7LFQG5JMQ4KT7RFNYTX2QJUMH2AVKRAYRWVFRGJKOIWD6KHDYKVUIBXAOIYUAO2I6CYRUF3BOYHSJO2LH6NLUK2CMDHJLQTL3RGVZQBAJT2V3FYBYDJRKUTJ5UZHC6FCINLILOPDHXZK6UYTEOWL27IXRYJ3DCVN634XQMQTW46FOFIECWCN25265QH2RBBJII34KZNHOMR5QRAX4WJNJOI3U5JBGCAOLPMIEOCQMGIDLPAQ7QKFROG2QNX7AOBMZ42SH5JWCGZV7C6BZOQTZZDBEUGUZIZLH5R77JO5V7SHM5LUNUM5VPNOI6MMDCJ5FNB7DNRABBARQOVSB6L42G6YK4BLRUZG4ZUZEEFYXH5MHARTLQ3VWHI33DDYWZ74I4M7MEEQAKPT5B6SM7MGL3AC5Y4BCAOV7JX6EJJOUO6WX37DSDEX3FJG675QQL7SMSE4UEIP36HHRB5XYBNOPCAJMJPQ76XVMCCATUJQBAGEHWPJPBKA4FWQZT7XCLKYLJU4B4IHHLROI77G22FXATXFICIF5X4T44VAORRITPWSM6QJH76VKUTXQ4LO75475KNXQPBBPLMEZGMOCIA4CZCXGD7CFGDBMU3AOBWQI5WEQSHD4CNPVCARP5VI7M4S3EPTUZB7WHTUGDGFCXAYOSZTBT2W4WPFF3WEGPTAN7MKH2HVSOYY2NTVUE4ZDKRKKIZ3Z4LI6P3COREZL7B5DI5JK43O6N4UT5AHHHIQQ4EISIEFV74RPCMKGTAZL4EBFXIQCMDF4HJ7UECOUV4ZMODM7743RTSZX7HLHJVQK52MN63LQWILXSWRKU6WCYGXXTK27LFS3G3GA4C64NQADUTZ67WTJZYY/?obOrigUrl=true
Title: [Bilder] Das Auto, das Greta Thunberg besitzt, sagt alles Paid Content: I Am Famous

Search URL Search Domain Scan URL

URL: https://r1-usc1.zemanta.com/rp2/b1_outbrainrtb/38451541/116095166/SJTAHVIC3LL7L2JKBCZHVVLDZXCLG7DWREZCQ23JN3N6IWTF6EEO6F3X2T66CGJXJ7672UEVYJNRZGLVTJX6DLNWT5XUEZ343AAUDRWRSQHH3MLQVRNUD6KPLBSGLQ7U36AOD2JACT7QXXS7PIGYMRJGZ7WC4HS6VCEN2YQWU3FWLX5CTREVIWVIDVKS3XTFTB2KE655V6RNZY3JOQKPJ2DP4XTB67D3TDC6DPEFZT6N3S2RIGRUJ55BICNYK63CFV4QEX565DL4MJZZEVG3NB72Y5SSHD7QVZHBGWHDUNINUTXBRHKNVTA4BH2NRSROLWSBGQG4LHDA2Y27Z74O4JFIWX5FS7TMSJIA3OCXZHGKBNXC7YVVKEDSUZ3BZ25OVWIAAKO5KI5CCP2T73QA36F5MD2OCXOFVIKPT4S4JWGNGW6Q3Q256J3MHV4HXCYJW7QQPULZMHC2CVDXIYN4DZRYEQ67SMSSE4DSXODUZCXA277F3VGI4KAXLPXG4H3EG2HW4F45IEVDC4KP4FAKKLYEWHAATG2AZNZMERSNOBAS442QMBLWHAO56NZ4EZIZHFUXJCOBEHNRN7FEKQV5UCV4AOQ66PVN2AJIVGSR6ALXWCMJN5ZYVLWHKP2VN2CM2PFRVBDWXPTYJPKTGXWZZOETIS6ABLVMALLOYDGN3SIPEKW3BN27DZT4DOTVQF45DCZS3PTIG6QITADDZDYDJGZFPNKBUV2KX3U64MCV2S4VJVLTDVAU56BN55G4S7VS5DS4HTWWNE73TJGTXDFWUQQWTPRU772WT4XSBGWDEGCJV7UVDNX2FRVZEQLSFJNQVE3NJGHYJVUSIDDCTNGWA2Q5DEHMECCKAF4ORMS7XX2MXK63BFYVJXARDDYNTPYLI2IEHGAOUJOZ343Q77WLGUTNHKMTORPWTBEAVKUGXNXUDJYN5MJU4DAWOHO4QE5E3PGQKQ7XOWDMNCAVOFCQOK7GHFNINCH2Z7VFY5A/?obOrigUrl=true
Title: [Fotos] Joshua Kimmichs Auto ist wahrscheinlich das teuerste der Welt Paid Content: Authors Pick

Search URL Search Domain Scan URL

URL: https://r1-usc1.zemanta.com/rp2/b1_outbrainrtb/36874020/113246085/O5MITDCLGYNUQ3WVQ2X47OKFXWEKWYYE56K5PQBAAVDYT55LDUPBPXVPGJDTUVY43UZTN2KODOQDSHVRZD6DXT6TILDRVZNCYCCGPW6QADUDIVLFGC3YIDFQENC7ZIJ3XTXORJO6VYSL4NKBVDXQFR446OCZ457JQEFE6STG2OKOYKPG7O2VHOV3LQB2OWG6MA5L6QHXTTHAVHM4WDU2OR7TYQJ3R6T4NEP7MDNKHXI3T5UO3BX522EXL3LUJNRTU364DTZ4UVUS36UKWH3OKPZ45TI6DQS4SGIBZZ2S2V3K3CLBMGA5Y3EO5RJDFKQBBZYDI4ZYRGLIEKWNBEC3SZWX6V3OVQFZ2JRUIJDAD4KHPMLJKJJ2UWNKK53MBBC55D4ACFJOTQREFD4XOKDQJUBWHBH4IFYBQA5TX3L3MVNQA6ALVH35MIRHHKLEXWWJ2GMJUFTJXN6MPDHZETTDZHJ5A7RYSP37USPVVUAC2QI5WMOV5FQWUQZZTJN7Q7RSWUQD23QMJVCRNFKMFZBHD6I3MBGC4PS3B3SB4EVUPNMELPWTC54IXL53G7OGA6MT7LGP55BLHUMW3VFGBNSW2EBOLNOSBQ3POYP4J6XGVF2BUS2DETTCGHXHPCEENFYXJQWU2FNV6RVSSSNVDK7PYUTIUGMIQZSIBDQTTP367546Y6E6FATLCILYNNXXTHL4AEUBLHITHMOPCADOG4Z2FNCZKNAORNQ6XCXRYN6DFQMM2BFBWPB53MMASGBCM4J3VBPIM7MHA3UHQ3A2PXR262DQDRYGGVZIHY2O2EEH5JDFGKLHNU6L7HVWSPNBS4ZC53D7FMQWHSUFBD5R5NTULYD5ZP3ZJTNASJTV7QQ6HBTCLYWLJWX4FX5P6TVSQDIYYZICPSFEHWDOF5DUUYHKZGZE6MTVM3G3ZBVKJ36GEFNAEKRGZCTCIEOA4TWITM5FSMIX62F7YEU7FH2PGX3FZMPCXU/?obOrigUrl=true
Title: [Fotos] Sarah Connors Sohn ist erwachsen und sieht aus wie seine berühmte Mutter Paid Content: paperela

Search URL Search Domain Scan URL

URL: https://r1-usc1.zemanta.com/rp2/b1_outbrainrtb/29938118/96666602/BK4BOMJFTYR3Y6HNJHUBJKDNXGOJAIB72JUIUYZJ33GZM24IUSGK5NUWP2LNVKQDQ6MIBCB4ITMQLJJAEH3VW6GVCRHJRJDOLEGIZ4EHH3G4H5T4ER7C753ISFORKUIM53I6ZT6T3PV2QOX4B7FZZSFJIIRKQ2NB67GLC4HBWDK4B3BUVOBBKYBXGVMZWLMOKFQWWRFTRINC5C6ZRYZ7HW3M23SPYF7AUST2RGHOK5HITKMOIDTE4ZSNODOW7PD5EM5USF2ORHGEH3RCJ2R3RWRN4FIPV3TTXLMYN7NPQ7VPY37BX6GRCX42IN53Z46CRKNXXH4JOCD3LHHJBRTSWRDSYM6XL66YWEZ3QUC2ORRSOCRRE46THCVEX5QNOM2GVDKJY36GASF4SZIJIVN2CWCILEJF77V4W5RGKWAZOBPM5CU6ZJXSDNDT5ZZF6NVXLV3DWBRSMQD5YYYF73CZXQX27HMG42TZJHUHR2CE5CY6YB3HOOEMXILOSRYR2JVBN4D4FFBYPK3JQJGYMA2BQBNLXV2NOVVRK53QB55YYZ5U7CM5GP6NMFM2YIOJJ37Z3BVPJ3ZNMQTJWWHW5AKEJVA6TK4CX2NIFPMF4QHWVKKXBW6TJDCCWYNF6DV7XZPMLGGKY45SYRBHYDXQ4Q7OIA6T32Y6W5PVM3AOLFGQI5TPGP27E6KPJ3TDLUHHLERWSAT3Z6EBKEW36L2AA4JEGCWVLFIDFHRUPRLI4OMJUHEBBLWDTG6EUBCZLRURCVSYMK5BJEQYVWOM3RVZEA46FRWMJMSXFBMPN2IZ64JYJCN4A6KN5FMKSRIQP7EXGWWXRUUZESQ4VMJTWYFVYB3EL3SUPY4JHTYMC4INTYEHRS5Q67G7QLRKRQEZ6PIGDZ62BHAPA5V7CXGTM/?obOrigUrl=true
Title: [Fotos] 15 Promis, die homosexuell sind, was du wahrscheinlich nicht wusstest Paid Content: wordsa

Search URL Search Domain Scan URL

URL: https://r1-usc1.zemanta.com/rp2/b1_outbrainrtb/37954328/115177202/MF4OQJPFO4UVE2LTFLA5GDAZBGZ2SPF4UKOVCEP23X4ZRP5XL5THDIXMRHXFNC4RDDK4QKIKYGQ6DPHXXB2TKMLYUQOOR4MYJALUUQCL6LR73LREBX5G5KXU36VATMI2L5IFIAGENP4HUOEICYQPIXDU22NIZOIPG7JSKRU2DJAEEQHH7JXWNYJ6V6GWNFZJGDMG4PRULSKHWQEF5ATT4PELY3DJZC63V5L64U2PGDD4ZK3LZVEZJEV4LXVBMICQNV7PPQZ75E7FDHTMPBFXZ4HRUWYZ2BM3EOZLHBVXFSEGM6EYQ3BFE4DOWZ6QBLDL5GRLK67H6772JRD5WFYUOUYCCCJ7MBINLVYLSGMQ6UOATM7ECZSAO5Y2LOJ52ODGKBSYWQL5ZOIABACNZJIEJUA35YS75I2WP2O3UWUXF3AHWSPNXKRX2ADDSPW6S7HQJJGZKVY4RNG6AKNPSUSLUXHB2Z2YTKXU2VYKJPHE6LHQODK7EJPMW3R2HUE4JCHXNKQNSX7KANCICD76T7JWRY5HJWO5E77UDBXVULHNWYCNAOAUXXGTA3ZTT3HGBHZ5KTTLT6IY5UFRHNCJZY52FDPB4YCG4POKZBBSC3DJYSBOLQPHK5HQFIZIJ2KMQZ5AR3GAES745N557CEC2MG7IFSY2H5A5RK54RRJGKE7N3MNXOHWEBIVCRJJL4QWTZPSUJB3BSZQLRMU54SMRMUGD3VQ2ZXHMMR5K2Y73TGPP3SZ3RSWNK6HVQCRHAIGTGLGB4EM3TKXEY5SMO3F75UYK36Q4EP4JJ2RROWNVJ5WOKFT6YQVAAAGH67O6WOZRJQ7QO7DCLNEVMIWIS4LBE7VIQIF33IVU5WRMOV7K472LS3IKYT4I2ZVK3UCKWZBQMWVCBQEVABC2JRTZC4VVFVETNMRA4SXZFG3OTXTJQVIGPJDDPI2D2Z2S4Z5QYS2O6SMVOPNDSWQRCSCG/?obOrigUrl=true
Title: [Fotos] Ein Blick in Gerhard Schröders Villa, in der er mit seiner Liebe lebt Paid Content: Paperela

Search URL Search Domain Scan URL

URL: https://www.clicktraceclick.com/68187655-3b6a-4666-9d4d-ddb587c2a73d?sectionid=$section_id$&sectionname=$section_name$&publisherid=$publisher_id$&publishername=$publisher_name$&adtitle=Dieser+Trick+beschleunigt+tats%C3%A4chlich+Ihren+Windows-PC.+%28Jetzt%29&OutbrainClickId=$ob_click_id$&obOrigUrl=true
Title: Dieser Trick beschleunigt tatsächlich Ihren Windows-PC. (Jetzt) Paid Content: Sicherheitstechnische Tipps

Search URL Search Domain Scan URL

URL: https://support.fox13now.com/
Title: Support

Search URL Search Domain Scan URL

URL: https://publicfiles.fcc.gov/tv-profile/KSTU
Title: FCC Public Files

Search URL Search Domain Scan URL

URL: https://scripps.wd5.myworkdayjobs.com/Scripps_Careers/3/refreshFacet/318c8bb6f553100021d223d9780d30be
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.facebook.com/fox13newsutah
Title: fox13newsutah

Search URL Search Domain Scan URL

URL: https://www.instagram.com/fox13now/
Title: fox13now

Search URL Search Domain Scan URL

URL: https://twitter.com/fox13
Title: fox13

Search URL Search Domain Scan URL

URL: https://scripps.com/our-brands/local-media/
Title: Scripps Local Media

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://click.oi.com.br/ls/click?upn=5zCDL-2BIpvU4z1elswBBmmTinI5M7jgVe7J8tz5U5f57bXY9Cj4YlOizeuxQkpfcCk-2B7bL-2BOloBfXo1MxwMWa8iId5itQTFAUwr5UtydgB7pjm8hKRtG6aNEUBq9OSdvT8qp0iIzkXGjCFF-2FlazIeoA-3D-3DeI6q_LWlKycWVb2IrizlGw-2BKt9buqWIanuzfZqnxU24E6bx-2BbvtnG3a0qcb4Uhg6LAmFDHodJeaQy94yhEqrFDKI0OjoRB-2BXWKakmDbHGNECqoeq7kqF5xcHRY6BdUc-2FQg6iFynB-2F2LUvACzpFDmTIaFi7G5rla6PWJDEavG83dl2OgjqMWpRDFnYeXHu48oSY10EimaMbKgd4QGpT-2Fvo3nEtmHEi3yzXhYs6O3j9QIR4HfQ-3D HTTP 302
https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30

https://cd.connatix.com/connatix.playspace.js HTTP 302
https://cds.connatix.com/p/233833/connatix.playspace.dc.js?tier=1

Request Chain 42

https://btloader.com/tag?aax_id=AAX21O2VJ&upapi=true HTTP 302
https://btloader.com/tag?o=5107371200741376&upapi=true

Request Chain 226

https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=184986&us_privacy=&gdpr_consent=&gdpr=1&gpp=&gpp_sid= HTTP 302
https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=184986&us_privacy=&gdpr_consent=&gdpr=1&gpp=&gpp_sid=&C=1

Request Chain 235

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 239

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y-lSDFiP3dEuo4P3x6WmgwAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJAoQfbxjiwek5QuVVxx8m8&google_cver=1&gdpr=1

Request Chain 240

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Y_lSDFiP3dEuo4P3x6WmgwAABJ8AAAIB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Y_lSDFiP3dEuo4P3x6WmgwAABJ8AAAIB&dcc=t

Request Chain 241

https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3767069437138362932

Request Chain 244

https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5134455421266724324

Request Chain 247

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 271

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 289

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy=pbs-newspassid HTTP 302
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy=pbs-newspassid HTTP 302
https://bidder.newspassid.com/setuid?bidder=grid&gdpr=0&gdpr_consent=&uid=771d6fbf-bc2b-4155-8a62-ae765bf1cf2a

Request Chain 290

https://ad2.360yield.com/server_match?r=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7BPUB_USER_ID%7D HTTP 302
https://ad2.360yield.com/ul_cb/server_match?r=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7BPUB_USER_ID%7D HTTP 302
https://bidder.newspassid.com/setuid?bidder=improvedigital&gdpr=0&gdpr_consent=&uid=17cf9f04-2e39-46f6-a420-a55b588f60dd

Request Chain 292

https://ads.avct.cloud/getuid?&gdpr=0&gdpr_consent=&us_privacy=pbs-newspassid&url=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Davocet%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7B%7BUUID%7D%7D HTTP 307
https://ads.avct.cloud/getuid?bounce=true&&gdpr=0&gdpr_consent=&us_privacy=pbs-newspassid&url=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Davocet%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7B%7BUUID%7D%7D

Request Chain 293

https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&us_privacy=pbs-newspassid&r=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dopenx%26uid%3D%24%7BUID%7D HTTP 302
https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&us_privacy=pbs-newspassid&r=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dopenx%26uid%3D%24%7BUID%7D&ox_sc=1 HTTP 302
https://bidder.newspassid.com/setuid?bidder=openx&uid=abe4479d-dbf5-4018-bc5e-1164d2e4b545

Request Chain 294

https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=pbs-newspassid&redir=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=pbs-newspassid&redir=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
https://bidder.newspassid.com/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=3959494171020399611699

Request Chain 298

https://ad2.360yield.com/server_match?r=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7BPUB_USER_ID%7D HTTP 302
https://bidder.newspassid.com/setuid?bidder=improvedigital&gdpr=0&gdpr_consent=&uid=17cf9f04-2e39-46f6-a420-a55b588f60dd

Request Chain 301

https://ib.adnxs.com/getuid?https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fbidder.newspassid.com%252Fsetuid%253Fbidder%253Dadnxs%2526gdpr%253D0%2526gdpr_consent%253D%2526uid%253D%2524UID HTTP 302
https://bidder.newspassid.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=8327026006309481447

Request Chain 304

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy=pbs-newspassid HTTP 302
https://bidder.newspassid.com/setuid?bidder=grid&gdpr=0&gdpr_consent=&uid=771d6fbf-bc2b-4155-8a62-ae765bf1cf2a

Request Chain 305

https://c1.adform.net/serving/cookie/match?party=14&cid=2E674B7D-E498-49AE-B388-AD3A14A44BB8&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=2E674B7D-E498-49AE-B388-AD3A14A44BB8&gdpr=0&gdpr_consent=

Request Chain 306

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:b74063f9-5211-4000-9586-efffbc006724&gdpr=0&gdpr_consent=

Request Chain 307

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=508936005087428824

Request Chain 309

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=LmdLfeSYSa6ziK06FKRLuA%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

Request Chain 310

https://pixel.onaudience.com/?partner=214&mapped=2E674B7D-E498-49AE-B388-AD3A14A44BB8&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0

Request Chain 311

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=2E674B7D-E498-49AE-B388-AD3A14A44BB8&gdpr= HTTP 302
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=2E674B7D-E498-49AE-B388-AD3A14A44BB8&gdpr=&fbounce=1 HTTP 302
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=2E674B7D-E498-49AE-B388-AD3A14A44BB8&addseg=19,36,42

Request Chain 312

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MkU2NzRCN0QtRTQ5OC00OUFFLUIzODgtQUQzQTE0QTQ0QkI4&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 313

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHPCxdCOf2f8kNyV2Gp5WMg&google_cver=1

Request Chain 316

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=3600262732993799600

Request Chain 318

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=2E674B7D-E498-49AE-B388-AD3A14A44BB8&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=2E674B7D-E498-49AE-B388-AD3A14A44BB8&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-OZuuUalE2uVi1oT__4t73QicLGGZd9g-~A&gdpr=0

Request Chain 319

https://ssum.casalemedia.com/usermatchredir?us_privacy=pbs-newspassid&gdpr=0&gdpr_consent=&s=189937&cb=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-newspassid%26uid%3D HTTP 302
https://bidder.newspassid.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&us_privacy=pbs-newspassid&uid=Y-lSDFiP3dEuo4P3x6WmgwAA%261183

Request Chain 322

https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=pbs-newspassid&redir=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
https://bidder.newspassid.com/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=3959494171020399611699

Request Chain 325

https://ssum.casalemedia.com/usermatchredir?us_privacy=pbs-newspassid&gdpr=0&gdpr_consent=&s=189937&cb=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-newspassid%26uid%3D HTTP 302
https://bidder.newspassid.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&us_privacy=pbs-newspassid&uid=Y-lSDFiP3dEuo4P3x6WmgwAA%261183

Request Chain 326

https://ib.adnxs.com/getuid?https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
https://bidder.newspassid.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=8327026006309481447

Request Chain 327

https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&us_privacy=pbs-newspassid&r=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dopenx%26uid%3D%24%7BUID%7D HTTP 302
https://bidder.newspassid.com/setuid?bidder=openx&uid=abe4479d-dbf5-4018-bc5e-1164d2e4b545

327 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request billionaire-utahn-to-give-away-90-of-his-wealth Show response
www.fox13now.com/news/local-news/
Redirect Chain

http://click.oi.com.br/ls/click?upn=5zCDL-2BIpvU4z1elswBBmmTinI5M7jgVe7J8tz5U5f57bXY9Cj4YlOizeuxQkpfcCk-2B7bL-2BOloBfXo1MxwMWa8iId5itQTFAUwr5UtydgB7pjm8hKRtG6aNEUBq9OSdvT8qp0iIzkXGjCFF-2FlazIeoA-3D...
https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth

246 KB
67 KB

336ms
217ms

Document
text/html

13.32.99.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-93.fra60.r.cloudfront.net

Software

N/A / Brightspot

Resource Hash

36cd49b49d18675d396afa9bb80b3cba18e78b7e02cde35fa1d336808c5382a3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://cms.scrippsdigital.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=240
Connection: keep-alive
Content-Encoding: gzip
Content-Security-Policy: frame-ancestors 'self' https://cms.scrippsdigital.com
Content-Type: text/html;charset=UTF-8
Date: Sat, 25 Feb 2023 00:10:49 GMT
Server: N/A
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Transfer-Encoding: chunked
Vary: Accept-Encoding
Via: 1.1 fa8c9f29fb8ef5c537a2a53f4de05240.cloudfront.net (CloudFront)
X-Amz-Cf-Id: LkbpMavnTSuhHstZADrkw6L2Btuuvd6OPQTQilEt1akVvsnDpb85Tw==
X-Amz-Cf-Pop: FRA60-P3
X-Cache: Miss from cloudfront
X-Content-Type-Options: nosniff
X-Powered-By: Brightspot

Redirect headers

Connection: keep-alive
Content-Length: 111
Content-Type: text/html; charset=utf-8
Date: Sat, 25 Feb 2023 00:10:49 GMT
Location: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Server: nginx
X-Robots-Tag: noindex, nofollow

GET
H/1.1 200
OK All.min.75b0fb919a43a07644d81762f3cf113e.gz.css
ewscripps.brightspotcdn.com/resource/00000186-74a3-db11-a186-f4e7adc10000/styleguide/ 114 KB
21 KB 119ms
7ms Stylesheet
text/css 65.9.66.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ewscripps.brightspotcdn.com/resource/00000186-74a3-db11-a186-f4e7adc10000/styleguide/All.min.75b0fb919a43a07644d81762f3cf113e.gz.css
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-23.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4a31fde39ebdd4cd2b803f33f8512361945b6b78d0fe3ae542f539ce82787bb9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Tue, 21 Feb 2023 15:42:13 GMT
Content-Encoding: gzip
Via: 1.1 46546eb404789d29bf372f6a3fe43876.cloudfront.net (CloudFront)
Last-Modified: Tue, 21 Feb 2023 15:42:12 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-C1
Age: 289717
ETag: "8276755257d0f6fad2a9574aa8840400"
X-Cache: Hit from cloudfront
Content-Type: text/css
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 21271
X-Amz-Cf-Id: dKJgHTXGNbnmqrDatGXp7kTTXoE6YpnyHVv2xKh9A0IIZZzCzXcFWA==

GET
H2 200 6d6d25e3-5be4-444b-82ae-a8f0bb892234.js Show response
d3plfjw9uod7ab.cloudfront.net/ 94 KB
25 KB 52ms
7ms Script
application/javascript 2600:9000:223e:c000:13:a391:88c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3plfjw9uod7ab.cloudfront.net/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:c000:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 89c9e80ecd6f37be835fe762db514ef63023190e1905645372c551b8c2201c89

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: 2YmoUKxvEerAgqYu5_hCgTSn3.Rs3vac
content-encoding: gzip
via: 1.1 eeb2f3ca588ea4437f4b97ed276a6664.cloudfront.net (CloudFront)
date: Fri, 24 Feb 2023 23:16:26 GMT
last-modified: Thu, 03 Nov 2022 13:16:24 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
age: 3284
etag: W/"e4a531bd392e3e19506b373bc5c8c363"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600, public
x-amz-cf-id: vcf3KeTcZiAF_Y_nVbfDprclPt94qdsx_jmu_o22wiguida5ZneUzw==

GET
H2 200 otSDKStub.js Show response
cdn.cookielaw.org/scripttemplates/ 24 KB
8 KB 54ms
21ms Script
application/javascript 2606:4700::6813:bc61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Requested by

Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d277a90920d78efa3d6e473d67240beb26100591c7b02a34bd444aa78ee5d5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 25 Feb 2023 00:10:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
content-md5: WdCEPqU1pnnoNr/cT9hHyQ==
age: 75940
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 8053
x-ms-lease-status: unlocked
last-modified: Wed, 22 Feb 2023 03:39:37 GMT
server: cloudflare
etag: 0x8DB14866C1DA9DB
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 0ce8f4b9-f01e-00c0-5533-4752a2000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
accept-ranges: bytes
cf-ray: 79ec385b995b92bd-FRA

GET
H2 200 otCCPAiab.js Show response
cdn.cookielaw.org/opt-out/ 22 KB
6 KB 55ms
22ms Script
application/javascript 2606:4700::6813:bc61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/opt-out/otCCPAiab.js

Requested by

Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a7b7120dffd25546c93c1367b9c86a3dc87e71d2c89ebb39163a71eb3b659f01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Sat, 25 Feb 2023 00:10:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
content-md5: ERttG9+iQk1LCPjR495NRw==
age: 79897
x-ms-lease-status: unlocked
last-modified: Tue, 22 Feb 2022 22:01:18 GMT
server: cloudflare
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: ff08643f-901e-0035-0346-2876b3000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=86400
x-ms-version: 2009-09-19
cf-ray: 79ec385b995c92bd-FRA

GET
H2 200 tsu4adm.css
use.typekit.net/ 21 KB
2 KB 67ms
8ms Stylesheet
text/css 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/tsu4adm.css

Requested by

Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

44184c16fd72e51859e402906cfc8eb5cc13161916b42cf46e416bc9e3fe9850

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Sat, 25 Feb 2023 00:10:49 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1740

GET
H2 200 all.css
use.fontawesome.com/releases/v5.1.0/css/ 45 KB
10 KB 45ms
13ms Stylesheet
text/css 2606:4700:e2::ac40:840f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.1.0/css/all.css
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ce91e2144ea27f82292ef2c87c5d9e1d0b9994df63836130293865aca18fc550

Request headers

Referer: https://www.fox13now.com/
Origin: https://www.fox13now.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 00:10:49 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: KKMD5G17E4DHX1D0
age: 1472817
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: NL4oArNA3zwNUGVhv7yhP6xuiEhGpwA4dA24c3jJhzVN5zm6DJYbjdLrryXfwZ449MKRSfNHU9E=
last-modified: Wed, 30 Jun 2021 15:30:31 GMT
server: cloudflare
etag: W/"826c57385f3d35cfed5478ba7b1f5c03"
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qFmLbyBmFKLbgjK1jWQpjUtcmHoqh9S0R0CXCB3h2gmOkef7gHrbDSSLFFYAm5wRtOtix8Vz0%2Flkb73QWxB3F%2BnV33hn22piZyngdDJmzmjZYUxI%2FlF2B7V2CrQMFGgJaIKsn1RqlQmKilQ3tGapqoEs"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 79ec385b9bc49213-FRA

GET
H/1.1 200
OK /
ewscripps.brightspotcdn.com/dims4/default/aa09ace/2147483647/strip/true/crop/340x133+0+0/resize/340x133!/quality/90/ 12 KB
13 KB 38ms
11ms Image
image/png 65.9.66.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ewscripps.brightspotcdn.com/dims4/default/aa09ace/2147483647/strip/true/crop/340x133+0+0/resize/340x133!/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2F24%2Fa4%2F8e8db4e3481aa736296f1eda4ee7%2Fmain-logo.png
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-23.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 44f39cf7728c58ba7a80910914f6da3d5c4698e0371c5eac8a1164b78ce730b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Tue, 10 Jan 2023 01:38:49 GMT
Via: 1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)
Server: Apache
X-Amz-Cf-Pop: FRA56-C1
Age: 3969120
ETag: 243f55f9732e45bd711289d7d2922a1b
X-Cache: Hit from cloudfront
Content-Type: image/png
Edge-Control: downstream-ttl=31536000
Cache-Control: max-age=31536000, public
Connection: keep-alive
X-Robots-Tag: nofollow
Content-Length: 12600
X-Amz-Cf-Id: rL_rWSULEcH5uw9QM6yt76gWxrsNJc8Uuh3gbLuHTS2YF22YEyuyTQ==
Expires: Wed, 10 Jan 2024 01:38:49 GMT

GET
H/1.1 200
OK Blank.gif
www.fox13now.com/styleguide/assets/ 57 B
461 B 8ms
7ms Image
image/gif 13.32.99.93
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.fox13now.com/styleguide/assets/Blank.gif
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-93.fra60.r.cloudfront.net
Software: N/A /
Resource Hash: e4447831baf6690d632168390edfd95679cb7b5a09aec2c54d47b0a2343e54aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Wed, 24 Aug 2022 00:17:08 GMT
Via: 1.1 fa8c9f29fb8ef5c537a2a53f4de05240.cloudfront.net (CloudFront)
Server: N/A
X-Amz-Cf-Pop: FRA60-P3
Age: 15983621
X-Cache: Hit from cloudfront
Content-Type: image/gif;charset=UTF-8
Cache-Control: public, max-age=31536000
Connection: keep-alive
Content-Length: 57
X-Amz-Cf-Id: 8PxvH5SkWvrvpFD8EA20QjfqAyGvBmx7h1wHcfzHl1WT4bxWYBa6Uw==

GET
H/1.1 200
OK /
ewscripps.brightspotcdn.com/dims4/default/43aedef/2147483647/strip/true/crop/1280x720+0+0/resize/1280x720!/format/webp/quality/90/ 81 KB
82 KB 291ms
291ms Image
image/webp 65.9.66.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ewscripps.brightspotcdn.com/dims4/default/43aedef/2147483647/strip/true/crop/1280x720+0+0/resize/1280x720!/format/webp/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2F4e%2F44%2F8b76c25f473093b130f7f52df25a%2Fjeff-t.%20Green.jpg
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-23.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 3ad36bb49239b3d32df10dc97841cb24dd28a8bca96ee95a57f4972d9b607976

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sat, 25 Feb 2023 00:10:49 GMT
Via: 1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)
Server: Apache
X-Amz-Cf-Pop: FRA56-C1
ETag: 8f84e9a0fd2eafda378223eeca331a51
X-Cache: Miss from cloudfront
Content-Type: image/webp
Edge-Control: downstream-ttl=31536000
Cache-Control: max-age=31536000, public
Connection: keep-alive
X-Robots-Tag: nofollow
Content-Length: 83212
X-Amz-Cf-Id: H0waDx5pOzD5oEEvu_EnFwkFiqv4aYR6C18thN-xWzIQ5379xJS-wg==
Expires: Sun, 25 Feb 2024 00:10:49 GMT

GET
H/1.1 200
OK /
ewscripps.brightspotcdn.com/dims4/default/cabd33d/2147483647/strip/true/crop/720x720+280+0/resize/300x300!/quality/90/ 16 KB
17 KB 12ms
11ms Image
image/jpeg 65.9.66.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ewscripps.brightspotcdn.com/dims4/default/cabd33d/2147483647/strip/true/crop/720x720+280+0/resize/300x300!/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2Ff9%2Fc8%2Fbe6d1e8f4eb2a9ab227d4653983e%2Fjeff-tavss-headshot.jpg
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-23.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: a78eee44a33280cae70b7fade38a0ea36d2d3c34252c8fffe9e5d91aaf463a0c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Mon, 23 Jan 2023 09:13:13 GMT
Via: 1.1 46546eb404789d29bf372f6a3fe43876.cloudfront.net (CloudFront)
Server: Apache
X-Amz-Cf-Pop: FRA56-C1
Age: 2818656
ETag: 432c028acf64b6afb081594ce3fc408d
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Edge-Control: downstream-ttl=31536000
Cache-Control: max-age=31536000, public
Connection: keep-alive
X-Robots-Tag: nofollow
Content-Length: 16702
X-Amz-Cf-Id: H54WgcNSUnTONoFnF8ctz9raslGrXvZkbMZODwawKJXzfZeLbFuJhg==
Expires: Tue, 23 Jan 2024 09:13:13 GMT

GET
H2 200 outbrain.js Show response
widgets.outbrain.com/ 196 KB
71 KB 148ms
26ms Script
application/x-javascript 2.18.37.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/outbrain.js
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.37.67 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-37-67.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: bdc98241e6678e30358cea21ee478e7b3dad4be0291091a16961ba15ceb91217

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 00:10:49 GMT
content-encoding: gzip
last-modified: Wed, 22 Feb 2023 11:49:44 GMT
etag: "23-p1HhavKaSucBbGkz48dQeQbU3Ps"
vary: Accept-Encoding
edge-cache-tag: widget-cheetah
content-type: application/x-javascript
access-control-allow-origin: *
access-control-allow-methods: GET,POST
cache-control: max-age=14500
access-control-allow-credentials: false
x-traceid: ff406b78e55ba8a28b503d44f4a1c6c3
timing-allow-origin: *, *
content-length: 71760
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H/1.1 200
OK /
ewscripps.brightspotcdn.com/dims4/default/f6058f7/2147483647/strip/true/crop/480x360+0+0/resize/480x360!/format/webp/quality/90/ 14 KB
15 KB 25ms
12ms Image
image/webp 65.9.66.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ewscripps.brightspotcdn.com/dims4/default/f6058f7/2147483647/strip/true/crop/480x360+0+0/resize/480x360!/format/webp/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2F0b%2F0c%2F0184c2f44e4783b067c6ee93fcc0%2Ffox13webad.jpg
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-23.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: 7e03ea05c599640f6d1a683302bec77bcd06d63d0a41c3df4867637835876dd9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Fri, 20 Jan 2023 02:24:11 GMT
Via: 1.1 46546eb404789d29bf372f6a3fe43876.cloudfront.net (CloudFront)
Server: Apache
X-Amz-Cf-Pop: FRA56-C1
Age: 3102398
ETag: fb0cc7192b8850a1be784ebef7161f2e
X-Cache: Hit from cloudfront
Content-Type: image/webp
Edge-Control: downstream-ttl=31536000
Cache-Control: max-age=31536000, public
Connection: keep-alive
X-Robots-Tag: nofollow
Content-Length: 14718
X-Amz-Cf-Id: OkrMlwcdjGJMltw2A5DY2u8gklWBjgzctl0fyG2yL_LQN056HWXqFw==
Expires: Sat, 20 Jan 2024 02:24:11 GMT

GET
H/1.1 200
OK logo-scripps.png
assets.scrippsdigital.com/cms/images/ 3 KB
4 KB 153ms
7ms Image
image/png 18.66.122.56
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.scrippsdigital.com/cms/images/logo-scripps.png
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.122.56 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-56.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d66c157e60a88623fc6bb87393d303096b3a2db235ad33c1cdb80ed71ee38c42

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: 8lNexGmb6tKD4SPVOeXslwnzBtFWYJoV
Date: Fri, 24 Feb 2023 03:55:47 GMT
Via: 1.1 b3bfeb8eb7405a05775de8861a4d117c.cloudfront.net (CloudFront)
Last-Modified: Mon, 23 Oct 2017 14:04:11 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA60-P2
Age: 72903
ETag: "f46791d665054bf21da09492d448e1d2"
X-Cache: Hit from cloudfront
Content-Type: image/png
x-amz-replication-status: COMPLETED
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3532
X-Amz-Cf-Id: BVRIvXI1ga5JwJ80hOcpsONwbzaP3krS7H7EpliJ2ADUEjoxOsOjdA==

GET
H/1.1 200
OK All.min.b230d564f9d7c352c50715a12ab5d7f7.gz.js Show response
ewscripps.brightspotcdn.com/resource/00000186-74a3-db11-a186-f4e7adc10000/styleguide/ 439 KB
103 KB 27ms
9ms Script
text/javascript 65.9.66.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ewscripps.brightspotcdn.com/resource/00000186-74a3-db11-a186-f4e7adc10000/styleguide/All.min.b230d564f9d7c352c50715a12ab5d7f7.gz.js
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-23.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5885f27080593c5739bbc91069cb575aaae5a633398313c16521f2f35c6d77c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Tue, 21 Feb 2023 15:42:13 GMT
Content-Encoding: gzip
Via: 1.1 f58d1aa3b3b084adbea41c7523e2047e.cloudfront.net (CloudFront)
Last-Modified: Tue, 21 Feb 2023 15:42:12 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA56-C1
Age: 289717
ETag: "d4fd9fbd6ced7e3e7838c6e7504ca8b0"
X-Cache: Hit from cloudfront
Content-Type: text/javascript
Cache-Control: public, max-age=31536000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 104882
X-Amz-Cf-Id: dMCVv_f6Gz0-j5y6fZhXO43B_He2sqoZuI_DlmZyD0Gkcszi-SjlAg==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 150 KB
48 KB 139ms
55ms Script
application/javascript 2a00:1450:4001:831::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5QBX3CF

Requested by

Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

fed003773723ba3dfc4e75ab722e39b2ea22b8757418fc66cd5e3afc08d492af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 00:10:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 49074
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 25 Feb 2023 00:10:49 GMT

GET
H2 202 6d6d25e3-5be4-444b-82ae-a8f0bb892234
analyticssystems.net/api/v2/client/impression/ 0
542 B 176ms
128ms Image
text/plain 2606:4700:3032::ac43:cb69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analyticssystems.net/api/v2/client/impression/6d6d25e3-5be4-444b-82ae-a8f0bb892234?rand=903377
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:cb69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 00:10:49 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IwWwqUMTlP0AN60Z%2BEOyotBSKyzwMxVJMWea%2BVbh1bRG8vl5smem6Mpovi1VrT090OEdlGOcJhIGvMg2enDt8RfJdpMjh%2FpG9htNWJCssGL5M5qMXBc4c6zGPH1I9uK%2BM30hhkvDNMKdUUSLmYn4XA0m3A%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
cf-ray: 79ec385d29cdbb5c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-request-id: F0boxlnhYPFP-tQFq4sB

GET
H2 404 000000.json Show response
cdn.cookielaw.org/consent/000000/ 215 B
576 B 51ms
37ms XHR
application/xml 2606:4700::6813:bc61
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.cookielaw.org/consent/000000/000000.json

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:bc61 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ed64e10f773861c3b4a3671ed71c3a93c3aa77afc67df68c3b9eed6a3876717

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 00:10:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
content-type: application/xml
access-control-allow-origin: *
x-ms-request-id: 24f2049c-101e-0146-4eac-484025000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=86400
x-ms-version: 2009-09-19
cf-ray: 79ec385c5a309073-FRA
expires: Sun, 26 Feb 2023 00:10:49 GMT

GET
H2 200 dnsfeed Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/location/ 75 B
252 B 61ms
24ms Script
text/javascript 2606:4700:4400::6812:2b9e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location/dnsfeed

Requested by

Host: cdn.cookielaw.org
URL: https://cdn.cookielaw.org/opt-out/otCCPAiab.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:2b9e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e949e0ba546cccd944b7fc64ebc3f97123638dd1b3af8eec5732cd599c2ed46

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 00:10:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
cf-ray: 79ec385d1f3936de-FRA
vary: Accept-Encoding
content-type: text/javascript

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 193 KB
47 KB 65ms
8ms Script
application/javascript 52.222.209.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.209.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-209-55.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a661f8f8090e763d9e46c3b0745a402070fc823d3cf116aba6c2ad0287282d62

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 00:06:01 GMT
content-encoding: gzip
via: 1.1 cb0a9b0d01a1b0cc9278d9875ce23c92.cloudfront.net (CloudFront), 1.1 e41703af87be84ac95b3cadf9d8dd470.cloudfront.net (CloudFront)
last-modified: Wed, 22 Feb 2023 21:38:32 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-P3
age: 289
x-amz-server-side-encryption: AES256
etag: W/"0d9f2b192f61b596888847da998647d3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: yMOoH8TYQDvGpC3AArZF6XYbBlbhNh7ErOhWZ8VtWwWdgktFaE95_g==

GET
H2 200 clientag.js Show response
warp.media.net/js/tags/ 463 KB
145 KB 78ms
38ms Script
text/javascript 23.35.228.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://warp.media.net/js/tags/clientag.js?cid=8CU2N1270&dn=www.fox13now.com&version=1

Requested by

Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.35.228.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-35-228-23.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

e93eb3b104d528ed24faede2f8d79a65eb9b9c85366ae010c146b1db39d51607

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=604800
content-encoding: gzip
date: Sat, 25 Feb 2023 00:10:49 GMT
server: Apache
etag: 3761406462436095424
vary: Accept-Encoding
x-mnet-h: E
content-type: text/javascript; charset=utf-8
cache-control: max-age=1800
expires: Sat, 25 Feb 2023 00:40:49 GMT

GET
H2 200 p.css
p.typekit.net/ 5 B
195 B 85ms
7ms Stylesheet
text/css 2a02:26f0:3500:16::215:1495
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=tsu4adm&ht=tk&f=137.138.139.140.169.170.171.172.175.176.141.142.143.144.147.148.151.152.153.154.155.156.157.160.161.162.165.166.167.168&a=15199297&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/tsu4adm.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:1495 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

unused62: 8096267
date: Sat, 25 Feb 2023 00:10:49 GMT
last-modified: Sat, 16 Oct 2021 08:18:43 GMT
server: nginx
etag: "616a8ae3-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 40ms
9ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

46a87306a983909ac9dd23e2a2c6fbb8c074fe248e29bdcf14edfc53305ed6fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 25 Feb 2023 00:10:49 GMT
content-md5: mA2petpYYlzxBD/Efouq7A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1690
x-fb-rlafr: 0
x-fb-debug: LawHDRrzICOqCz3jOsncfmzFUNwRvG+fj34mARjo8dQ5KvYCw+wibHxxQZmSTCDPq2GG+oG2Ij2lkWjNFa+Cmw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 686109401
x-fb-content-md5: 77c54fd5fb16ae39326c04c59f428eb7
cross-origin-opener-policy: same-origin-allow-popups
etag: "816a79801aeb36ddecbb5a042a6e9c89"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Sat, 25 Feb 2023 00:12:14 GMT

GET
H2 200 ua-sdk.min.js Show response
aswpsdkus.com/notify/v1/ 229 KB
42 KB 52ms
14ms Script
application/javascript 34.160.158.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://aswpsdkus.com/notify/v1/ua-sdk.min.js
Requested by: Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.160.158.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.158.160.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: e835935305be6950382340969d92b7c46f7b87048eca4c9f537c335a42293e9b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 00:06:27 GMT
content-encoding: gzip
age: 262
x-guploader-uploadid: ADPycds0z4LHwFRU96xEe2sXTYT99AjpV8Xgzb2mRvN0FKYAMOpGqrp1JXB2pQIXOCgJMW_fBzZq9kUPDRYdG6OAvQdxFwcnMsg3
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42942
last-modified: Tue, 10 Jan 2023 17:22:34 GMT
server: UploadServer
etag: "1cda07a2bbc55dcaf684954e7d897c40"
x-goog-generation: 1673371354401478
x-goog-hash: crc32c=CzJWog==, md5=HNoHorvFXcr2hJVOfYl8QA==
content-type: application/javascript
cache-control: public,max-age=300,no-transform
x-goog-stored-content-length: 42942
accept-ranges: bytes
expires: Sat, 25 Feb 2023 00:11:27 GMT

GET
H2 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.1.0/webfonts/ 58 KB
59 KB 15ms
13ms Font
font/woff2 2606:4700:e2::ac40:840f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.1.0/webfonts/fa-solid-900.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.1.0/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a83079124373d924ad1402fbc08d2e24d0043234d4c26565f1c368745f55f5d9

Request headers

Referer: https://use.fontawesome.com/releases/v5.1.0/css/all.css
Origin: https://www.fox13now.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 00:10:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: S9KRTYTZC3022FR3
age: 759634
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 59572
x-amz-id-2: JrV4CcvxjutCEdKFo0vO7O/0Td7g2+zrhBUbTgX0NMr+M0NeKGq4QlrCHZ1/bih/P8XzuCAPx9Uh6kWSYF+rBg==
last-modified: Wed, 30 Jun 2021 15:30:49 GMT
server: cloudflare
etag: "18d2347ab2a9f40ca2247cdb03303d84"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EXEw5NwNeWPvvWkWrBYWlkC0vpeaBEaGT8KFjM1mWtabGpwlkFdy%2BqH4aQzHB%2FBdwgJ%2F3yntXpV%2Byo4tTdb7byoCvICTRTflwgvQKoBNYjLiC0sa3TRna%2FvDR%2BidKN%2Ffxc959ZUFfQaR2eSGsladhS2%2B"}],"group":"cf-nel","max_age":604800}
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 79ec385cfc669213-FRA

GET
H2 200 l
use.typekit.net/af/8738d8/00000000000000007735e611/30/ 16 KB
17 KB 34ms
6ms Font
application/font-woff2 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/8738d8/00000000000000007735e611/30/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=n8&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/tsu4adm.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 5d8f24de649d274c051960845b51a0407362d6b4c80de23985e648d3378708f5

Request headers

Referer: https://use.typekit.net/tsu4adm.css
Origin: https://www.fox13now.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 00:10:49 GMT
server: nginx
etag: "a5565f97e4389f39e94f7880b2c8088023e4d88a"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 16880

GET
H2 200 l
use.typekit.net/af/efe4a5/00000000000000007735e609/30/ 16 KB
16 KB 34ms
7ms Font
application/font-woff2 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/efe4a5/00000000000000007735e609/30/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/tsu4adm.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: b4096925f34c85d0c0e934ad77c44165dcd66fecc354c153784d246f00911da5

Request headers

Referer: https://use.typekit.net/tsu4adm.css
Origin: https://www.fox13now.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 00:10:49 GMT
server: nginx
etag: "ef52ad3657e4d4a42c21db6c00d5c7ccc649bc94"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 16560

GET
H3 200 fa-brands-400.woff2
use.fontawesome.com/releases/v5.1.0/webfonts/ 62 KB
63 KB 22ms
22ms Font
font/woff2 2606:4700:e2::ac40:840f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.1.0/webfonts/fa-brands-400.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.1.0/css/all.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62b5e7ae9e2ed60dcd7cb2e0823dd0884575f2176aff629f2df1e912dfae20e1

Request headers

Referer: https://use.fontawesome.com/releases/v5.1.0/css/all.css
Origin: https://www.fox13now.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 00:10:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 4SBYJBS7BT5GS1TA
age: 13
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 63376
x-amz-id-2: ypxlp4baJ0AmUP+Y7Tw7kP38xczgx7lNMJZzeHWbS21lvgUoc20tHQQH1evGEGU1F8gj4/cxZ7g=
last-modified: Wed, 30 Jun 2021 15:30:49 GMT
server: cloudflare
etag: "f319eac1c755f9929fd856720ce1695e"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oNFrQPk%2BbLzVIQyxIp5a4EtO0YQgzxlXfx5W2VYweIq8aGXn4UQAsvBguhldCA%2FHV24gkgL40S0kTj%2BeqdzqOPHphfKc2WIZjUycCCRuBG%2FmXfO1Vd5cbrMnjQNTjTpZoE9hroyRkcSJtFPs4R0JY4UY"}],"group":"cf-nel","max_age":604800}
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 79ec385d682bbb8b-FRA

GET
H2 200 l
use.typekit.net/af/3322cc/00000000000000007735e616/30/ 17 KB
17 KB 9ms
8ms Font
application/font-woff2 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/3322cc/00000000000000007735e616/30/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=i4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/tsu4adm.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: fdcb74f626ef8f1059c0e3bd503017b8fdda4a54afcc26a4da734f5fd5c7a87a

Request headers

Referer: https://use.typekit.net/tsu4adm.css
Origin: https://www.fox13now.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 00:10:49 GMT
server: nginx
etag: "71f986ad2b4d0b6a0e5a056380e0c8c577137ae8"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 17212

GET
H2 200 l
use.typekit.net/af/2555e1/00000000000000007735e603/30/ 16 KB
17 KB 10ms
9ms Font
application/font-woff2 2a02:26f0:3500:16::215:14a0
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/2555e1/00000000000000007735e603/30/l?primer=7fa3915bdafdf03041871920a205bef951d72bf64dd4c4460fb992e3ecc3a862&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/tsu4adm.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:14a0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 81a6361b1f6ff5f9f6ca05b773fb993d7b7b3f668635ccba4379fa3ecb9a7e3e

Request headers

Referer: https://use.typekit.net/tsu4adm.css
Origin: https://www.fox13now.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 00:10:49 GMT
server: nginx
etag: "96c7595dad6bb306bf9cc4c7a3b3d28654c7d636"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 16832

GET
H2 200 p.js Show response
cdn.parsely.com/keys/fox13now.com/ 66 KB
23 KB 273ms
237ms Script
application/javascript 65.9.61.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.parsely.com/keys/fox13now.com/p.js
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.61.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-61-60.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 1e07e272734d4232d604835b00dfb9847c36a95e2fb6a01458590618e2bbcc77

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: public
date: Sat, 25 Feb 2023 00:10:50 GMT
content-encoding: gzip
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
last-modified: Mon, 22 Feb 2021 19:24:27 GMT
server: nginx
x-amz-cf-pop: FRA56-C1
etag: W/"603404eb-10711"
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: max-age=86400, public
x-amz-cf-id: zRPMKyf8wNTx1jwNoYCOExR8wZ_xGzWUs5QAirs9ba9labjgcJbfAg==
expires: Sun, 26 Feb 2023 00:10:50 GMT

GET
H2

200

connatix.playspace.dc.js Show response
cds.connatix.com/p/233833/ Frame 3A0B
Redirect Chain

https://cd.connatix.com/connatix.playspace.js
https://cds.connatix.com/p/233833/connatix.playspace.dc.js?tier=1

1 MB
268 KB

82ms
7ms

Script
application/javascript

151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/233833/connatix.playspace.dc.js?tier=1
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H2
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: a360211799721abb9900beceede6dbbea3b0c5ea3da2181163929afcd16a3ab0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 00:10:50 GMT
content-encoding: br
last-modified: Fri, 24 Feb 2023 14:53:08 GMT
age: 32762
etag: "6b7a1271a982aaa008ae766b42d45d55"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 273867

Redirect headers

date: Sat, 25 Feb 2023 00:10:50 GMT
cf-cache-status: DYNAMIC
server: cloudflare
surrogate-control: no-cache, no-store, must-revalidate, max-age=0
vary: Accept-Encoding
location: https://cds.connatix.com/p/233833/connatix.playspace.dc.js?tier=1
cache-control: no-cache, no-store, must-revalidate, max-age=0
cf-ray: 79ec385e491568f2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0

GET
H/1.1 200
OK /
ewscripps.brightspotcdn.com/dims4/default/02cc935/2147483647/strip/true/crop/1280x720+0+0/resize/1280x720!/quality/90/ 124 KB
125 KB 143ms
143ms Image
image/jpeg 65.9.66.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ewscripps.brightspotcdn.com/dims4/default/02cc935/2147483647/strip/true/crop/1280x720+0+0/resize/1280x720!/quality/90/?url=http%3A%2F%2Fewscripps-brightspot.s3.amazonaws.com%2F4e%2F44%2F8b76c25f473093b130f7f52df25a%2Fjeff-t.%20Green.jpg
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-23.fra56.r.cloudfront.net
Software: Apache /
Resource Hash: bd6cafb0d9f0509d461f9b8845027ecb7f5385ee273346f5f44efd2b328afdb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sat, 25 Feb 2023 00:10:49 GMT
Via: 1.1 f58d1aa3b3b084adbea41c7523e2047e.cloudfront.net (CloudFront)
Server: Apache
X-Amz-Cf-Pop: FRA56-C1
ETag: 8abdd9b88cc8d2da8c2022d32c3e8063
X-Cache: Miss from cloudfront
Content-Type: image/jpeg
Edge-Control: downstream-ttl=31536000
Cache-Control: max-age=31536000, public
Connection: keep-alive
X-Robots-Tag: nofollow
Content-Length: 127179
X-Amz-Cf-Id: FBoSbjnZlOGpsP_PG4P8NszZEYbq37MkwJW3xCQrOdf7aYcGIZHAsQ==
Expires: Sun, 25 Feb 2024 00:10:49 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 301 KB
85 KB 18ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=53a4f711083246951477058d8f147657

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

61fc845af19015ad342381666a72c1dfdb3203898ee3909ca83edb3354b44f2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.fox13now.com/
Origin: https://www.fox13now.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 25 Feb 2023 00:10:49 GMT
content-md5: L1N7GqNG2aO3TJeP6uaSAw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87016
x-fb-rlafr: 0
x-fb-debug: 4CWY6ePj0euyWJ2ZscXYK6f1nRm2lN0oZhrjX1LJY670m722p/Bba4psVScE7IkFn/CKUQEd2wWAk0EwNpTwWQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 6b5421f1fe6d63d7e03a8a97f7262a84
cross-origin-opener-policy: same-origin-allow-popups
etag: "207be0472d702edaaff146979143e382"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Sat, 24 Feb 2024 20:47:11 GMT

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 563 B
920 B 9ms
8ms XHR
application/json 52.222.209.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3295&u=https%3A%2F%2Fwww.fox13now.com
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.209.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-209-55.fra56.r.cloudfront.net
Software: Server /
Resource Hash: d50cc29cdb5193f9c74cd85af53aeeae41d67aeedc5a0229b623d18c3f665ef4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 21:35:03 GMT
via: 1.1 e41703af87be84ac95b3cadf9d8dd470.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-P3
age: 9346
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.fox13now.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 563
x-amz-cf-id: iNNGHmQHQtehrWj0mGrsOVQwf1o0guLeLVnx7ic8wfABzeHgFlwTlA==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 24ms
7ms XHR
application/javascript 52.222.209.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.209.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-209-55.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: pfXD8LfbTWwWYbVa8nASYbe6_QUldhGN
content-encoding: gzip
via: 1.1 bfad099b4e1fa2ec7d21876e0293dc20.cloudfront.net (CloudFront)
date: Fri, 24 Feb 2023 04:25:03 GMT
x-amz-cf-pop: FRA56-P3
age: 71147
x-cache: Hit from cloudfront
last-modified: Wed, 15 Feb 2023 23:43:01 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: RU2h6MhUMzhv2sGZijdUWCES-5Xw4roK1vuix8BN41c4_w_dDaYJIg==

GET
H2 200 checksync.php Show response
hbx.media.net/ Frame EAB0 22 KB
8 KB 113ms
33ms Document
text/html 23.203.124.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://hbx.media.net/checksync.php?cid=8CU2N1270&cs=16&cv=37&hb=1&vsSync=1&refUrl=&gdpr=1&gdprconsent=0&usp_status=0&usp_consent=0&coppa=1

Requested by

Host: warp.media.net
URL: https://warp.media.net/js/tags/clientag.js?cid=8CU2N1270&dn=www.fox13now.com&version=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.203.124.21 Vienna, Austria, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-203-124-21.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

58e22316f7732bc53e76e01ebacb75647d698faf70187aa79910abf1296bd687

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400 ; includeSubDomains max-age=604800

Request headers

Referer: https://www.fox13now.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=172800
content-encoding: gzip
content-length: 8020
content-type: text/html; charset=UTF-8
date: Sat, 25 Feb 2023 00:10:50 GMT
expires: Mon, 27 Feb 2023 00:10:50 GMT
server: Apache
strict-transport-security: max-age=86400 ; includeSubDomains max-age=604800
vary: Accept-Encoding
x-mnet-hl2: E

OPTIONS
H2 200 /
api.ewscloud.com/prod/scheduler/v1/com.fox13now/schedules/current/ Frame 0
0 182ms
102ms Preflight
application/json 65.9.66.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ewscloud.com/prod/scheduler/v1/com.fox13now/schedules/current/?type=web
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-75.fra56.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization
Access-Control-Request-Method: GET
Origin: https://www.fox13now.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: GET,OPTIONS
access-control-allow-origin: *
content-length: 0
content-type: application/json
date: Sat, 25 Feb 2023 00:10:50 GMT
via: 1.1 3dd91613764eafe7ad199013ce202442.cloudfront.net (CloudFront)
x-amz-apigw-id: A3nBoH14IAMFpmQ=
x-amz-cf-id: 0Bdznimb6tSorhC6Gi8e5tLei99rhpzWLOrTF0FrIp8McLHJhdp8Qg==
x-amz-cf-pop: FRA56-C1
x-amzn-requestid: 1c6def4e-b639-484e-8536-49511a1ca2ea
x-amzn-trace-id: Root=1-63f9520a-3d9bd43e435fdc167c842b4f
x-cache: Miss from cloudfront

GET
H/1.1 200
OK weather Show response
www.fox13now.com/ 80 KB
81 KB 17ms
16ms Fetch
application/json 13.32.99.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fox13now.com/weather?_renderer=json

Requested by

Host: ewscripps.brightspotcdn.com
URL: https://ewscripps.brightspotcdn.com/resource/00000186-74a3-db11-a186-f4e7adc10000/styleguide/All.min.b230d564f9d7c352c50715a12ab5d7f7.gz.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-93.fra60.r.cloudfront.net

Software

N/A / Brightspot

Resource Hash

029492cd4e517e07e67dfb5c183428fe5d819a14dc3f2cc8971ca0b2621218a0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://cms.scrippsdigital.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors 'self' https://cms.scrippsdigital.com
Date: Sat, 25 Feb 2023 00:08:58 GMT
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Via: 1.1 fa8c9f29fb8ef5c537a2a53f4de05240.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA60-P3
Age: 112
X-Powered-By: Brightspot
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Server: N/A
Content-Type: application/json;charset=UTF-8
Cache-Control: max-age=240
X-Robots-Tag: nofollow
X-Amz-Cf-Id: EKoznA8MO9YSzaE9agXLsumRhguDzLZ_Wf5kwprVv6W2MG3VQH7YHw==

GET
H/1.1 200
OK breaking-news-alerts Show response
www.fox13now.com/ 68 KB
69 KB 31ms
14ms Fetch
application/json 13.32.99.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fox13now.com/breaking-news-alerts?_renderer=json

Requested by

Host: ewscripps.brightspotcdn.com
URL: https://ewscripps.brightspotcdn.com/resource/00000186-74a3-db11-a186-f4e7adc10000/styleguide/All.min.b230d564f9d7c352c50715a12ab5d7f7.gz.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-93.fra60.r.cloudfront.net

Software

N/A / Brightspot

Resource Hash

204d60b3d8e31b6b5c5e4980a521c5284b8740f053a475b0894edddaee6b1220

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://cms.scrippsdigital.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors 'self' https://cms.scrippsdigital.com
Date: Sat, 25 Feb 2023 00:08:34 GMT
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Via: 1.1 68b2682a924ac399aa2724b5b439e75c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA60-P3
Age: 135
X-Powered-By: Brightspot
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Server: N/A
Content-Type: application/json;charset=UTF-8
Cache-Control: max-age=240
X-Robots-Tag: nofollow
X-Amz-Cf-Id: lX4Y_Xk3jgt7NaRqFlUDhiarrRhYOnkM5PmuCdWnI4sC6VIN9mHkKQ==

GET
H/1.1 200
OK alerts Show response
www.fox13now.com/weather/ 66 KB
67 KB 30ms
12ms Fetch
application/json 13.32.99.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fox13now.com/weather/alerts?_renderer=json

Requested by

Host: ewscripps.brightspotcdn.com
URL: https://ewscripps.brightspotcdn.com/resource/00000186-74a3-db11-a186-f4e7adc10000/styleguide/All.min.b230d564f9d7c352c50715a12ab5d7f7.gz.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-93.fra60.r.cloudfront.net

Software

N/A / Brightspot

Resource Hash

0b9fae203e249a23d7ced81553d81d0d7323d1a9ea3e87725684e6f49798d915

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://cms.scrippsdigital.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Security-Policy: frame-ancestors 'self' https://cms.scrippsdigital.com
X-Content-Type-Options: nosniff
Date: Sat, 25 Feb 2023 00:08:26 GMT
Via: 1.1 39e6266db143f6443f194d8c60e22480.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA60-P3
Age: 143
X-Powered-By: Brightspot
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 67880
Server: N/A
Content-Type: application/json;charset=UTF-8
Cache-Control: max-age=240
X-Robots-Tag: nofollow
X-Amz-Cf-Id: ui0xKPiREE1ULi_YDRKJ1P5qpZsLt1cbzpge9NE9CczT1iCdbohgig==

GET
H/1.1 404
Not Found school-closings-delays Show response
www.fox13now.com/weather/ 63 KB
63 KB 29ms
12ms Fetch
application/json 13.32.99.93
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fox13now.com/weather/school-closings-delays?_renderer=json

Requested by

Host: ewscripps.brightspotcdn.com
URL: https://ewscripps.brightspotcdn.com/resource/00000186-74a3-db11-a186-f4e7adc10000/styleguide/All.min.b230d564f9d7c352c50715a12ab5d7f7.gz.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

13.32.99.93 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-99-93.fra60.r.cloudfront.net

Software

N/A / Brightspot

Resource Hash

0729926a3ab32e823402b118b0c2644485c51972d27a8b5e8c8d4d590bad53b4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://cms.scrippsdigital.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Security-Policy: frame-ancestors 'self' https://cms.scrippsdigital.com
Date: Sat, 25 Feb 2023 00:08:34 GMT
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Via: 1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA60-P3
Age: 135
X-Powered-By: Brightspot
Transfer-Encoding: chunked
X-Cache: Error from cloudfront
Connection: keep-alive
Server: N/A
Content-Type: application/json;charset=UTF-8
Cache-Control: max-age=240
X-Robots-Tag: nofollow
X-Amz-Cf-Id: mOq2cEQ4H6c_tysH2YKGETrJlsu31uDgrfJMVeIN2YYmR0lKlY4K0Q==

GET
H2 200 / Show response
api.ewscloud.com/prod/scheduler/v1/com.fox13now/schedules/current/ 7 KB
8 KB 461ms
461ms Fetch
application/json 65.9.66.75
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.ewscloud.com/prod/scheduler/v1/com.fox13now/schedules/current/?type=web
Requested by: Host: ewscripps.brightspotcdn.com
URL: https://ewscripps.brightspotcdn.com/resource/00000186-74a3-db11-a186-f4e7adc10000/styleguide/All.min.b230d564f9d7c352c50715a12ab5d7f7.gz.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.75 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-75.fra56.r.cloudfront.net
Software: /
Resource Hash: 6a39bf6101f2f88de6e648bc5f573820f4ad8a44e83379db0ef6340aadc048ca

Request headers

Referer: https://www.fox13now.com/
accept-language: de-DE,de;q=0.9
Authorization: Token bc22df1e0efb4dcb53f2438a4b71da118f05788c
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 00:10:50 GMT
via: 1.1 3dd91613764eafe7ad199013ce202442.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amzn-trace-id: Root=1-63f9520a-562b795918537b085a073c76
x-amzn-requestid: 327122e6-785c-4cc6-a3de-5b87a2ff131a
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: *
x-amz-apigw-id: A3nBpFFloAMFx6w=
content-length: 7613
x-amz-cf-id: gghCX5ypLoQ8GrrdfUnWxKTJwrR52kEu-fJK-fZxLFAHjW0S3bh2EQ==

GET
H2

200

tag Show response
btloader.com/
Redirect Chain

https://btloader.com/tag?aax_id=AAX21O2VJ&upapi=true
https://btloader.com/tag?o=5107371200741376&upapi=true

19 KB
7 KB

24ms
24ms

Script
application/javascript

2606:4700:20::681a:68b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://btloader.com/tag?o=5107371200741376&upapi=true
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H2
Server: 2606:4700:20::681a:68b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1d0d1d3b605411b5c3dafe133a2d58bc43cff20eb9a2999bb5c9ab2b942aafb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 00:10:50 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 24 Feb 2023 23:36:35 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1874
etag: W/"d52dd0675421513c946221fdddd75400"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FV74TEqvbJbI%2BRO4GEDRgPQ%2FLW7w5lfhStbn%2BPbRpyulsFNBOa591NL4WOhBOJS1B6lXqL7vbINHgkHWn1lZ%2FqEP5sJgBovQOv8SsfiGovCFaJqBppcKJ6aE5Icu3UdrnwYP2RvRXJR7Ow%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
cf-ray: 79ec385f9ecc909a-FRA

Redirect headers

date: Sat, 25 Feb 2023 00:10:50 GMT
via: 1.1 google
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1874
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2KUT0FDZnm2Y86tTVnr9m79vzKOa%2Br2GJzAYMQM%2BUQREgOUiYAqHdjcH0v5ccpNyVfjIIicWdqSh7m%2FRSoQrvJFAWuB%2FA71DhYeBdJbJin9FF3TED3vUnn3hG1CFCLKR1Io7yZEFvOtveQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
location: /tag?o=5107371200741376&upapi=true
cache-control: public, max-age=3600, must-revalidate
cf-ray: 79ec385f6e8a909a-FRA

POST
H2 200 recordVendorsLoaded Show response
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ 0
453 B 112ms
112ms XHR
text/plain 54.83.185.72
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.83.185.72 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-83-185-72.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.fox13now.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Sat, 25 Feb 2023 00:10:50 GMT
content-length: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

OPTIONS
H2 200 recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ Frame 0
0 342ms
108ms Preflight 54.83.185.72
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.83.185.72 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-83-185-72.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.fox13now.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length: 0
date: Sat, 25 Feb 2023 00:10:50 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H/1.1 200
OK d3d3LmZveDEzbm93LmNvbQ== Show response
tcheck.outbrainimg.com/tcheck/check/ 15 B
462 B 150ms
24ms XHR
application/json 23.203.125.156
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tcheck.outbrainimg.com/tcheck/check/d3d3LmZveDEzbm93LmNvbQ==
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.203.125.156 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-125-156.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sat, 25 Feb 2023 00:10:50 GMT
ETag: W/"f-ayLlCL3PuzXSThdu78iReSEjl6Y"
Access-Control-Max-Age: 43200
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=11748
Access-Control-Allow-Credentials: false
Connection: keep-alive
X-TraceId: 7226245cb2f89387596d0fd553e1023b
Content-Length: 15
Expires: Sat, 25 Feb 2023 03:26:38 GMT

GET
H2 200 px.gif
widget-pixels.outbrain.com/widget/detect/ 43 B
380 B 26ms
18ms Image
image/gif 2.18.37.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.37.67 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-37-67.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

expires: Mon, 27 Mar 2023 00:10:50 GMT
date: Sat, 25 Feb 2023 00:10:50 GMT
last-modified: Wed, 30 Sep 2020 14:22:29 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 43
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 115ms
35ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5QBX3CF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 24 Feb 2023 22:54:44 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 4566
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Sat, 25 Feb 2023 00:54:44 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 4 KB
2 KB 71ms
8ms Script
application/javascript 13.32.99.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-90.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 00:58:11 GMT
content-encoding: gzip
via: 1.1 b4904c5988fd0eaae341a12cc47f3766.cloudfront.net (CloudFront)
last-modified: Tue, 28 Jun 2022 13:19:23 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 83560
etag: W/"eaf85c1c6758e84acfe134efd70e9373"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: 5uzJH2EOf2gpjK-zTHChUgSp31rVOHbT_JK-DKobc3maWSWd3vpEKw==

GET
H2 200 overcast.png
static.ewscloud.com/weathercenter/prod/static/weathericons/daytime/ 3 KB
3 KB 92ms
22ms Image
image/png 2600:9000:206f:1a00:10:618e:d880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ewscloud.com/weathercenter/prod/static/weathericons/daytime/overcast.png
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:1a00:10:618e:d880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 727f93b09ab81ccfabda8af76bbd53e3e99a3eafce122b52fac24f9e13872e33

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: F4ZlcKxOfXJzACRUt6Eu47sqkrqYopb2
date: Sat, 25 Feb 2023 00:10:50 GMT
via: 1.1 d947c3ab534102b2c9a7f0a4541d2ed8.cloudfront.net (CloudFront)
last-modified: Tue, 20 Sep 2022 14:29:45 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 200
etag: "472ec61e8e2a117758a265abc1d2d247"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=86400
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 3167
x-amz-cf-id: HsI-gcGbRpMSUkaDnfu9MfxunxkteFh2XJDj7VAGfzK9O31PUxiQVA==

GET
H2 200 px.gif
ad-delivery.net/ 43 B
866 B 55ms
16ms Image
image/gif 2606:4700:20::681a:246
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=2
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 00:10:50 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2506128
x-guploader-uploadid: ADPycdvnxsZUCITow-aEzYdj5PAK6PWUmVHyfW51PyQoyoaoNKE1jE8O87mS9AUVC8r9vj8GR-dQaqT6cCP-znTQQ5kjEQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Xa1o2s1fTLgcy7GyOrVX4khl7jA8E%2FQM%2BSZd0khcUwOtFhNzaPKl1qqIC7cK7UML6IUQ5DZ%2FPtRlefQaqgtS7oUZNFPeYyfzEUbWVwITv4Nj%2B2eqSOqgep%2BWVXon5bRai8f7cIQCOFjeJwozA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 79ec385ffc8d5ba4-FRA
expires: Fri, 27 Jan 2023 01:02:02 GMT

GET
H2 200 favicon.ico
ad.doubleclick.net/ 1 KB
571 B 136ms
38ms Image
image/x-icon 142.250.185.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250

Requested by

Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f6.1e100.net

Software

sffe /

Resource Hash

d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 12:57:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 40399
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104
x-xss-protection: 0
last-modified: Tue, 08 May 2012 13:08:06 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/x-icon
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 25 Feb 2023 12:57:31 GMT

GET
H2 200 px.gif
ad-delivery.net/ 43 B
341 B 55ms
17ms Image
image/gif 2606:4700:20::681a:246
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad-delivery.net/px.gif?ch=1&e=0.3090143360442865
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 00:10:50 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2506128
x-guploader-uploadid: ADPycdvnxsZUCITow-aEzYdj5PAK6PWUmVHyfW51PyQoyoaoNKE1jE8O87mS9AUVC8r9vj8GR-dQaqT6cCP-znTQQ5kjEQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
content-length: 43
last-modified: Wed, 05 May 2021 19:25:32 GMT
server: cloudflare
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
vary: Accept-Encoding
x-goog-generation: 1620242732037093
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers: *
cache-control: public, max-age=86400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=22x1nYTGTR6OwOOoRdrx%2BTM4dAidCH5JV%2BVpY881rDAZY12wQcmRF9UYm191TYCilu2WLKiQHzouSnWczxua%2FzcnBy5lhaGZaA%2FGdUQGHpOY4%2FFuuhkLLJDzLWRWlseI7N3GZ8iFwAvnqXXKTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 43
accept-ranges: bytes
cf-ray: 79ec38600c8f5ba4-FRA
expires: Fri, 27 Jan 2023 01:02:02 GMT

GET
H2 204 b
sb.scorecardresearch.com/ 0
190 B 9ms
9ms Image
text/plain 13.32.99.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=6036471&cs_it=b3&cv=3.8.0.210223&ns__t=1677283850200&ns_c=UTF-8&c7=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&c8=Billionaire%20Utahn%20to%20give%20away%2090%25%20of%20his%20wealth&c9=
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-90.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 00:10:50 GMT
via: 1.1 b4904c5988fd0eaae341a12cc47f3766.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: kjr8a32LYxPuexXXyUw_SYKbD1NF0slfhtx4fi87zE4HM4gxpiL9Lg==
x-cache: Miss from cloudfront

GET
H/1.1 200
OK /
p1.parsely.com/plogger/ 43 B
259 B 130ms
27ms Image
image/gif 52.17.99.225
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.parsely.com/plogger/?rand=1677283850246&plid=5253087&idsite=fox13now.com&url=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&sref=&sts=1677283850240&slts=0&title=Billionaire+Utahn+to+give+away+90%25+of+his+wealth&date=Sat+Feb+25+2023+00%3A10%3A50+GMT%2B0000+(GMT)&action=pageview&pvid=16700884&u=pid%3D9b5ecf30e08faba0323ded86e3bdfc2c
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.99.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-99-225.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sat, 25 Feb 2023 00:10:50 GMT
Cache-Control: no-cache
Last-Modified: Saturday, 25-Feb-2023 00:10:50 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 placement_invocation Show response
rock.defybrick.com/ 48 KB
18 KB 39ms
8ms Script
text/javascript 2600:9000:206f:1c00:1a:ba5c:3900:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rock.defybrick.com/placement_invocation?id=65349&idx=0
Requested by: Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:1c00:1a:ba5c:3900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Caddy /
Resource Hash: 620bae4f435d4ccd1c611f602c0790871f65d6bf668f6ff2ac716b89285cdc4a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:19:37 GMT
content-encoding: gzip
via: 1.1 35a6ad9a7597ea2f4dacbdb5dc66a66c.cloudfront.net (CloudFront)
server: Caddy
x-amz-cf-pop: FRA56-C1
age: 17473
etag: "bf8f-sbLSqLgrhMmD0M6HbtAQ/QtX6WE"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=43200
content-length: 18460
x-amz-cf-id: vszjisIwqF7lzsBPk5XCbmqEkKFKDB2u-T-I99QZceb3drm_lFf9Vw==
expires: Sat, 25 Feb 2023 07:19:37 GMT

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
1 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 23:52:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1086
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 25 Feb 2023 00:52:44 GMT

GET
H2 200 show_pla Show response
flint.defybrick.com/ 3 KB
2 KB 392ms
134ms Script
text/javascript 2600:1f18:e8a:cd04:9b88:a313:d24d:af44
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://flint.defybrick.com/show_pla?id=65349&url=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&sf=0&k=&idx=0&ch=&ext=&np=win32&nv=google%20inc.&rand=53916698265181661019550671509752030902305500287422208756679264200851&nc=0&tsf=0&tsfmi=&pv=0&cb=1677283850375&ref=&pit=1&hl=2&op=0&fs=1600x1200&ss=1600x1200&pre=0&jsonp=OBR.extern.onCheqResponse&mr=&ag=1037436930&at=&bid=e30%3D&di=W1siZWYiLDYyNDFdLFsxMiwie1wiY3R4XCI6XCJ3ZWJnbDJcIixcInZcIjpcImludGVsIGluYy5c%0D%0AIixcInJcIjpcImludGVsIGlyaXMgb3BlbmdsIGVuZ2luZVwiLFwic2x2XCI6XCJ3ZWJnbCBnbHNs%0D%0AIGVzIDMuMDAgKG9wZW5nbCBlcyBnbHNsIGVzIDMuMCBjaHJvbWl1bSlcIixcImd2ZXJcIjpcIndl%0D%0AYmdsIDIuMCAob3BlbmdsIGVzIDMuMCBjaHJvbWl1bSlcIixcImd2ZW5cIjpcIndlYmtpdFwiLFwi%0D%0AYmVuXCI6NixcIndnbFwiOjEsXCJncmVuXCI6XCJ3ZWJraXQgd2ViZ2xcIixcInNlZlwiOjMyMDI4%0D%0AODQzODksXCJzZWNcIjpcIlwifSJdLFszNywiWzMzMTYyMjQwNDksZnVuY3Rpb24obmV3VmFsdWUp%0D%0AIHtcbiAgICAgICAgICAgICAgYWRkQ29udGVudFdpbmRvd1Byb3h5KHRoaXMpXG4gICAgICAgICAg%0D%0AICAgIC8vIFJlc2V0IHByb3BlcnR5LCB0aGUgaG9vayBpcyBvbmx5IG5lZWRlZCBvbmNlXG4gICAg%0D%0AICAgICAgICAgIE9iamVjdC5kZWZpbmVQcm9wZXJ0eShpZnJhbWUsICdzcmNkb2MnLCB7XG4gICAg%0D%0AICAgICAgICAgICAgY29uZmlndXJhYmxlOiBmYWxzZSxcbiAgICAgICAgICAgICAgICB3cml0YWJs%0D%0AZTogZmFsc2UsXG4gICAgICAgICAgICAgICAgdmFsdWU6IF9zcmNkb2NcbiAgICAgICAgICAgICAg%0D%0AfSlcbiAgICAgICAgICAgICAgX2lmcmFtZS5zcmNkb2MgPSBuZXdWYWx1ZVxuICAgICAgICAgICAg%0D%0AfV0iXSxbLTEsIi0iXSxbLTIsIjEyLGVZRzlYMS9YMXRabFMyMmQ1MXg4WU5ZOU14SlFFTUNkVUJI%0D%0ASkw4NkwyM0FDR1VoQkl3SVNTRUVBY0lKZlJlQWdRSUVGb0luZEN4d1FYamhvMjcxOTZtTWpPdi9y%0D%0AODcwdXhxRngiXSxbLTMsIltcImludGVybmFsLXBkZi12aWV3ZXJcIixcIm1oamZibWRnY2ZqYmJw%0D%0AYWVvam9mb2hvZWZnaWVoamFpXCIsXCJpbnRlcm5hbC1uYWNsLXBsdWdpblwiXSJdLFstNCwiLSJd%0D%0ALFstNSwiLSJdLFstNiwiLSJdLFstNywiLSJdLFstOCwiLSJdLFstOSwiKyJdLFstMTAsIi0iXSxb%0D%0ALTExLCJ7XCJ0XCI6XCJcIixcIm1cIjpbXCJkZXNjcmlwdGlvblwiLFwib2c6dGl0bGVcIixcIm9n%0D%0AOmRlc2NyaXB0aW9uXCIsXCJ0d2l0dGVyOmRlc2NyaXB0aW9uXCIsXCJ0d2l0dGVyOnRpdGxlXCIs%0D%0AXCJvZzpkZXNjcmlwdGlvblwiLFwiZGVzY3JpcHRpb25cIixcInBhcnNlbHktdGl0bGVcIl19Il0s%0D%0AWy0xMiwibnVsbCJdLFstMTMsIi0iXSxbLTE0LCJ7XCJvXCI6MC4wMDQ5MjYxMDgzNzQzODQyMzY1%0D%0AfSJdLFstMTUsIi0iXSxbLTE2LCIwIl0sWy0xNywiNCJdLFstMTgsIlswLDAsMCwxXSJdLFstMTks%0D%0AIlswLDAsMCwwLDAsMCwxLDI0LDI0LFwiLVwiLDE2MDAsMTIwMCwxNjAwLDEyMDAsMTYwMCwxMjAw%0D%0ALDE2MDAsMTIwMCwwLDAsMCwwLFwiLVwiLFwiLVwiXSJdLFstMjAsIjIxMjUxMDQ4MTYuMTY3NzI4%0D%0AMzg1MCJdLFstMjEsIlRkN0FMM3pGIl0sWy0yMiwiW1wiblwiLFwiblwiXSJdLFstMjMsIisiXSxb%0D%0ALTI0LCJbXSJdLFstMjUsIi0iXSxbLTI2LCJ7XCJ0amhzXCI6MjMxMDAwMDAsXCJ1amhzXCI6MTgy%0D%0AMDAwMDAsXCJqaHNsXCI6Mzc2MDAwMDAwMH0iXSxbLTI3LCJbMCwxMCwwLFwiNGdcIixudWxsXSJd%0D%0ALFstMjgsImVuLVVTLGVuIl0sWy0yOSwie1widlwiOlsyLDIsMiwyLDAsMCwwLDIsMCwyLDAsMiww%0D%0ALDAsMiwyLDIsMiwwXX0iXSxbLTMwLCJbXCJ2XCIsMF0iXSxbLTMxLCJmYWxzZSJdLFstMzIsIi0i%0D%0AXSxbLTMzLCItIl0sWy0zNCwiLSJdLFstMzUsIlsxNjc3MjgzODUwMzYwLDBdIl0sWy0zNiwiW1wi%0D%0ANC8zXCIsXCI0LzNcIl0iXSxbLTM3LCItMTQ0LTY2LTE4MC0iXSxbLTM4LCJpLC0xLC0xLDY3NSww%0D%0ALDIsMCw5OCwyMCwyMjgsMzc4LDAsMTMxMi44LDEzMTIuOCwxODk1LDE4OTYiXSxbLTM5LCJbXCIy%0D%0AMDAzMDEwN1wiLDQsXCJHZWNrb1wiLFwiTmV0c2NhcGVcIixcIk1vemlsbGFcIixudWxsLG51bGws%0D%0AdHJ1ZSw4LGZhbHNlLG51bGwsM10iXSxbLTQwLCIzMyJdLFstNDEsIi0iXSxbLTQyLCIxNzI0Mjk3%0D%0ANjUzIl0sWy00MywiMDAwMDAwMDEwMTAwMDAwMTAwMTExMDExMDAiXSxbLTQ0LCIwLDAsMCw1Il0s%0D%0AWy00NSwiLSJdLFstNDYsIjAiXSxbLTQ3LCJFdGMvVW5rbm93bixlbi1VUyxsYXRuLGdyZWdvcnki%0D%0AXSxbLTQ4LCIwLDAiXSxbLTQ5LCItIl0sWyJibmNoIiw1N11d&tsfu=&fst=1600x1200&dep=0&cpos=%5B%7B%22x%22%3A325%2C%22y%22%3A2680%2C%22w%22%3A610%2C%22h%22%3A0%7D%2C%7B%22w%22%3A1600%2C%22h%22%3A1200%7D%5D&ver=41&cri=z3SUKGbkrm&sdd=%7B%7D&pto=1910
Requested by: Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd04:9b88:a313:d24d:af44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 1781cb2627a14a3c2e92e65d71c4650dd673d547c784f080b113052581abb942

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type: text/javascript
pragma: no-cache
date: Sat, 25 Feb 2023 00:10:50 GMT
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-length: 1579
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 country Show response
api.btloader.com/ 16 B
203 B 160ms
114ms Fetch
application/json 130.211.23.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/country
Requested by: Host: btloader.com
URL: https://btloader.com/tag?aax_id=AAX21O2VJ&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: a04a64eb55c4a16ed352d149385a8ac8d8c2d3291f0e5b59b0f48375443b5f24

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 00:10:50 GMT
via: 1.1 google
vary: Origin
content-type: application/json
access-control-allow-origin: *
cache-control: private, max-age=300, stale-while-revalidate=600, stale-if-error=600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16

GET
H2 204 pv Show response
api.btloader.com/ 0
66 B 160ms
114ms XHR
text/plain 130.211.23.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.btloader.com/pv?tid=dM1oaboa8H&w=5067989034991616&o=5107371200741376&cv=2.1.07-4-g5b119f8&r=false&vr=1600x1200&pageURL=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&sid=J7b6Kcjd&upapi=true
Requested by: Host: btloader.com
URL: https://btloader.com/tag?aax_id=AAX21O2VJ&upapi=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 194.23.211.130.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 25 Feb 2023 00:10:50 GMT
cache-control: no-cache, no-store, must-revalidate
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary: Origin

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
350 B 78ms
18ms XHR
text/plain 2a00:1450:4025:401::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-27022641-1&cid=2125104816.1677283850&jid=628247521&gjid=1523569140&_gid=1528028454.1677283850&_u=aHBAiEAjBAAAAEAAI~&z=2115320834

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4025:401::9b Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.fox13now.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 25 Feb 2023 00:10:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.fox13now.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
69 B 72ms
19ms XHR
text/plain 2a00:1450:4025:401::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-29479748-9&cid=2125104816.1677283850&jid=148889518&gjid=98849882&_gid=1528028454.1677283850&_u=aHDAiEAjBAAAAEAAI~&z=209055235

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4025:401::9b Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.fox13now.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 25 Feb 2023 00:10:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.fox13now.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
67 B 68ms
19ms XHR
text/plain 2a00:1450:4025:401::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-40066851-1&cid=2125104816.1677283850&jid=1420888769&gjid=534250982&_gid=1528028454.1677283850&_u=aHDAiEAjBAAAAEAAI~&z=380905660

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4025:401::9b Den Helder, Netherlands, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.fox13now.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 25 Feb 2023 00:10:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.fox13now.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 39ms
38ms Image
image/gif 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=141969756&t=pageview&_s=1&dl=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&ul=en-us&de=UTF-8&dt=Billionaire%20Utahn%20to%20give%20away%2090%25%20of%20his%20wealth&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aHBAiEAjBAAAAAAAI~&jid=628247521&gjid=1523569140&cid=2125104816.1677283850&tid=UA-27022641-1&_gid=1528028454.1677283850&gtm=45He32m0n815QBX3CF&cd20=10%2F16%2F2021&cd21=Jeff%20Tavss&cd22=&cd23=Local%20News&cd24=Homepage%20Showcase%2CLocal%20News%2CInstagram&cd26=465&cd30=&cd31=true&z=857790975

Requested by

Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Feb 2023 03:14:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 75396
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 39ms
38ms Image
image/gif 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=141969756&t=pageview&_s=1&dl=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&ul=en-us&de=UTF-8&dt=Billionaire%20Utahn%20to%20give%20away%2090%25%20of%20his%20wealth&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aHDAiEAjBAAAAEAAI~&jid=148889518&gjid=98849882&cid=2125104816.1677283850&tid=UA-29479748-9&_gid=1528028454.1677283850&gtm=45He32m0n815QBX3CF&cd20=10%2F16%2F2021&cd21=Jeff%20Tavss&cd22=&cd23=Local%20News&cd24=Homepage%20Showcase%2CLocal%20News%2CInstagram&cd26=465&cd30=&cd31=true&z=1240835195

Requested by

Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Feb 2023 03:14:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 75396
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 40ms
39ms Image
image/gif 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=141969756&t=pageview&_s=1&dl=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&ul=en-us&de=UTF-8&dt=Billionaire%20Utahn%20to%20give%20away%2090%25%20of%20his%20wealth&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aHDAiEAjBAAAAEAAI~&jid=1420888769&gjid=534250982&cid=2125104816.1677283850&tid=UA-40066851-1&_gid=1528028454.1677283850&gtm=45He32m0n815QBX3CF&cd20=10%2F16%2F2021&cd21=Jeff%20Tavss&cd22=&cd23=Local%20News&cd24=Homepage%20Showcase%2CLocal%20News%2CInstagram&cd26=465&cd30=&cd31=true&z=1731360498

Requested by

Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 24 Feb 2023 03:14:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 75396
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 76 KB
27 KB 139ms
44ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: warp.media.net
URL: https://warp.media.net/js/tags/clientag.js?cid=8CU2N1270&dn=www.fox13now.com&version=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5f419c192e605d0d0bfac0ef0835ffdeb6691358a09d43a186656a4e3f6c02b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 00:10:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26855
x-xss-protection: 0
server: sffe
etag: "1493 / 505 of 1000 / last-modified: 1677280148"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 25 Feb 2023 00:10:50 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 127ms
46ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-27022641-1&cid=2125104816.1677283850&jid=628247521&_u=aHBAiEAjBAAAAEAAI~&z=567909898

Requested by

Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Feb 2023 00:10:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 136ms
51ms Image
image/gif 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-27022641-1&cid=2125104816.1677283850&jid=628247521&_u=aHBAiEAjBAAAAEAAI~&z=567909898

Requested by

Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Feb 2023 00:10:50 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 hls.7a479ee5958b6acc066e.js
cds.connatix.com/p/233833/ Frame 3A0B 0
52 KB 6ms
6ms Other
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/233833/hls.7a479ee5958b6acc066e.js
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 00:10:50 GMT
content-encoding: br
last-modified: Fri, 24 Feb 2023 14:53:08 GMT
age: 32766
etag: "db2642cb874da33a493432fbc153c9e2"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 53212

GET
H2 200 connatix.playspace.css
cds.connatix.com/p/233833/ 113 KB
18 KB 7ms
7ms Stylesheet
text/css 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/233833/connatix.playspace.css
Requested by: Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 2b4d9ab4cbc759ed850fb6e32c02a2e0342a4f2854afa475eab14fd7fcdaf08c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 00:10:50 GMT
content-encoding: br
last-modified: Fri, 24 Feb 2023 14:53:08 GMT
age: 32766
etag: "e8f14a0b385cc5427a474afdca7f3638"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
access-control-max-age: 86400
content-type: text/css
access-control-allow-origin: *
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 18459

POST
H2 200 story Show response
capi.connatix.com/core/ Frame 3A0B 2 KB
1 KB 181ms
143ms XHR
application/x-protobuf 104.18.22.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/core/story?v=233833
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.22.41 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b8f08ac6ae2c7c8779a1336c92dbbb92f35912ee366d0624ffb289db0263f48

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Sat, 25 Feb 2023 00:10:50 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.fox13now.com
cache-control: no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
cf-ray: 79ec3862fc9068f2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 pubads_impl_2023022301.js Show response
securepubads.g.doubleclick.net/gpt/ 384 KB
130 KB 139ms
38ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022301.js?cb=31072675

Requested by

Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f13c6b3026bf5f9437ea17554965e56be1b5ab25b5cf6f3de7415b5b8bd2f60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 23:27:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 88973
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 132695
x-xss-protection: 0
last-modified: Thu, 23 Feb 2023 09:36:44 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 23 Feb 2024 23:27:57 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 1 KB
981 B 139ms
44ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.fox13now.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f3d7c3a88135a3a10c5d4dcbb8ec96a4ffbe0bf2d5ed93681b96a967f997dcce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 00:10:50 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 438
x-xss-protection: 0
expires: Sat, 25 Feb 2023 00:10:50 GMT

GET
H/1.1 200
OK dwce_cheq_events Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 409ms
84ms XHR
application/json 64.202.112.95
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1677283850762&sessionId=62d73c14-2b2a-8167-8d81-afa58ecf8880&url=www.fox13now.com&cheqSource=1&cheqEvent=0&exitReason=3
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 25 Feb 2023 00:10:51 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 807371a36ff05157222d39670d54e94e
Content-Length: 4
Expires: 0

GET
H2 200 get Show response
odb.outbrain.com/utils/ 35 KB
8 KB 194ms
123ms Script
text/javascript 146.75.122.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/get?url=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&idx=0&rand=5885&key=NANOWDGT01&widgetJSId=AR_11&va=true&et=true&format=html&adblck=false&abwl=false&clid=62d73c14-2b2a-8167-8d81-afa58ecf8880&fdu=www.fox13now.com&px=325&py=2680&vpd=1480&cw=610&activeTab=true&ab=0&wl=0&obRecsAbtestVars=1174:3820&settings=true&recs=true&version=2010189&sig=Td7AL3zF&apv=false&&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpa=1---&ccpaStat=1&chs=1&ogn=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth
Requested by: Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.122.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 31edca22e24ffa4f4160bf05db2242e4deee151bc37c2eda0229ddcefdf3d19e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-cache-hits: 0, 0
date: Sat, 25 Feb 2023 00:10:50 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, HHN, Europe1
x-timer: S1677283851.838663,VS0,VE116
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
x-served-by: cache-lga13629-LGA, cache-hhn-etou8220043-HHN
x-traceid: 2e8b9b630b7347a45c3c88b75651cfd4
accept-ranges: bytes
content-length: 7869
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK dwce_cheq_events Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 393ms
85ms XHR
application/json 64.202.112.95
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1677283850779&sessionId=62d73c14-2b2a-8167-8d81-afa58ecf8880&url=www.fox13now.com&cheqSource=1&cheqEvent=2&responseTime=518
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 25 Feb 2023 00:10:51 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: d935455be1557f285214e9a8d9a24ff1
Content-Length: 4
Expires: 0

GET
H2 200 imp.gif
flint.defybrick.com/tracker/ 43 B
79 B 109ms
109ms Image
image/gif 2600:1f18:e8a:cd04:9b88:a313:d24d:af44
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://flint.defybrick.com/tracker/imp.gif?e=37dfbd8ee84e00136de9c53de94f8f9d9225c24f567d51c5c30f41b0254384cfa532ff1a285aa40e98d022e0b44dc87ea4a36fde4c1b8c682309094d0ba0bfea9475489e91da563e351aff717718956a8b70cd0130003f8101424d3f065cc3bf775d36fa26e877cb55e2cc7ce2586fb01f6f3903d053f054abd1c5d52fe87547ed62d2f1157f84163312714793d75066f578afe6d6e54719bd488ebd39e821da61c45085052aae2d05f91e4604289e5b32b49affa125be2ab8589801f95c0c2cf38e6b256a655c9b6599857ea95a61a7d4f232331e32d786302080903b477442750c1bef8828796d76e4ba152cebfea755c9a444771e2bb5a5a384800cc6b9a326f746c0016537dd9fcfe6ad6b89cc9133d56c5384e6c82d1808f77f6aac98157aefdffc64ec57a917f0dd07c74cccd17cc22a2984db7299779ac0edf58cbab71a2ca27be2b9f22d053cb9d03692bc17e7444603df540fd7d5d59981b2c527df21d6deedc85ec54d5814aa5f0ddbc5c31b7587ef20fd55b4934bc370af7a461b539b61e95b8b90fc25e981639c1da7c19ccc7780191c2de84b011f7a446494fd6fb95098cd8a2be89262e88161d48fe8fd73c0bce04a773388e2504ad0ba055909e4ebad23e06bc2b441abbf33e525e664880293459eb535c70778b2b3ca3f7c2227567b57184fb8fd9e388710bd4452516bade50c80c60a06ffa4cdf8e07ec886e5e09bf9adf6574c3efd5b85b550729e45651acb7e5b7168ea66ac701ddef6c2658a7cca238ba941d1aa5e8b711d5555106001ced2eeda206910cb0a4f91cfcbf8e5881550dcc3e238c88b2a258fc018782bbcc4c54462f7358f5fd2&cb=1677283850779&cri=z3SUKGbkrm
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd04:9b88:a313:d24d:af44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
date: Sat, 25 Feb 2023 00:10:50 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

POST
H/1.1 200
OK sr Show response
capi-tier-2-us-east-2.connatix.com/tr/ Frame 3A0B 0
317 B 513ms
118ms XHR
application/x-protobuf 52.15.102.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi-tier-2-us-east-2.connatix.com/tr/sr?v=233833
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.15.102.142 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-15-102-142.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Sat, 25 Feb 2023 00:10:50 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.fox13now.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 20

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 76 KB
26 KB 47ms
46ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa478652d3c012008eecf1268ff0b340d88be662acc3cde584628f39c7bbc236

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 00:10:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26563
x-xss-protection: 0
server: sffe
etag: "1493 / 722 of 1000 / last-modified: 1677280057"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 25 Feb 2023 00:10:50 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 3A0B 361 KB
121 KB 147ms
45ms Script
text/javascript 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8dc4d387c4e74a24ffeacb473c5cec08143808458cc0dd8efa153608af4f66f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 00:10:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 123572
x-xss-protection: 0
expires: Sat, 25 Feb 2023 00:10:51 GMT

GET
H2 200 11370fb9-39ee-493f-93d4-24f5c95c987f.bin Show response
vid.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/ Frame 3A0B 7 KB
7 KB 61ms
21ms XHR
application/octet-stream 104.18.23.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/11370fb9-39ee-493f-93d4-24f5c95c987f.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.23.41 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad8f910bdbf8d93555b655d7c147003525302132ce9ea263417efec3632796a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 00:10:50 GMT
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6958
last-modified: Fri, 24 Feb 2023 03:20:58 GMT
server: cloudflare
etag: "34e3f062d2ec6837823be26da6e82ed9"
xpid: f81d3fc1-e408-46bb-af10-fcef63eb862e
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: *
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age: 86400
accept-ranges: bytes
cf-ray: 79ec38649cf22c39-FRA
access-control-allow-headers: range
expires: Sun, 25 Feb 2024 00:10:50 GMT

GET
H2 200 bid Show response
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 64 B
503 B 163ms
52ms XHR
text/javascript 65.9.71.208
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=3295&u=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&pid=ttUCY8aEaJRcW&cb=0&ws=1600x1200&v=23.203.336&t=1500&slots=%5B%7B%22sd%22%3A%22MAD_INVIEW%22%2C%22s%22%3A%5B%22728x90%22%5D%7D%2C%7B%22sd%22%3A%22MAD_RIGHT_RAIL%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.71.208 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-71-208.fra56.r.cloudfront.net

Software

Server /

Resource Hash

d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 00:10:51 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 106758604a7f1ae0fa6678cd3d828d62.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-C1
x-amz-rid: X51B963PMAHZPXXHPAHG
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.fox13now.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 64
x-amz-cf-id: w5Rf_21-H0lUXQJD91mXuSmleC_ydgtDnwMT_4Ot4adpJ3AJ7TUccQ==

POST
H/1.1 200
OK ao Show response
capi-tier-2-us-east-2.connatix.com/tr/ Frame 3A0B 0
317 B 471ms
118ms XHR
application/x-protobuf 52.15.102.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi-tier-2-us-east-2.connatix.com/tr/ao?v=233833
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.15.102.142 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-15-102-142.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Sat, 25 Feb 2023 00:10:50 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.fox13now.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK ps Show response
capi-tier-2-us-east-2.connatix.com/tr/ Frame 3A0B 0
317 B 473ms
118ms XHR
application/x-protobuf 52.15.102.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi-tier-2-us-east-2.connatix.com/tr/ps?v=233833
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.15.102.142 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-15-102-142.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Sat, 25 Feb 2023 00:10:51 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.fox13now.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 20

GET
H2 200 74e89eff-8fb4-47d3-94d0-42844224da5e.jpg
img.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/ 35 KB
34 KB 49ms
14ms Image
image/jpeg 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/74e89eff-8fb4-47d3-94d0-42844224da5e.jpg?crop=600:410,smart&width=600&height=410&format=jpeg&quality=60&fit=crop
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 451bea371e363e4ce53f534aa901ae25067efc06286d18bc6c7088dff0a24e1c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 00:10:51 GMT
content-encoding: br
age: 74894
etag: "hQ5tFkb0F5++BWanxw2PMQn/bPj5otTwAdXAGt7GvLk"
x-amz-server-side-encryption: AES256
access-control-max-age: 86400
content-type: image/jpeg
fastly-io-info: ifsz=87727 idim=1280x720 ifmt=jpeg ofsz=35502 odim=600x410 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-length: 34617

GET
H2 200 bid Show response
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 64 B
505 B 82ms
49ms XHR
text/javascript 65.9.71.208
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=3295&u=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&pid=ttUCY8aEaJRcW&cb=1&ws=1600x1200&v=23.203.336&t=2000&slots=%5B%7B%22id%22%3A%22Connatix_Instream_Video%22%2C%22mt%22%3A%22v%22%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.71.208 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-71-208.fra56.r.cloudfront.net

Software

Server /

Resource Hash

8db22950b3f47f686f4bad6b6d21386f03a4b0b24320c6715436424e41dcda09

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 00:10:51 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 106758604a7f1ae0fa6678cd3d828d62.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-C1
x-amz-rid: 20NNY0MAXX3270XYZC8W
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.fox13now.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 64
x-amz-cf-id: ezDJF36mVbbD61jdv5C63o8PY0FjIMSH4zgvKS0eaTq-gJR7MB_NiA==

GET
H2 200 74e89eff-8fb4-47d3-94d0-42844224da5e.jpg
img.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/ 31 KB
30 KB 54ms
22ms Image
image/jpeg 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/74e89eff-8fb4-47d3-94d0-42844224da5e.jpg?crop=600:338,smart&width=600&height=338&format=jpeg&quality=60&fit=crop
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 05dea6c77ac68974d5bbce61a61d9845122cb2109c7bf2526809cfcbff44564c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 00:10:51 GMT
content-encoding: br
age: 74895
etag: "JynQfATv8kmrW++J5vXvqqVwfkkMs33zHelvgDBeUOA"
x-amz-server-side-encryption: AES256
access-control-max-age: 86400
content-type: image/jpeg
fastly-io-info: ifsz=87727 idim=1280x720 ifmt=jpeg ofsz=31457 odim=600x338 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-length: 30447

GET
H2 200 22d5b1bc-8718-49b6-aa66-9776b6e1c971.jpg
img.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/ 24 KB
24 KB 53ms
21ms Image
image/jpeg 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/22d5b1bc-8718-49b6-aa66-9776b6e1c971.jpg?crop=600:338,smart&width=600&height=338&format=jpeg&quality=60&fit=crop
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 6e91bded8ac0fe50742250b3dbb81d08775e181bdb4e600af79b39ad9b8838d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 00:10:51 GMT
content-encoding: br
age: 74893
etag: "O9kbxkqXMV+2kvWpo0oYCkXbBhsCQW6L/9X/VkXNFHM"
x-amz-server-side-encryption: AES256
access-control-max-age: 86400
content-type: image/jpeg
fastly-io-info: ifsz=1258983 idim=1280x720 ifmt=png ofsz=24300 odim=600x338 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-length: 23929

GET
H2 200 b15f8613-172a-46f0-89fb-f8620a880254.jpg
img.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/ 17 KB
16 KB 51ms
19ms Image
image/jpeg 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/b15f8613-172a-46f0-89fb-f8620a880254.jpg?crop=600:338,smart&width=600&height=338&format=jpeg&quality=60&fit=crop
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 26148ded0aed1146634fc71c52fe8458e89dae6acf31090ab279de392a7dac88

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 00:10:51 GMT
content-encoding: br
age: 74893
etag: "hLcTTLLQE2929lhMmI6zBL2r3hY0WVBcw5undR3vUSk"
x-amz-server-side-encryption: AES256
access-control-max-age: 86400
content-type: image/jpeg
fastly-io-info: ifsz=856588 idim=1280x720 ifmt=png ofsz=17073 odim=600x338 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-length: 16729

GET
H2 200 7cec8ec5-6d7f-4dc8-8c5f-58937053aba5.jpg
img.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/ 18 KB
18 KB 47ms
15ms Image
image/jpeg 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/7cec8ec5-6d7f-4dc8-8c5f-58937053aba5.jpg?crop=600:338,smart&width=600&height=338&format=jpeg&quality=60&fit=crop
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3a454d870a975028817fe383ce0c49f667e1187651b054bbf3d69fd748134c62

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 00:10:51 GMT
content-encoding: br
age: 74893
etag: "i15JN1t/ojbVTQhhghXjtREZLMrAqpvvhpM61PYd5pE"
x-amz-server-side-encryption: AES256
access-control-max-age: 86400
content-type: image/jpeg
fastly-io-info: ifsz=749672 idim=1280x720 ifmt=png ofsz=18801 odim=600x338 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-length: 18302

GET
H2 200 577f8c74-3587-489d-8f5c-523d66a100b5.jpg
img.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/ 16 KB
15 KB 46ms
15ms Image
image/jpeg 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/577f8c74-3587-489d-8f5c-523d66a100b5.jpg?crop=600:338,smart&width=600&height=338&format=jpeg&quality=60&fit=crop
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 2393a5f9012a549669d8dd7755e0411f25292d26d1aa3e2752795f2906adb5b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 00:10:51 GMT
content-encoding: br
age: 74893
etag: "A4j0yO0gc7TyHXAs3It0587CxOXPlWDB0DjhyaVXHKs"
x-amz-server-side-encryption: AES256
access-control-max-age: 86400
content-type: image/jpeg
fastly-io-info: ifsz=494257 idim=1280x720 ifmt=png ofsz=16266 odim=600x338 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=2592000, public
fastly-stats: io=1
accept-ranges: bytes
content-length: 15713

GET
H2 200 bid Show response
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 64 B
505 B 109ms
81ms XHR
text/javascript 65.9.71.208
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=3295&u=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&pid=ttUCY8aEaJRcW&cb=2&ws=1600x1200&v=23.203.336&t=1500&slots=%5B%7B%22sd%22%3A%22MAD_HEADER%22%2C%22s%22%3A%5B%22970x250%22%2C%22728x90%22%2C%22970x90%22%2C%22994x30%22%2C%2210x1%22%5D%7D%5D&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.71.208 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-71-208.fra56.r.cloudfront.net

Software

Server /

Resource Hash

f0fe7e69e970311a87c3b57b217e6fc19f0a65b25813ad64426169712f61e402

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 00:10:51 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 106758604a7f1ae0fa6678cd3d828d62.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-C1
x-amz-rid: B3XY94J6WPYNKXRZT9BN
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.fox13now.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 64
x-amz-cf-id: CpxSw-F06B_X7G0PtDmlRDg0aXHGdGl-W4X1Vyk_KW9lvDH1TweczA==

GET
H3 206 13461e30-0e10-4014-b6cc-9b427b2e33a8_360_h264.mp4
vid.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/ 67 KB
0 53ms
35ms Media
video/mp4 104.18.23.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/13461e30-0e10-4014-b6cc-9b427b2e33a8_360_h264.mp4
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.23.41 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.fox13now.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Range: bytes=0-

Response headers

date: Sat, 25 Feb 2023 00:10:51 GMT
cf-cache-status: HIT
Content-Range: bytes 0-1298366/1298367
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 1298367
last-modified: Fri, 24 Feb 2023 03:20:53 GMT
server: cloudflare
etag: "982367c8d7075e5a8585f18c26d213f8"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: video/mp4
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age: 86400
cf-ray: 79ec38655a0591fc-FRA
access-control-allow-headers: range
xpid: f81d3fc1-e408-46bb-af10-fcef63eb862e
expires: Sun, 25 Feb 2024 00:10:51 GMT

GET
H3 206 4642673b-16c9-4893-ba4b-0f20066675df_360_h264.mp4
vid.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/ 163 KB
0 43ms
25ms Media
video/mp4 104.18.23.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/4642673b-16c9-4893-ba4b-0f20066675df_360_h264.mp4
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.23.41 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.fox13now.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Range: bytes=0-

Response headers

date: Sat, 25 Feb 2023 00:10:51 GMT
cf-cache-status: HIT
Content-Range: bytes 0-1141696/1141697
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 1141697
last-modified: Fri, 24 Feb 2023 03:20:58 GMT
server: cloudflare
etag: "a6f6c7e72d8f4c5ba9e73ffa12acdbe4"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: video/mp4
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age: 86400
cf-ray: 79ec38655a0691fc-FRA
access-control-allow-headers: range
xpid: f81d3fc1-e408-46bb-af10-fcef63eb862e
expires: Sun, 25 Feb 2024 00:10:51 GMT

GET
H3 206 cd5c3942-3808-46f5-9b98-51a849f31bdc_360_h264.mp4
vid.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/ 242 KB
0 108ms
91ms Media
video/mp4 104.18.23.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/cd5c3942-3808-46f5-9b98-51a849f31bdc_360_h264.mp4
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.23.41 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.fox13now.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Range: bytes=0-

Response headers

date: Sat, 25 Feb 2023 00:10:51 GMT
cf-cache-status: HIT
Content-Range: bytes 0-1200978/1200979
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 1200979
last-modified: Fri, 24 Feb 2023 03:20:54 GMT
server: cloudflare
etag: "44132cce4067453a907fb44024c68ff3"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: video/mp4
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age: 86400
cf-ray: 79ec38655a0791fc-FRA
access-control-allow-headers: range
xpid: f81d3fc1-e408-46bb-af10-fcef63eb862e
expires: Sun, 25 Feb 2024 00:10:51 GMT

GET
H3 206 3c48c937-39d3-4a11-a2fb-218fffed64cc_360_h264.mp4
vid.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/ 1 MB
0 166ms
149ms Media
video/mp4 104.18.23.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/3c48c937-39d3-4a11-a2fb-218fffed64cc_360_h264.mp4
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.23.41 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.fox13now.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Range: bytes=0-

Response headers

date: Sat, 25 Feb 2023 00:10:51 GMT
cf-cache-status: HIT
Content-Range: bytes 0-1370981/1370982
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 1370982
last-modified: Fri, 24 Feb 2023 03:20:53 GMT
server: cloudflare
etag: "db6c30c1aac4402fe722f1666fb6dba0"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: video/mp4
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age: 86400
cf-ray: 79ec38655a0891fc-FRA
access-control-allow-headers: range
xpid: f81d3fc1-e408-46bb-af10-fcef63eb862e
expires: Sun, 25 Feb 2024 00:10:51 GMT

GET
H3 206 bde519bc-9083-4c4b-b2fc-96ddc471d1e0_360_h264.mp4
vid.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/ 110 KB
0 120ms
104ms Media
video/mp4 104.18.23.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/bde519bc-9083-4c4b-b2fc-96ddc471d1e0_360_h264.mp4
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.23.41 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.fox13now.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Range: bytes=0-

Response headers

date: Sat, 25 Feb 2023 00:10:51 GMT
cf-cache-status: HIT
Content-Range: bytes 0-1266133/1266134
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 1266134
last-modified: Fri, 24 Feb 2023 03:20:53 GMT
server: cloudflare
etag: "19aebd8c0e4feccaabeadd2035696bec"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: video/mp4
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age: 86400
cf-ray: 79ec38655a0991fc-FRA
access-control-allow-headers: range
xpid: f81d3fc1-e408-46bb-af10-fcef63eb862e
expires: Sun, 25 Feb 2024 00:10:51 GMT

GET
H2 200 ob_logo_67x12.png
widgets.outbrain.com/images/widgetIcons/ 2 KB
3 KB 25ms
24ms Image
image/png 2.18.37.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/ob_logo_67x12.png
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.37.67 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-37-67.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

expires: Mon, 27 Mar 2023 00:10:51 GMT
date: Sat, 25 Feb 2023 00:10:51 GMT
last-modified: Tue, 10 Jan 2023 16:40:08 GMT
server: AkamaiNetStorage
etag: "c52b07e749f7a09fa7b97b7e195e06ce:1673369415.187551"
access-control-allow-methods: GET,POST
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 2326
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H2 200 achoice.svg
widgets.outbrain.com/images/widgetIcons/ 990 B
1 KB 19ms
18ms Image
image/svg+xml 2.18.37.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.37.67 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-37-67.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

expires: Mon, 27 Mar 2023 00:10:51 GMT
date: Sat, 25 Feb 2023 00:10:51 GMT
last-modified: Tue, 10 Jan 2023 16:40:08 GMT
server: AkamaiNetStorage
etag: "5ab8e16b5f46213840bcd403e349419c:1673369393.880194"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 990
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
330 B 380ms
92ms Fetch
text/plain 64.202.112.95
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=56e20dec7b81c457a864c28fa1952ec2_38984_1677283850908&tm=989&eT=0&widgetWidth=610&widgetHeight=27&widgetX=325&widgetY=3158&wRV=2010189&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&ccpa=1---&cheq=2&rtt=319&oo=true&lo=1449&odbreq=2297&odbres=2616&cet=4g&to=1677283848467&chs=1&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 25 Feb 2023 00:10:51 GMT
Access-Control-Expose-Headers: content-range
X-TraceId: 7bf2d81305e0d87d990e8134217803e5
Content-Length: 2
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type: text/plain; charset=UTF-8

GET
H2 200 streamFeed.js Show response
widgets.outbrain.com/nanoWidget/2010189/module/ 33 KB
13 KB 20ms
18ms Script
application/x-javascript 2.18.37.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/2010189/module/streamFeed.js?e=1
Requested by: Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.37.67 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-37-67.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: d5ff91865d995591bc5aff1faff0e4f1887a72b6995d7de350030f11f6a6bb6a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-request-headers: X-OB-STG,X-OB-PRD
date: Sat, 25 Feb 2023 00:10:51 GMT
content-encoding: gzip
content-length: 12773
last-modified: Wed, 22 Feb 2023 11:49:12 GMT
server: AkamaiNetStorage
etag: "d9e6e9dd57847c79ab110153dcd58095:1677068841.713377"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=604800
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
expires: Sat, 04 Mar 2023 00:10:51 GMT

GET
H2 200 get Show response
mv.outbrain.com/Multivac/api/ 152 KB
39 KB 772ms
766ms Script
text/javascript 146.75.122.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mv.outbrain.com/Multivac/api/get?url=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&settings=true&recs=true&widgetJSId=AR_11&key=NANOWDGT01&version=2010189&apv=false&sig=Td7AL3zF&format=html&rand=10534&osLang=en-US&seid=null&va=true&et=true&cmpStat=0&ccpa=1---&ccpaStat=1&scrW=1600&scrH=1200&t=NTZlMjBkZWM3YjgxYzQ1N2E4NjRjMjhmYTE5NTJlYzI=&winW=1600&winH=1200&adblck=false&abwl=false&secured=true&feedIdx=0&lastIdx=0&lastCardIdx=0&fAB=no_abtest&clss=OFM3h3QL3fGCxJlVhzbjDaf9NEbP0xHrbMpk0j7dK7iqBiVTWb0uIHsfX8Psn%2BO4AKDkrlMl4GehB3ea&dpr=1&cw=610&activeTab=true&ogn=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&rw=CR_12&obRecsAbtestVars=1174:3820&chs=1
Requested by: Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.122.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: a592740285723e2719318aa6407e0405fd95e341dfe114b8f5894e63078e1351

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-cache-hits: 0, 0
date: Sat, 25 Feb 2023 00:10:51 GMT
content-encoding: br
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, HHN, Europe1
x-timer: S1677283851.138448,VS0,VE759
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
x-served-by: cache-lga21945-LGA, cache-hhn-etou8220043-HHN
x-traceid: ced00473363e5ef2cf706314dc8cf718
accept-ranges: bytes
content-length: 39685
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 config Show response
prebid.media.net/rtb/prebid/analytics/ 45 B
271 B 68ms
19ms XHR
application/json 34.107.148.139
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid/analytics/config?cid=8CU2N1270&dn=www.fox13now.com
Requested by: Host: warp.media.net
URL: https://warp.media.net/js/tags/clientag.js?cid=8CU2N1270&dn=www.fox13now.com&version=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: e08cc0db8b2a31529e8fd60ec62e764701c2ff86312fa50d292028a6205c3e71

Request headers

Referer: https://www.fox13now.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

date: Sat, 25 Feb 2023 00:10:51 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.fox13now.com
cache-control: max-age=900, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
expires: Sat, 25 Feb 2023 00:25:51 GMT

GET
H3 206 13461e30-0e10-4014-b6cc-9b427b2e33a8_360_h264.mp4
vid.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/ 1 MB
0 122ms
121ms Media
video/mp4 104.18.23.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/13461e30-0e10-4014-b6cc-9b427b2e33a8_360_h264.mp4
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.23.41 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.fox13now.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Range: bytes=65536-

Response headers

date: Sat, 25 Feb 2023 00:10:51 GMT
cf-cache-status: HIT
Content-Range: bytes 65536-1298366/1298367
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 1232831
last-modified: Fri, 24 Feb 2023 03:20:53 GMT
server: cloudflare
etag: "982367c8d7075e5a8585f18c26d213f8"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: video/mp4
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age: 86400
cf-ray: 79ec3865ea5391fc-FRA
access-control-allow-headers: range
xpid: f81d3fc1-e408-46bb-af10-fcef63eb862e
expires: Sun, 25 Feb 2024 00:10:51 GMT

POST
H2 200 hbjson Show response
grid.bidswitch.net/ 23 B
239 B 159ms
27ms XHR
application/json 35.156.32.230
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://grid.bidswitch.net/hbjson?sp=trustx
Requested by: Host: warp.media.net
URL: https://warp.media.net/js/tags/clientag.js?cid=8CU2N1270&dn=www.fox13now.com&version=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.32.230 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-32-230.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: dff464a4288fb7c34c91a0d0b74eb9413e708f0563bfff23363265eeac817a59

Request headers

Referer: https://www.fox13now.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.fox13now.com
date: Sat, 25 Feb 2023 00:10:51 GMT
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
access-control-allow-credentials: true
content-length: 48
content-type: application/json

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 32 B
400 B 55ms
24ms XHR
application/json 34.107.148.139
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CU2N1270
Requested by: Host: warp.media.net
URL: https://warp.media.net/js/tags/clientag.js?cid=8CU2N1270&dn=www.fox13now.com&version=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: dbe5b7ecbb1e59ac15de1b1ea340c9540f8d1cf1764c667aeca64a1fdd3b639c

Request headers

Referer: https://www.fox13now.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 25 Feb 2023 00:10:51 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.fox13now.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
expires: Sat, 25 Feb 2023 00:10:51 GMT

POST
H2 200 auction Show response
bidder.newspassid.com/openrtb2/ 105 B
315 B 505ms
225ms XHR
application/json 54.86.73.72
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.newspassid.com/openrtb2/auction
Requested by: Host: warp.media.net
URL: https://warp.media.net/js/tags/clientag.js?cid=8CU2N1270&dn=www.fox13now.com&version=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.86.73.72 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-86-73-72.compute-1.amazonaws.com
Software: /
Resource Hash: 0e971a6c0d48b9d8cab8aa3c2edbe66120afbab371d54a76c931e9e28a1f4921

Request headers

Referer: https://www.fox13now.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 25 Feb 2023 00:10:51 GMT
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.fox13now.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 105
expires: 0

POST
H2 200 hbjson Show response
grid.bidswitch.net/ 24 B
241 B 135ms
19ms XHR
application/json 35.156.32.230
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://grid.bidswitch.net/hbjson?sp=trustx
Requested by: Host: warp.media.net
URL: https://warp.media.net/js/tags/clientag.js?cid=8CU2N1270&dn=www.fox13now.com&version=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.32.230 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-32-230.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 716692d351245392c048ab3e22c55e22d49c416476f23cf7bdbe2677b09dc64b

Request headers

Referer: https://www.fox13now.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.fox13now.com
date: Sat, 25 Feb 2023 00:10:51 GMT
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
access-control-allow-credentials: true
content-length: 49
content-type: application/json

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 32 B
116 B 43ms
26ms XHR
application/json 34.107.148.139
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CU2N1270
Requested by: Host: warp.media.net
URL: https://warp.media.net/js/tags/clientag.js?cid=8CU2N1270&dn=www.fox13now.com&version=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: dbe5b7ecbb1e59ac15de1b1ea340c9540f8d1cf1764c667aeca64a1fdd3b639c

Request headers

Referer: https://www.fox13now.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 25 Feb 2023 00:10:51 GMT
content-encoding: gzip
via: 1.1 google
server: nginx
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.fox13now.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
expires: Sat, 25 Feb 2023 00:10:51 GMT

POST
H2 200 auction Show response
bidder.newspassid.com/openrtb2/ 104 B
315 B 457ms
189ms XHR
application/json 54.86.73.72
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.newspassid.com/openrtb2/auction
Requested by: Host: warp.media.net
URL: https://warp.media.net/js/tags/clientag.js?cid=8CU2N1270&dn=www.fox13now.com&version=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.86.73.72 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-86-73-72.compute-1.amazonaws.com
Software: /
Resource Hash: dceb3bfb71ace8bdb05066f1dda376bbc6756c7a40daa5fc7ad9dae154f469b4

Request headers

Referer: https://www.fox13now.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 25 Feb 2023 00:10:51 GMT
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.fox13now.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 104
expires: 0

GET
H2 200 bridge3.557.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 1504 694 KB
222 KB 44ms
40ms Document
text/html 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.557.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ed1c1634d9f96286eecd6bfe892542a2cd46f4e46d437210fa99e4c8482966

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fox13now.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 26439
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 227119
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Fri, 24 Feb 2023 16:50:12 GMT
expires: Sat, 24 Feb 2024 16:50:12 GMT
last-modified: Tue, 21 Feb 2023 14:27:34 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 3A0B 44 KB
17 KB 145ms
46ms Script
text/javascript 2a00:1450:4001:806::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 00:10:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 25 Feb 2023 00:10:51 GMT

GET
H2 200 bridge3.557.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 28B9 694 KB
222 KB 66ms
64ms Document
text/html 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.557.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ed1c1634d9f96286eecd6bfe892542a2cd46f4e46d437210fa99e4c8482966

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fox13now.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 26439
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 227119
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Fri, 24 Feb 2023 16:50:12 GMT
expires: Sat, 24 Feb 2024 16:50:12 GMT
last-modified: Tue, 21 Feb 2023 14:27:34 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 bridge3.557.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame BA35 694 KB
222 KB 75ms
73ms Document
text/html 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.557.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18ed1c1634d9f96286eecd6bfe892542a2cd46f4e46d437210fa99e4c8482966

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fox13now.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 26439
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 227119
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Fri, 24 Feb 2023 16:50:12 GMT
expires: Sat, 24 Feb 2024 16:50:12 GMT
last-modified: Tue, 21 Feb 2023 14:27:34 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 206 4642673b-16c9-4893-ba4b-0f20066675df_360_h264.mp4
vid.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/ 955 KB
0 22ms
22ms Media
video/mp4 104.18.23.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/4642673b-16c9-4893-ba4b-0f20066675df_360_h264.mp4
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.23.41 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.fox13now.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Range: bytes=163840-

Response headers

date: Sat, 25 Feb 2023 00:10:51 GMT
cf-cache-status: HIT
Content-Range: bytes 163840-1141696/1141697
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 977857
last-modified: Fri, 24 Feb 2023 03:20:58 GMT
server: cloudflare
etag: "a6f6c7e72d8f4c5ba9e73ffa12acdbe4"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: video/mp4
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age: 86400
cf-ray: 79ec38682bee91fc-FRA
access-control-allow-headers: range
xpid: f81d3fc1-e408-46bb-af10-fcef63eb862e
expires: Sun, 25 Feb 2024 00:10:51 GMT

GET
H3 206 bde519bc-9083-4c4b-b2fc-96ddc471d1e0_360_h264.mp4
vid.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/ 721 KB
0 25ms
24ms Media
video/mp4 104.18.23.41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/pid-f81d3fc1-e408-46bb-af10-fcef63eb862e/6cafd862-f676-49df-acb7-4da0d0f80ca1/bde519bc-9083-4c4b-b2fc-96ddc471d1e0_360_h264.mp4
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.23.41 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://www.fox13now.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Range: bytes=98304-

Response headers

date: Sat, 25 Feb 2023 00:10:51 GMT
cf-cache-status: HIT
Content-Range: bytes 98304-1266133/1266134
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
Content-Length: 1167830
last-modified: Fri, 24 Feb 2023 03:20:53 GMT
server: cloudflare
etag: "19aebd8c0e4feccaabeadd2035696bec"
vary: Accept-Encoding
access-control-allow-methods: *
content-type: video/mp4
access-control-allow-origin: *
cache-control: public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age: 86400
cf-ray: 79ec38688c2a91fc-FRA
access-control-allow-headers: range
xpid: f81d3fc1-e408-46bb-af10-fcef63eb862e
expires: Sun, 25 Feb 2024 00:10:51 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 181ms
45ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.fox13now.com

Requested by

Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 00:10:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 130ms
47ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.fox13now.com

Requested by

Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 00:10:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 28 KB
12 KB 329ms
329ms XHR
text/plain 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1326746779128430&correlator=2621681789295896&eid=31072028%2C31072675%2C31071663&output=ldjh&gdfp_req=1&vrg=2023022301&ptt=17&impl=fifs&us_privacy=1---&iu_parts=6088%2Cssp.kstu%2Cnews%2Clocal_news%2Cdetail&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=970x250%7C728x90%7C970x90%7C994x30%7C10x1&ifi=1&adks=1666007649&sfv=1-0-40&prev_scp=categories%3Dhomepage%2520showcase%252Clocal%2520news%252Cinstagram%26pt%3Ddetail%252Cfalse%26fname%3Dbillionaire-utahn-to-give-away-90-of-his-wealth%26site%3Dprod%26device%3Ddesktop%26pos%3Dabove%252C2%26au%3Dnews%252Flocal_news%252Fdetail%26refresh%3D0%26temp%3D30-39%26weather%3Dcloudy%26amznbid%3D2%26amznp%3D2%26hb_prebidmanage%3D1%26hb_abt%3Dmp&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1677283851691&lmt=1677283851&dlt=1677283849488&idt=1473&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&frm=20&vis=1&psz=1500x0&msz=970x0&fws=132&ohw=1600&ga_vid=2125104816.1677283850&ga_sid=1677283852&ga_hid=141969756&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022301.js?cb=31072675

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9c8487f83633ad7b175b94d036fa0dd648a116082a893a9c1960b6de1292cdf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 00:10:51 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: 85226
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12624
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-mediationtag-id: 104446
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.fox13now.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 8176 6 KB
3 KB 191ms
43ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022301.js?cb=31072675

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fox13now.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 25 Feb 2023 00:10:51 GMT
expires: Sun, 25 Feb 2024 00:10:51 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 166 KB
51 KB 377ms
377ms XHR
text/plain 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1326746779128430&correlator=2650908525617046&eid=31072028%2C31072675%2C31071663&output=ldjh&gdfp_req=1&vrg=2023022301&ptt=17&impl=fifs&us_privacy=1---&iu_parts=6088%2Cssp.kstu%2Cinview-bottom%2Cnews%2Clocal_news%2Cdetail&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2F4%2F5&prev_iu_szs=728x90%2C300x600%7C300x250&ifi=2&adks=173361388%2C3237403784&sfv=1-0-40&prev_scp=categories%3Dhomepage%2520showcase%252Clocal%2520news%252Cinstagram%26pt%3Ddetail%252Cfalse%26fname%3Dbillionaire-utahn-to-give-away-90-of-his-wealth%26site%3Dprod%26device%3Ddesktop%26pos%3Dabove%252C1%26au%3Dnews%252Flocal_news%252Fdetail%26refresh%3D0%26temp%3D30-39%26weather%3Dcloudy%26amznbid%3D2%26amznp%3D2%26hb_prebidmanage%3D1%26hb_abt%3Dmp%7Ccategories%3Dhomepage%2520showcase%252Clocal%2520news%252Cinstagram%26pt%3Ddetail%252Cfalse%26fname%3Dbillionaire-utahn-to-give-away-90-of-his-wealth%26site%3Dprod%26device%3Ddesktop%26pos%3Dabove%252C1%26au%3Dnews%252Flocal_news%252Fdetail%26refresh%3D0%26temp%3D30-39%26weather%3Dcloudy%26amznbid%3D2%26amznp%3D2%26hb_prebidmanage%3D1%26hb_abt%3Dmp&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1677283851712&lmt=1677283851&dlt=1677283849488&idt=1473&adxs=-12245933%2C975&adys=-12245933%2C924&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C0&ucis=2%7C3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.fox13now.com%2Fnews%2Flocal-news%2Fbillionaire-utahn-to-give-away-90-of-his-wealth&frm=20&vis=1&psz=1600x0%7C300x30&msz=1600x-1%7C300x30&fws=644%2C4&ohw=1600%2C1070&ga_vid=2125104816.1677283850&ga_sid=1677283852&ga_hid=141969756&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022301.js?cb=31072675

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4678c7b68015a2edf29f963005eac0518d032dde277bab49dcfb98198fd19328

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16109559932968589349/index.html?v=b208246486;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16109559932968589349/index.html?v=b208246486;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMGNsKGxr_0CFXXeEQgdaQAIYA&gqi=&layout=/sadbundle/%24csp%253Der3%24/16109559932968589349/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16109559932968589349/index.html?v=b208246486;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16109559932968589349/index.html?v=b208246486;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CMGNsKGxr_0CFXXeEQgdaQAIYA&gqi=&layout=/sadbundle/%24csp%253Der3%24/16109559932968589349/index.html
date: Sat, 25 Feb 2023 00:10:52 GMT
x-content-type-options: nosniff
content-encoding: br
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52669
x-xss-protection: 0
google-lineitem-id: -1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.fox13now.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fca27920d5520cea2a59b94003b48f362a.webp
zem.outbrainimg.com/p/srv/sha/3a/dc/68/ 14 KB
14 KB 85ms
13ms Image
image/jpeg 146.75.122.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zem.outbrainimg.com/p/srv/sha/3a/dc/68/fca27920d5520cea2a59b94003b48f362a.webp?w=320&h=180&fit=crop&crop=center&fm=jpg

Requested by

Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

146.75.122.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

21753cd170ea906a9b7a3459d71c7a936ecf8ae359c00f386a7e8cd11fb50558

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 00:10:52 GMT
via: 1.1 varnish
x-content-type-options: nosniff
age: 2556700
x-cache: HIT, HIT, HIT
x-imgix-id: b7b324e0828f9bf4c3262cd35d99667c6f94a727
cross-origin-resource-policy: cross-origin
content-length: 14213
x-served-by: cache-sjc10060-SJC, cache-hhn-etou8220049-HHN, cache-hhn-etou8220060-HHN
x-imgix-render-farm: 01.1096
last-modified: Thu, 26 Jan 2023 09:59:11 GMT
server: imgix
x-timer: S1677283852.016150,VS0,VE1
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1

GET
H2 200 disclosure.png
widgets.outbrain.com/external/vendors/ 476 B
815 B 19ms
19ms Image
image/png 2.18.37.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/external/vendors/disclosure.png
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.37.67 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-37-67.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 53ab1520402c2ade95cfbd4232430e936485c3f0deb70fda33c64d760d98a9a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

expires: Mon, 27 Mar 2023 00:10:51 GMT
date: Sat, 25 Feb 2023 00:10:51 GMT
last-modified: Sun, 05 Feb 2023 10:58:43 GMT
server: AkamaiNetStorage
etag: "4d39e26ad7c27bebbc022d353bf4bbb6:1675594841.662282"
access-control-allow-methods: GET,POST
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 476
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H2 200 933f435d971724550e80c9e5f12ff4175f.png
zem.outbrainimg.com/p/srv/sha/c0/37/68/ 14 KB
14 KB 91ms
19ms Image
image/jpeg 146.75.122.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zem.outbrainimg.com/p/srv/sha/c0/37/68/933f435d971724550e80c9e5f12ff4175f.png?w=320&h=180&fit=crop&crop=faces&fm=jpg

Requested by

Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

146.75.122.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

c10c5b621b89667c8083849c03808337327ebfe31d832b55652b4abcaa803248

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 00:10:52 GMT
via: 1.1 varnish
x-content-type-options: nosniff
age: 379663
x-cache: HIT, MISS, HIT
x-imgix-id: 776c0f97a3cf10c8dd60b78f7fbc6ca6685bf094
cross-origin-resource-policy: cross-origin
content-length: 14262
x-served-by: cache-sjc10079-SJC, cache-hhn-etou8220067-HHN, cache-hhn-etou8220060-HHN
x-imgix-render-farm: 01.0
last-modified: Mon, 20 Feb 2023 14:43:08 GMT
server: imgix
x-timer: S1677283852.016740,VS0,VE1
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1

GET
H2 200 c0a8188828a33c9e97c27569ab1b22d1a3.jpg
zem.outbrainimg.com/p/srv/sha/69/c6/ce/ 17 KB
17 KB 91ms
21ms Image
image/jpeg 146.75.122.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zem.outbrainimg.com/p/srv/sha/69/c6/ce/c0a8188828a33c9e97c27569ab1b22d1a3.jpg?w=320&h=180&fit=crop&crop=center&fm=jpg

Requested by

Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

146.75.122.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

6880a63068ff8427cafc59406647c07320aead257280260c72a87d6826522b5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 00:10:52 GMT
via: 1.1 varnish
x-content-type-options: nosniff
age: 659585
x-cache: MISS, MISS, HIT
x-imgix-id: 8ae41442365a74dc9b7c74f88b52e416d365fd25
cross-origin-resource-policy: cross-origin
content-length: 17459
x-served-by: cache-sjc10058-SJC, cache-hhn-etou8220022-HHN, cache-hhn-etou8220060-HHN
x-imgix-render-farm: 01.0
last-modified: Fri, 17 Feb 2023 08:57:46 GMT
server: imgix
x-timer: S1677283852.016834,VS0,VE1
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1

GET
H2 200 0db9d5cb70d584a91019baf8ab7afd3c91.jpg
zem.outbrainimg.com/p/srv/sha/a4/a1/c1/ 17 KB
18 KB 84ms
14ms Image
image/jpeg 146.75.122.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zem.outbrainimg.com/p/srv/sha/a4/a1/c1/0db9d5cb70d584a91019baf8ab7afd3c91.jpg?w=320&h=180&fit=crop&crop=faces&fm=jpg

Requested by

Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

146.75.122.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

48a93726f2b0e70a9f55cb0e29b83f3d87c2d6ca21a777a127b5ffc1980fac70

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 00:10:52 GMT
via: 1.1 varnish
x-content-type-options: nosniff
age: 1942345
x-cache: HIT, MISS, HIT
x-imgix-id: d127c764a1320af5331c6dbc1e96d8cbaaf4df96
cross-origin-resource-policy: cross-origin
content-length: 17715
x-served-by: cache-sjc10036-SJC, cache-hhn-etou8220068-HHN, cache-hhn-etou8220060-HHN
x-imgix-render-farm: 01.1104
last-modified: Thu, 02 Feb 2023 12:38:26 GMT
server: imgix
x-timer: S1677283852.016521,VS0,VE1
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1

GET
H2 200 39e68085150c2a29ae8c4e147e9abc645b.jpg
zem.outbrainimg.com/p/srv/sha/d3/d0/b7/ 16 KB
16 KB 83ms
13ms Image
image/jpeg 146.75.122.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zem.outbrainimg.com/p/srv/sha/d3/d0/b7/39e68085150c2a29ae8c4e147e9abc645b.jpg?w=320&h=180&fit=crop&crop=center&fm=jpg

Requested by

Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

146.75.122.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

78920238e3da7954274aebb7babb5aa4700a88bf9b87521a2a49803438a1f612

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 00:10:52 GMT
via: 1.1 varnish
x-content-type-options: nosniff
age: 3114478
x-cache: HIT, HIT
x-imgix-id: 90830bae7ef3616a234ff89a605e0d16a9430013
cross-origin-resource-policy: cross-origin
content-length: 16069
x-served-by: cache-hhn-etou8220078-HHN, cache-hhn-etou8220060-HHN
x-imgix-render-farm: 01.1096
last-modified: Thu, 19 Jan 2023 23:02:53 GMT
server: imgix
x-timer: S1677283852.016500,VS0,VE1
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1

GET
H2 200 7ff8681dc53d7f9aaf5b2377ee0cddd60c.png
zem.outbrainimg.com/p/srv/sha/5b/cc/a8/ 16 KB
16 KB 91ms
22ms Image
image/jpeg 146.75.122.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zem.outbrainimg.com/p/srv/sha/5b/cc/a8/7ff8681dc53d7f9aaf5b2377ee0cddd60c.png?w=320&h=180&fit=crop&crop=faces&fm=jpg

Requested by

Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

146.75.122.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

4d2c89832e34211173a0991f814df6d9a7e01de87c84103b196da2fa92e0a816

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 00:10:52 GMT
via: 1.1 varnish
x-content-type-options: nosniff
age: 349797
x-cache: MISS, MISS, HIT
x-imgix-id: e9fdb73fb19fb5dcd4ce512238551736a0d1c7f1
cross-origin-resource-policy: cross-origin
content-length: 16082
x-served-by: cache-sjc10063-SJC, cache-hhn-etou8220071-HHN, cache-hhn-etou8220060-HHN
x-imgix-render-farm: 01.0
last-modified: Mon, 20 Feb 2023 23:00:54 GMT
server: imgix
x-timer: S1677283852.016518,VS0,VE2
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
330 B 93ms
93ms Fetch
text/plain 64.202.112.95
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=96c6ce85198aab4d18db2cf939ced0ee_38984_1677283851554&tm=1837&eT=0&widgetWidth=610&widgetHeight=624&widgetX=325&widgetY=3225&wRV=2010189&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&ccpa=1---&rtt=790&oo=true&lo=1449&odbreq=2297&odbres=2616&mvreq=2661&mvres=3454&re=3467&cet=4g&cs=3&to=1677283848467&chs=1&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 25 Feb 2023 00:10:51 GMT
Access-Control-Expose-Headers: content-range
X-TraceId: 443c33177d03a413ee36216073add719
Content-Length: 2
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type: text/plain; charset=UTF-8

GET
H2 200 obPixelFrame.htm Show response
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame F02E 361 B
622 B 19ms
18ms Document
text/html 2.18.37.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by: Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.37.67 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-37-67.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 85c97bdbfb0fab332e4c93c18caf25e12989e5347597d02c1099773755907a30

Request headers

Referer: https://www.fox13now.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
access-control-request-headers: X-OB-STG,X-OB-PRD
cache-control: max-age=604800
content-encoding: gzip
content-length: 271
content-type: text/html
date: Sat, 25 Feb 2023 00:10:51 GMT
etag: "06266b158cc1a0b89268d5a7103a27c4:1503211501"
expires: Sat, 04 Mar 2023 00:10:51 GMT
last-modified: Sun, 20 Aug 2017 06:45:01 GMT
server: AkamaiNetStorage
timing-allow-origin: * *
vary: Accept-Encoding

GET
H2 200 obPixelFrame.htm Show response
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 2BC4 361 B
622 B 19ms
19ms Document
text/html 2.18.37.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by: Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.37.67 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-37-67.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 85c97bdbfb0fab332e4c93c18caf25e12989e5347597d02c1099773755907a30

Request headers

Referer: https://www.fox13now.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
access-control-request-headers: X-OB-STG,X-OB-PRD
cache-control: max-age=604800
content-encoding: gzip
content-length: 271
content-type: text/html
date: Sat, 25 Feb 2023 00:10:51 GMT
etag: "06266b158cc1a0b89268d5a7103a27c4:1503211501"
expires: Sat, 04 Mar 2023 00:10:51 GMT
last-modified: Sun, 20 Aug 2017 06:45:01 GMT
server: AkamaiNetStorage
timing-allow-origin: * *
vary: Accept-Encoding

GET
H2 200 obPixelFrame.htm Show response
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame F8E0 361 B
622 B 23ms
21ms Document
text/html 2.18.37.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by: Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.37.67 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-37-67.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 85c97bdbfb0fab332e4c93c18caf25e12989e5347597d02c1099773755907a30

Request headers

Referer: https://www.fox13now.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
access-control-request-headers: X-OB-STG,X-OB-PRD
cache-control: max-age=604800
content-encoding: gzip
content-length: 271
content-type: text/html
date: Sat, 25 Feb 2023 00:10:51 GMT
etag: "06266b158cc1a0b89268d5a7103a27c4:1503211501"
expires: Sat, 04 Mar 2023 00:10:51 GMT
last-modified: Sun, 20 Aug 2017 06:45:01 GMT
server: AkamaiNetStorage
timing-allow-origin: * *
vary: Accept-Encoding

GET
H2 200 obPixelFrame.htm Show response
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame B38F 361 B
622 B 22ms
22ms Document
text/html 2.18.37.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by: Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.37.67 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-37-67.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 85c97bdbfb0fab332e4c93c18caf25e12989e5347597d02c1099773755907a30

Request headers

Referer: https://www.fox13now.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
access-control-request-headers: X-OB-STG,X-OB-PRD
cache-control: max-age=604800
content-encoding: gzip
content-length: 271
content-type: text/html
date: Sat, 25 Feb 2023 00:10:51 GMT
etag: "06266b158cc1a0b89268d5a7103a27c4:1503211501"
expires: Sat, 04 Mar 2023 00:10:51 GMT
last-modified: Sun, 20 Aug 2017 06:45:01 GMT
server: AkamaiNetStorage
timing-allow-origin: * *
vary: Accept-Encoding

GET
H2 200 obPixelFrame.htm Show response
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame EE9A 361 B
622 B 21ms
20ms Document
text/html 2.18.37.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by: Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.37.67 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-37-67.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 85c97bdbfb0fab332e4c93c18caf25e12989e5347597d02c1099773755907a30

Request headers

Referer: https://www.fox13now.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
access-control-request-headers: X-OB-STG,X-OB-PRD
cache-control: max-age=604800
content-encoding: gzip
content-length: 271
content-type: text/html
date: Sat, 25 Feb 2023 00:10:51 GMT
etag: "06266b158cc1a0b89268d5a7103a27c4:1503211501"
expires: Sat, 04 Mar 2023 00:10:51 GMT
last-modified: Sun, 20 Aug 2017 06:45:01 GMT
server: AkamaiNetStorage
timing-allow-origin: * *
vary: Accept-Encoding

GET
H2 200 obPixelFrame.htm Show response
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame F4D0 361 B
622 B 21ms
20ms Document
text/html 2.18.37.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by: Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.37.67 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-37-67.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 85c97bdbfb0fab332e4c93c18caf25e12989e5347597d02c1099773755907a30

Request headers

Referer: https://www.fox13now.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
access-control-request-headers: X-OB-STG,X-OB-PRD
cache-control: max-age=604800
content-encoding: gzip
content-length: 271
content-type: text/html
date: Sat, 25 Feb 2023 00:10:51 GMT
etag: "06266b158cc1a0b89268d5a7103a27c4:1503211501"
expires: Sat, 04 Mar 2023 00:10:51 GMT
last-modified: Sun, 20 Aug 2017 06:45:01 GMT
server: AkamaiNetStorage
timing-allow-origin: * *
vary: Accept-Encoding

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
330 B 175ms
93ms Fetch
text/plain 64.202.112.95
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=565a8e4a070caa138ad5840393c38a5d_38984_1677283851694&tm=1866&eT=0&widgetWidth=610&widgetHeight=780&widgetX=325&widgetY=3849&wRV=2010189&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&ccpa=1---&rtt=790&oo=true&lo=1449&odbreq=2297&odbres=2616&mvreq=2661&mvres=3454&re=3498&cet=4g&cs=3&to=1677283848467&chs=1&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 25 Feb 2023 00:10:52 GMT
Access-Control-Expose-Headers: content-range
X-TraceId: 873d43d108bc2439bc305daa03d64791
Content-Length: 2
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type: text/plain; charset=UTF-8

GET
H2 200 obPixelFrame.htm Show response
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 9329 361 B
622 B 20ms
19ms Document
text/html 2.18.37.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by: Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.37.67 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-37-67.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 85c97bdbfb0fab332e4c93c18caf25e12989e5347597d02c1099773755907a30

Request headers

Referer: https://www.fox13now.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
access-control-request-headers: X-OB-STG,X-OB-PRD
cache-control: max-age=604800
content-encoding: gzip
content-length: 271
content-type: text/html
date: Sat, 25 Feb 2023 00:10:51 GMT
etag: "06266b158cc1a0b89268d5a7103a27c4:1503211501"
expires: Sat, 04 Mar 2023 00:10:51 GMT
last-modified: Sun, 20 Aug 2017 06:45:01 GMT
server: AkamaiNetStorage
timing-allow-origin: * *
vary: Accept-Encoding

GET
H2 200 obPixelFrame.htm Show response
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame E0B6 361 B
622 B 20ms
19ms Document
text/html 2.18.37.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by: Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.37.67 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-37-67.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 85c97bdbfb0fab332e4c93c18caf25e12989e5347597d02c1099773755907a30

Request headers

Referer: https://www.fox13now.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
access-control-request-headers: X-OB-STG,X-OB-PRD
cache-control: max-age=604800
content-encoding: gzip
content-length: 271
content-type: text/html
date: Sat, 25 Feb 2023 00:10:51 GMT
etag: "06266b158cc1a0b89268d5a7103a27c4:1503211501"
expires: Sat, 04 Mar 2023 00:10:51 GMT
last-modified: Sun, 20 Aug 2017 06:45:01 GMT
server: AkamaiNetStorage
timing-allow-origin: * *
vary: Accept-Encoding

GET
H2 200 obPixelFrame.htm Show response
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame D02C 361 B
622 B 24ms
22ms Document
text/html 2.18.37.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by: Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.37.67 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-37-67.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 85c97bdbfb0fab332e4c93c18caf25e12989e5347597d02c1099773755907a30

Request headers

Referer: https://www.fox13now.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
access-control-request-headers: X-OB-STG,X-OB-PRD
cache-control: max-age=604800
content-encoding: gzip
content-length: 271
content-type: text/html
date: Sat, 25 Feb 2023 00:10:51 GMT
etag: "06266b158cc1a0b89268d5a7103a27c4:1503211501"
expires: Sat, 04 Mar 2023 00:10:51 GMT
last-modified: Sun, 20 Aug 2017 06:45:01 GMT
server: AkamaiNetStorage
timing-allow-origin: * *
vary: Accept-Encoding

GET
H2 200 obPixelFrame.htm Show response
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 40CE 361 B
622 B 21ms
21ms Document
text/html 2.18.37.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by: Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.37.67 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-37-67.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 85c97bdbfb0fab332e4c93c18caf25e12989e5347597d02c1099773755907a30

Request headers

Referer: https://www.fox13now.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
access-control-request-headers: X-OB-STG,X-OB-PRD
cache-control: max-age=604800
content-encoding: gzip
content-length: 271
content-type: text/html
date: Sat, 25 Feb 2023 00:10:51 GMT
etag: "06266b158cc1a0b89268d5a7103a27c4:1503211501"
expires: Sat, 04 Mar 2023 00:10:51 GMT
last-modified: Sun, 20 Aug 2017 06:45:01 GMT
server: AkamaiNetStorage
timing-allow-origin: * *
vary: Accept-Encoding

GET
H2 200 obPixelFrame.htm Show response
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame B011 361 B
622 B 35ms
16ms Document
text/html 2.18.37.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by: Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.37.67 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-37-67.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 85c97bdbfb0fab332e4c93c18caf25e12989e5347597d02c1099773755907a30

Request headers

Referer: https://www.fox13now.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
access-control-request-headers: X-OB-STG,X-OB-PRD
cache-control: max-age=604800
content-encoding: gzip
content-length: 271
content-type: text/html
date: Sat, 25 Feb 2023 00:10:52 GMT
etag: "06266b158cc1a0b89268d5a7103a27c4:1503211501"
expires: Sat, 04 Mar 2023 00:10:52 GMT
last-modified: Sun, 20 Aug 2017 06:45:01 GMT
server: AkamaiNetStorage
timing-allow-origin: * *
vary: Accept-Encoding

GET
H2 200 obPixelFrame.htm Show response
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 07D8 361 B
622 B 33ms
15ms Document
text/html 2.18.37.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by: Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.37.67 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-37-67.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 85c97bdbfb0fab332e4c93c18caf25e12989e5347597d02c1099773755907a30

Request headers

Referer: https://www.fox13now.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
access-control-request-headers: X-OB-STG,X-OB-PRD
cache-control: max-age=604800
content-encoding: gzip
content-length: 271
content-type: text/html
date: Sat, 25 Feb 2023 00:10:52 GMT
etag: "06266b158cc1a0b89268d5a7103a27c4:1503211501"
expires: Sat, 04 Mar 2023 00:10:52 GMT
last-modified: Sun, 20 Aug 2017 06:45:01 GMT
server: AkamaiNetStorage
timing-allow-origin: * *
vary: Accept-Encoding

GET
H2 200 obPixelFrame.htm Show response
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 4DAE 361 B
622 B 34ms
21ms Document
text/html 2.18.37.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by: Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.37.67 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-37-67.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 85c97bdbfb0fab332e4c93c18caf25e12989e5347597d02c1099773755907a30

Request headers

Referer: https://www.fox13now.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
access-control-request-headers: X-OB-STG,X-OB-PRD
cache-control: max-age=604800
content-encoding: gzip
content-length: 271
content-type: text/html
date: Sat, 25 Feb 2023 00:10:52 GMT
etag: "06266b158cc1a0b89268d5a7103a27c4:1503211501"
expires: Sat, 04 Mar 2023 00:10:52 GMT
last-modified: Sun, 20 Aug 2017 06:45:01 GMT
server: AkamaiNetStorage
timing-allow-origin: * *
vary: Accept-Encoding

GET
H2 200 obPixelFrame.htm Show response
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame E16B 361 B
622 B 35ms
21ms Document
text/html 2.18.37.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by: Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.37.67 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-37-67.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 85c97bdbfb0fab332e4c93c18caf25e12989e5347597d02c1099773755907a30

Request headers

Referer: https://www.fox13now.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
access-control-request-headers: X-OB-STG,X-OB-PRD
cache-control: max-age=604800
content-encoding: gzip
content-length: 271
content-type: text/html
date: Sat, 25 Feb 2023 00:10:52 GMT
etag: "06266b158cc1a0b89268d5a7103a27c4:1503211501"
expires: Sat, 04 Mar 2023 00:10:52 GMT
last-modified: Sun, 20 Aug 2017 06:45:01 GMT
server: AkamaiNetStorage
timing-allow-origin: * *
vary: Accept-Encoding

GET
H2 200 obPixelFrame.htm Show response
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame AF5D 361 B
622 B 28ms
20ms Document
text/html 2.18.37.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by: Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.37.67 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-37-67.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 85c97bdbfb0fab332e4c93c18caf25e12989e5347597d02c1099773755907a30

Request headers

Referer: https://www.fox13now.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
access-control-request-headers: X-OB-STG,X-OB-PRD
cache-control: max-age=604800
content-encoding: gzip
content-length: 271
content-type: text/html
date: Sat, 25 Feb 2023 00:10:52 GMT
etag: "06266b158cc1a0b89268d5a7103a27c4:1503211501"
expires: Sat, 04 Mar 2023 00:10:52 GMT
last-modified: Sun, 20 Aug 2017 06:45:01 GMT
server: AkamaiNetStorage
timing-allow-origin: * *
vary: Accept-Encoding

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
330 B 249ms
93ms Fetch
text/plain 64.202.112.95
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=4aa08bb5d4020699de0543a899c50da3_38984_1677283851840&tm=1885&eT=0&widgetWidth=610&widgetHeight=624&widgetX=325&widgetY=4629&wRV=2010189&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&ccpa=1---&rtt=790&oo=true&lo=1449&odbreq=2297&odbres=2616&mvreq=2661&mvres=3454&re=3517&cet=4g&cs=3&to=1677283848467&chs=1&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 25 Feb 2023 00:10:52 GMT
Access-Control-Expose-Headers: content-range
X-TraceId: 75e8110ee436998029e8a0a2ebfb609b
Content-Length: 2
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Content-Type: text/plain; charset=UTF-8

GET
H2 200 obPixelFrame.htm Show response
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 955D 361 B
622 B 24ms
18ms Document
text/html 2.18.37.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by: Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.37.67 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-37-67.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 85c97bdbfb0fab332e4c93c18caf25e12989e5347597d02c1099773755907a30

Request headers

Referer: https://www.fox13now.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
access-control-request-headers: X-OB-STG,X-OB-PRD
cache-control: max-age=604800
content-encoding: gzip
content-length: 271
content-type: text/html
date: Sat, 25 Feb 2023 00:10:52 GMT
etag: "06266b158cc1a0b89268d5a7103a27c4:1503211501"
expires: Sat, 04 Mar 2023 00:10:52 GMT
last-modified: Sun, 20 Aug 2017 06:45:01 GMT
server: AkamaiNetStorage
timing-allow-origin: * *
vary: Accept-Encoding

GET
H2 200 obPixelFrame.htm Show response
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 8B63 361 B
622 B 26ms
22ms Document
text/html 2.18.37.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by: Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.37.67 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-37-67.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 85c97bdbfb0fab332e4c93c18caf25e12989e5347597d02c1099773755907a30

Request headers

Referer: https://www.fox13now.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
access-control-request-headers: X-OB-STG,X-OB-PRD
cache-control: max-age=604800
content-encoding: gzip
content-length: 271
content-type: text/html
date: Sat, 25 Feb 2023 00:10:52 GMT
etag: "06266b158cc1a0b89268d5a7103a27c4:1503211501"
expires: Sat, 04 Mar 2023 00:10:52 GMT
last-modified: Sun, 20 Aug 2017 06:45:01 GMT
server: AkamaiNetStorage
timing-allow-origin: * *
vary: Accept-Encoding

GET
H2 200 obPixelFrame.htm Show response
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 7E84 361 B
622 B 24ms
23ms Document
text/html 2.18.37.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Requested by: Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.37.67 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-37-67.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 85c97bdbfb0fab332e4c93c18caf25e12989e5347597d02c1099773755907a30

Request headers

Referer: https://www.fox13now.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
access-control-allow-origin: *
access-control-request-headers: X-OB-STG,X-OB-PRD
cache-control: max-age=604800
content-encoding: gzip
content-length: 271
content-type: text/html
date: Sat, 25 Feb 2023 00:10:52 GMT
etag: "06266b158cc1a0b89268d5a7103a27c4:1503211501"
expires: Sat, 04 Mar 2023 00:10:52 GMT
last-modified: Sun, 20 Aug 2017 06:45:01 GMT
server: AkamaiNetStorage
timing-allow-origin: * *
vary: Accept-Encoding

GET
H2 200 eyJpdSI6ImZiOWJmNjE0YTdhYTViNTVlZmQxZmI3NzZiOTNmMWYzZmQ2Y2VlY2NhMGM5OTZhODJmZjY3MzZjN2MyOWVmYTgiLCJ3Ijo0MCwiaCI6NDAsImQiOjIuMCwiY3MiOjAsImYiOjJ9.png
images.outbrainimg.com/transform/v3/ 2 KB
2 KB 93ms
23ms Image
image/png 23.203.125.156
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImZiOWJmNjE0YTdhYTViNTVlZmQxZmI3NzZiOTNmMWYzZmQ2Y2VlY2NhMGM5OTZhODJmZjY3MzZjN2MyOWVmYTgiLCJ3Ijo0MCwiaCI6NDAsImQiOjIuMCwiY3MiOjAsImYiOjJ9.png
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.203.125.156 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-125-156.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: b01a08c197eb1a54a48b04df53426ac2c8d5b40d836a7dbdaa182f4d261d5084

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 00:10:52 GMT
last-modified: Wed, 18 Jan 2023 05:00:13 GMT
access-control-allow-methods: GET,POST
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=255746
access-control-allow-credentials: false
x-traceid: a203096e0109933d341be66cda6847ff
timing-allow-origin: *, *
content-length: 1823

GET
H2 200 eyJpdSI6IjVmMjdiNWQxNmQyZWE1MzhiZWEwYWQyNWIzNjIzZTM0MDFmNzBjYmVlYTg4ZjZhYzM3ZDliZjJkYzJkMDg2MzgiLCJ3IjozMjAsImgiOjE4MCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 8 KB
8 KB 82ms
24ms Image
image/webp 23.203.125.156
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjVmMjdiNWQxNmQyZWE1MzhiZWEwYWQyNWIzNjIzZTM0MDFmNzBjYmVlYTg4ZjZhYzM3ZDliZjJkYzJkMDg2MzgiLCJ3IjozMjAsImgiOjE4MCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.203.125.156 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-125-156.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 45757680b77a304ad1d170c704814c72db5a4bde6aa26e1b81d749c549a96475

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 00:10:52 GMT
last-modified: Fri, 24 Feb 2023 20:37:48 GMT
access-control-allow-methods: GET,POST
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2454381
access-control-allow-credentials: false
x-traceid: f223a577db2aebbe35b99556a35f86d4
timing-allow-origin: *, *
content-length: 8430

GET
H2 200 eyJpdSI6IjYxZDU0YTVlMmVlMWJjY2I5ZWVkYmRjNjViZTg5NmMxMjNjNmMyZGIxNjYxMzNiNGIwZTVkYmMwNGU3N2ZiMWQiLCJ3IjozMjAsImgiOjE4MCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 18 KB
18 KB 107ms
49ms Image
image/webp 23.203.125.156
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjYxZDU0YTVlMmVlMWJjY2I5ZWVkYmRjNjViZTg5NmMxMjNjNmMyZGIxNjYxMzNiNGIwZTVkYmMwNGU3N2ZiMWQiLCJ3IjozMjAsImgiOjE4MCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.203.125.156 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-125-156.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f852e47aa1b743f8025836531dded1b9b278ebd6a3d8a275da3af04c79368468

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 00:10:52 GMT
last-modified: Thu, 16 Feb 2023 19:30:48 GMT
access-control-allow-methods: GET,POST
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2135303
access-control-allow-credentials: false
x-traceid: 13b9abf1e7e890fdc768e3e1a6af9191
timing-allow-origin: *, *
content-length: 18218

GET
H2 200 eyJpdSI6IjEzZDc5NTdkNTdjMzE1NmRlMmIwNjkwZjJkYWFiN2E2NDRjMTcwZTI3ZjdkOTdlNzE3NDcxYzZhNGVjMDk5NGEiLCJ3IjozMjAsImgiOjE4MCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 20 KB
20 KB 83ms
26ms Image
image/webp 23.203.125.156
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjEzZDc5NTdkNTdjMzE1NmRlMmIwNjkwZjJkYWFiN2E2NDRjMTcwZTI3ZjdkOTdlNzE3NDcxYzZhNGVjMDk5NGEiLCJ3IjozMjAsImgiOjE4MCwiZCI6MS4wLCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.203.125.156 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-125-156.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 297f007c7cdfb5a4b9f50b62772ac549dccd71d88ffc473547a34147004a69ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 00:10:52 GMT
last-modified: Tue, 21 Feb 2023 22:19:26 GMT
access-control-allow-methods: GET,POST
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2236550
access-control-allow-credentials: false
x-traceid: dcea3a5b88f77f3610577d09478c95c1
timing-allow-origin: *, *
content-length: 20194

GET
H2 200 obPixelFrame.js Show response
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame F02E 2 KB
1 KB 30ms
19ms Script
application/x-javascript 2.18.37.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.js
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.37.67 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-37-67.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6acd432b3c0c7b85a1d0d9eddd2522fa557f74a0bf41a45498a78506d92f223e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-request-headers: X-OB-STG,X-OB-PRD
date: Sat, 25 Feb 2023 00:10:52 GMT
content-encoding: gzip
content-length: 778
last-modified: Wed, 22 Feb 2023 11:49:11 GMT
server: AkamaiNetStorage
etag: "489a639403b1828b9cead4841aae6252:1677068933.321599"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
expires: Sat, 25 Feb 2023 04:10:52 GMT

GET
H2 200 obPixelFrame.js Show response
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 2BC4 2 KB
1 KB 27ms
22ms Script
application/x-javascript 2.18.37.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.js
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.37.67 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-37-67.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6acd432b3c0c7b85a1d0d9eddd2522fa557f74a0bf41a45498a78506d92f223e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-request-headers: X-OB-STG,X-OB-PRD
date: Sat, 25 Feb 2023 00:10:52 GMT
content-encoding: gzip
content-length: 778
last-modified: Wed, 22 Feb 2023 11:49:11 GMT
server: AkamaiNetStorage
etag: "489a639403b1828b9cead4841aae6252:1677068933.321599"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
expires: Sat, 25 Feb 2023 04:10:52 GMT

GET
H2 200 obPixelFrame.js Show response
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame F8E0 2 KB
1 KB 21ms
21ms Script
application/x-javascript 2.18.37.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.js
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.37.67 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-37-67.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6acd432b3c0c7b85a1d0d9eddd2522fa557f74a0bf41a45498a78506d92f223e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-request-headers: X-OB-STG,X-OB-PRD
date: Sat, 25 Feb 2023 00:10:52 GMT
content-encoding: gzip
content-length: 778
last-modified: Wed, 22 Feb 2023 11:49:11 GMT
server: AkamaiNetStorage
etag: "489a639403b1828b9cead4841aae6252:1677068933.321599"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
expires: Sat, 25 Feb 2023 04:10:52 GMT

GET
H2 200 obPixelFrame.js Show response
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame B38F 2 KB
1 KB 31ms
31ms Script
application/x-javascript 2.18.37.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.js
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.37.67 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-37-67.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6acd432b3c0c7b85a1d0d9eddd2522fa557f74a0bf41a45498a78506d92f223e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-request-headers: X-OB-STG,X-OB-PRD
date: Sat, 25 Feb 2023 00:10:52 GMT
content-encoding: gzip
content-length: 778
last-modified: Wed, 22 Feb 2023 11:49:11 GMT
server: AkamaiNetStorage
etag: "489a639403b1828b9cead4841aae6252:1677068933.321599"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
expires: Sat, 25 Feb 2023 04:10:52 GMT

GET
H2 200 obPixelFrame.js Show response
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame EE9A 2 KB
1 KB 26ms
24ms Script
application/x-javascript 2.18.37.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.js
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.37.67 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-37-67.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6acd432b3c0c7b85a1d0d9eddd2522fa557f74a0bf41a45498a78506d92f223e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-request-headers: X-OB-STG,X-OB-PRD
date: Sat, 25 Feb 2023 00:10:52 GMT
content-encoding: gzip
content-length: 778
last-modified: Wed, 22 Feb 2023 11:49:11 GMT
server: AkamaiNetStorage
etag: "489a639403b1828b9cead4841aae6252:1677068933.321599"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
expires: Sat, 25 Feb 2023 04:10:52 GMT

GET
H2 200 obPixelFrame.js Show response
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame F4D0 2 KB
1 KB 20ms
19ms Script
application/x-javascript 2.18.37.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.js
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.37.67 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-37-67.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6acd432b3c0c7b85a1d0d9eddd2522fa557f74a0bf41a45498a78506d92f223e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-request-headers: X-OB-STG,X-OB-PRD
date: Sat, 25 Feb 2023 00:10:52 GMT
content-encoding: gzip
content-length: 778
last-modified: Wed, 22 Feb 2023 11:49:11 GMT
server: AkamaiNetStorage
etag: "489a639403b1828b9cead4841aae6252:1677068933.321599"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
expires: Sat, 25 Feb 2023 04:10:52 GMT

GET
H2 200 obPixelFrame.js Show response
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 9329 2 KB
1 KB 19ms
19ms Script
application/x-javascript 2.18.37.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.js
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.37.67 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-37-67.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6acd432b3c0c7b85a1d0d9eddd2522fa557f74a0bf41a45498a78506d92f223e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-request-headers: X-OB-STG,X-OB-PRD
date: Sat, 25 Feb 2023 00:10:52 GMT
content-encoding: gzip
content-length: 778
last-modified: Wed, 22 Feb 2023 11:49:11 GMT
server: AkamaiNetStorage
etag: "489a639403b1828b9cead4841aae6252:1677068933.321599"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
expires: Sat, 25 Feb 2023 04:10:52 GMT

GET
H2 200 obPixelFrame.js Show response
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame E0B6 2 KB
1 KB 20ms
19ms Script
application/x-javascript 2.18.37.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.js
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.37.67 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-37-67.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6acd432b3c0c7b85a1d0d9eddd2522fa557f74a0bf41a45498a78506d92f223e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-request-headers: X-OB-STG,X-OB-PRD
date: Sat, 25 Feb 2023 00:10:52 GMT
content-encoding: gzip
content-length: 778
last-modified: Wed, 22 Feb 2023 11:49:11 GMT
server: AkamaiNetStorage
etag: "489a639403b1828b9cead4841aae6252:1677068933.321599"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
expires: Sat, 25 Feb 2023 04:10:52 GMT

GET
H2 200 obPixelFrame.js Show response
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 40CE 2 KB
1 KB 20ms
19ms Script
application/x-javascript 2.18.37.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.js
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.37.67 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-37-67.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6acd432b3c0c7b85a1d0d9eddd2522fa557f74a0bf41a45498a78506d92f223e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-request-headers: X-OB-STG,X-OB-PRD
date: Sat, 25 Feb 2023 00:10:52 GMT
content-encoding: gzip
content-length: 778
last-modified: Wed, 22 Feb 2023 11:49:11 GMT
server: AkamaiNetStorage
etag: "489a639403b1828b9cead4841aae6252:1677068933.321599"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
expires: Sat, 25 Feb 2023 04:10:52 GMT

GET
H2 200 obPixelFrame.js Show response
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame D02C 2 KB
1 KB 19ms
19ms Script
application/x-javascript 2.18.37.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.js
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.37.67 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-37-67.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6acd432b3c0c7b85a1d0d9eddd2522fa557f74a0bf41a45498a78506d92f223e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-request-headers: X-OB-STG,X-OB-PRD
date: Sat, 25 Feb 2023 00:10:52 GMT
content-encoding: gzip
content-length: 778
last-modified: Wed, 22 Feb 2023 11:49:11 GMT
server: AkamaiNetStorage
etag: "489a639403b1828b9cead4841aae6252:1677068933.321599"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
expires: Sat, 25 Feb 2023 04:10:52 GMT

GET
H2 200 obPixelFrame.js Show response
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 07D8 2 KB
1 KB 25ms
24ms Script
application/x-javascript 2.18.37.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.js
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.37.67 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-37-67.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6acd432b3c0c7b85a1d0d9eddd2522fa557f74a0bf41a45498a78506d92f223e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-request-headers: X-OB-STG,X-OB-PRD
date: Sat, 25 Feb 2023 00:10:52 GMT
content-encoding: gzip
content-length: 778
last-modified: Wed, 22 Feb 2023 11:49:11 GMT
server: AkamaiNetStorage
etag: "489a639403b1828b9cead4841aae6252:1677068933.321599"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
expires: Sat, 25 Feb 2023 04:10:52 GMT

GET
H2 200 obPixelFrame.js Show response
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame B011 2 KB
1 KB 20ms
19ms Script
application/x-javascript 2.18.37.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.js
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.37.67 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-37-67.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6acd432b3c0c7b85a1d0d9eddd2522fa557f74a0bf41a45498a78506d92f223e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-request-headers: X-OB-STG,X-OB-PRD
date: Sat, 25 Feb 2023 00:10:52 GMT
content-encoding: gzip
content-length: 778
last-modified: Wed, 22 Feb 2023 11:49:11 GMT
server: AkamaiNetStorage
etag: "489a639403b1828b9cead4841aae6252:1677068933.321599"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
expires: Sat, 25 Feb 2023 04:10:52 GMT

GET
H2 200 obPixelFrame.js Show response
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 955D 2 KB
1 KB 22ms
21ms Script
application/x-javascript 2.18.37.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.js
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.37.67 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-37-67.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6acd432b3c0c7b85a1d0d9eddd2522fa557f74a0bf41a45498a78506d92f223e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-request-headers: X-OB-STG,X-OB-PRD
date: Sat, 25 Feb 2023 00:10:52 GMT
content-encoding: gzip
content-length: 778
last-modified: Wed, 22 Feb 2023 11:49:11 GMT
server: AkamaiNetStorage
etag: "489a639403b1828b9cead4841aae6252:1677068933.321599"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
expires: Sat, 25 Feb 2023 04:10:52 GMT

GET
H2 200 container.html Show response
e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 3DD1 6 KB
3 KB 36ms
35ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fox13now.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 25 Feb 2023 00:10:51 GMT
expires: Sun, 25 Feb 2024 00:10:51 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 obPixelFrame.js Show response
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame AF5D 2 KB
1 KB 19ms
19ms Script
application/x-javascript 2.18.37.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.js
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.37.67 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-37-67.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6acd432b3c0c7b85a1d0d9eddd2522fa557f74a0bf41a45498a78506d92f223e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-request-headers: X-OB-STG,X-OB-PRD
date: Sat, 25 Feb 2023 00:10:52 GMT
content-encoding: gzip
content-length: 778
last-modified: Wed, 22 Feb 2023 11:49:11 GMT
server: AkamaiNetStorage
etag: "489a639403b1828b9cead4841aae6252:1677068933.321599"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
expires: Sat, 25 Feb 2023 04:10:52 GMT

GET
H2 200 obPixelFrame.js Show response
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 4DAE 2 KB
1 KB 18ms
18ms Script
application/x-javascript 2.18.37.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.js
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.37.67 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-37-67.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6acd432b3c0c7b85a1d0d9eddd2522fa557f74a0bf41a45498a78506d92f223e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-request-headers: X-OB-STG,X-OB-PRD
date: Sat, 25 Feb 2023 00:10:52 GMT
content-encoding: gzip
content-length: 778
last-modified: Wed, 22 Feb 2023 11:49:11 GMT
server: AkamaiNetStorage
etag: "489a639403b1828b9cead4841aae6252:1677068933.321599"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
expires: Sat, 25 Feb 2023 04:10:52 GMT

GET
H2 200 obPixelFrame.js Show response
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame E16B 2 KB
1 KB 19ms
18ms Script
application/x-javascript 2.18.37.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.js
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.37.67 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-37-67.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6acd432b3c0c7b85a1d0d9eddd2522fa557f74a0bf41a45498a78506d92f223e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-request-headers: X-OB-STG,X-OB-PRD
date: Sat, 25 Feb 2023 00:10:52 GMT
content-encoding: gzip
content-length: 778
last-modified: Wed, 22 Feb 2023 11:49:11 GMT
server: AkamaiNetStorage
etag: "489a639403b1828b9cead4841aae6252:1677068933.321599"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
expires: Sat, 25 Feb 2023 04:10:52 GMT

GET
H2 200 obPixelFrame.js Show response
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 8B63 2 KB
1 KB 19ms
18ms Script
application/x-javascript 2.18.37.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.js
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.37.67 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-37-67.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6acd432b3c0c7b85a1d0d9eddd2522fa557f74a0bf41a45498a78506d92f223e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-request-headers: X-OB-STG,X-OB-PRD
date: Sat, 25 Feb 2023 00:10:52 GMT
content-encoding: gzip
content-length: 778
last-modified: Wed, 22 Feb 2023 11:49:11 GMT
server: AkamaiNetStorage
etag: "489a639403b1828b9cead4841aae6252:1677068933.321599"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
expires: Sat, 25 Feb 2023 04:10:52 GMT

GET
H2 200 obPixelFrame.js Show response
widgets.outbrain.com/nanoWidget/externals/obPixelFrame/ Frame 7E84 2 KB
1 KB 19ms
18ms Script
application/x-javascript 2.18.37.67
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.js
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.37.67 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-37-67.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 6acd432b3c0c7b85a1d0d9eddd2522fa557f74a0bf41a45498a78506d92f223e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-request-headers: X-OB-STG,X-OB-PRD
date: Sat, 25 Feb 2023 00:10:52 GMT
content-encoding: gzip
content-length: 778
last-modified: Wed, 22 Feb 2023 11:49:11 GMT
server: AkamaiNetStorage
etag: "489a639403b1828b9cead4841aae6252:1677068933.321599"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
expires: Sat, 25 Feb 2023 04:10:52 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012302031721000/ Frame 1D86 222 KB
61 KB 204ms
47ms Script
text/javascript 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302031721000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022301.js?cb=31072675

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7de886a084ff33bba971a067938a541d20340782ca5a77f0e8879f6571f42fb4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 22 Feb 2023 06:22:32 GMT
age: 236900
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61811
x-xss-protection: 0
server: sffe
etag: "c31ac511828178f4"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 22 Feb 2024 06:22:32 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012302031721000/v0/ Frame 1D86 15 KB
5 KB 287ms
131ms Script
text/javascript 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302031721000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022301.js?cb=31072675

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6f8d3f9f2e56fd5910129867513cc25550919e2cc50f8ecafd9d100fb2e44cc

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 22 Feb 2023 06:22:32 GMT
age: 236900
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5233
x-xss-protection: 0
server: sffe
etag: "031ab09f7d5e6c1f"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 22 Feb 2024 06:22:32 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012302031721000/v0/ Frame 1D86 94 KB
28 KB 293ms
138ms Script
text/javascript 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302031721000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022301.js?cb=31072675

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d4275796e9f1cfa6219c319180a5adcbf3da9c0f753c719fe4c48d43addff507

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 22 Feb 2023 06:22:32 GMT
age: 236900
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28880
x-xss-protection: 0
server: sffe
etag: "1d865d9ba0a59851"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 22 Feb 2024 06:22:32 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012302031721000/v0/ Frame 1D86 5 KB
2 KB 310ms
155ms Script
text/javascript 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302031721000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022301.js?cb=31072675

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33cf544ad9b2702ef8cc549ae1fbec26a2afb0ad835c0e3e863b367e18f338dc

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 22 Feb 2023 06:22:32 GMT
age: 236900
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1916
x-xss-protection: 0
server: sffe
etag: "2b4961eb83980a40"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 22 Feb 2024 06:22:32 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012302031721000/v0/ Frame 1D86 40 KB
13 KB 312ms
157ms Script
text/javascript 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012302031721000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022301.js?cb=31072675

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3bba1bb5847e0990d0d2983df61e98417272fc1aa014b09c4f8dda08e7b103ac

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Wed, 22 Feb 2023 06:22:32 GMT
age: 236900
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12955
x-xss-protection: 0
server: sffe
etag: "06b4b5a97f01e05a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Thu, 22 Feb 2024 06:22:32 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 1D86 8 KB
1 KB 195ms
74ms Stylesheet
text/css 2a00:1450:400d:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022301.js?cb=31072675

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 25 Feb 2023 00:10:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 24 Feb 2023 22:34:02 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 25 Feb 2023 00:10:52 GMT

GET
H3 200 container.html Show response
e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2E87 6 KB
3 KB 36ms
35ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fox13now.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 25 Feb 2023 00:10:51 GMT
expires: Sun, 25 Feb 2024 00:10:51 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 en_bl.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 1D86 2 KB
3 KB 117ms
37ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en_bl.png

Requested by

Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e1a3c83144fa5752c8668ca056742ec9e6d6dfe5cfb75a97a9e53d1150068f91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:10:45 GMT
x-content-type-options: nosniff
server: cafe
age: 18007
etag: 11660698925711390587
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2471
x-xss-protection: 0
expires: Sat, 25 Feb 2023 19:10:45 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 1D86 295 B
664 B 116ms
36ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 20:24:54 GMT
x-content-type-options: nosniff
server: cafe
age: 13558
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Sat, 25 Feb 2023 20:24:54 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 1D86 0
0 81ms
81ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CRFR-C1L5Y4DcLvW8x_AP6YCggAaWwtyUb6j327f4EM_8joLbDxABIOaUhRhgleKQgqAHoAH74qbMA8gBAakCmvuBWOKwsT7gAgCoAwHIAwqqBKUCT9CBM92nTJj9XuhSB-n1-YK2fhgkbPkZy7OFCEsE5flXfjhsqJ0I2VeEdSJDzwfmiUdbimh_CJV3-0CA26buFwd8b_K754ukl35jvVNZQygSvpZ1qr-VB97Ep6mvHRi138J1054hL3KiMpynqvBdCH1WWAHPSdtvsMOXYJXblsLRg5l5o9aEaB1dUvsab7W3hgRznwusLLm_d-0Jfk0RFGCaKxSH89Niu_oocijvb42p3ZvxvhJZp8F14KBVxlfkGi5ln2xzgxHf66fcEDzC9uvJxZifsNHx5QX9pUAWtjbVsVUjaB5fEqb0NyIcpiWsq3xi9PSw4NJQJXbkLagDWF-MkOxW6ksPuCcu8EXp4vCTgCyTkKftBJuvFpRgcII0AoNhfGfABPXagaWfBOAEAZIFBAgEGAGSBQQIBRgEgAftnNkzqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwMQ8C7SCBEIgOGAEBABGB0yAqoCOgKAQIAKA8gLAdgTDYgUAdAVAZgWAYAXAbIXHgocCAASFHB1Yi04NDE0NjI3MjgwMDU0NTkzGK2LEQ&sigh=R9C0eeqUTrY&uach_m=[UACH]&cid=CAQSSwDUE5ymHGFfdtcRQDHqOU8Sw2HOT6kkDLrXCUZ4FiIDAJScJT7q4f-V8DWM_llqfVYOharaOkfWga3cyCwGp0-TMJy9TDSOnnCu1BgB
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 1D86 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 551bdee11724bb4e609f7354a77f8c98cfe7f238fa886885e8489e0929c1d858

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 6d6d25e3-5be4-444b-82ae-a8f0bb892234.js Show response
d3plfjw9uod7ab.cloudfront.net/ad/ Frame 3DD1 78 KB
19 KB 8ms
8ms Script
application/javascript 2600:9000:223e:c000:13:a391:88c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3plfjw9uod7ab.cloudfront.net/ad/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
Requested by: Host: e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com
URL: https://e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:c000:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9e7364364960ab41fb0bdb8365708009e215221bdd4976952a30e9460cebcbdb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: OkSKuOi_M1KeQLKx0csIv8JFbutYIrO3
content-encoding: br
via: 1.1 eeb2f3ca588ea4437f4b97ed276a6664.cloudfront.net (CloudFront)
date: Fri, 24 Feb 2023 23:54:42 GMT
last-modified: Thu, 03 Nov 2022 13:16:24 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
age: 1057
etag: W/"7a14d816c6b9923b84f9184b6f85eef6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=7200, public
x-amz-cf-id: xS11RnCedIkNhIP4RXbCM0Zt83cLLoM1BN-B88FAjdfaOBcAaseG4g==

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 3DD1 0
0 77ms
76ms Fetch
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CUhe3C1L5Y8_FLYb3gQf236T4BZ6hoa5cofno_p8DwI23ARABIABgleKQgqAHggEXY2EtcHViLTg0MTQ2MjcyODAwNTQ1OTPIAQngAgCoAwGqBLcCT9CB4N7eeEggc317_hIbv6cQJyI64jO9kxC6EL0fZWsSSx2pSmO9_R1F_l8djAXOZPxveL9wLKcURKhdJTkn0S0zS5SqAJE_np5FO6XfX1pdmm4BpGLR_v8Jx9fMXKT-UloUsnGHCGEcGepl_HktyeCav0zgL_JS75pGYuVmOdkpImfR2-9PV51VJbjuhIjjJLCnL1D_y0Zq0IyeTVVj_4xpqm1kd2zr3m-_tcB9QoJTm6CaTTuR47APAePzgtStCDzmCvhDZzcW2RsReJA0Jx6batTTx0mGGIc5n9pvJenKTLgM8M9RBt4GbWqYBTFjKZRdmDy5CdTgr0aM3501LncNuVldmH-Pw6qTC1H_bq9LgwGN52wbo0dWYdOcGDNljs_5eifANGWnMJwj6ILTkbeFOI3kaaTgBAGABrH0k_Swtv7EVaAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBAIiOGAEBABMgOqggE6AoBAgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTg0MTQ2MjcyODAwNTQ1OTMYrYsR&sigh=F6MROr6IXJ4&uach_m=[UACH]&cid=CAQSPwDUE5ymjNSz9rZZ1EQOTaxDGY34F_GaaAl8dgYTXtXlo5wQT95eUoPidbFWR5kN0ij_6Qwg5Xfy43ZeqlcM3hgB
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H2 200 adfetch Show response
googleads.g.doubleclick.net/pagead/ Frame 85D3 82 KB
32 KB 184ms
85ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adfetch?adk=366289824&adsafe=medium&client=ca-pub-5722610347565274&format=970x250_as&ip=2a03:1b20:6::&output=html&unviewed_position_start=1&url=https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth&sub_client=bidder-195620&aceid=MDesFQAlGLQAnxy0ACJqNAHvejQBWH00AeuBNAHGgzQB1IM0AUGFNAGJhTQBuIU0AbyFNAHehTQB7YU0AfeFNAEWhjQBGYY0ARqGNAEnhjQBKIY0AS6GNAE4hjQBPoY0AUGGNAFEhjQBU4Y0AXqGNAFLc0EBU3NBAVVzQQGrRlQBRPUeAjjIXAIs_IgCeECqAidCqgIHTaoCBVGqAhtRqgI7WqoC0GGqAhJoqgKUaqoC_XiqAoCbqgKBm6oCgpuqAlqgqgKiqKoCuLCqApaxqgLb1qoCyeKqAqDlqgJH-KoCqvqqAr_6qgIl-6oCQfuqAlkTqwJwGasCfRyrAg8hqwKDJ6sCXCirAvsrqwLuLKsCnDCrAnAyqwJ5M6sChzOrAl41qwINPKsCIzyrArQ8qwKCPasCXD6rAts_qwI_QasCkkGrAglDqwJpQ6sCiUSrAn5FqwLhRasCG0arAkBIqwJ1SKsCkEqrAmNLqwI-TKsCSUyrAohNqwLDTasC702rAmBOqwLSTqsC3U6rAhZPqwKwT6sCtk-rAsxPqwJmUKsCE1GrAllRqwIFUqsCUlKrAv9SqwILU6sCSlOrApFTqwLpU6sC8FOrArJUqwI1VasCOlWrAmpVqwKAVasCI1arAm9WqwLyVqsCblerAjZYqwJEWKsC6lirAgdZqwLfWqsCVlurAl1bqwKLW6sCG1yrAi9cqwJhXKsCHF6rAlFeqwJK7QUDTO0FA8WyxQXinPsS0qv7EtSs-xK2sPsSP7H7Ei_J-xKc8vsSgPX7EpT2-xIv-PsS_gD8Ek4I_BIpCvwSPQr8EvMK_BJ2C_wSfAv8EsIL_BLdDPwSbg38EnYN_BLTDfwS-FZrGqi8_yM&awbid_c=AKAmf-CtKmA5aBJZlP2NZhKP8EhYdvvxInh67653xGjs2X5OAqVH9QMcNyzDvCXiRCiGhO9DuUdrUA31ZmTa7Ujy6QUnvsBS7U9qin_liyaptXhnnfDjjCZzhYLltO9A7jItACwqGu_EdDYWt8sDWIs9Y0mA9xj5Sxboid5RnbN06lM3k0_8j64&awbid_d=AKAmf-DrTM6imjRxh9E5j6Hx7MT31AjEZmPyS5S0gpzqv0QCGeEWVcTTTP594meuMm5Ks3BYHRTUkNjVmnzfZqV-UQmwiLA9YzFIqJV9z0u6KPpWNtGL62eu9-dH_jWP-IM8Yk1cFqj4bVCYHxPNaudMtXWhmJOHEQGO4sDtmBB2bdHfW6BNg4AFAafsvlBc_9vEL4oM-UX2tujOu_jyufOYADE52-LEnWsMimYlCoNWeW4hdM_2WSakc_-tfssXZkiWhsVhjZTKUsuvNnbkx3Gp5JZp-iRPWSEuaCzWC4xIW1HILC5vCiRmixsFm4fbdFIpLyklYNvNHetKjQN-tglW9bZ0Bwt4LPxLXKtSJPXXz-Gf6R5FQDRc1kIyMw5aNsfvS_ZYrgI9QKunuBwbeZ8U0G8TI_jW7l3HJUQhF858qiTXt2nTIEONzPjT466CVhH2ns0Jh64lVqTDr2BN3CJUpn1-GV2PZRTfQAutrc0sKKGxWKeLXcVPwM-rm_HymqrAEVV2GirRguOgFusKLa4WTyTOQ0LYsGNz1cub2BjZsoIrTzJXFPplwLn3OSOp7DbKiIMuwrurPFYNGqeX_ibQwvl0MhOWzXICz3C43lCjgIsQjnOz78tC9KA8Rtb1cRHrIYCLmGWM51lAaVOXXLh0A3HbzRypHHOzjrPxNd6vlH98kdNqqwnwB5Y3e5gR_Qiu3a0b8MdsF0vwHXy64ZYlvFpn8oDgQW2Ikme0PXHZWN8GYs5wcgSmH9ed_EoHM7u0bjaP6C4ymx0jP14PGxldwpEJ-v_3Ka4d-1PSX_m27Hfj5oQ779VVm9nbjUrslYRE1CcGlAqxmMIHDep6aoxv_ivl2E5GeA&cid=CAQSGwDUE5ymYuZn00neL0jhwbsRLwTUaHM77XG_gRgBIAo&exk=378098682&rfl=https%3A%2F%2Fwww.fox13now.com%2F&a_pr=13:Y_lSCwAAAAAKQC_eWBVRFyBKnp4MkFPIWaRFkg

Requested by

Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b274e07d334d692f072133062d8fb1359c689c99e8a1e7f2d543bf6f48a1bb33

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 32976
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 25 Feb 2023 00:10:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 xbfe_backfill.js Show response
googleads.g.doubleclick.net/pagead/ Frame 3DD1 7 KB
3 KB 138ms
38ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/xbfe_backfill.js

Requested by

Host: e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com
URL: https://e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2154b34bc0f6a1eb89ee530e36dfe7ed28abec06fa931e1838a00ea8bb2ee7db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 23:54:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 956
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3003
x-xss-protection: 0
server: cafe
etag: 2660866305706646737
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Sat, 25 Feb 2023 00:54:56 GMT

GET
H/1.1 200
OK v1
a5086.casalemedia.com/impression/ Frame 3DD1 43 B
303 B 83ms
15ms Image
image/gif 185.170.62.108
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a5086.casalemedia.com/impression/v1?bidID=14c6c331-0a7f-488c-9c3f-31fc67390c7d&traceID=cfsl42vu0rnrrp0tuo6g&dspID=85&userID=&cmpro=0&deviceType=2&expiryTime=1677284451&ap=Y_lSCwALYs8K4HuGAAkv9pHWRN0R2MF5pBuU9g&siteID=195620&creativeID=c8e75c&pubID=184986&format=banner&channel=site
Requested by: Host: e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com
URL: https://e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.170.62.108 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 25 Feb 2023 00:10:52 GMT
Server: Apache
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 43
Expires: 0

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3DD1 0
349 B 166ms
72ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=awbid&awbid_b=AKAmf-B1jxyIBWqEAhPhHV-f8xfNIfq4VdnR-9E9i6dDtzYrbKjiRiKrUY5UyoQ4J5ipbHMA2uYJAkg-VmlN1u01z0z_MpEUmw&pr=13:Y_lSCwAAAAAPhPWcSEJyW64v6s1cIlwQOYoX7A

Requested by

Host: e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com
URL: https://e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Feb 2023 00:10:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/ Frame 3DD1 3 KB
1 KB 57ms
54ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/window_focus_fy2021.js

Requested by

Host: e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com
URL: https://e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 11:58:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43946
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Mar 2023 11:58:26 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/ Frame 3DD1 20 KB
8 KB 38ms
36ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com
URL: https://e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e713a207017a40f54387d0e25bbb3cbbe1b3d10338cdd4a7342cc1486b19140

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 18:59:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18709
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8274
x-xss-protection: 0
server: cafe
etag: 9471482037410804447
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Mar 2023 18:59:03 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 3DD1 0
0 46ms
43ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTgwUEQ3AZukgGb37aQocqXxkRptQc7FXdSjQZvC3EdiR_yM6KqsBjw0Z6mu65EkQoY2mH_BVg96ynKKRn2jGLo9o0MPQ
Requested by: Host: e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com
URL: https://e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 3DD1 24 KB
7 KB 43ms
40ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com
URL: https://e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 00:05:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 173109
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 23 Feb 2024 00:05:43 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3DD1 158 KB
49 KB 47ms
45ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com
URL: https://e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82d63ecef7851ffd217020b3817b0206328488879b0c782f9b67d43bd1479a2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 00:10:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49360
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677104061356577"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 25 Feb 2023 00:10:52 GMT

GET
H/1.1 200
OK pixel
amplify-imp.outbrain.com/ Frame F02E 43 B
243 B 473ms
91ms Image
image/gif 64.202.112.95
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amplify-imp.outbrain.com/pixel?p=MW1qguY4qimC59ZgYvg-V9dESb3yg9HWikPjgkw0NYw7pSCEml0a_je9WwzaX0LsIT9P6qD3FNb5R40Pq288Nw8N6N8SVJDrPyhzkA077fWei2DBgd4aGkJNJD3O7s80I3iBh_65SkYh96j5sP6kY8RT_VAavDl7Gf8Ih-f45wJ7wgHGrg--98DholQNiMYwA7FDQ_tbHDh7XgiQn1MpyvRSYYgQUX8eaY0xNCkFFzk8fYDupba-pJikuJ25jciKzA5_8ea7EufN-vCrdhQD11gsJsQX88ahanle_r1Yir-D1FCGKSuGh3OZDozXSPhjPZCf2UY3MiWGBseQYQQEu4fNnBXG8nb9WJx1Ve8GT_w159sGobYkzkks8SxAvW8J9K0iHdh1xYgGyDk-6nmD52Ajgn_WNhyN38GKWvCeG8Tj_C1rOoxpIGEK3G8KBTW83GxWJD-iwKYZ6nQXLTkCOrvo6NfZtZfBdXF_L5W0XWiec4MV5d6bvh1AFKAwJlq3BlEjISoHwsDpMNUOYaDOiei87lZitpp2QJog9N4NHI3V7aIaauagPqmCa1H32yGGxYyK0lzm__7MI8cQE_wb2v_d6fSKGxC2CX2s55PEBHhiPT14aWMlrVxn_QXKCSfhUzSmAnSp12UAupTU6rQFbrVXVpx18nvauFiTYhmcliwd4tyBv485S0tD7i1rtSBAxh1pg4mActyQVnp86GEwzjEaOQQp3c213xnnLgWkFu8_Lw3citLhV4GvbkcV_JbLs-VGmAEQjk6ZxwsxvqWLJsLw7-xRrN_F1BuZ9v0p8oUQaJvDNmlK3wl05RYO3YKCoBEZTXLdyjEJVbn86p0k3zW1SvtGW8S0Slf0eI1A52PDZEagJrRBphkxiDOzqdDvxr1VmUSMvJNLJadoCZJqxql6PMeHUA3Z_uai5dTkTcDL5F3jVLT9vBOHFevPg1eEsKRQaVPkgnzjh7MBbnXMb4bHUXc0WKWWsHdhTFYU5sN9i-FH_IYvlX6S7eOZj8e4a7doAcKuL2oS6hGzjyvX7DKyZYAi--_NL1z7YJPwP0mfTU7_E_t9W_vSkvuUF6pZ9z4adc5a6YjNLzCdKUK-sq4rYodeHhkuMmVN48Gluf-3A_swY30v-Vu_biJZjURnDLdMfg8bcgQkyenDaIsnSfQdjJNV5l-NQeeLksAIeq2qcb1Qw-tKP9_zL21UYr3PXsVxseN1dW-HWX_qf53WVoKDeWbQGZ58Z6A7k-VvKi2JnGFdWTQyiwETzbcWj1UUF38-I6GZyIhwZdnTEB1SeL2zu1-imv0WYECWgNW1gOfGLboA3-qk7zpYHgRCP3CLQEQacizPt8j15l273jQN1JFizaBpcoNJ9yq64OeKPNcunvvqX6abRBk2ua2isDj9zOmYPQ9gczM5IvggoKQezDTdOsS7Fa52-Popmi20W2sxpHcWNwoIZiZmWslgD3y_vI3zIfF5BfCbeGihzX9-yGL4U9ayF4yPeU9JFp8XhQqK-yO5abUlA1UeLKAbNUVOLPMKoMuRF-KtrhieZCYIauc4aFws6hENOkaoYe73bQCDn971DK9_PQ-LFGhRhod3itCC0Cco0_14DPJnwWrMTw&c=d7039818&v=3
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sat, 25 Feb 2023 00:10:52 GMT
Cache-Control: no-cache
content-encoding: br
X-TraceId: a2d79b3107666ef68cf7afaaf52bad72
Content-Length: 49
Content-Type: image/gif;

GET
H/1.1 200
OK /
b1-nydc1.zemanta.com/bidder/win/outbrainrtb/dd001e7d-b4a0-11ed-86f6-466823baac8c/0.070713/X6GV2Y5IEIP2QX2U443CXXVPMM4PUU7JZZD2OC5W7JUM2ZG43T5CAPQXM44EC64INH5JNUIGVHDVL2RADJHFUBY45XS6HVMMYACNO2RKITD... Frame 2BC4 26 B
127 B 470ms
94ms Image
image/gif 64.202.112.95
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b1-nydc1.zemanta.com/bidder/win/outbrainrtb/dd001e7d-b4a0-11ed-86f6-466823baac8c/0.070713/X6GV2Y5IEIP2QX2U443CXXVPMM4PUU7JZZD2OC5W7JUM2ZG43T5CAPQXM44EC64INH5JNUIGVHDVL2RADJHFUBY45XS6HVMMYACNO2RKITD76YUKY5U3IBSRXTNZDEIR2HPIDKQGOUHP3JQZ7QRI5AZVLBSC2FP2R4M53REFBYOHMZGQDWENLA5YSMFKXGXVH5FYKGRSKFHQFP7TE2YGBCAQNUV7UDVTWXBZ2MWYGDL6VUPNCGNQJP3MKBSNNQHMFDOIMPFTVTVUFI4BQDY5C5FTWCBBKQTUZLPMIYKR3YL6EF55BQNVBI3ZXBZIJIZUF3DGHLUNOSKHLJZODADQU7CW3HKMQINAX3QIN2SF4X6442D3KXVHFIKBYRXNUHYDDFTKVBDEGZ3DOWPOSRDLFWT4PKBEZMXY5EFXRFXDG2M25SSOZSRZ5R4LWKW7HUHP75VY3CHBIPZE2XL6CWFLX7AAONRXXXM63DN3ODEFX7RDJPADFPVZPZ4ETU75RTVRQGIBXCH7RK7OF5PUPQX4KWYHXU7UQSQ2HNPN5TQ/?wpos=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sat, 25 Feb 2023 00:10:52 GMT
Content-Length: 26
Content-Type: image/gif

GET
H/1.1 200
OK /
b1t-nydc1.zemanta.com/t/imp/impression/C6ZCJHAFPUAVWT3ZIOFGZUYZCR7PBGNF4LJTHB4TD4YVOG7PUF7TVOJJQJJP3VWN4EAPYD5J2ASRA5MT6I3BLXHOX4DWTTFKVQIGWVBUISCB7OFYYBJCTSR3X5K3YNLBJGGPNJBZD7ZMR42RAO26ZXYVUHABG4... Frame F8E0 26 B
127 B 467ms
96ms Image
image/gif 64.202.112.95
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b1t-nydc1.zemanta.com/t/imp/impression/C6ZCJHAFPUAVWT3ZIOFGZUYZCR7PBGNF4LJTHB4TD4YVOG7PUF7TVOJJQJJP3VWN4EAPYD5J2ASRA5MT6I3BLXHOX4DWTTFKVQIGWVBUISCB7OFYYBJCTSR3X5K3YNLBJGGPNJBZD7ZMR42RAO26ZXYVUHABG4BG6HI6DB6AXD7O7GM3UVUTLAPGH2LLAAP7SC2ES5PROOE5ZA7YXITBJYEMCAU72OFRFUW6NEBWISN2URVAXRDDLY2D2SJ7FZM5UFMBE77BPBORYRLHBKG5G3G6GREJN6SCALOLYMJJQ3R4W2NMRVB3T5S6TR5CC5EQOPA5N6FH6V5DQAUESM2U6ROQDTS73LRDTWPBM7A/?
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sat, 25 Feb 2023 00:10:52 GMT
Content-Length: 26
Content-Type: image/gif

GET
H/1.1 200
OK pixel
amplify-imp.outbrain.com/ Frame B38F 43 B
243 B 470ms
91ms Image
image/gif 64.202.112.95
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amplify-imp.outbrain.com/pixel?p=MW1qguY4qimC59ZgYvg-V9dESb3yg9HWikPjgkw0NYw7pSCEml0a_je9WwzaX0LsIT9P6qD3FNb5R40Pq288Nw8N6N8SVJDrPyhzkA077fWei2DBgd4aGkJNJD3O7s80I3iBh_65SkYh96j5sP6kY8RT_VAavDl7Gf8Ih-f45wJ7wgHGrg--98DholQNiMYwFw514MSvlmP3LC-Cszp1NB0Ek042PN4oFQz27pbc412w-flzI1Y_EkJRs2bmMV727LeSZaQOqOZoB8NuChP1tzNKurSu_ZuemfryCdFPrz3El3lcHHPzk_InkFTFsJYSAsQ6Xl5TD8vHAcNlmBpxu7WpNJPkQ1jiEZfQ2Da9BF-zvOWC3DGtaeLj54gWXFFaqUrSAdPfGz3YhrJVO6bRwPm9Tqll8plckcjQvCeIO_PAsfHlP2z2KmtxhaVaUQHvtRtlGapbzrlnUYos8IGcinYiRFSRMNLNRwHR5a8Yyi3qZzjvXQvkGhnAX7d2LKAf67_tuU-Yn5wwzaoMYuDg4y61iXOZB3n_kQh0FOcd5K9M-r0uWMNaP96TQ6bvgCJqOrK8EDXo-6DZqyKbMwnZaARmAs-XLjdm7IJQBbPREtCjZ9noin70U1pJSMcfhMbYOYnTkz-T17wu-qE2c_2bv9xXs91N0OOLLBDLHrCxbm9DRxSCnoUlleHC8wMIAp5zEtQOW_zANgaR23LYRdoDZb_HMenKzVDP-tovChxZ7iyDIMTp2UH8hAgeRVg4MUAYFkE4BMnyfEjmc2-CA4QkboGhI3hFNTjdpoqZ5S1v3nNanYKKyHphphNaqIWlx7BCnpUrjmSFMaGvA6_0xdsEQmRe_WS4gJ2iWt6legfBoOE3F8aMXGRduh2aeNThwx2mGf9GlQ2e5lzzic1shULDtKZ8l7uu77EoU2bpbTyt_35Q1VjftnqJydHwd8exWgm1lJJKS0vxEwS6EgR18-y1BUOshFfvkSid5IMOWOL6q03E2yDXClviv3YVRpAe83TP5zkrEnUv_UY3coM2b-38vZSlMgnNGqsMNhmVBasxVM0BW5cQBGvRKWbr8PqviJHn3Y_GTrntA8R_KeyneDyTfkT7I1YQtwaladv7u7w0KJ7BeZdziUZxzy1YuJsg6QDSnkBZ9RUIy_Wk55xQL2Y7u5UftBnJ8XGTJmFe4j2QIhxm879bgywV6svZM2ZUY2JZX3MG-PdvNfi_iAxyuRB3lAQVMYZJKR517QoQhOIbd7-DzsFG_bTk0Bsj3D0dtRyUmChpNQh8cuRhMk9u8eyySFLYmfokpBLDkhDwvOcp5AzubfCxQi7GA1UhNIIAhZ-myUWuiUxG31ApKBF5ZkaReCiVruLgToomOhLsSIWgTJ1Ab8iZ-dabI-OPk-RUUwRaUVdMyMj13jJ8Dweywfg_uqa_k_Vye6pI_-2b-MF10G2W5Vy1JxuvT1Gq_MNrEKdXE6gUBu4PvvbUn4Ff7WcakFLcazynDyVyxVN5bb_hxFImDAOUHRQXUUWUtup0AuXjwVtBMMUnSo_0DT7yiqTIqQJRo3I8WvLI-h5Po_Ajx7osLyQNb_Mz4DH6yKpeXf6ntFRp60OUbYFRZTd14EWI5TD10gtdJ_N3YOas8YLxjg4&c=f95b4096&v=3
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sat, 25 Feb 2023 00:10:52 GMT
Cache-Control: no-cache
content-encoding: br
X-TraceId: 5f30f440221ae6670722a5774d2a86d7
Content-Length: 49
Content-Type: image/gif;

GET
H/1.1 200
OK /
b1-nydc1.zemanta.com/bidder/win/outbrainrtb/dd001e7d-b4a0-11ed-86f6-0999d5b4288c/0.039076/X6GV2Y5IEIP2QX2U443CXXVPMM4PUU7JZZD2OC5W7JUM2ZG43T5FDN6TRKXPA636MBCRRDAK4VSSJWJQCAUTHLII52WSGWONN7ZTPFCJZWS... Frame EE9A 26 B
127 B 468ms
94ms Image
image/gif 64.202.112.95
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b1-nydc1.zemanta.com/bidder/win/outbrainrtb/dd001e7d-b4a0-11ed-86f6-0999d5b4288c/0.039076/X6GV2Y5IEIP2QX2U443CXXVPMM4PUU7JZZD2OC5W7JUM2ZG43T5FDN6TRKXPA636MBCRRDAK4VSSJWJQCAUTHLII52WSGWONN7ZTPFCJZWSVSPTJGMFXEGVT2S2LDFUD6XULVK35Z3V7O4RDS5KC4XCZRZSC2FP2R4M53REFBYOHMZGQDWENLA5YSMFKXGXVH5FYKGRSKFHQFP7TE2YGBCAQNUV7UDVTWXBZ2MWYGDL6VUPNCGNQJP3MKBSNNQHMFDOIMPFTVTVUFI4BQDY5C5FTWCBBKQTUZLPMIYKR3YL6EF55BQNVBI3ZXBZIJIZUF3DGHLUNOSKHLJZODADQU7CW3HKMQINAX3QIN2SF4X6442D3KXVHFIKBYRXNUHYDDFTKVBDEGZ3DOWPOSRDLFWT4PKBEZMXY5EFXRFXDG2M25SSOZSRZ5R4LWKW7HUHP75VY3CHBIPZE2XL6CWFLX7AAONRXXXM63DN3ODEFX7RDJPADFPVZPZ4ETU75RTVRQGIBXCH7RK7OF5PUPQX4KWYHXWNKTQQKKBMYWQI/?wpos=2
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sat, 25 Feb 2023 00:10:52 GMT
Content-Length: 26
Content-Type: image/gif

GET
H/1.1 200
OK /
b1t-nydc1.zemanta.com/t/imp/impression/C6ZCJHAFPUAVWT3ZIOFGZUYZCR7PBGNF4LJTHB4TD4YVOG7PUF7TVOJJQJJP3VWN4EAPYD5J2ASRA5MT6I3BLXHOX4DWTTFKVQIGWVBUISCB7OFYYBJENVYWTRVT743SXBG2CL54HFRW542RAO26ZXYVUHABG4... Frame F4D0 26 B
127 B 465ms
95ms Image
image/gif 64.202.112.95
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b1t-nydc1.zemanta.com/t/imp/impression/C6ZCJHAFPUAVWT3ZIOFGZUYZCR7PBGNF4LJTHB4TD4YVOG7PUF7TVOJJQJJP3VWN4EAPYD5J2ASRA5MT6I3BLXHOX4DWTTFKVQIGWVBUISCB7OFYYBJENVYWTRVT743SXBG2CL54HFRW542RAO26ZXYVUHABG4BG6HI6DB43ONW26X6YTJYFAAHXSOKIEDFVY3G4HY2HVURL6N2FLLK2QMMTSYXI3XWQ6MPA7LMGFIHFLXRQ3GM6ERBWU47MOG2LCBWKWVU3OTLH65I7O2V5CQ4DTW3MUZP5S36XRSZA4BX5IMDLQ7QY6CDBZMMKDHX7UAWAMPDTT6HMFRCSAKKM6EKIH7B3RK22VYWLP5A/?
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sat, 25 Feb 2023 00:10:52 GMT
Content-Length: 26
Content-Type: image/gif

GET
H2 200 6d6d25e3-5be4-444b-82ae-a8f0bb892234.js Show response
d3plfjw9uod7ab.cloudfront.net/ad/ Frame 2E87 78 KB
19 KB 8ms
7ms Script
application/javascript 2600:9000:223e:c000:13:a391:88c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3plfjw9uod7ab.cloudfront.net/ad/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js
Requested by: Host: e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com
URL: https://e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:c000:13:a391:88c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9e7364364960ab41fb0bdb8365708009e215221bdd4976952a30e9460cebcbdb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

x-amz-version-id: OkSKuOi_M1KeQLKx0csIv8JFbutYIrO3
content-encoding: br
via: 1.1 eeb2f3ca588ea4437f4b97ed276a6664.cloudfront.net (CloudFront)
date: Fri, 24 Feb 2023 23:54:42 GMT
last-modified: Thu, 03 Nov 2022 13:16:24 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P4
age: 1057
etag: W/"7a14d816c6b9923b84f9184b6f85eef6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=7200, public
x-amz-cf-id: mIF9oJoKRHaVyWwy5GIxwseYxTuo0tsmR7aj6zJZE8oHmRw1PU201Q==

GET
H2 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16109559932968589349/ Frame 2AAD 142 KB
23 KB 37ms
37ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16109559932968589349/index.html?v=b208246486

Requested by

Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2d4551ad5c43c84a384cbb912a6366163d14e8eab63120c1b288e5143b134660

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 466
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=0
content-encoding: gzip
content-length: 21595
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
cross-origin-resource-policy: cross-origin
date: Sat, 25 Feb 2023 00:03:06 GMT
expires: Sat, 25 Feb 2023 00:03:06 GMT
last-modified: Thu, 28 Jul 2022 12:41:18 GMT
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 2E87 0
0 78ms
78ms Fetch
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CfhVWC1L5Y4HcLvW8x_AP6YCggAbTzNXabaaj2JumELuWnO-PDhABIOaUhRhgleKQgqAHoAGl4IzcA8gBCakCmvuBWOKwsT7gAgCoAwHIA0iqBKsCT9CSF2cafyiEKCD1g7F5ocDsPzEentZhfNtCN_EFtoMLiq7fFvtR1CBjn1oarDm-YQNU0BXX18BUw4g5iYVKkTj6I3sTl0JYkWUy9HKAusnKiGUNJrkpb7-0aPpEHw7gWUXkbkd9pBohcX19gMvgnSaxzX7Ylrv7squ4LDw2u0NrygrRZsIQ1L3c7YmXlepdObfganPbfsSwBvxLMzcG-EyIblIQCHJjohvRW9bC1bkgQP_RUrZwkjSPa6LK9RcewrlbM0zdbYKuNVp_OjiUZ2xXGpcFAgjz_hRdIDVsisGJvmjXF-3uTe_ZiDFuCeMvc-y6SbSXbp2N5Ij_W7R21npjbAzS3MNB8kiuXaKh3xcStHC_DOVWRaXsipF2Q82O7rnVDUEkY_h6EPvABJDAhu2gBOAEAZIFBAgEGAGSBQQIBRgEoAYugAezkasoqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwMQ8C7SCBEIgOGAEBABGB0yAqoCOgKAQIAKA8gLAdgTAtAVAYAXAbIXHgocCAASFHB1Yi04NDE0NjI3MjgwMDU0NTkzGK2LEQ&sigh=bGD3WstycKY&uach_m=[UACH]&cid=CAQSSwDUE5ymHGFfdtcRQDHqOU8Sw2HOT6kkDLrXCUZ4FiIDAJScJT7q4f-V8DWM_llqfVYOharaOkfWga3cyCwGp0-TMJy9TDSOnnCu1BgB&template_id=419
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/ Frame 2E87 22 KB
9 KB 51ms
50ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/abg_lite_fy2021.js

Requested by

Host: e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com
URL: https://e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ceb563d6ce39ba6ab2e90a1d7e6a39d737a2fa59db1914b115f784bbf97fa5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 18:59:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18709
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8814
x-xss-protection: 0
server: cafe
etag: 11378319237421819138
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Mar 2023 18:59:03 GMT

GET
H/1.1 200
OK pixel
amplify-imp.outbrain.com/ Frame 9329 43 B
243 B 440ms
92ms Image
image/gif 64.202.112.95
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amplify-imp.outbrain.com/pixel?p=MW1qguY4qimC59ZgYvg-V9dESb3yg9HWikPjgkw0NYw7pSCEml0a_je9WwzaX0LsMytzcpxWinNJbu_xJfUHbc-Tnw1tQoz8WDp_LCvnH08R1ie56wRMEJAUXwLThByguATzsgGPmG63VW10fAvo_Co7QZfYdVdYgL25KNm3O5RQYwtiHEMzNLGamxavvnKe1E3ebF5LQbYmuWM4k_ceCBYM0Zni6FmhAAYDotTg8Acd3cGxp2d63lS9eef7_5XxTt7Ka-WDRee6vR86u4X65Xaas9BTKOF3TOQkM_Ndpv6nvW2grAbU6mwjVujemJ7rjCjvum3zmJ6ETTLfFy9-eBnG9QzHgGaCUiulV1uTQIYlmCs-ygMl0sqTruEX30mbNp-TWpi6eyY020WOqeERLyVJuSB2m4eifNbMV5VuAHnw7G7ZO9SOSlVyvbzwvlaEefnGcLHVgwuebab5je_o8SZUpGE8NJJp2JXCTKIjrHTrnrpch9tQN4WEQ9RwkK4bUwxqIAu2ABbGT3ZIVfEgAdkw2CDYcnL9zFmSwGH9p-pDs1YaRcTX3fZQ6Lppfd4o83B5via-4W4N7qBO6o79Ag3X5PZFkQgAv-AIRb6RxFkM3NsPcFBREJEfNVMvZx7Q8LX9kDMD1LfTwlHbq0D4E1vJDdrYZ73CHxKbyM5-EUK9J6fimv4fI2tc6qVFy1tdzP_yUzCUsHIU4-SW6G8cXMeo5VmRRnN3w6hRvIA6aD1QCpJ5ByMIEjwOwOJeyjO9F3yaFz7WKQ76kNfCdZpYZT1UlWEH6heLSoXfrZ2JdwN2Px2c_uNXUOIkEDGqLjPXfjFED5P2GaSG1MTEWKwKN06YY2iVBidrO1jhqr5F8Ktpy0QtvXwagEE2jmL041v-uQm6aD-p43qazNnNjZy39BRF6H9UJBfzywg6DHuAFW5lXcr7D1HmGa7S9QmRUhF9e1V_tWfDkk3BOCY_H7fXFzg8-VdGnuR_a3YR_bAqUcbIMtqIPM-fkX4KTMsap_ZoqOiewnh0n2fddJ6vlAf4HVPRwIdOf2toXBUBTs2xFZSe7PMiL02mW7CeJ1OCiNyLOrehdx6FSJaI4xN-eWPedRzVcAaj_wMR7UBbBituXegoV3KLRv3qRC9W55_iC0GtR47p5fRDhHB-_yBeOnWiDO_ayA-Tq0GzRWVy_pWJZGjyLC_eenX2-mJvGnmbFGIAzoVJBtydDU1nDiluYZbQQiipAKvVruFeqiqno0RMhUk28AbxpV-vm40qgCRfb-xAewvflkNkvoGXU7c2xRWVhzrF7jY2OjZkd_yUfx19Ckb_CgFZhp0UlNEufYVFauagx6GXZGC9qEYSG8ni3z0Yzbd_xeBoAnoKgXUef7wBnw2xYeDHnjds0uyt944GQW3gpLLSokUUxzZOCcWlMtuaZM3-LucJPSGiookTotGR2VKJL0-lIP0Sre8ypZARo3TS51PRVQ1606tae_nu8uHqt3xnUXNhRpgmXp9tMzvrymdtalxluEMw5h6-bPM1YYOY1TTG2FqFcKRA7UWzFL4nHraJiMz8PHuhLNarWP5OmvxhsOfST_aPHAMLBEUEnl49Ao0gyVwnnA1Xh_jo9soO9CdmMHMLc_ag18S7bCuwf1M&c=9d629269&v=3
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sat, 25 Feb 2023 00:10:52 GMT
Cache-Control: no-cache
content-encoding: br
X-TraceId: 4e41ede6977532eae901961add4a35cf
Content-Length: 49
Content-Type: image/gif;

GET
H/1.1 200
OK /
b1-nydc1.zemanta.com/bidder/win/outbrainrtb/dd1b2f27-b4a0-11ed-8adc-940c80b4f162/0.012462/PDYU3WV5P7U6UXGI47V4IEAOYVID7P5ZTFLVRE5W7JUM2ZG43T5LFTXNBJS3MY5KZHSSGQNCRIQOPK3ENSHJYEYFQWM335GGHYY25LFQVQ7... Frame E0B6 26 B
127 B 436ms
94ms Image
image/gif 64.202.112.95
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b1-nydc1.zemanta.com/bidder/win/outbrainrtb/dd1b2f27-b4a0-11ed-8adc-940c80b4f162/0.012462/PDYU3WV5P7U6UXGI47V4IEAOYVID7P5ZTFLVRE5W7JUM2ZG43T5LFTXNBJS3MY5KZHSSGQNCRIQOPK3ENSHJYEYFQWM335GGHYY25LFQVQ7U7ORXTZRCSI4J56JPXAU47DBIEOXARCHOT673FUXCSZTK6BPYQ54WMXEVUO3ONVFLVI6W2TUTMGST76KSGXZ7PIRZCX24RPEVOFOESLHS7XT3MZTUPT4ZVD5HGYK7BPQ7LTWFXWJF4X2L4MOXDPYREX4H2SQN7P3WNPLAXDJQDHNV5CQD6GDEBFVG2CQTBF7UNW6ML5GSIZKD4CX7QFWTLQXK5V6XLCGHFKC675LMGSDFOFWWVO2SJW7FJEYWMXDNTOTWBYUUGEAEQUMJCQQKV7L64ZN2D2YHNYHKYG2VANHKW6CIMOKTQLMFPUVGJFW37PYN7H5U6GSVVSSNMWE2DFML6QOW4V5KY5Y2UAWYPKF3XEE6RAPNAMRIA5O7T2DL36ZUCLFCT5YPEKGPJUIWXWDYU2TXEL65MJJJ2E7IBUZBTKDCPGSAMMSNOGQ/?wpos=1
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sat, 25 Feb 2023 00:10:52 GMT
Content-Length: 26
Content-Type: image/gif

GET
H/1.1 200
OK pixel
amplify-imp.outbrain.com/ Frame 40CE 43 B
243 B 439ms
93ms Image
image/gif 64.202.112.95
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amplify-imp.outbrain.com/pixel?p=MW1qguY4qimC59ZgYvg-V9dESb3yg9HWikPjgkw0NYw7pSCEml0a_je9WwzaX0LsMytzcpxWinNJbu_xJfUHbc-Tnw1tQoz8WDp_LCvnH08R1ie56wRMEJAUXwLThByguATzsgGPmG63VW10fAvo_Co7QZfYdVdYgL25KNm3O5RQYwtiHEMzNLGamxavvnKek-OFCMXBujvAqjceyJ6Gcc-zkNQFMIv6IiahI1CbRQHIZiPlmoSsFq1fADHZ1EAZv7pQ3xZBWpdIH-xQMvQweEQ_Bzx_LNzrYOd-ZABTkVUWR7KBWUP9fS3S8yPcJXOtnu3xmMTC8-zsZ1pMRtnn1pcGTNb6chedRcahDzyCB9HScTdaYkeyuoBOO5csRzhjYDPYvNuq3QsmtrLDLcLw6216DzCA2sQHktMSam3lD-AvT9RiEnp66WOv4atu6RtIaK0Q4_tDYE6ra9PiLWB_dnXPlbGUbecQirmhxnd7VrJdke26zdtYvuNylsdnTqYIP2douycDYbPk2hUVmH6TNnKBtXDgLKAKiNIsjXWN8Ps38Yi7sOrUcp5oj_D1I2QrWQkrzAfXzJlJSq1cAf_8BbdkZS5tQc8FLHxH32m1i1gllsZ-mZndCvfSZTNnW2sz7wKearCOFFYLWKah3x1FBpuSam7NOFa-RjHfEp_BEzbRr5oAOPce4NUu8urCjiqcCdH-KRGFihsz7HbCMB6b5U0jPYmZYRU5nBhNpPCKVhjaRoy52j3KE2lh3TtYqd6sPE9c1qOO9wfXF8Gb9LSwzcx6I0AOOcwyoZqmg7g7p4BMKtPUGhA4MRgf7JnU8SGnVo9NGM8pUGUbVjXVExU_rtPv-un65KPd8MQS1paBe3Vn0GwggMHS28x90Whca_cz6XTrVXuWD8oFlDrohx8p4Bfg1YNA1q8zndM3pC2ZSspJRfKR8uTJEies5UKcVGKJ2Jhflzxo3U9APcfwoQf-Npp9TYIwEEZeGdg_qtbf453YUFEXHuncVAl-qzI4sul41ZKU4iQBRJ2yVOeQ7XLxZcPO7Zde0X5tRr-sBRlLqmWdI1-oYCiSAc6XUIYvFuiiZH90fDUfZg1n7Mh-GyrGJQTV01pL6g8Rp8cuB1c74By573R8lvDNBbhdtvFvVyXbUmlPKYUSDRJlJHU5E_cu2y8c-YHpawyFpg7j4-_pI6xh4ZIT7CExga2JIxbMitRRbSO2LdItdJlGWRZ0JMphr9ckZ7x3zkV3o6xQ0xkaaEFR99GGcVbiaeqHIIW0ItUuJekbnubhBbN_boKG5hierQdjb81RxWrwmQpBnPJhEEAzGH42335T4YmC0I2cawbT_g_6-Yh6TWssGfKhPlkqQocMpNBn6DB5c_irGy0Y_90qLFcz9jzEcq-SWnYvmSA8ZvC1NlRCZkc2rYZqgcApydsC4TEQws__iuB2iHtoS5gIdBi1tNctSTc7kA8nasYJfCr7XgmCNyDOaLTWdrMv6S5VEvjrNPI02ME7b9UBcFO3WLp2YXLYIxXen1rxRU-6AHmGFGY_ICq9dcMc4zaBONCfb6ZNsilGGq6b-yJKB2yDfztVYFnWCatzkNhDBgnl8YjcHKuL7tIJKET5I2Ia-g&c=a90f9720&v=3
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sat, 25 Feb 2023 00:10:52 GMT
Cache-Control: no-cache
content-encoding: br
X-TraceId: 3da81c574bf6f46c807d041d48c04c31
Content-Length: 49
Content-Type: image/gif;

GET
H/1.1 200
OK /
b1t-nydc1.zemanta.com/t/imp/impression/C6ZCJHAFPUAVWKCXRZYZYAZJDV7PBGNF4LJTHBYSCD2XTBD5O6CVIAE7HXRUN2JMTCPPRCALARUWI6UO5Y3BVQLEQX7RFKOEMUJEPGH33BBUGU24MRWPW5FHQTDFTIKKNHNUYOULQOTBN42RAO26ZXYVUHABG4... Frame D02C 26 B
127 B 433ms
96ms Image
image/gif 64.202.112.95
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b1t-nydc1.zemanta.com/t/imp/impression/C6ZCJHAFPUAVWKCXRZYZYAZJDV7PBGNF4LJTHBYSCD2XTBD5O6CVIAE7HXRUN2JMTCPPRCALARUWI6UO5Y3BVQLEQX7RFKOEMUJEPGH33BBUGU24MRWPW5FHQTDFTIKKNHNUYOULQOTBN42RAO26ZXYVUHABG4BG6HI6DB5E7S5KK74TCI72SVGOO74KU6MQQAIGNKAMYH57B2WQFMNX65YRJICMSRNPXCBGQCZXTF7HICXJEUGTLY2D2SJ7FZM5UFMBE77BPBORYRLHBKG5G3G6GROTA2JX5M7FUSMC5X72GPMJED4F7KAUARJ6KLY5GC6R5JVTNHUDRSIFG64HDXNFNXKUDPI7CMCMPBI/?
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sat, 25 Feb 2023 00:10:52 GMT
Content-Length: 26
Content-Type: image/gif

GET
H/1.1 200
OK /
b1t-nydc1.zemanta.com/t/imp/impression/C6ZCJHAFPUAVWKCXRZYZYAZJDV7PBGNF4LJTHBYSCD2XTBD5O6CVIAE7HXRUN2JMTCPPRCALARUWI6UO5Y3BVQLEQX7RFKOEMUJEPGH33BBUGU24MRWGGSP4V3XBHZ3ATJRYNX3VXSROF42RAO26ZXYVUHABG4... Frame 07D8 26 B
127 B 433ms
96ms Image
image/gif 64.202.112.95
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b1t-nydc1.zemanta.com/t/imp/impression/C6ZCJHAFPUAVWKCXRZYZYAZJDV7PBGNF4LJTHBYSCD2XTBD5O6CVIAE7HXRUN2JMTCPPRCALARUWI6UO5Y3BVQLEQX7RFKOEMUJEPGH33BBUGU24MRWGGSP4V3XBHZ3ATJRYNX3VXSROF42RAO26ZXYVUHABG4BG6HI6DB7NEOD6M572P2BAIXXCBVD5I6CAYVAUOTTCXRW5CWM5UAFRLU65AULYLZGSULWGUZTTHJI6BOJIFBATLY2D2SJ7FZM5UFMBE77BPBORYRLHBKG5G3G6GROTA2JX5M7FUSJ42ALQFL7ARDZLT5S6TR5CC5EQOPA5N6FH6V5DQAUESM2U6ROQDTS73LRDTWPBM7A/?
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sat, 25 Feb 2023 00:10:52 GMT
Content-Length: 26
Content-Type: image/gif

GET
H/1.1 200
OK /
b1-nydc1.zemanta.com/bidder/win/outbrainrtb/dd1b2f27-b4a0-11ed-8adc-7dc1e73cab62/0.01209/PDYU3WV5P7U6UXGI47V4IEAOYVID7P5ZTFLVRE5W7JUM2ZG43T5A4W7GNSPNV6QJHDFJL7DHC2ZXEEOWLQQ6DEWVLZGGVSJI5B3DKF5RXCZU... Frame B011 26 B
127 B 431ms
94ms Image
image/gif 64.202.112.95
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b1-nydc1.zemanta.com/bidder/win/outbrainrtb/dd1b2f27-b4a0-11ed-8adc-7dc1e73cab62/0.01209/PDYU3WV5P7U6UXGI47V4IEAOYVID7P5ZTFLVRE5W7JUM2ZG43T5A4W7GNSPNV6QJHDFJL7DHC2ZXEEOWLQQ6DEWVLZGGVSJI5B3DKF5RXCZUBTIUK52HABC3DLFT632LFPZYIJQR27GMB673FUXCSZTK6BPYQ54WMXEVUO3ONVFLVI6W2TUTMGST76KSGXZ7PIRZCX24RPEVOFOESLHS7XT3MZTUPT4ZVD5HGYK7BPQ7LTWFXWJF4X2L4MOXDPYREX4H2SQN7P3WNPLAXDJQDHNV5CQD6GDEBFVG2CQTBF7UNW6ML5GSIZKD4CX7QFWTLQXK5V6XLCGHFKC675LMGSDFOFWWVO2SJW7FJEYWMXDNTOTWBYUUGEAEQUMJCQQKV7L64ZN2D2YHNYHKYG2VANHKW6CIMOKTQLMFPUVGJFW37PYN7H5U6GSVVSSNMWE2DFML6QOW4V5KY5Y2UAWYPKF3XEE6RAPNAMRIA5O7T2DL36ZUCLFCT5YPEKGPJUIWXWDYU2TXEL65NDQVQ5W32OSH7C5HBQU343ZRNFQ/?wpos=2
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sat, 25 Feb 2023 00:10:52 GMT
Content-Length: 26
Content-Type: image/gif

GET
H/1.1 200
OK pixel
amplify-imp.outbrain.com/ Frame 955D 43 B
243 B 438ms
93ms Image
image/gif 64.202.112.95
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amplify-imp.outbrain.com/pixel?p=MW1qguY4qimC59ZgYvg-V9dESb3yg9HWikPjgkw0NYw7pSCEml0a_je9WwzaX0Ls9tXGjRq3YRpaXXyF77FIT2DuI1CWfJCjSL7ADrDw711y0hE-wLXea6jMUBjXD99nllP1-LjCDj03LQKIXj51y61ajGRpYm52ZO41qQumhmQ9o-1Yf64qNr17L9OELNkqtmZFgKHHvmfuF3uiuCC0Mk7W8er9vzSywe6PuCb5yqAu2p7Mln38BTomkzoXBQhj7571SYEgJ0VNiBf8_rCnzSiKgI5fujVW1z_p9vfmDc_37wgPuXvRsNnTPBUIAneBymOH4hwPmTHFe4LGWoK3BZqV3qrAOLluZDWaO8491U1uCoWOaeyFHJI3m2KrihY8bHYkzDHiewXDXYbyra-yG690hT9jcIfjM3eEIEoyxWlaMT6lDazXFyaZdp9lWaZDBXBHU4GRaXgDYj1ze07eKobRZQea6-IYngP1i4UGHwaaZ1UCU1ro17BU61zl8woKgTuDrtkkwnjDNDcQ_kgSwzRubD_pSiAuKKu1PFIPcGSShldKG1mXEpuV4hf1RTqEn_rSkTVYwXFS8G1KQgPeX1KLKanDRxIeEJvk19XZ-kEpQBCrkHfbWRN-WAN192R9dzvQHfevyW_D5Mb6XqGDhR6_l3McdRHQ1wUMoJJVKswIfgGr5weezdm1ythxVDxb8y5gRToQWBl_rxQ8rCVnuzAKelpZP8K3xF5IBspt2MSC242kIFUOJBpMi73bVD-5m9qztTcTTxuq7aZ-Tx2STh7MRpy4fh5UXvEtuLKNtZ3iErb8CA-P1dDBuw-3LDWG24k8LOFIXkiIGqAgCncRqpa_E8x4vbp6YCS_tUB2aKj_9V3A5PBZtSsQO7Q1DHmyRKGdp3mCJOhuTgkpEt1c_6ZaKhtMl3LhsBYXIWOC1fRPhQZh_eYkfCq1BNoHkS6b1dk893ZUydD1ACJi1tE_It5NEV42BQ3FqO-epCEOtUosC4m1gzP_8YVtZWSkZGyL0EVWx5Ys-SSJeXufHjd8vmLcsoGWPP7Pc0mIUvWlyNlsu81ehJj5_rTWuJ6b9bSL4VPmHsBBB1eLgcaPKxHbwRL6PQM5JXYrCTs_hzk7ENUOFH3p1Yf8ZOqxdBrZxBcwmS6yIoQDuviD1DX5qQlDcBqffwFK5ynes2B2nOqQe3NiuKIwXg3hJNyHH8Z5QVNMUgHtEceEHTbIe8RA_06h3Zp0noTpn3S1eHIuGjszouigD8kZ_ywhUI0_JJPiypky9gEw4Nc6DCiJ_0C6b4gx-gLzDpNpc4iqEf_do8EmOT0FdTFrsid0IffLsEKjSjHAW1R51iDwfXqY5UtzPKgGscJVODkl_onjMc1BpA5N1C1FSSBZkOIAkBEY33efTHq4L5cZDVaXWNtKMiBTKYEoSs3CbriwNa5Jc5z9MVPaX4sAGGLi95wyanndJQdAbtAQIkgO3RLHNsrDtqrYaSTh-cFFdj-MgEvwGmjEaDaHUDxmfnGNcZ-a4JVrwkAu_uKVVEYp5OKr9ulAGH7CeTYyHFQYbAUhrZ999p_FTQen3EpgfkV9My2MdpPQjL045Iz2rKCIGUTqE4KAcO-0Jmcrng&c=92a51c3b&v=3
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sat, 25 Feb 2023 00:10:52 GMT
Cache-Control: no-cache
content-encoding: br
X-TraceId: 5d1ed2b5350266b5396b2688fccc14a1
Content-Length: 49
Content-Type: image/gif;

GET
H/1.1 200
OK /
b1t-nydc1.zemanta.com/t/imp/impression/C6ZCJHAFPUAVWKCXRZYZYAZJDV7PBGNF4LJTHBYSCD2XTBD5O6CVIAE7HXRUN2JMTCPPRCALARUWI6UO5Y3BVQLEQX7RFKOEMUJEPGH33BBUGU24MRWPOVF35737FQOMHKLTXBT3WYHOH42RAO26ZXYVUHABG4... Frame AF5D 26 B
127 B 433ms
93ms Image
image/gif 64.202.112.95
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b1t-nydc1.zemanta.com/t/imp/impression/C6ZCJHAFPUAVWKCXRZYZYAZJDV7PBGNF4LJTHBYSCD2XTBD5O6CVIAE7HXRUN2JMTCPPRCALARUWI6UO5Y3BVQLEQX7RFKOEMUJEPGH33BBUGU24MRWPOVF35737FQOMHKLTXBT3WYHOH42RAO26ZXYVUHABG4BG6HI6DB24HYNIKPZP5UYA4IXN7YROZ2LZ2VAJDBRELDM7SJXIFDQUY7T7XCVHHKINXDHZ4OV7352AEN4AO6S2BLENA7TZ7362KITGJPOFIDGMBIGABLGWVBWWSWCX6DGVBAMOCNA5GIWWJMEZB7UI6CDBZMMKDHX7UAWAMPDTT6HMFRCSAKKM6EKIH7B3RK22VYWLP5A/?
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sat, 25 Feb 2023 00:10:52 GMT
Content-Length: 26
Content-Type: image/gif

GET
H/1.1 200
OK pixel
amplify-imp.outbrain.com/ Frame 4DAE 43 B
243 B 433ms
93ms Image
image/gif 64.202.112.95
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://amplify-imp.outbrain.com/pixel?p=MW1qguY4qimC59ZgYvg-V9dESb3yg9HWikPjgkw0NYw7pSCEml0a_je9WwzaX0LsMytzcpxWinNJbu_xJfUHbc-Tnw1tQoz8WDp_LCvnH08R1ie56wRMEJAUXwLThByguATzsgGPmG63VW10fAvo_Co7QZfYdVdYgL25KNm3O5RQYwtiHEMzNLGamxavvnKeRzkTS9amgb7_tb2pYjo9D87q-jXE3BhoCnV-67_q7RUAPSuQwDygYr1pL_bvu190JItY5tQxMHEm73iVpoHt74A1MxddaalRjtInS1NYHSsBZi1wr7xJkRns0iVyUSdlrIL-H3mEF07zLCLCZwHq5AMW87EHYeJbbsj-JwLfAv4GyqBRbzhVqNF2RlLRCPRD0s4Aw06s6gcryMX1RxH--i7XjS3ENfkdsDVPliYdfw51nIw-y4usqP-qhXKRVUhJ4zfOV7JdXMalvqNjq-iA4MeW3TweIn-gHfQO2F8mZilmQjmQdF50_Lk9Vs8sfjpx1LWLPcAalG8csaGCz0MJOLk8gTTKqIDEYoGMGmkNjPrqJLUqqCdedyWS2loVE1yjnsJrX7PHfHeeO3d1CrOzcjgclMKAb_EXzZZ8Go8xa-QwmmV34B0sXaM4xyZwONg1yyPKzuf9r8UeLBH2QjzwEuZ6JdKcK28vE2KRBTnQq2rOU_eBbcnMFFYdfccefowlsoqG-aSRg96fOnUGdvuSvyqet5DFks143xxGzPMXRECNocIPGFTOGxe337XWPafUfg5i0ezsXpxI7RBqUvnd3d_qOtxYgTRqZ-pRNGIzV4nkZTjyGqNVVqk7roJEfu1YHSs4Yt-XFoNqjwtNi_4yI-VdMvkDPbOvVZc3Ay6gc23Jg1WWKQkiy_CQbDg17izS7byVKBTN-847Ss-BwD47PxzV_WoiFdlMg5sgVisEnZ70C3kOSti_BOHaN0vKuAbH5z4c8Ks28TOFzvR_oCdyihH6cFDgSZ9ohc4cRSq34M6MaYfvP9sKg4pDLjEwM5mjL4UZGq_wn8PfMn27bx8IqpyxPvcXdU4UnPwdTd051R-X_tmRBgEmDrSy5v7BqB3gtTLKhnWxoCcY375U2o6c5Cikvq3C5MmIbCjisD9F97sH3oEARM9kcu2-x0dy2mIl967yaU8ON7GHkWPIw-GYZ3rz8vJHcFzsT0JnECys30rTjfIcelZuz2AU9innqoLcYzIJdt4q4e6ZF5rg5FEYwhIEh6uaGOj_D-bSCLeYOoSTPD2phUKQnSLEWr6CD5PObM_5xTQGzGotqfVhAaWOZfzj-trJV6r2IgaLXPU_5x2b_88hMrB6pfKShDwytwr5SxrLlJeidHoF11mqyvbFSI4HOSFQUJr6ym3YcXqMTbS9vSFphCPgxg5Aj9PrH7HKPxa9CpohWqP-K71G5P2baRujvo4NywFsZ2Co9vyrMWj1dNo3m7dET0vfznSBHuTdOk-DLgHPiCzrNeeG97K0bg7iRcAmRYnaRZ69MeFodPbkCIPAjn4YGINDQZA6hxWtkqPW-NsxQbpFUWVmYHE0JZRd7Zk2e7eAWnGtlq15F8GlqGP2LXmc5sv97PkSbAx9x8NIK1QWmAAVuRMuQ78t2Q&c=2288fffa&v=3
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sat, 25 Feb 2023 00:10:52 GMT
Cache-Control: no-cache
content-encoding: br
X-TraceId: 42b759dd56d1e81828a1e0b1dcab9199
Content-Length: 49
Content-Type: image/gif;

GET
H/1.1 200
OK /
b1-nydc1.zemanta.com/bidder/win/outbrainrtb/dd1b2f27-b4a0-11ed-8adc-7c504877bc62/0.012067/3YZONRZA2IRXRJE4UTQQ63F2SJID7P5ZTFLVRE5W7JUM2ZG43T5A4W7GNSPNV6QJSDKSIFMY3Q47IOPOVKY4KRABYADRXMRKYD7GMSHRKTS... Frame E16B 26 B
127 B 429ms
94ms Image
image/gif 64.202.112.95
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b1-nydc1.zemanta.com/bidder/win/outbrainrtb/dd1b2f27-b4a0-11ed-8adc-7c504877bc62/0.012067/3YZONRZA2IRXRJE4UTQQ63F2SJID7P5ZTFLVRE5W7JUM2ZG43T5A4W7GNSPNV6QJSDKSIFMY3Q47IOPOVKY4KRABYADRXMRKYD7GMSHRKTSMOI57AE7ISLHQNBFHRSTCG2ZBMKBYXFXFVJPZRDLSVGLNEKRMJUFVZDFIYAX36324ST2G2QVLNPYXZRT2VFSGSSBM3ECCU2LUGX4IA7SQLNAAISMCVLNBM36XA332VUPSNB4BPAIIWDSU5RNCZZ45IQQ6UAL65WQRFMTLZHUF5IIUDQGG444W65YRJ5CLDU2EGOUI3H422RAR5L24LHNCZNMTITJGGWXTJ3AG6FKXCTMV6VYAZNJITUHUZD64OQM6XLVBMYHSFHGKDO5SKR7HBRZMDY54PY7CGUCVQZCRW5FKXSPFWP4JW4BERWAITTAJMVN5MECZND47HYBRRL77D4XZ3R53JDZL44ZQL7VYMG3WMY27AWGZMJP4KUUEXBOWTZ2UDFA76KZDGOLLFHTEGOL52TSVNOXF25T6J27QVWNWLGILXSKRRWCXXGA/?wpos=3
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sat, 25 Feb 2023 00:10:52 GMT
Content-Length: 26
Content-Type: image/gif

GET
H/1.1 200
OK /
b1-nydc1.zemanta.com/bidder/win/outbrainrtb/dd33361f-b4a0-11ed-bd52-adbac9db5e9b/0.01/PDYU3WV5P7U6UXGI47V4IEAOYUGMJ3VZNVAAZV5W7JUM2ZG43T5JTWXK2JAKVCJU454N5LEUCZRK5ON6VRM7RSFTOCZO25TBNPBWJGNPIMGHLSA... Frame 8B63 26 B
127 B 430ms
94ms Image
image/gif 64.202.112.95
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b1-nydc1.zemanta.com/bidder/win/outbrainrtb/dd33361f-b4a0-11ed-bd52-adbac9db5e9b/0.01/PDYU3WV5P7U6UXGI47V4IEAOYUGMJ3VZNVAAZV5W7JUM2ZG43T5JTWXK2JAKVCJU454N5LEUCZRK5ON6VRM7RSFTOCZO25TBNPBWJGNPIMGHLSAZ74SEUB4DPJQDUW4I6CFLU7UKQ7GI7673FUXCSZTK6BPYQ54WMXEVUO3ONVFLVI6W2TUTMGST76KSGXZ7S35BHE7SWC2MEFOESLHS7XT3MZTUPT4ZVD5HGYK7BPQ7LTWFXWJF4X2L4MOXDPYREX4H2SQN7P3WNPLAXDJQDHNV5CQD6GDEBFVG2CQTBF7UNW6ML5GSIZKD4CX7QFWTLQXK5V6XLCGHFKC675LMGSDFOFWWVO2SJW7FJEYWMXDNTOTWBYUUGEAEQUMJCQQKCH4TFMX2U4NZE643UU6MJWESZ6MTKX6LUVEU3XGGWP75566U5WKU6GSVVSSNMWE2DFML6QOW4V5KY5Y2UAWYPKF3XEE6RAPNAMRIA5O7T2DL36ZUCLFCT5YPEKGPJUIWXWDYU2TXEL65MP2KJTWY5AJ2JCNUMX274IK6SRY/?wpos=1
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sat, 25 Feb 2023 00:10:52 GMT
Content-Length: 26
Content-Type: image/gif

GET
H/1.1 200
OK /
b1t-nydc1.zemanta.com/t/imp/impression/C6ZCJHAFPUAVW56C3GHG5TW5H57PBGNF4LJTHB2SAJRA4CD6KVXUX36NWWGVWTJ4L223GOUJKCXULGG3CJ37H6FDDUC65SZWUH2YNR5KEPY4EYO6X6YPAZZZLZVVU6U75DZM2HDQI6XM342RAO26ZXYVUHABG4... Frame 7E84 26 B
127 B 430ms
95ms Image
image/gif 64.202.112.95
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b1t-nydc1.zemanta.com/t/imp/impression/C6ZCJHAFPUAVW56C3GHG5TW5H57PBGNF4LJTHB2SAJRA4CD6KVXUX36NWWGVWTJ4L223GOUJKCXULGG3CJ37H6FDDUC65SZWUH2YNR5KEPY4EYO6X6YPAZZZLZVVU6U75DZM2HDQI6XM342RAO26ZXYVUHABG4BG6HI6DBYYMSULJ2SEHZJXFSJ2D5WPHCX5YVAUOTTCXRW5CDOTSTRYSOGKWILYLZGSULWGUZT7HOY6MYCQAPJDLY2D2SJ7FZM5UFMBE77BPBORYRLHBKG5G3G6GROTA2JX5M7FUSIP2JIC2E56YODLT5S6TR5CC5EQOPA5N6FH6V5DQAUESM2U6ROQDTS73LRDTWPBM7A/?
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/externals/obPixelFrame/obPixelFrame.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.95 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widgets.outbrain.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Sat, 25 Feb 2023 00:10:52 GMT
Content-Length: 26
Content-Type: image/gif

GET
H2 202 6d6d25e3-5be4-444b-82ae-a8f0bb892234
analyticssystems.net/api/v2/ad/impression/ Frame 3DD1 0
311 B 141ms
128ms Image
text/plain 2606:4700:3032::ac43:cb69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analyticssystems.net/api/v2/ad/impression/6d6d25e3-5be4-444b-82ae-a8f0bb892234?rand=223446
Requested by: Host: e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com
URL: https://e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:cb69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 00:10:52 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FivnhsxT010mvbFbZl7nVyhAw2n2YI4VkMmojiImR0cZIvIJ6I4r0wLATCdMDqRJNmN3qDGovh8gB6Nim54Hz1V34wGpESMhFqeFAoxlvLgZqhtfnPTZutQ10Vd2vNQeyok7tCwSoT3I1wxluql6B3%2F%2BhA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
cf-ray: 79ec386dbe3bbb5c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-request-id: F0boxveB5AY1lKwFq7QB

GET
H3 202 6d6d25e3-5be4-444b-82ae-a8f0bb892234
analyticssystems.net/api/v2/ad/impression/ Frame 2E87 0
526 B 121ms
121ms Image
text/plain 2606:4700:3032::ac43:cb69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://analyticssystems.net/api/v2/ad/impression/6d6d25e3-5be4-444b-82ae-a8f0bb892234?rand=187376
Requested by: Host: e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com
URL: https://e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3032::ac43:cb69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 00:10:52 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XIQj20sbab8LVLdEgM8NzNXrFWsmVoUYvXzL336AnZgXFEnkaGu4aTboo9UIhXW51X1Jzry%2Fx41XpkRfxdwehDoUNzVGR%2BLxTRM%2BPETgZdVK6BlMaqGSqLq%2FhaHNmILZAZG4UDOgKXTyq%2FBdfpzjeJAljA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
cf-ray: 79ec386e2b69360c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-request-id: F0boxvvKoWxzr6gJaklh

GET
H3 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/~b208246486/html5/ Frame 2AAD 16 KB
6 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/~b208246486/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16109559932968589349/index.html?v=b208246486

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 19:26:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17082
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5660
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 25 Feb 2023 19:26:10 GMT

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/~b208246486/html5/ Frame 2AAD 34 KB
13 KB 39ms
37ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/~b208246486/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16109559932968589349/index.html?v=b208246486

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 20:15:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14096
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 25 Feb 2023 20:15:56 GMT

GET
BLOB 200
OK 8175275f-da07-46b2-b42a-9bd70a0ab58e
https://e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com/ Frame 3DD1 789 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com/8175275f-da07-46b2-b42a-9bd70a0ab58e
Requested by: Host: e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com
URL: https://e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6bc4cd5be69f0c87c948ad881f4f72e4414b5e5166ba219b7a6b72f197b775ee

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Length: 789
Content-Type: application/javascript

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 1D86 28 KB
28 KB 169ms
47ms Font
font/woff2 2a00:1450:400d:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.fox13now.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 16:20:09 GMT
x-content-type-options: nosniff
age: 201043
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 22 Feb 2024 16:20:09 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 43F7 143 B
212 B 49ms
37ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com
URL: https://e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1434
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Feb 2023 23:46:58 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/ Frame 2E87 3 KB
1 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/window_focus_fy2021.js

Requested by

Host: e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com
URL: https://e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 11:58:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43946
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Mar 2023 11:58:26 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/ Frame 2E87 20 KB
8 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com
URL: https://e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e713a207017a40f54387d0e25bbb3cbbe1b3d10338cdd4a7342cc1486b19140

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 18:59:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18709
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8274
x-xss-protection: 0
server: cafe
etag: 9471482037410804447
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Mar 2023 18:59:03 GMT

GET
H2

200

usermatch Show response
ssum-sec.casalemedia.com/ Frame 4447
Redirect Chain

https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=184986&us_privacy=&gdpr_consent=&gdpr=1&gpp=&gpp_sid=
https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=184986&us_privacy=&gdpr_consent=&gdpr=1&gpp=&gpp_sid=&C=1

2 KB
832 B

26ms
25ms

Document
text/html

104.18.25.185
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=184986&us_privacy=&gdpr_consent=&gdpr=1&gpp=&gpp_sid=&C=1
Requested by: Host: e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com
URL: https://e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb9c0e020b07686b1c784ae61d85384965b30e3c907c2f4aafa1796716073759

Request headers

Referer: https://e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 79ec386f585f929b-FRA
content-encoding: br
content-type: text/html
date: Sat, 25 Feb 2023 00:10:52 GMT
expires: 0
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qbTo9MhBHRkYJp7wSfYYhYqDVfHnUITEipXaMUT7HaKGLnv7F8S1LgFSyGjteBfHc0wr7m5dFwxi0rFxZcNs9WsJtK%2Bee8DaNgAGyvqtFZIES%2B2mBbvwu6yUNj1funhiCx7BtWVOihiqgg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 79ec386f2852929b-FRA
content-length: 0
date: Sat, 25 Feb 2023 00:10:52 GMT
expires: 0
location: /usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=184986&us_privacy=&gdpr_consent=&gdpr=1&gpp=&gpp_sid=&C=1
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bKUi8cKVGLck%2BIs%2BHKWT9aDA9VOK6zY2YAfM0kat46iyzjWKE3Jj8pr2HTMHBO42J41MhkDRQg4mTbyvTt%2Fm%2FQv406cSyXXCMvaVwz1WYi61%2BOeXd6J6dYF6rGYIMLhwG79QOt2S7xjtgg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame 3DD1 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2a4c6f1135bea31e7d62ea82f74bbc26237303789b09be1b55e7bf8c3f9bc29a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4067449939867694294
tpc.googlesyndication.com/simgad/ Frame 85D3 47 KB
47 KB 43ms
42ms Image
image/jpeg 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4067449939867694294?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmVNOGOp_yPUKNJjMd19J_TS-x17A

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=366289824&adsafe=medium&client=ca-pub-5722610347565274&format=970x250_as&ip=2a03:1b20:6::&output=html&unviewed_position_start=1&url=https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth&sub_client=bidder-195620&aceid=MDesFQAlGLQAnxy0ACJqNAHvejQBWH00AeuBNAHGgzQB1IM0AUGFNAGJhTQBuIU0AbyFNAHehTQB7YU0AfeFNAEWhjQBGYY0ARqGNAEnhjQBKIY0AS6GNAE4hjQBPoY0AUGGNAFEhjQBU4Y0AXqGNAFLc0EBU3NBAVVzQQGrRlQBRPUeAjjIXAIs_IgCeECqAidCqgIHTaoCBVGqAhtRqgI7WqoC0GGqAhJoqgKUaqoC_XiqAoCbqgKBm6oCgpuqAlqgqgKiqKoCuLCqApaxqgLb1qoCyeKqAqDlqgJH-KoCqvqqAr_6qgIl-6oCQfuqAlkTqwJwGasCfRyrAg8hqwKDJ6sCXCirAvsrqwLuLKsCnDCrAnAyqwJ5M6sChzOrAl41qwINPKsCIzyrArQ8qwKCPasCXD6rAts_qwI_QasCkkGrAglDqwJpQ6sCiUSrAn5FqwLhRasCG0arAkBIqwJ1SKsCkEqrAmNLqwI-TKsCSUyrAohNqwLDTasC702rAmBOqwLSTqsC3U6rAhZPqwKwT6sCtk-rAsxPqwJmUKsCE1GrAllRqwIFUqsCUlKrAv9SqwILU6sCSlOrApFTqwLpU6sC8FOrArJUqwI1VasCOlWrAmpVqwKAVasCI1arAm9WqwLyVqsCblerAjZYqwJEWKsC6lirAgdZqwLfWqsCVlurAl1bqwKLW6sCG1yrAi9cqwJhXKsCHF6rAlFeqwJK7QUDTO0FA8WyxQXinPsS0qv7EtSs-xK2sPsSP7H7Ei_J-xKc8vsSgPX7EpT2-xIv-PsS_gD8Ek4I_BIpCvwSPQr8EvMK_BJ2C_wSfAv8EsIL_BLdDPwSbg38EnYN_BLTDfwS-FZrGqi8_yM&awbid_c=AKAmf-CtKmA5aBJZlP2NZhKP8EhYdvvxInh67653xGjs2X5OAqVH9QMcNyzDvCXiRCiGhO9DuUdrUA31ZmTa7Ujy6QUnvsBS7U9qin_liyaptXhnnfDjjCZzhYLltO9A7jItACwqGu_EdDYWt8sDWIs9Y0mA9xj5Sxboid5RnbN06lM3k0_8j64&awbid_d=AKAmf-DrTM6imjRxh9E5j6Hx7MT31AjEZmPyS5S0gpzqv0QCGeEWVcTTTP594meuMm5Ks3BYHRTUkNjVmnzfZqV-UQmwiLA9YzFIqJV9z0u6KPpWNtGL62eu9-dH_jWP-IM8Yk1cFqj4bVCYHxPNaudMtXWhmJOHEQGO4sDtmBB2bdHfW6BNg4AFAafsvlBc_9vEL4oM-UX2tujOu_jyufOYADE52-LEnWsMimYlCoNWeW4hdM_2WSakc_-tfssXZkiWhsVhjZTKUsuvNnbkx3Gp5JZp-iRPWSEuaCzWC4xIW1HILC5vCiRmixsFm4fbdFIpLyklYNvNHetKjQN-tglW9bZ0Bwt4LPxLXKtSJPXXz-Gf6R5FQDRc1kIyMw5aNsfvS_ZYrgI9QKunuBwbeZ8U0G8TI_jW7l3HJUQhF858qiTXt2nTIEONzPjT466CVhH2ns0Jh64lVqTDr2BN3CJUpn1-GV2PZRTfQAutrc0sKKGxWKeLXcVPwM-rm_HymqrAEVV2GirRguOgFusKLa4WTyTOQ0LYsGNz1cub2BjZsoIrTzJXFPplwLn3OSOp7DbKiIMuwrurPFYNGqeX_ibQwvl0MhOWzXICz3C43lCjgIsQjnOz78tC9KA8Rtb1cRHrIYCLmGWM51lAaVOXXLh0A3HbzRypHHOzjrPxNd6vlH98kdNqqwnwB5Y3e5gR_Qiu3a0b8MdsF0vwHXy64ZYlvFpn8oDgQW2Ikme0PXHZWN8GYs5wcgSmH9ed_EoHM7u0bjaP6C4ymx0jP14PGxldwpEJ-v_3Ka4d-1PSX_m27Hfj5oQ779VVm9nbjUrslYRE1CcGlAqxmMIHDep6aoxv_ivl2E5GeA&cid=CAQSGwDUE5ymYuZn00neL0jhwbsRLwTUaHM77XG_gRgBIAo&exk=378098682&rfl=https%3A%2F%2Fwww.fox13now.com%2F&a_pr=13:Y_lSCwAAAAAKQC_eWBVRFyBKnp4MkFPIWaRFkg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4dd7ce2bccd78896bb8a453887e4b95261de47a8417469cbd2b8e7953deffe6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 08:15:45 GMT
x-content-type-options: nosniff
age: 316507
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48331
x-xss-protection: 0
last-modified: Tue, 21 Feb 2023 08:00:08 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 21 Feb 2024 08:15:45 GMT

GET
H3 200 abg_lite.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/ Frame 85D3 28 KB
11 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8294f47c10ab9172680f9bba780fecd122dbec7acc578a6973704c97903a8915

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 03:12:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75503
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10818
x-xss-protection: 0
server: cafe
etag: 16521218800250601078
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Mar 2023 03:12:29 GMT

GET
H3 200 window_focus.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/ Frame 85D3 3 KB
1 KB 45ms
43ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/window_focus.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dcc84ca2069873bf863e0b36e587fd75731d689301e628c13156550f61689722

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 03:12:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75503
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1305
x-xss-protection: 0
server: cafe
etag: 12828169674928258300
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Mar 2023 03:12:29 GMT

GET
H3 200 qs_click_protection.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/ Frame 85D3 28 KB
11 KB 40ms
37ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/qs_click_protection.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e6664a3276fdcb4b406333dfee2ac0939937923bfd074f55318116f355b3d634

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 03:12:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75503
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10964
x-xss-protection: 0
server: cafe
etag: 12906641936455414084
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Mar 2023 03:12:29 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 85D3 0
0 47ms
45ms Image
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRkinYgDdaXCkuEF2PyUg6d9N9027SLFkgYuJQLvNEUCbZD8Dbs8HkB_WNn27SYNAg5btlGWDlyCeQeAIHy8oKTTcozxg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/adfetch?adk=366289824&adsafe=medium&client=ca-pub-5722610347565274&format=970x250_as&ip=2a03:1b20:6::&output=html&unviewed_position_start=1&url=https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth&sub_client=bidder-195620&aceid=MDesFQAlGLQAnxy0ACJqNAHvejQBWH00AeuBNAHGgzQB1IM0AUGFNAGJhTQBuIU0AbyFNAHehTQB7YU0AfeFNAEWhjQBGYY0ARqGNAEnhjQBKIY0AS6GNAE4hjQBPoY0AUGGNAFEhjQBU4Y0AXqGNAFLc0EBU3NBAVVzQQGrRlQBRPUeAjjIXAIs_IgCeECqAidCqgIHTaoCBVGqAhtRqgI7WqoC0GGqAhJoqgKUaqoC_XiqAoCbqgKBm6oCgpuqAlqgqgKiqKoCuLCqApaxqgLb1qoCyeKqAqDlqgJH-KoCqvqqAr_6qgIl-6oCQfuqAlkTqwJwGasCfRyrAg8hqwKDJ6sCXCirAvsrqwLuLKsCnDCrAnAyqwJ5M6sChzOrAl41qwINPKsCIzyrArQ8qwKCPasCXD6rAts_qwI_QasCkkGrAglDqwJpQ6sCiUSrAn5FqwLhRasCG0arAkBIqwJ1SKsCkEqrAmNLqwI-TKsCSUyrAohNqwLDTasC702rAmBOqwLSTqsC3U6rAhZPqwKwT6sCtk-rAsxPqwJmUKsCE1GrAllRqwIFUqsCUlKrAv9SqwILU6sCSlOrApFTqwLpU6sC8FOrArJUqwI1VasCOlWrAmpVqwKAVasCI1arAm9WqwLyVqsCblerAjZYqwJEWKsC6lirAgdZqwLfWqsCVlurAl1bqwKLW6sCG1yrAi9cqwJhXKsCHF6rAlFeqwJK7QUDTO0FA8WyxQXinPsS0qv7EtSs-xK2sPsSP7H7Ei_J-xKc8vsSgPX7EpT2-xIv-PsS_gD8Ek4I_BIpCvwSPQr8EvMK_BJ2C_wSfAv8EsIL_BLdDPwSbg38EnYN_BLTDfwS-FZrGqi8_yM&awbid_c=AKAmf-CtKmA5aBJZlP2NZhKP8EhYdvvxInh67653xGjs2X5OAqVH9QMcNyzDvCXiRCiGhO9DuUdrUA31ZmTa7Ujy6QUnvsBS7U9qin_liyaptXhnnfDjjCZzhYLltO9A7jItACwqGu_EdDYWt8sDWIs9Y0mA9xj5Sxboid5RnbN06lM3k0_8j64&awbid_d=AKAmf-DrTM6imjRxh9E5j6Hx7MT31AjEZmPyS5S0gpzqv0QCGeEWVcTTTP594meuMm5Ks3BYHRTUkNjVmnzfZqV-UQmwiLA9YzFIqJV9z0u6KPpWNtGL62eu9-dH_jWP-IM8Yk1cFqj4bVCYHxPNaudMtXWhmJOHEQGO4sDtmBB2bdHfW6BNg4AFAafsvlBc_9vEL4oM-UX2tujOu_jyufOYADE52-LEnWsMimYlCoNWeW4hdM_2WSakc_-tfssXZkiWhsVhjZTKUsuvNnbkx3Gp5JZp-iRPWSEuaCzWC4xIW1HILC5vCiRmixsFm4fbdFIpLyklYNvNHetKjQN-tglW9bZ0Bwt4LPxLXKtSJPXXz-Gf6R5FQDRc1kIyMw5aNsfvS_ZYrgI9QKunuBwbeZ8U0G8TI_jW7l3HJUQhF858qiTXt2nTIEONzPjT466CVhH2ns0Jh64lVqTDr2BN3CJUpn1-GV2PZRTfQAutrc0sKKGxWKeLXcVPwM-rm_HymqrAEVV2GirRguOgFusKLa4WTyTOQ0LYsGNz1cub2BjZsoIrTzJXFPplwLn3OSOp7DbKiIMuwrurPFYNGqeX_ibQwvl0MhOWzXICz3C43lCjgIsQjnOz78tC9KA8Rtb1cRHrIYCLmGWM51lAaVOXXLh0A3HbzRypHHOzjrPxNd6vlH98kdNqqwnwB5Y3e5gR_Qiu3a0b8MdsF0vwHXy64ZYlvFpn8oDgQW2Ikme0PXHZWN8GYs5wcgSmH9ed_EoHM7u0bjaP6C4ymx0jP14PGxldwpEJ-v_3Ka4d-1PSX_m27Hfj5oQ779VVm9nbjUrslYRE1CcGlAqxmMIHDep6aoxv_ivl2E5GeA&cid=CAQSGwDUE5ymYuZn00neL0jhwbsRLwTUaHM77XG_gRgBIAo&exk=378098682&rfl=https%3A%2F%2Fwww.fox13now.com%2F&a_pr=13:Y_lSCwAAAAAKQC_eWBVRFyBKnp4MkFPIWaRFkg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 85D3 158 KB
48 KB 49ms
46ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82d63ecef7851ffd217020b3817b0206328488879b0c782f9b67d43bd1479a2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 00:10:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49360
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677104061356577"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 25 Feb 2023 00:10:52 GMT

GET
H3 200 one_click_handler_one_afma.js Show response
tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/ Frame 85D3 48 KB
18 KB 45ms
43ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230222/r20110914/client/one_click_handler_one_afma.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

af669993c551169a0a08b8ecdecf9641d8f3a64c88e570a462732fa093c21eb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 18:57:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18790
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18062
x-xss-protection: 0
server: cafe
etag: 11492036446248877334
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 10 Mar 2023 18:57:42 GMT

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 1D86
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

56ms
55ms

Image
text/html

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: www.fox13now.com
URL: https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth
Protocol: H3
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Redirect headers

date: Sat, 25 Feb 2023 00:10:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 85D3 0
18 B 84ms
83ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CIojzC1L5Y_GGNIDSx_AP36CLcKLasZhvutHU4JsRv-EeEAEgt-WEIWCV4pCCoAegAYeDv_cDyAECqAMByAPJBKoE_gFP0GoIJS9bzZ_sQDBYYbrP85yNUUX7H4FvngAn0Dq1ADeHvWdWaEz0URSuo80yy-lGfMNvFO8ASAbNjICE4V3DmC-XiQgjbjOQdpUFRl2enhUAwubJAlyX7BDW5CcgvvXCB0i2DiydwmSvBIX6kdbQZ7-fjsFMdF3UFts_tgjv16f7bv5MwsbYA1d1Sd26nr3IdhNyXXGJlcbl0yqFoYsmVqFHz7iQJcND1ZpxDOaGDh0ol27HeEQTxW1qsjwJ8xIAH8_H2rkU_ERDPQCVWPey2sc45_5nYNDkT3YO659o93apeLd4iLO1e06ZsIDbZ8vp73JTawHOLxuL8nfLuMAEpoCP3K4EkgUECAQYAZIFBAgFGASgBgKAB6uioSOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAdIIEQiA4YAQEAEYADICqgI6AoBA8ggNYmlkZGVyLTE5NTYyMIAKBMgLAdgTDNAVAYAXAbIXCAoGCAASABgA&sigh=yBdWY3QO_z0&uach_m=[UACH]&pr=13:Y_lSCwAAAAAKQC_eWBVRFyBKnp4MkFPIWaRFkg&cid=CAQSKQDUE5ymfZ7g1c3gcXomMPgayobQujLLg-EF4T8ojWZSZcExELttAeAFGAEgCg&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/adfetch?adk=366289824&adsafe=medium&client=ca-pub-5722610347565274&format=970x250_as&ip=2a03:1b20:6::&output=html&unviewed_position_start=1&url=https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth&sub_client=bidder-195620&aceid=MDesFQAlGLQAnxy0ACJqNAHvejQBWH00AeuBNAHGgzQB1IM0AUGFNAGJhTQBuIU0AbyFNAHehTQB7YU0AfeFNAEWhjQBGYY0ARqGNAEnhjQBKIY0AS6GNAE4hjQBPoY0AUGGNAFEhjQBU4Y0AXqGNAFLc0EBU3NBAVVzQQGrRlQBRPUeAjjIXAIs_IgCeECqAidCqgIHTaoCBVGqAhtRqgI7WqoC0GGqAhJoqgKUaqoC_XiqAoCbqgKBm6oCgpuqAlqgqgKiqKoCuLCqApaxqgLb1qoCyeKqAqDlqgJH-KoCqvqqAr_6qgIl-6oCQfuqAlkTqwJwGasCfRyrAg8hqwKDJ6sCXCirAvsrqwLuLKsCnDCrAnAyqwJ5M6sChzOrAl41qwINPKsCIzyrArQ8qwKCPasCXD6rAts_qwI_QasCkkGrAglDqwJpQ6sCiUSrAn5FqwLhRasCG0arAkBIqwJ1SKsCkEqrAmNLqwI-TKsCSUyrAohNqwLDTasC702rAmBOqwLSTqsC3U6rAhZPqwKwT6sCtk-rAsxPqwJmUKsCE1GrAllRqwIFUqsCUlKrAv9SqwILU6sCSlOrApFTqwLpU6sC8FOrArJUqwI1VasCOlWrAmpVqwKAVasCI1arAm9WqwLyVqsCblerAjZYqwJEWKsC6lirAgdZqwLfWqsCVlurAl1bqwKLW6sCG1yrAi9cqwJhXKsCHF6rAlFeqwJK7QUDTO0FA8WyxQXinPsS0qv7EtSs-xK2sPsSP7H7Ei_J-xKc8vsSgPX7EpT2-xIv-PsS_gD8Ek4I_BIpCvwSPQr8EvMK_BJ2C_wSfAv8EsIL_BLdDPwSbg38EnYN_BLTDfwS-FZrGqi8_yM&awbid_c=AKAmf-CtKmA5aBJZlP2NZhKP8EhYdvvxInh67653xGjs2X5OAqVH9QMcNyzDvCXiRCiGhO9DuUdrUA31ZmTa7Ujy6QUnvsBS7U9qin_liyaptXhnnfDjjCZzhYLltO9A7jItACwqGu_EdDYWt8sDWIs9Y0mA9xj5Sxboid5RnbN06lM3k0_8j64&awbid_d=AKAmf-DrTM6imjRxh9E5j6Hx7MT31AjEZmPyS5S0gpzqv0QCGeEWVcTTTP594meuMm5Ks3BYHRTUkNjVmnzfZqV-UQmwiLA9YzFIqJV9z0u6KPpWNtGL62eu9-dH_jWP-IM8Yk1cFqj4bVCYHxPNaudMtXWhmJOHEQGO4sDtmBB2bdHfW6BNg4AFAafsvlBc_9vEL4oM-UX2tujOu_jyufOYADE52-LEnWsMimYlCoNWeW4hdM_2WSakc_-tfssXZkiWhsVhjZTKUsuvNnbkx3Gp5JZp-iRPWSEuaCzWC4xIW1HILC5vCiRmixsFm4fbdFIpLyklYNvNHetKjQN-tglW9bZ0Bwt4LPxLXKtSJPXXz-Gf6R5FQDRc1kIyMw5aNsfvS_ZYrgI9QKunuBwbeZ8U0G8TI_jW7l3HJUQhF858qiTXt2nTIEONzPjT466CVhH2ns0Jh64lVqTDr2BN3CJUpn1-GV2PZRTfQAutrc0sKKGxWKeLXcVPwM-rm_HymqrAEVV2GirRguOgFusKLa4WTyTOQ0LYsGNz1cub2BjZsoIrTzJXFPplwLn3OSOp7DbKiIMuwrurPFYNGqeX_ibQwvl0MhOWzXICz3C43lCjgIsQjnOz78tC9KA8Rtb1cRHrIYCLmGWM51lAaVOXXLh0A3HbzRypHHOzjrPxNd6vlH98kdNqqwnwB5Y3e5gR_Qiu3a0b8MdsF0vwHXy64ZYlvFpn8oDgQW2Ikme0PXHZWN8GYs5wcgSmH9ed_EoHM7u0bjaP6C4ymx0jP14PGxldwpEJ-v_3Ka4d-1PSX_m27Hfj5oQ779VVm9nbjUrslYRE1CcGlAqxmMIHDep6aoxv_ivl2E5GeA&cid=CAQSGwDUE5ymYuZn00neL0jhwbsRLwTUaHM77XG_gRgBIAo&exk=378098682&rfl=https%3A%2F%2Fwww.fox13now.com%2F&a_pr=13:Y_lSCwAAAAAKQC_eWBVRFyBKnp4MkFPIWaRFkg
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 25 Feb 2023 00:10:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame 4447 70 B
265 B 114ms
36ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=184986&us_privacy=&gdpr_consent=&gdpr=1&gpp=&gpp_sid=&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 25 Feb 2023 00:10:52 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 4447 170 B
409 B 200ms
70ms Image
image/png 142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=Y_lSDFiP3dEuo4P3x6WmgwAABJ8AAAIB&gdpr_consent=&us_privacy=&gdpr=1

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=184986&us_privacy=&gdpr_consent=&gdpr=1&gpp=&gpp_sid=&C=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Feb 2023 00:10:52 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 4447
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=Y-lSDFiP3dEuo4P3x6WmgwAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJAoQfbxjiwek5QuVVxx8m8&google_cver=1&gdpr=1

43 B
632 B

8ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJAoQfbxjiwek5QuVVxx8m8&google_cver=1&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=184986&us_privacy=&gdpr_consent=&gdpr=1&gpp=&gpp_sid=&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 25 Feb 2023 00:10:53 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sat, 25 Feb 2023 00:10:52 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEJAoQfbxjiwek5QuVVxx8m8&google_cver=1&gdpr=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 325
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 4447
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Y_lSDFiP3dEuo4P3x6WmgwAABJ8AAAIB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Y_lSDFiP3dEuo4P3x6WmgwAABJ8AAAIB&dcc=t

43 B
568 B

117ms
116ms

Image
image/gif

52.46.130.91
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Y_lSDFiP3dEuo4P3x6WmgwAABJ8AAAIB&dcc=t

Requested by

Protocol

HTTP/1.1

Server

52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 25 Feb 2023 00:10:53 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: XMXN5K48TAPZ704ZAN7H
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 25 Feb 2023 00:10:53 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: A4229HXKHW4HEPBBG17G
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=Y_lSDFiP3dEuo4P3x6WmgwAABJ8AAAIB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 4447
Redirect Chain

https://ad.turn.com/r/cs?pid=21&gdpr=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3767069437138362932

43 B
632 B

7ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3767069437138362932
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=184986&us_privacy=&gdpr_consent=&gdpr=1&gpp=&gpp_sid=&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 25 Feb 2023 00:10:52 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=3767069437138362932
pragma: no-cache
date: Sat, 25 Feb 2023 00:10:52 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H2 200 /
sync.taboola.com/sg/indexscod/1/cm/ Frame 4447 0
99 B 59ms
15ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/indexscod/1/cm/?us_privacy=&gdpr=1&gdpr_consent=&id=Y-lSDFiP3dEuo4P3x6WmgwAA%261183
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=184986&us_privacy=&gdpr_consent=&gdpr=1&gpp=&gpp_sid=&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 00:10:52 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 13696

GET
H2 200 tp_out
d.adroll.com/cm/index/ Frame 4447 42 B
181 B 112ms
30ms Image
image/gif 2a05:d018:cc3:fe04:4794:ab03:2c09:5455
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d.adroll.com/cm/index/tp_out?advertisable=3GMDZMBFQREVBC75SYYKWH&gdpr=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=184986&us_privacy=&gdpr_consent=&gdpr=1&gpp=&gpp_sid=&C=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d018:cc3:fe04:4794:ab03:2c09:5455 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.22.1 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 00:10:52 GMT
cache-control: no-transform,public,max-age=300,s-maxage=900
server: nginx/1.22.1
content-length: 42
vary: Cookie
content-type: image/gif

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame 4447
Redirect Chain

https://p.rfihub.com/cm?in=1&pub=2079&gdpr=1
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5134455421266724324

43 B
632 B

7ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5134455421266724324
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=184986&us_privacy=&gdpr_consent=&gdpr=1&gpp=&gpp_sid=&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 25 Feb 2023 00:10:53 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5134455421266724324
Date: Sat, 25 Feb 2023 00:10:52 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 htw-pixel.gif
js-sec.indexww.com/ht/ Frame 4447 43 B
352 B 79ms
21ms Image
image/gif 104.18.10.47
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://js-sec.indexww.com/ht/htw-pixel.gif?Y_lSDFiP3dEuo4P3x6WmgwAABJ8AAAIB=&gdpr=1&gpp=&gpp_sid=
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?ix_um=1&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&s=184986&us_privacy=&gdpr_consent=&gdpr=1&gpp=&gpp_sid=&C=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.10.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 00:10:52 GMT
cf-cache-status: HIT
last-modified: Tue, 24 Jan 2017 19:36:04 GMT
server: cloudflare
age: 923
etag: "da1f1d-2b-546dc3a097100"
vary: Accept-Encoding
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=14400
accept-ranges: bytes
cf-ray: 79ec38707cd735f8-FRA
content-length: 43
expires: Sat, 25 Feb 2023 04:10:52 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C007 143 B
166 B 36ms
35ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/adfetch?adk=366289824&adsafe=medium&client=ca-pub-5722610347565274&format=970x250_as&ip=2a03:1b20:6::&output=html&unviewed_position_start=1&url=https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth&sub_client=bidder-195620&aceid=MDesFQAlGLQAnxy0ACJqNAHvejQBWH00AeuBNAHGgzQB1IM0AUGFNAGJhTQBuIU0AbyFNAHehTQB7YU0AfeFNAEWhjQBGYY0ARqGNAEnhjQBKIY0AS6GNAE4hjQBPoY0AUGGNAFEhjQBU4Y0AXqGNAFLc0EBU3NBAVVzQQGrRlQBRPUeAjjIXAIs_IgCeECqAidCqgIHTaoCBVGqAhtRqgI7WqoC0GGqAhJoqgKUaqoC_XiqAoCbqgKBm6oCgpuqAlqgqgKiqKoCuLCqApaxqgLb1qoCyeKqAqDlqgJH-KoCqvqqAr_6qgIl-6oCQfuqAlkTqwJwGasCfRyrAg8hqwKDJ6sCXCirAvsrqwLuLKsCnDCrAnAyqwJ5M6sChzOrAl41qwINPKsCIzyrArQ8qwKCPasCXD6rAts_qwI_QasCkkGrAglDqwJpQ6sCiUSrAn5FqwLhRasCG0arAkBIqwJ1SKsCkEqrAmNLqwI-TKsCSUyrAohNqwLDTasC702rAmBOqwLSTqsC3U6rAhZPqwKwT6sCtk-rAsxPqwJmUKsCE1GrAllRqwIFUqsCUlKrAv9SqwILU6sCSlOrApFTqwLpU6sC8FOrArJUqwI1VasCOlWrAmpVqwKAVasCI1arAm9WqwLyVqsCblerAjZYqwJEWKsC6lirAgdZqwLfWqsCVlurAl1bqwKLW6sCG1yrAi9cqwJhXKsCHF6rAlFeqwJK7QUDTO0FA8WyxQXinPsS0qv7EtSs-xK2sPsSP7H7Ei_J-xKc8vsSgPX7EpT2-xIv-PsS_gD8Ek4I_BIpCvwSPQr8EvMK_BJ2C_wSfAv8EsIL_BLdDPwSbg38EnYN_BLTDfwS-FZrGqi8_yM&awbid_c=AKAmf-CtKmA5aBJZlP2NZhKP8EhYdvvxInh67653xGjs2X5OAqVH9QMcNyzDvCXiRCiGhO9DuUdrUA31ZmTa7Ujy6QUnvsBS7U9qin_liyaptXhnnfDjjCZzhYLltO9A7jItACwqGu_EdDYWt8sDWIs9Y0mA9xj5Sxboid5RnbN06lM3k0_8j64&awbid_d=AKAmf-DrTM6imjRxh9E5j6Hx7MT31AjEZmPyS5S0gpzqv0QCGeEWVcTTTP594meuMm5Ks3BYHRTUkNjVmnzfZqV-UQmwiLA9YzFIqJV9z0u6KPpWNtGL62eu9-dH_jWP-IM8Yk1cFqj4bVCYHxPNaudMtXWhmJOHEQGO4sDtmBB2bdHfW6BNg4AFAafsvlBc_9vEL4oM-UX2tujOu_jyufOYADE52-LEnWsMimYlCoNWeW4hdM_2WSakc_-tfssXZkiWhsVhjZTKUsuvNnbkx3Gp5JZp-iRPWSEuaCzWC4xIW1HILC5vCiRmixsFm4fbdFIpLyklYNvNHetKjQN-tglW9bZ0Bwt4LPxLXKtSJPXXz-Gf6R5FQDRc1kIyMw5aNsfvS_ZYrgI9QKunuBwbeZ8U0G8TI_jW7l3HJUQhF858qiTXt2nTIEONzPjT466CVhH2ns0Jh64lVqTDr2BN3CJUpn1-GV2PZRTfQAutrc0sKKGxWKeLXcVPwM-rm_HymqrAEVV2GirRguOgFusKLa4WTyTOQ0LYsGNz1cub2BjZsoIrTzJXFPplwLn3OSOp7DbKiIMuwrurPFYNGqeX_ibQwvl0MhOWzXICz3C43lCjgIsQjnOz78tC9KA8Rtb1cRHrIYCLmGWM51lAaVOXXLh0A3HbzRypHHOzjrPxNd6vlH98kdNqqwnwB5Y3e5gR_Qiu3a0b8MdsF0vwHXy64ZYlvFpn8oDgQW2Ikme0PXHZWN8GYs5wcgSmH9ed_EoHM7u0bjaP6C4ymx0jP14PGxldwpEJ-v_3Ka4d-1PSX_m27Hfj5oQ779VVm9nbjUrslYRE1CcGlAqxmMIHDep6aoxv_ivl2E5GeA&cid=CAQSGwDUE5ymYuZn00neL0jhwbsRLwTUaHM77XG_gRgBIAo&exk=378098682&rfl=https%3A%2F%2Fwww.fox13now.com%2F&a_pr=13:Y_lSCwAAAAAKQC_eWBVRFyBKnp4MkFPIWaRFkg
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1434
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 24 Feb 2023 23:46:58 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 43F7
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

49ms
49ms

Document
text/html

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com
URL: https://e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 25 Feb 2023 00:10:52 GMT
expires: Sat, 25 Feb 2023 00:10:52 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 25 Feb 2023 00:10:52 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2E87 158 KB
48 KB 56ms
56ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com
URL: https://e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

82d63ecef7851ffd217020b3817b0206328488879b0c782f9b67d43bd1479a2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 00:10:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49360
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1677104061356577"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 25 Feb 2023 00:10:52 GMT

GET
DATA 200
OK truncated
/ Frame 2E87 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 686893618e09c17a646a453b841f73c5d7c7cd7f792b84387742c445c0335f31

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 85D3 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a863f6bce792db2ab20ee43e45ea7dbefd080257cdc7ed76ce6ce77ca89b8f68

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 6N6xbrRFdMEff8Jis_shwjAW5G8di4zE4BhK3Aw40Jc.js Show response
pagead2.googlesyndication.com/bg/ Frame 2AAD 36 KB
14 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6N6xbrRFdMEff8Jis_shwjAW5G8di4zE4BhK3Aw40Jc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/~b208246486/html5/addata.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8deb16eb44574c11f7fc262b3fb21c23016e46f1d8b8cc4e0184adc0c38d097

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 17:11:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25160
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14401
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 24 Feb 2024 17:11:32 GMT

GET
H3 200 logo_klein.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16109559932968589349/ Frame 2AAD 7 KB
3 KB 44ms
40ms Image
image/svg+xml 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16109559932968589349/logo_klein.svg

Requested by

Host: e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com
URL: https://e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e69831b8ed5f889eb56f1973268d1256d1ea525bce4c49e77c6c11fa628c41a8

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 22 Feb 2023 03:49:05 GMT
age: 246107
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3040
x-xss-protection: 0
last-modified: Thu, 28 Jul 2022 12:41:18 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 22 Feb 2024 03:49:05 GMT

GET
H3 200 logo_01.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16109559932968589349/ Frame 2AAD 7 KB
3 KB 52ms
48ms Image
image/svg+xml 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16109559932968589349/logo_01.svg

Requested by

Host: e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com
URL: https://e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

947f6de0f1f5c2fe9797c8c22657ef50edc1557e7ede34fe10ad8af54295951e

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 22 Feb 2023 23:03:38 GMT
age: 176834
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3149
x-xss-protection: 0
last-modified: Thu, 28 Jul 2022 12:41:18 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 22 Feb 2024 23:03:38 GMT

GET
H3 200 logo_02.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16109559932968589349/ Frame 2AAD 7 KB
3 KB 51ms
47ms Image
image/svg+xml 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16109559932968589349/logo_02.svg

Requested by

Host: e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com
URL: https://e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f8587ed15db63a3912a4bf9d5de9be29ffde7b77af197d8a43822e6b357a9503

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 23 Feb 2023 13:46:07 GMT
age: 123885
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3149
x-xss-protection: 0
last-modified: Thu, 28 Jul 2022 12:41:18 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 23 Feb 2024 13:46:07 GMT

GET
H3 200 cta.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16109559932968589349/ Frame 2AAD 5 KB
2 KB 49ms
45ms Image
image/svg+xml 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16109559932968589349/cta.svg

Requested by

Host: e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com
URL: https://e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9a637212bb0eb2933d7eff89e4f899a24f313304325f44f1c46aa057e2eb9cfd

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 22 Feb 2023 03:52:30 GMT
age: 245902
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2029
x-xss-protection: 0
last-modified: Thu, 28 Jul 2022 12:41:18 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 22 Feb 2024 03:52:30 GMT

GET
H3 200 logo_subline_01.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16109559932968589349/ Frame 2AAD 14 KB
4 KB 46ms
42ms Image
image/svg+xml 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16109559932968589349/logo_subline_01.svg

Requested by

Host: e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com
URL: https://e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bed95704925c3e78eff7cb873c0fe5da0a428b661fb66ab6642db342f9f5a193

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 22 Feb 2023 13:53:39 GMT
age: 209833
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4151
x-xss-protection: 0
last-modified: Thu, 28 Jul 2022 12:41:18 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 22 Feb 2024 13:53:39 GMT

GET
H3 200 logo_subline_02.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16109559932968589349/ Frame 2AAD 5 KB
2 KB 45ms
41ms Image
image/svg+xml 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16109559932968589349/logo_subline_02.svg

Requested by

Host: e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com
URL: https://e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f19c00cbd837fe7c8d112c5d9c6b140378c34aa49344a204e2d6df0204e60075

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 23 Feb 2023 19:10:39 GMT
age: 104413
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1568
x-xss-protection: 0
last-modified: Thu, 28 Jul 2022 12:41:18 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 23 Feb 2024 19:10:39 GMT

GET
H3 200 widget_01.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16109559932968589349/ Frame 2AAD 16 KB
6 KB 46ms
43ms Image
image/svg+xml 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16109559932968589349/widget_01.svg

Requested by

Host: e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com
URL: https://e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fc9f580c837f059f435270f6ea8c1ad6ec90131a6c405236156a6d4a2567b795

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 23 Feb 2023 09:52:03 GMT
age: 137929
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5880
x-xss-protection: 0
last-modified: Thu, 28 Jul 2022 12:41:18 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 23 Feb 2024 09:52:03 GMT

GET
H3 200 widget_02.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16109559932968589349/ Frame 2AAD 10 KB
4 KB 60ms
57ms Image
image/svg+xml 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16109559932968589349/widget_02.svg

Requested by

Host: e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com
URL: https://e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e7fe9d81fad8be2fb90f53f8025f3c05d63b56d7b9380595656f67092a26289

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 22 Feb 2023 16:57:39 GMT
age: 198793
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4113
x-xss-protection: 0
last-modified: Thu, 28 Jul 2022 12:41:18 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 22 Feb 2024 16:57:39 GMT

GET
H3 200 widget_03.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16109559932968589349/ Frame 2AAD 12 KB
5 KB 62ms
58ms Image
image/svg+xml 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16109559932968589349/widget_03.svg

Requested by

Host: e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com
URL: https://e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4219357b3207614d5a5329301691f754ded3f407d75cc34afce089e353060be8

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 23 Feb 2023 23:08:36 GMT
age: 90136
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4900
x-xss-protection: 0
last-modified: Thu, 28 Jul 2022 12:41:18 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 23 Feb 2024 23:08:36 GMT

GET
H3 200 widget_04.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16109559932968589349/ Frame 2AAD 12 KB
4 KB 56ms
53ms Image
image/svg+xml 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16109559932968589349/widget_04.svg

Requested by

Host: e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com
URL: https://e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61ccd3cf5420f743612ad3c3372cb115725cc0923263f91671cccb3b171cec32

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 23 Feb 2023 23:40:36 GMT
age: 88216
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4546
x-xss-protection: 0
last-modified: Thu, 28 Jul 2022 12:41:18 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 23 Feb 2024 23:40:36 GMT

GET
H3 200 widget_05.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16109559932968589349/ Frame 2AAD 17 KB
6 KB 58ms
54ms Image
image/svg+xml 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16109559932968589349/widget_05.svg

Requested by

Host: e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com
URL: https://e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0ca6914c00ec9b51ea7dcdde2654ebf667da1ab092cd380971491febc218a31c

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 22 Feb 2023 16:59:15 GMT
age: 198697
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5950
x-xss-protection: 0
last-modified: Thu, 28 Jul 2022 12:41:18 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 22 Feb 2024 16:59:15 GMT

GET
H3 200 widget_06.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16109559932968589349/ Frame 2AAD 16 KB
6 KB 53ms
50ms Image
image/svg+xml 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16109559932968589349/widget_06.svg

Requested by

Host: e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com
URL: https://e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d14fd562f5091facebcb2c6e8201cb8f7a69efc0d1da85b5607bcd361ecd0f46

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 23 Feb 2023 13:42:51 GMT
age: 124081
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6048
x-xss-protection: 0
last-modified: Thu, 28 Jul 2022 12:41:18 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 23 Feb 2024 13:42:51 GMT

GET
H3 200 form.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16109559932968589349/ Frame 2AAD 791 B
561 B 53ms
49ms Image
image/svg+xml 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16109559932968589349/form.svg

Requested by

Host: e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com
URL: https://e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b127fac4cc6707a510e3bb39b4ca7c4e7f9df01d06b9d72988c9a02792a0d0fb

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 22 Feb 2023 16:51:39 GMT
age: 199153
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 527
x-xss-protection: 0
last-modified: Thu, 28 Jul 2022 12:41:18 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 22 Feb 2024 16:51:39 GMT

GET
H3 200 color_01.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16109559932968589349/ Frame 2AAD 895 B
545 B 54ms
51ms Image
image/svg+xml 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16109559932968589349/color_01.svg

Requested by

Host: e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com
URL: https://e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

253a1cd60c4d9a554f906a54444261880508b1bf6b2350014103f70e2c7fcfb7

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 23 Feb 2023 14:05:18 GMT
age: 122734
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 511
x-xss-protection: 0
last-modified: Thu, 28 Jul 2022 12:41:18 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 23 Feb 2024 14:05:18 GMT

GET
H3 200 color_02.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16109559932968589349/ Frame 2AAD 805 B
543 B 67ms
63ms Image
image/svg+xml 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16109559932968589349/color_02.svg

Requested by

Host: e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com
URL: https://e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

846ff06a23955e8fc1be256713f5c58eb0de23eb47f7de416963a055340a4c1f

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 23 Feb 2023 23:38:27 GMT
age: 88345
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 502
x-xss-protection: 0
last-modified: Thu, 28 Jul 2022 12:41:18 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 23 Feb 2024 23:38:27 GMT

GET
H3 200 color_03.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16109559932968589349/ Frame 2AAD 841 B
541 B 65ms
61ms Image
image/svg+xml 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16109559932968589349/color_03.svg

Requested by

Host: e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com
URL: https://e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3b53ef23e0ada8f8c2fbd04039879baed112f5fa54f186c07d96127cc5876f3

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 22 Feb 2023 07:53:32 GMT
age: 231440
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 500
x-xss-protection: 0
last-modified: Thu, 28 Jul 2022 12:41:18 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 22 Feb 2024 07:53:32 GMT

GET
H3 200 color_04.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16109559932968589349/ Frame 2AAD 900 B
553 B 65ms
62ms Image
image/svg+xml 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16109559932968589349/color_04.svg

Requested by

Host: e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com
URL: https://e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ced42cc2900c7f0c998313f895767a36fdd38ca88fe4317d63559ce815d15cc5

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 23 Feb 2023 16:16:11 GMT
age: 114881
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 512
x-xss-protection: 0
last-modified: Thu, 28 Jul 2022 12:41:18 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 23 Feb 2024 16:16:11 GMT

GET
H3 200 color_05.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16109559932968589349/ Frame 2AAD 736 B
515 B 63ms
59ms Image
image/svg+xml 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16109559932968589349/color_05.svg

Requested by

Host: e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com
URL: https://e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b1059fcd58ac43f405fdd497a402fc51fe20028f734f8abbeb9120e9ceebeabc

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 24 Feb 2023 06:41:43 GMT
age: 62949
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 476
x-xss-protection: 0
last-modified: Thu, 28 Jul 2022 12:41:18 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 24 Feb 2024 06:41:43 GMT

GET
H3 200 color_06.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16109559932968589349/ Frame 2AAD 736 B
514 B 61ms
58ms Image
image/svg+xml 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16109559932968589349/color_06.svg

Requested by

Host: e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com
URL: https://e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

428f7aa8e713109cdaf1b095f8aaedad37222f328df1b4993fa398c78d976556

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 21 Feb 2023 20:39:03 GMT
age: 271909
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 477
x-xss-protection: 0
last-modified: Thu, 28 Jul 2022 12:41:18 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 21 Feb 2024 20:39:03 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame C007
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

47ms
47ms

Document
text/html

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 25 Feb 2023 00:10:53 GMT
expires: Sat, 25 Feb 2023 00:10:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 25 Feb 2023 00:10:52 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 6N6xbrRFdMEff8Jis_shwjAW5G8di4zE4BhK3Aw40Jc.js Show response
pagead2.googlesyndication.com/bg/ Frame 9987 36 KB
14 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6N6xbrRFdMEff8Jis_shwjAW5G8di4zE4BhK3Aw40Jc.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8deb16eb44574c11f7fc262b3fb21c23016e46f1d8b8cc4e0184adc0c38d097

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 17:11:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25160
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14401
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 24 Feb 2024 17:11:32 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 130ms
53ms XHR
application/json 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023022301&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023022301.js?cb=31072675

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2877aacc9859c172f48b9b7d6b4a6dc793e8ade612f50b82734154b0d9b404da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 00:10:53 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11353
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 00:10:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 25 Feb 2023 00:10:53 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3DD1 42 B
64 B 73ms
72ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssPV9T3RHJ9zCvJ5StDcmiBP0RVXxh_wz_Tem1GYhgvmqnN8bhVLCDv6h2-0DtAQgcHHibabYRk5OEd5JGWRIE-jzng&sig=Cg0ArKJSzAPW_MIgMugkEAE&id=lidar2&mcvt=1000&p=250,315,500,1285&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230222&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1666007649&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1677283852148&rpt=440&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Feb 2023 00:10:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 9D50 13 KB
5 KB 39ms
38ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fox13now.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1360
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 24 Feb 2023 23:48:13 GMT
expires: Sat, 24 Feb 2024 23:48:13 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame B2DD 783 B
536 B 48ms
47ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: d3plfjw9uod7ab.cloudfront.net
URL: https://d3plfjw9uod7ab.cloudfront.net/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c9bc8dd96339e10e0387a484c7d2d8f4b030644500c8caf067f50b343e155509

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-zgPDCU-YRolweEOJ6NIZ8g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.fox13now.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-zgPDCU-YRolweEOJ6NIZ8g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 25 Feb 2023 00:10:53 GMT
expires: Sat, 25 Feb 2023 00:10:53 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B2DD 0
0 72ms
71ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023022301&jk=1326746779128430&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H3 200 6N6xbrRFdMEff8Jis_shwjAW5G8di4zE4BhK3Aw40Jc.js Show response
pagead2.googlesyndication.com/bg/ Frame 9D50 36 KB
14 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6N6xbrRFdMEff8Jis_shwjAW5G8di4zE4BhK3Aw40Jc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8deb16eb44574c11f7fc262b3fb21c23016e46f1d8b8cc4e0184adc0c38d097

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 24 Feb 2023 17:11:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 25161
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14401
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 24 Feb 2024 17:11:32 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 9D50 0
12 B 38ms
37ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?t8Ym-A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 00:10:53 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 1D86 42 B
64 B 76ms
75ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstQ9GeBGZ54ZJonDgV-evv-xuhLrVEMwYtBHR9RpsRuYAAJX8c0kapl1CqObI_vAq2IFlRbuPukRqFCw2cRYHjFhfcAfOA-cIsYUwNs-Ps7GiePlaRCmlO7ESZMQonUSaiu-6L0zA&sai=AMfl-YSrk9gGB7GtJbkRmZWOBHrPncf73emg8_pedkVHNtJuadnc_mPpgTpJRGohf2KvWh5Z553HRd50boCuzZ1J4M2JxtTJlkSe71IqosYzXD9ufumgCmjozv_XMjM1wMSfj3e-ey5MNJ4SiQnA&sig=Cg0ArKJSzCC6hAteptMSEAE&cid=CAQSSwDUE5ymHGFfdtcRQDHqOU8Sw2HOT6kkDLrXCUZ4FiIDAJScJT7q4f-V8DWM_llqfVYOharaOkfWga3cyCwGp0-TMJy9TDSOnnCu1BgB&id=ampim&o=436,1106&d=728,90&ss=1600,1200&bs=1600,1200&mcvt=1006&mtos=0,0,1006,1006,1006&tos=0,0,1006,0,0&tfs=624&tls=1630&g=100&h=100&tt=1630&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Feb 2023 00:10:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 85D3 42 B
64 B 81ms
80ms Fetch
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvqKw77fqF1tCDS3Tbi0famPJ0HYpkxrOcwg_-72KznlyxXlhMXMsECjhQ40htlu9_E_OUFa7BQlVS1OcDRpYeq5fxA7CO0RGlJpz3qYHUU71paWixICIz5UEDlHoMTfCeVyblkGQ&sai=AMfl-YTZZZ66GuKt6mEjTpvlbFiopBIiELceLgXWBrlzKdO74hd-21dK-2dGui13l-m900wVLhjGzsmYyHwK1VtLSa0021BfKlrDAjM&sig=Cg0ArKJSzPaJFb4sNflfEAE&cid=CAQSKQDUE5ymfZ7g1c3gcXomMPgayobQujLLg-EF4T8ojWZSZcExELttAeAFGAEgCg&id=lidar2&mcvt=1001&p=0,0,250,970&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20230222&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=366289824&rs=5&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1677283852339&rpt=540&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Feb 2023 00:10:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 75ms
74ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023022301&jk=1326746779128430&bg=!JiWlJXHNAAZYlHKzeJQ7ADkAdvg8Wh5ovknYLCxmXklho8DZuQTuuNVMNdYLaQGHN-2HZvLeNIPdMgvnT71K936jS7wtHyBgAogCAAAAUVIAAAAKaAEHCgBb7UqS_XaKkJpAztZykGYSLgxenejL1EWVIbjOF_EX5Jm_TGFbKF9B90TqjkaWrry9XFEq_izvVg3kBO0sCrJXYVYom31gmLRCJ8KA_QeR94djzlvKa3FE3J8f75kCupYKfReWsFC6q0c--d2RZu2M3WwQdv5oLHFyMvoRH__1pSSH18A0dELyMCIDsLf8lN7l3SceZLYUfv4K3hoMZJhNx1FJOCUsP-Rr-MZQsQc7btazX4ZQG_PdATYtMl08zTynb_qx0WYfRv8O9-VJ7Kik248HIW9EVSf7kTMkRvfn2t3l7g7ZXU_JrSka02TW_G7jnudGzfry1TC-2stZOoYWRJzucRDKZYhITBgH5phRei1slQ1pOIjviaPAukCUyLpmqx3HKbKVjFSnTcFHVA_txT-l_ipylOLFSuDnNa5c4GoKIoqmNggRYtK8Op4Q2wGD48wtaRN86kQk_JkrJ5JYIappwRyJ7n6-ACXN07Y0YRdgEyCvnrieAl932hoi0XivjJaSjndDcuCivw2M0dlLjnSAtGcbGS8zlG1qeaYVbxvIihQj55zz3X8RB8Rf5ULQdZ2D0-Aej1e75BR7Iy73FrznzrDMPAbr97o9RFuzG8DGd-JbJoIGZbElGCPjpM_AtgflI7TXzK0PIV0gLhVCWEdFVc_ZAMgPEGZavk9A6mrM72WNcYd7WH5xBiXY7mtIDlxJZpcOwVw_JK1twgiMcBt59K222ZFGSjvT_MUqc0g80DwIOYK56_V8MjDNnG2HXmD_OebYmv8JQVO9zR2152GD0KQCpQUyKoEspDeC3YXEq2UGT4pRgE2-i3GH016bfEFsFPxQ9G98U4DinhxulQ4DniYMsiuVoOiWZLC8nJzsWHRIlEWqJ_s_79u8UsagjjR8oY8t7qIWw4keGne1Ia9BS8Wimzhaf3UDVyh29qunUWSeeSLZk7tMuyP3bI5lUmvccsH5HY0RoyXNv4X3sSRJU3RNoiG0IiAgLk-2Gzy9G8e9UJW6SH2wLp6pBged4QauMJVSC3NY_TQ5k6c8G7tSVwny07zV
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fox13now.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H2 200 load-cookie.html Show response
bidder.newspassid.com/static/ Frame 458C 12 KB
12 KB 111ms
109ms Document
text/html 54.86.73.72
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.newspassid.com/static/load-cookie.html?usp_consent=1---&publisherId=NPID10000004&siteId=4204204280&cb=1677283851706&bidder=newspassid
Requested by: Host: warp.media.net
URL: https://warp.media.net/js/tags/clientag.js?cid=8CU2N1270&dn=www.fox13now.com&version=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.86.73.72 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-86-73-72.compute-1.amazonaws.com
Software: /
Resource Hash: 202b65f7735476b526548db88f43f49a959907ed4078132204f0cb1c4503f9e2

Request headers

Referer: https://www.fox13now.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: no-cache, no-store, must-revalidate
content-length: 12255
content-type: text/html; charset=utf-8
date: Sat, 25 Feb 2023 00:10:54 GMT
expires: 0
last-modified: Thu, 23 Feb 2023 10:02:57 GMT
pragma: no-cache
vary: Origin

GET
H2 200 load-cookie.html Show response
bidder.newspassid.com/static/ Frame 089D 12 KB
12 KB 110ms
109ms Document
text/html 54.86.73.72
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.newspassid.com/static/load-cookie.html?usp_consent=1---&publisherId=NPID10000004&siteId=4204204280&cb=1677283851669&bidder=newspassid
Requested by: Host: warp.media.net
URL: https://warp.media.net/js/tags/clientag.js?cid=8CU2N1270&dn=www.fox13now.com&version=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.86.73.72 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-86-73-72.compute-1.amazonaws.com
Software: /
Resource Hash: 202b65f7735476b526548db88f43f49a959907ed4078132204f0cb1c4503f9e2

Request headers

Referer: https://www.fox13now.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: no-cache, no-store, must-revalidate
content-length: 12255
content-type: text/html; charset=utf-8
date: Sat, 25 Feb 2023 00:10:54 GMT
expires: 0
last-modified: Thu, 23 Feb 2023 10:02:57 GMT
pragma: no-cache
vary: Origin

POST
H2 200 cookie_sync Show response
bidder.newspassid.com/ Frame 458C 3 KB
3 KB 110ms
109ms XHR
text/plain 54.86.73.72
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.newspassid.com/cookie_sync
Requested by: Host: bidder.newspassid.com
URL: https://bidder.newspassid.com/static/load-cookie.html?usp_consent=1---&publisherId=NPID10000004&siteId=4204204280&cb=1677283851706&bidder=newspassid
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.86.73.72 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-86-73-72.compute-1.amazonaws.com
Software: /
Resource Hash: b9a683974ca6b74595f90e1e29c2801fd546128f658c0829f3340ae95e86dce9

Request headers

Referer: https://bidder.newspassid.com/static/load-cookie.html?usp_consent=1---&publisherId=NPID10000004&siteId=4204204280&cb=1677283851706&bidder=newspassid
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 25 Feb 2023 00:10:54 GMT
vary: Origin
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://bidder.newspassid.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: 0

POST
H2 200 cookie_sync Show response
bidder.newspassid.com/ Frame 089D 3 KB
3 KB 112ms
111ms XHR
text/plain 54.86.73.72
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.newspassid.com/cookie_sync
Requested by: Host: bidder.newspassid.com
URL: https://bidder.newspassid.com/static/load-cookie.html?usp_consent=1---&publisherId=NPID10000004&siteId=4204204280&cb=1677283851669&bidder=newspassid
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.86.73.72 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-86-73-72.compute-1.amazonaws.com
Software: /
Resource Hash: a6ee3e7f9699146584bd4c67566c98bcd213cabb816b6e375beb9ad691af45bf

Request headers

Referer: https://bidder.newspassid.com/static/load-cookie.html?usp_consent=1---&publisherId=NPID10000004&siteId=4204204280&cb=1677283851669&bidder=newspassid
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 25 Feb 2023 00:10:54 GMT
vary: Origin
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://bidder.newspassid.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: 0

GET
H/1.1 204
No Content pixel
ap.lijit.com/ Frame 458C 0
277 B 78ms
22ms Image
text/plain 216.52.2.16
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/pixel?redir=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.16 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bidder.newspassid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 25 Feb 2023 00:10:55 GMT
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT

GET
H2

200

setuid
bidder.newspassid.com/ Frame 089D
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy=pbs-newspassid
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy=pbs-news...
https://bidder.newspassid.com/setuid?bidder=grid&gdpr=0&gdpr_consent=&uid=771d6fbf-bc2b-4155-8a62-ae765bf1cf2a

0
379 B

109ms
109ms

Image
text/plain

54.86.73.72
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bidder.newspassid.com/setuid?bidder=grid&gdpr=0&gdpr_consent=&uid=771d6fbf-bc2b-4155-8a62-ae765bf1cf2a
Protocol: H2
Server: 54.86.73.72 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-86-73-72.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bidder.newspassid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Feb 2023 00:10:55 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
vary: Origin
expires: 0

Redirect headers

location: https://bidder.newspassid.com/setuid?bidder=grid&gdpr=0&gdpr_consent=&uid=771d6fbf-bc2b-4155-8a62-ae765bf1cf2a
date: Sat, 25 Feb 2023 00:10:55 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

setuid
bidder.newspassid.com/ Frame 458C
Redirect Chain

https://ad2.360yield.com/server_match?r=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7BPUB_USER_ID%7D
https://ad2.360yield.com/ul_cb/server_match?r=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7BPUB_USER_ID%7D
https://bidder.newspassid.com/setuid?bidder=improvedigital&gdpr=0&gdpr_consent=&uid=17cf9f04-2e39-46f6-a420-a55b588f60dd

0
386 B

109ms
109ms

Image
text/plain

54.86.73.72
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bidder.newspassid.com/setuid?bidder=improvedigital&gdpr=0&gdpr_consent=&uid=17cf9f04-2e39-46f6-a420-a55b588f60dd
Protocol: H2
Server: 54.86.73.72 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-86-73-72.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bidder.newspassid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Feb 2023 00:10:55 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
vary: Origin
expires: 0

Redirect headers

location: https://bidder.newspassid.com/setuid?bidder=improvedigital&gdpr=0&gdpr_consent=&uid=17cf9f04-2e39-46f6-a420-a55b588f60dd
access-control-allow-origin: *
date: Sat, 25 Feb 2023 00:10:55 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1 204
No Content pixel
ap.lijit.com/ Frame 089D 0
277 B 19ms
18ms Image
text/plain 216.52.2.16
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/pixel?redir=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.16 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bidder.newspassid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Sat, 25 Feb 2023 00:10:55 GMT
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT

GET
H2

204

getuid
ads.avct.cloud/ Frame 458C
Redirect Chain

https://ads.avct.cloud/getuid?&gdpr=0&gdpr_consent=&us_privacy=pbs-newspassid&url=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Davocet%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7B%7BUUID%7D%7D
https://ads.avct.cloud/getuid?bounce=true&&gdpr=0&gdpr_consent=&us_privacy=pbs-newspassid&url=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Davocet%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7B...

0
0

29ms
29ms

Image
text/plain

54.170.158.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.avct.cloud/getuid?bounce=true&&gdpr=0&gdpr_consent=&us_privacy=pbs-newspassid&url=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Davocet%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7B%7BUUID%7D%7D
Protocol: H2
Server: 54.170.158.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-170-158-38.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bidder.newspassid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Redirect headers

location: /getuid?bounce=true&&gdpr=0&gdpr_consent=&us_privacy=pbs-newspassid&url=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Davocet%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7B%7BUUID%7D%7D
date: Sat, 25 Feb 2023 00:10:55 GMT
p3p: policyref="http://cdn.avocet.io/w3c/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-length: 244
content-type: text/html; charset=utf-8

GET
H2

200

setuid
bidder.newspassid.com/ Frame 089D
Redirect Chain

https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&us_privacy=pbs-newspassid&r=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dopenx%26uid%3D%24%7BUID%7D
https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&us_privacy=pbs-newspassid&r=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dopenx%26uid%3D%24%7BUID%7D&ox_sc=1
https://bidder.newspassid.com/setuid?bidder=openx&uid=abe4479d-dbf5-4018-bc5e-1164d2e4b545

0
514 B

111ms
110ms

Image
text/plain

54.86.73.72
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bidder.newspassid.com/setuid?bidder=openx&uid=abe4479d-dbf5-4018-bc5e-1164d2e4b545
Protocol: H2
Server: 54.86.73.72 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-86-73-72.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bidder.newspassid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Feb 2023 00:10:55 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
vary: Origin
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 25 Feb 2023 00:10:54 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
location: https://bidder.newspassid.com/setuid?bidder=openx&uid=abe4479d-dbf5-4018-bc5e-1164d2e4b545
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-request-id: 8hjp8vajjct6qmtrhhicvmmdoubhmibq

GET
H2

200

setuid
bidder.newspassid.com/ Frame 458C
Redirect Chain

https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=pbs-newspassid&redir=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=pbs-newspassid&redir=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
https://bidder.newspassid.com/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=3959494171020399611699

0
630 B

110ms
110ms

Image
text/plain

54.86.73.72
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bidder.newspassid.com/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=3959494171020399611699
Protocol: H2
Server: 54.86.73.72 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-86-73-72.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bidder.newspassid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Feb 2023 00:10:55 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
vary: Origin
expires: 0

Redirect headers

location: https://bidder.newspassid.com/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=3959494171020399611699
date: Sat, 25 Feb 2023 00:10:55 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 cookie
cm.adform.net/ Frame 089D 43 B
106 B 101ms
21ms Image
image/gif 37.157.6.247
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bidder.newspassid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 00:10:55 GMT
server: nginx
content-length: 43
content-type: image/gif

GET
H2 204 getuid
ads.avct.cloud/ Frame 089D 0
0 29ms
29ms Image
text/plain 54.170.158.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.avct.cloud/getuid?&gdpr=0&gdpr_consent=&us_privacy=pbs-newspassid&url=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Davocet%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7B%7BUUID%7D%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.170.158.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-170-158-38.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bidder.newspassid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

GET
H2 204 v1
match.sharethrough.com/FGMrCMMc/ Frame 458C 0
35 B 42ms
7ms Image
text/plain 52.58.53.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dsharethrough%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.53.4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-53-4.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bidder.newspassid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 00:10:55 GMT

GET
H2

200

setuid
bidder.newspassid.com/ Frame 089D
Redirect Chain

https://ad2.360yield.com/server_match?r=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7BPUB_USER_ID%7D
https://bidder.newspassid.com/setuid?bidder=improvedigital&gdpr=0&gdpr_consent=&uid=17cf9f04-2e39-46f6-a420-a55b588f60dd

0
630 B

108ms
108ms

Image
text/plain

54.86.73.72
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bidder.newspassid.com/setuid?bidder=improvedigital&gdpr=0&gdpr_consent=&uid=17cf9f04-2e39-46f6-a420-a55b588f60dd
Protocol: H2
Server: 54.86.73.72 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-86-73-72.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bidder.newspassid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Feb 2023 00:10:55 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
vary: Origin
expires: 0

Redirect headers

location: https://bidder.newspassid.com/setuid?bidder=improvedigital&gdpr=0&gdpr_consent=&uid=17cf9f04-2e39-46f6-a420-a55b588f60dd
access-control-allow-origin: *
date: Sat, 25 Feb 2023 00:10:55 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame 458C 0
239 B 40ms
8ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-newspassid&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bidder.newspassid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: f5982f4f9cc79eb2b489dda8b92e3144
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 53A9 16 KB
6 KB 43ms
8ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=&us_privacy=pbs-newspassidhttps%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-newspassid%26uid%3D
Requested by: Host: bidder.newspassid.com
URL: https://bidder.newspassid.com/static/load-cookie.html?usp_consent=1---&publisherId=NPID10000004&siteId=4204204280&cb=1677283851706&bidder=newspassid
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://bidder.newspassid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=78812
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Sat, 25 Feb 2023 00:10:55 GMT
expires: Sat, 25 Feb 2023 22:04:27 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2

200

setuid
bidder.newspassid.com/ Frame 089D
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fbidder.newspassid.com%252Fsetuid%253Fbidder%253Dadnxs%2526gdpr%253D0%2526gdpr_consent%253D%2526uid%253D%2524UID
https://bidder.newspassid.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=8327026006309481447

0
738 B

109ms
109ms

Image
text/plain

54.86.73.72
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bidder.newspassid.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=8327026006309481447
Protocol: H2
Server: 54.86.73.72 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-86-73-72.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bidder.newspassid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Feb 2023 00:10:55 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
vary: Origin
expires: 0

Redirect headers

Date: Sat, 25 Feb 2023 00:10:55 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.164; 185.213.155.164; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 73a41938-99fb-435d-873c-1dacf8011151
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://bidder.newspassid.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=8327026006309481447
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cookie
cm.adform.net/ Frame 458C 43 B
105 B 21ms
21ms Image
image/gif 37.157.6.247
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
Requested by: Host: bidder.newspassid.com
URL: https://bidder.newspassid.com/static/load-cookie.html?usp_consent=1---&publisherId=NPID10000004&siteId=4204204280&cb=1677283851706&bidder=newspassid
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.6.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bidder.newspassid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 00:10:55 GMT
server: nginx
content-length: 43
content-type: image/gif

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 53A9 2 KB
3 KB 60ms
15ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=6523017&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=&us_privacy=pbs-newspassidhttps%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-newspassid%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 44ba0a497cac66505aa560501d886e3bc900b979aaa4958add24935e08812b76

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Sat, 25 Feb 2023 00:10:54 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

setuid
bidder.newspassid.com/ Frame 458C
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy=pbs-newspassid
https://bidder.newspassid.com/setuid?bidder=grid&gdpr=0&gdpr_consent=&uid=771d6fbf-bc2b-4155-8a62-ae765bf1cf2a

0
754 B

110ms
109ms

Image
text/plain

54.86.73.72
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bidder.newspassid.com/setuid?bidder=grid&gdpr=0&gdpr_consent=&uid=771d6fbf-bc2b-4155-8a62-ae765bf1cf2a
Protocol: H2
Server: 54.86.73.72 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-86-73-72.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bidder.newspassid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Feb 2023 00:10:55 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
vary: Origin
expires: 0

Redirect headers

location: https://bidder.newspassid.com/setuid?bidder=grid&gdpr=0&gdpr_consent=&uid=771d6fbf-bc2b-4155-8a62-ae765bf1cf2a
date: Sat, 25 Feb 2023 00:10:55 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

match Show response
c1.adform.net/serving/cookie/ Frame EB10
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&cid=2E674B7D-E498-49AE-B388-AD3A14A44BB8&gdpr=0&gdpr_consent=
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=2E674B7D-E498-49AE-B388-AD3A14A44BB8&gdpr=0&gdpr_consent=

35 B
467 B

26ms
25ms

Document
image/gif

37.157.5.141
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=2E674B7D-E498-49AE-B388-AD3A14A44BB8&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=&us_privacy=pbs-newspassidhttps%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-newspassid%26uid%3D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.5.141 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: image/gif
date: Sat, 25 Feb 2023 00:10:55 GMT
expires: -1
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

Redirect headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 0
date: Sat, 25 Feb 2023 00:10:55 GMT
expires: -1
location: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=2E674B7D-E498-49AE-B388-AD3A14A44BB8&gdpr=0&gdpr_consent=
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 6CD2
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:b74063f9-5211-4000-9586-efffbc006724&gdpr=0&gdpr_consent=

42 B
325 B

16ms
16ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:b74063f9-5211-4000-9586-efffbc006724&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=&us_privacy=pbs-newspassidhttps%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-newspassid%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sat, 25 Feb 2023 00:10:54 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Content-Type: image/gif
Date: Sat, 25 Feb 2023 00:10:55 GMT
Expires: Sat, 25 Feb 2023 00:10:54 GMT
Keep-Alive: timeout=360
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 530 4e92630 master zrh-pixel-x29 config:1.0.0
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:b74063f9-5211-4000-9586-efffbc006724&gdpr=0&gdpr_consent=

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 118B
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=508936005087428824

42 B
423 B

29ms
15ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=508936005087428824
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=&us_privacy=pbs-newspassidhttps%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-newspassid%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Sat, 25 Feb 2023 00:10:54 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=508936005087428824
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame 3A31 43 B
363 B 347ms
15ms Document
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-type: image/gif
cross-origin-resource-policy: cross-origin
date: Sat, 25 Feb 2023 00:10:55 GMT
expires: Sat, 25 Feb 2023 00:00:00 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 249577
strict-transport-security: max-age=31536000; preload;
x-errorlevel: 0

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 53A9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=LmdLfeSYSa6ziK06FKRLuA%3D%3D&gdpr=0&gdpr_consent=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

16 KB
16 KB

7ms
7ms

Image
text/html

23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Protocol: H2
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 00:10:55 GMT
content-encoding: gzip
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
server: Apache
vary: Accept-Encoding
content-type: text/html
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=78812
accept-ranges: bytes
content-length: 5554
expires: Sat, 25 Feb 2023 22:04:27 GMT

Redirect headers

pragma: no-cache
date: Sat, 25 Feb 2023 00:10:55 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

generic
match.adsrvr.org/track/cmf/ Frame 53A9
Redirect Chain

https://pixel.onaudience.com/?partner=214&mapped=2E674B7D-E498-49AE-B388-AD3A14A44BB8&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0

70 B
264 B

35ms
34ms

Image
image/gif

52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Protocol: H2
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 25 Feb 2023 00:10:55 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
content-length: 0

GET
H2

200

Artemis
aud.pubmatic.com/AdServer/ Frame 53A9
Redirect Chain

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=2E674B7D-E498-49AE-B388-AD3A14A44BB8&gdpr=
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=2E674B7D-E498-49AE-B388-AD3A14A44BB8&gdpr=&fbounce=1
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=2E674B7D-E498-49AE-B388-AD3A14A44BB8&addseg=19,36,42

0
0

111ms
15ms

Image
application/json

185.64.189.229
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=2E674B7D-E498-49AE-B388-AD3A14A44BB8&addseg=19,36,42
Protocol: H2
Server: 185.64.189.229 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Redirect headers

date: Sat, 25 Feb 2023 00:10:55 GMT
via: 1.1 google
content-type: text/html; charset=utf-8
location: https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=2E674B7D-E498-49AE-B388-AD3A14A44BB8&addseg=19,36,42
p3p: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
cache-control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 53A9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=MkU2NzRCN0QtRTQ5OC00OUFFLUIzODgtQUQzQTE0QTQ0QkI4&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
95 B

75ms
17ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sat, 25 Feb 2023 00:10:55 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sat, 25 Feb 2023 00:10:55 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 53A9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHPCxdCOf2f8kNyV2Gp5WMg&google_cver=1

42 B
379 B

73ms
16ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHPCxdCOf2f8kNyV2Gp5WMg&google_cver=1
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sat, 25 Feb 2023 00:10:55 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sat, 25 Feb 2023 00:10:55 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHPCxdCOf2f8kNyV2Gp5WMg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame 53A9 43 B
612 B 69ms
17ms Image
image/gif 34.91.62.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

186.62.91.34.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 00:10:55 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Fri, 24 Feb 2023 00:10:55 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 53A9 70 B
264 B 36ms
34ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 25 Feb 2023 00:10:55 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame 53A9
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=3600262732993799600

42 B
218 B

85ms
16ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=3600262732993799600
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Sat, 25 Feb 2023 00:10:55 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Sat, 25 Feb 2023 00:10:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=3600262732993799600
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 2E674B7D-E498-49AE-B388-AD3A14A44BB8
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 53A9 43 B
426 B 115ms
33ms Image
image/gif 2a05:d018:d29:3602:81a6:56d8:c5db:8c4d
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/2E674B7D-E498-49AE-B388-AD3A14A44BB8?gdpr=0&gdpr_consent=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3602:81a6:56d8:c5db:8c4d Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 00:10:55 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
content-length: 43

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame 53A9
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=2E674B7D-E498-49AE-B388-AD3A14A44BB8&redir=true&gdpr=0&gdpr_consent=
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=2E674B7D-E498-49AE-B388-AD3A14A44BB8&redir=true&gdpr=0&gdpr_consent=&verify=true
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-OZuuUalE2uVi1oT__4t73QicLGGZd9g-~A&gdpr=0

0
260 B

87ms
15ms

Image
text/plain

198.47.127.20
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-OZuuUalE2uVi1oT__4t73QicLGGZd9g-~A&gdpr=0
Protocol: H2
Server: 198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 00:10:54 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-OZuuUalE2uVi1oT__4t73QicLGGZd9g-~A&gdpr=0
date: Sat, 25 Feb 2023 00:10:55 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.25
age: 0
content-length: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

setuid
bidder.newspassid.com/ Frame 458C
Redirect Chain

https://ssum.casalemedia.com/usermatchredir?us_privacy=pbs-newspassid&gdpr=0&gdpr_consent=&s=189937&cb=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26us_p...
https://bidder.newspassid.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&us_privacy=pbs-newspassid&uid=Y-lSDFiP3dEuo4P3x6WmgwAA%261183

0
856 B

108ms
108ms

Image
text/plain

54.86.73.72
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bidder.newspassid.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&us_privacy=pbs-newspassid&uid=Y-lSDFiP3dEuo4P3x6WmgwAA%261183
Protocol: H2
Server: 54.86.73.72 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-86-73-72.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bidder.newspassid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Feb 2023 00:10:55 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
vary: Origin
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 25 Feb 2023 00:10:55 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BcFjLIelE%2B9q5Fnr7x8Yt%2FNeVOoWpBh6vQGW27wLjSFtaEvoTmq40xNzaHwsVk3wovy4DBEhWx3rf1UIF289O98%2BayaOC8mjteqjpaKuDGJqjjSfIaPlVToP5TlxRbgtFjojKW4E"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://bidder.newspassid.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&us_privacy=pbs-newspassid&uid=Y-lSDFiP3dEuo4P3x6WmgwAA%261183
cache-control: no-cache
cf-ray: 79ec3883490a9a18-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 204 v1
match.sharethrough.com/FGMrCMMc/ Frame 089D 0
34 B 8ms
6ms Image
text/plain 52.58.53.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dsharethrough%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.53.4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-53-4.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bidder.newspassid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 00:10:55 GMT

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame 089D 0
239 B 8ms
8ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-newspassid&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bidder.newspassid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: f5982f4f9cc79eb2b489dda8b92e3144
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

setuid
bidder.newspassid.com/ Frame 089D
Redirect Chain

https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=pbs-newspassid&redir=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
https://bidder.newspassid.com/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=3959494171020399611699

0
738 B

109ms
109ms

Image
text/plain

54.86.73.72
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bidder.newspassid.com/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=3959494171020399611699
Protocol: H2
Server: 54.86.73.72 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-86-73-72.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bidder.newspassid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Feb 2023 00:10:55 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
vary: Origin
expires: 0

Redirect headers

location: https://bidder.newspassid.com/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=3959494171020399611699
date: Sat, 25 Feb 2023 00:10:55 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 997A 16 KB
6 KB 7ms
7ms Document
text/html 23.35.236.201
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=&us_privacy=pbs-newspassidhttps%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-newspassid%26uid%3D
Requested by: Host: bidder.newspassid.com
URL: https://bidder.newspassid.com/static/load-cookie.html?usp_consent=1---&publisherId=NPID10000004&siteId=4204204280&cb=1677283851669&bidder=newspassid
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.201 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-201.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48

Request headers

Referer: https://bidder.newspassid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=78812
content-encoding: gzip
content-length: 5554
content-type: text/html
date: Sat, 25 Feb 2023 00:10:55 GMT
expires: Sat, 25 Feb 2023 22:04:27 GMT
last-modified: Fri, 16 Dec 2022 06:36:49 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

POST
H/1.1 200
OK abt Show response
capi-tier-2-us-east-2.connatix.com/tr/ Frame 3A0B 0
317 B 119ms
119ms XHR
application/x-protobuf 52.15.102.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi-tier-2-us-east-2.connatix.com/tr/abt?v=233833
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.15.102.142 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-15-102-142.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Sat, 25 Feb 2023 00:10:55 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.fox13now.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 20

GET
H2

200

setuid
bidder.newspassid.com/ Frame 089D
Redirect Chain

https://ssum.casalemedia.com/usermatchredir?us_privacy=pbs-newspassid&gdpr=0&gdpr_consent=&s=189937&cb=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26us_p...
https://bidder.newspassid.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&us_privacy=pbs-newspassid&uid=Y-lSDFiP3dEuo4P3x6WmgwAA%261183

0
856 B

108ms
108ms

Image
text/plain

54.86.73.72
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bidder.newspassid.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&us_privacy=pbs-newspassid&uid=Y-lSDFiP3dEuo4P3x6WmgwAA%261183
Protocol: H2
Server: 54.86.73.72 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-86-73-72.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bidder.newspassid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Feb 2023 00:10:56 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
vary: Origin
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 25 Feb 2023 00:10:56 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tfKG1Pr%2FiEb3LaeM9pDCjUO%2FZBa5xrmEVudZvO9f%2FitEtXbZwxPAZVALzUOVQGiU7CudNOR1Eco2Lg9URAiwRYYLDQ1clAXx6LbNNmKvsH%2Bylf5DX5MTHJPsgwZxbYV9OGx%2FbNcz"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://bidder.newspassid.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&us_privacy=pbs-newspassid&uid=Y-lSDFiP3dEuo4P3x6WmgwAA%261183
cache-control: no-cache
cf-ray: 79ec388429a69a18-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2

200

setuid
bidder.newspassid.com/ Frame 458C
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
https://bidder.newspassid.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=8327026006309481447

0
856 B

108ms
108ms

Image
text/plain

54.86.73.72
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bidder.newspassid.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=8327026006309481447
Protocol: H2
Server: 54.86.73.72 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-86-73-72.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bidder.newspassid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Feb 2023 00:10:56 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
vary: Origin
expires: 0

Redirect headers

Date: Sat, 25 Feb 2023 00:10:56 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.164; 185.213.155.164; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 4b5e75e1-87e8-4b84-8e89-215a882c55af
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://bidder.newspassid.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=8327026006309481447
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
bidder.newspassid.com/ Frame 458C
Redirect Chain

https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&us_privacy=pbs-newspassid&r=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dopenx%26uid%3D%24%7BUID%7D
https://bidder.newspassid.com/setuid?bidder=openx&uid=abe4479d-dbf5-4018-bc5e-1164d2e4b545

0
856 B

109ms
109ms

Image
text/plain

54.86.73.72
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bidder.newspassid.com/setuid?bidder=openx&uid=abe4479d-dbf5-4018-bc5e-1164d2e4b545
Protocol: H2
Server: 54.86.73.72 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-86-73-72.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bidder.newspassid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Feb 2023 00:10:56 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
vary: Origin
expires: 0

Redirect headers

pragma: no-cache
date: Sat, 25 Feb 2023 00:10:55 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
location: https://bidder.newspassid.com/setuid?bidder=openx&uid=abe4479d-dbf5-4018-bc5e-1164d2e4b545
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-request-id: 4pbpussua4lpfn2dp002lehlbvdgosnu

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame 53A9 0
128 B 29ms
15ms Script
text/plain 198.47.127.20
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=&us_privacy=pbs-newspassidhttps%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-newspassid%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.20 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Sat, 25 Feb 2023 00:10:56 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

POST
H/1.1 200
OK st Show response
capi-tier-2-us-east-2.connatix.com/tr/ Frame 3A0B 0
317 B 119ms
118ms XHR
application/x-protobuf 52.15.102.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi-tier-2-us-east-2.connatix.com/tr/st?v=233833
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.15.102.142 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-15-102-142.us-east-2.compute.amazonaws.com
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: multipart/form-data

Response headers

date: Sat, 25 Feb 2023 00:10:57 GMT
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: application/x-protobuf
access-control-allow-origin: https://www.fox13now.com
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 20

Verdicts & Comments Add Verdict or Comment

172 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

54 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.fox13now.com/	1970-01-20 18:40:19	Name: usprivacy Value: 1---
.fox13now.com/	1970-01-20 09:54:45	Name: _parsely_session Value: {%22sid%22:1%2C%22surl%22:%22https://www.fox13now.com/news/local-news/billionaire-utahn-to-give-away-90-of-his-wealth%22%2C%22sref%22:%22%22%2C%22sts%22:1677283850240%2C%22slts%22:0}
.fox13now.com/	1970-01-20 19:24:07	Name: _parsely_visitor Value: {%22id%22:%22pid=9b5ecf30e08faba0323ded86e3bdfc2c%22%2C%22session_count%22:1%2C%22last_session_ts%22:1677283850240}
.fox13now.com/	1970-01-20 19:30:43	Name: _ga Value: GA1.2.2125104816.1677283850
.fox13now.com/	1970-01-20 09:56:10	Name: _gid Value: GA1.2.1528028454.1677283850
.fox13now.com/	1970-01-20 09:54:43	Name: _dc_gtm_UA-27022641-1 Value: 1
.fox13now.com/	1970-01-20 09:54:43	Name: _dc_gtm_UA-29479748-9 Value: 1
.fox13now.com/	1970-01-20 09:54:43	Name: _dc_gtm_UA-40066851-1 Value: 1
.fox13now.com/	1970-01-20 19:16:19	Name: __gads Value: ID=593b57b6b6194bfb:T=1677283851:S=ALNI_Ma6Cn6fdj1BjuY6ijnTe15Fb4YEuw
.fox13now.com/	1970-01-20 19:16:19	Name: __gpi Value: UID=00000bbbea0fad76:T=1677283851:RT=1677283851:S=ALNI_MYn0Tk9Ubqgt5ToXIW1Cc0BbycU9A
.doubleclick.net/	1970-01-20 19:16:19	Name: IDE Value: AHWqTUm3YU6o5poDDRQYmLNh5PkZQjNkY4ZV5GtffMXSmmAD9qxvRLN1XoHmW1gHzVM
.casalemedia.com/	1970-01-20 18:40:19	Name: CMID Value: Y-lSDFiP3dEuo4P3x6WmgwAA
.casalemedia.com/	1970-01-20 12:04:19	Name: CMPS Value: 1183
.casalemedia.com/	1970-01-20 12:04:19	Name: CMPRO Value: 1183
.doubleclick.net/	1970-01-20 09:54:47	Name: DSID Value: NO_DATA
.turn.com/	1970-01-20 14:13:55	Name: uid Value: 3767069437138362932
.rfihub.com/	1970-01-20 19:16:19	Name: rud Value: H4sIAAAAAAAA_-MSNjU0NjExNTUxMjQyMzM3MjE2MhHiM9S1TDR2MnPKzzBNyqsCACD5EB0lAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjU0NjExNTUxMjQyMzM3MjE2MhHiM9S1TDR2MnPKzzBNyqsCACD5EB0lAAAA
.rfihub.com/	1970-01-20 19:16:19	Name: eud Value: H4sIAAAAAAAA__vFyGtoZm5uZGFsYWpkaWEMAAr6TKgQAAAA
.bidder.newspassid.com/	1970-01-20 12:04:19	Name: newspassid_uid Value: 2MCuOgOxuwgx0aH1gHOphq5NrCP
.bidswitch.net/	1970-01-20 18:40:19	Name: tuuid Value: 771d6fbf-bc2b-4155-8a62-ae765bf1cf2a
.bidswitch.net/	1970-01-20 18:40:19	Name: c Value: 1677283855
.bidswitch.net/	1970-01-20 18:40:19	Name: tuuid_lu Value: 1677283855
.360yield.com/	1970-01-20 12:04:19	Name: tuuid Value: 17cf9f04-2e39-46f6-a420-a55b588f60dd
.360yield.com/	1970-01-20 12:04:19	Name: tuuid_lu Value: 1677283855
.openx.net/	1970-01-20 18:40:19	Name: i Value: 4196f70b-cbed-4c06-8d04-199937984435\|1677283855
ads.avct.cloud/	1970-01-20 18:40:19	Name: uuid Value: d8ce4c99-35c8-4c41-8d06-c37f03e1a800
.3lift.com/	1970-01-20 12:04:19	Name: tluid Value: 3959494171020399611699
.ads.pubmatic.com/	1970-01-20 09:56:10	Name: KCCH Value: YES
.adnxs.com/	1970-01-20 12:04:19	Name: uuid2 Value: 8327026006309481447
.pubmatic.com/	1970-01-20 18:40:19	Name: KADUSERCOOKIE Value: 2E674B7D-E498-49AE-B388-AD3A14A44BB8
.pubmatic.com/	1970-01-20 12:04:19	Name: chkChromeAb67Sec Value: 1
.pubmatic.com/	1970-01-20 09:56:10	Name: pi Value: 0:2
.pubmatic.com/	1970-01-20 12:04:19	Name: DPSync3 Value: 1678492800%3A201_197_219_221
.pubmatic.com/	1970-01-20 12:04:19	Name: SyncRTB3 Value: 1678492800%3A56_71_220_21_7_161_54_13%7C1677888000%3A223%7C1678579200%3A35
.yahoo.com/	1970-01-20 18:40:41	Name: A3 Value: d=AQABBA9S-WMCEAObuNTHX3BCyD6-N4bxHHAFEgEBAQGj-mMDZAAAAAAA_eMAAA&S=AQAAAu-D7EcPM7_AoWQhCqJe_9A
.analytics.yahoo.com/	1970-01-20 18:40:19	Name: IDSYNC Value: 18z8~2a6o
.onaudience.com/	1970-01-20 18:40:19	Name: cookie Value: beb44291a3401c2f
.onaudience.com/	1970-01-20 09:56:10	Name: done_redirects147 Value: 1
.fiftyt.com/	1970-01-20 18:40:19	Name: fifid Value: b93b5071-1ee0-45ec-7246-c46f45e5a4aa
.fiftyt.com/	1970-01-20 18:40:19	Name: cs Value: MTY3NzI4Mzg1NXxEdi1CQkFFQ180SUFBUkFCRUFBQUJQLUNBQUE9fG-pa-xvGRpf8acaQVCWsyzD_GdOA2SK1yDqvKQ9vfnV
.simpli.fi/	1970-01-20 18:41:46	Name: suid Value: 22AF13C21BFA4B4685EDFA4FD0DE89BC
.adform.net/	1970-01-20 10:35:03	Name: C Value: 1
.de17a.com/	1970-01-20 18:33:07	Name: guid Value: 1.508936005087428824
.fiftyt.com/	1970-01-20 10:04:48	Name: fppm Value: 20230225001055
.adform.net/	1970-01-20 11:21:07	Name: uid Value: 3600262732993799600
.pubmatic.com/	1970-01-20 10:37:55	Name: SPugT Value: 1677283854
.pubmatic.com/	1970-01-20 10:37:55	Name: KRTBCOOKIE_336 Value: 5844-508936005087428824
.pubmatic.com/	1970-01-20 12:04:19	Name: KRTBCOOKIE_80 Value: 16514-CAESEHPCxdCOf2f8kNyV2Gp5WMg&KRTB&22987-CAESEHPCxdCOf2f8kNyV2Gp5WMg&KRTB&23025-CAESEHPCxdCOf2f8kNyV2Gp5WMg&KRTB&23386-CAESEHPCxdCOf2f8kNyV2Gp5WMg
.mathtag.com/	1970-01-20 19:20:39	Name: uuid Value: b74063f9-5211-4000-9586-efffbc006724
.pubmatic.com/	1970-01-20 10:37:55	Name: KRTBCOOKIE_391 Value: 22924-3600262732993799600&KRTB&23263-3600262732993799600
.pubmatic.com/	1970-01-20 12:04:19	Name: KRTBCOOKIE_27 Value: 16735-uid:b74063f9-5211-4000-9586-efffbc006724&KRTB&16736-uid:b74063f9-5211-4000-9586-efffbc006724&KRTB&23019-uid:b74063f9-5211-4000-9586-efffbc006724&KRTB&23114-uid:b74063f9-5211-4000-9586-efffbc006724
.pubmatic.com/	1970-01-20 10:37:55	Name: PugT Value: 1677283854
.bidder.newspassid.com/	1970-01-20 12:04:19	Name: uids Value: eyJ0ZW1wVUlEcyI6eyJhZG54cyI6eyJ1aWQiOiI4MzI3MDI2MDA2MzA5NDgxNDQ3IiwiZXhwaXJlcyI6IjIwMjMtMDMtMTFUMDA6MTA6NTUuNzkwNDc5NTQ2WiIsInNvdXJjZSI6ImNvb2tpZSJ9LCJpbXByb3ZlZGlnaXRhbCI6eyJ1aWQiOiIxN2NmOWYwNC0yZTM5LTQ2ZjYtYTQyMC1hNTViNTg4ZjYwZGQiLCJleHBpcmVzIjoiMjAyMy0wMy0xMVQwMDoxMDo1NS42MTYzMjUxOTFaIiwic291cmNlIjoiY29va2llIn0sIml4Ijp7InVpZCI6IlktbFNERmlQM2RFdW80UDN4NldtZ3dBQVx1MDAyNjExODMiLCJleHBpcmVzIjoiMjAyMy0wMy0xMVQwMDoxMDo1Ni4wOTI5NTY4NzFaIiwic291cmNlIjoiY29va2llIn0sIm9wZW54Ijp7InVpZCI6ImFiZTQ0NzlkLWRiZjUtNDAxOC1iYzVlLTExNjRkMmU0YjU0NSIsImV4cGlyZXMiOiIyMDIzLTAzLTExVDAwOjEwOjU2LjIxNTA0NTQ0OFoiLCJzb3VyY2UiOiJjb29raWUifSwidHJpcGxlbGlmdCI6eyJ1aWQiOiIzOTU5NDk0MTcxMDIwMzk5NjExNjk5IiwiZXhwaXJlcyI6IjIwMjMtMDMtMTFUMDA6MTA6NTUuNDk2MTg2MjAyWiIsInNvdXJjZSI6ImNvb2tpZSJ9fSwiYmRheSI6IjIwMjMtMDItMjVUMDA6MTA6NTUuMTUxMjkyMzU3WiJ9

14 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://cdn.cookielaw.org/consent/000000/000000.json Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://www.fox13now.com/weather/school-closings-delays?_renderer=json Message: Failed to load resource: the server responded with a status of 404 (Not Found)
security	warning	URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 467) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
security	warning	URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 467) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
security	warning	URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 467) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
security	error	URL: https://e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15) Message: The source list for Content Security Policy directive 'child-src' contains a source with an invalid path: '/sadbundle/$csp%3Der3$/16109559932968589349/index.html?v=b208246486'. The query component, including the '?', will be ignored.
security	error	URL: https://e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15) Message: The source list for Content Security Policy directive 'frame-src' contains a source with an invalid path: '/sadbundle/$csp%3Der3$/16109559932968589349/index.html?v=b208246486'. The query component, including the '?', will be ignored.
security	error	URL: https://e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15) Message: The source list for Content Security Policy directive 'child-src' contains a source with an invalid path: '/sadbundle/$csp%3Der3$/16109559932968589349/index.html?v=b208246486'. The query component, including the '?', will be ignored.
security	error	URL: https://e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15) Message: The source list for Content Security Policy directive 'frame-src' contains a source with an invalid path: '/sadbundle/$csp%3Der3$/16109559932968589349/index.html?v=b208246486'. The query component, including the '?', will be ignored.
security	error	URL: https://e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15) Message: The source list for Content Security Policy directive 'child-src' contains a source with an invalid path: '/sadbundle/$csp%3Der3$/16109559932968589349/index.html?v=b208246486'. The query component, including the '?', will be ignored.
security	error	URL: https://e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15) Message: The source list for Content Security Policy directive 'frame-src' contains a source with an invalid path: '/sadbundle/$csp%3Der3$/16109559932968589349/index.html?v=b208246486'. The query component, including the '?', will be ignored.
security	error	URL: https://d3plfjw9uod7ab.cloudfront.net/ad/6d6d25e3-5be4-444b-82ae-a8f0bb892234.js(Line 1) Message: Refused to create a worker from 'blob:https://e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com/9d0bc17f-4920-4845-8069-ab8fb8ac288a' because it violates the following Content Security Policy directive: "child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/16109559932968589349/index.html?v=b208246486". Note that 'worker-src' was not explicitly set, so 'child-src' is used as a fallback.
security	error	URL: about:blank Message: The source list for Content Security Policy directive 'child-src' contains a source with an invalid path: '/sadbundle/$csp%3Der3$/16109559932968589349/index.html?v=b208246486'. The query component, including the '?', will be ignored.
security	error	URL: about:blank Message: The source list for Content Security Policy directive 'frame-src' contains a source with an invalid path: '/sadbundle/$csp%3Der3$/16109559932968589349/index.html?v=b208246486'. The query component, including the '?', will be ignored.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self' https://cms.scrippsdigital.com
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a5086.casalemedia.com
aax-dtb-cf.amazon-adsystem.com
ad-delivery.net
ad.doubleclick.net
ad.turn.com
ad2.360yield.com
ads.avct.cloud
ads.pubmatic.com
adservice.google.com
adservice.google.de
amplify-imp.outbrain.com
analyticssystems.net
ap.lijit.com
api.btloader.com
api.ewscloud.com
assets.scrippsdigital.com
aswpsdkus.com
aud.pubmatic.com
b1-nydc1.zemanta.com
b1t-nydc1.zemanta.com
bidder.newspassid.com
btloader.com
c.amazon-adsystem.com
c1.adform.net
capi-tier-2-us-east-2.connatix.com
capi.connatix.com
cd.connatix.com
cdn.ampproject.org
cdn.cookielaw.org
cdn.parsely.com
cds.connatix.com
click.oi.com.br
cm.adform.net
cm.g.doubleclick.net
connect.facebook.net
d.adroll.com
d3plfjw9uod7ab.cloudfront.net
d5p.de17a.com
dis.criteo.com
dsum-sec.casalemedia.com
e6b9405eb33cddf55e6baff9fc9620dc.safeframe.googlesyndication.com
eb2.3lift.com
ewscripps.brightspotcdn.com
flint.defybrick.com
fonts.googleapis.com
fonts.gstatic.com
geolocation.onetrust.com
googleads.g.doubleclick.net
grid.bidswitch.net
hbx.media.net
ib.adnxs.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
images.outbrainimg.com
imasdk.googleapis.com
img.connatix.com
js-sec.indexww.com
log.outbrainimg.com
match.adsrvr.org
match.sharethrough.com
mcdp-nydc1.outbrain.com
mv.outbrain.com
odb.outbrain.com
p.rfihub.com
p.typekit.net
p1.parsely.com
pagead2.googlesyndication.com
pixel.onaudience.com
pixel.rubiconproject.com
pr-bh.ybp.yahoo.com
prebid.media.net
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
rock.defybrick.com
rtb.openx.net
s.amazon-adsystem.com
s0.2mdn.net
sb.scorecardresearch.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
static.ewscloud.com
stats.g.doubleclick.net
sync.mathtag.com
sync.taboola.com
tcheck.outbrainimg.com
tpc.googlesyndication.com
um.simpli.fi
ups.analytics.yahoo.com
use.fontawesome.com
use.typekit.net
vid.connatix.com
visitor.fiftyt.com
warp.media.net
widget-pixels.outbrain.com
widgets.outbrain.com
www.fox13now.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
zem.outbrainimg.com
104.18.10.47
104.18.22.41
104.18.23.41
104.18.24.185
104.18.25.185
13.248.245.213
13.32.99.90
13.32.99.93
130.211.23.194
141.226.228.48
141.94.171.215
142.250.180.194
142.250.185.102
146.75.122.132
151.101.66.137
167.89.115.120
178.250.1.9
18.66.122.56
185.170.62.108
185.29.132.241
185.64.189.229
185.64.190.78
185.64.190.80
185.80.39.216
193.0.160.130
198.47.127.20
2.18.37.67
2001:678:cb4:bbbb::11
213.155.156.168
216.52.2.16
23.203.124.21
23.203.125.156
23.35.228.23
23.35.236.201
2600:1f18:e8a:cd04:9b88:a313:d24d:af44
2600:9000:206f:1a00:10:618e:d880:93a1
2600:9000:206f:1c00:1a:ba5c:3900:93a1
2600:9000:223e:c000:13:a391:88c0:21
2606:4700:20::681a:246
2606:4700:20::681a:68b
2606:4700:3032::ac43:cb69
2606:4700:4400::6812:2b9e
2606:4700::6813:bc61
2606:4700:e2::ac40:840f
2a00:1450:4001:806::2006
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2001
2a00:1450:4001:812::2002
2a00:1450:4001:828::2004
2a00:1450:4001:829::2001
2a00:1450:4001:829::2002
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2003
2a00:1450:4001:831::2008
2a00:1450:400d:804::2001
2a00:1450:400d:80a::2003
2a00:1450:400d:80e::200a
2a00:1450:4025:401::9b
2a02:26f0:3500:16::215:1495
2a02:26f0:3500:16::215:14a0
2a03:2880:f01c:8012:face:b00c:0:3
2a05:d018:cc3:fe04:4794:ab03:2c09:5455
2a05:d018:d29:3602:81a6:56d8:c5db:8c4d
3.125.185.236
3.71.149.231
34.107.148.139
34.160.158.95
34.91.62.186
35.156.32.230
35.186.253.211
35.201.96.126
37.157.5.141
37.157.6.247
37.252.171.149
52.15.102.142
52.17.99.225
52.222.209.55
52.223.40.198
52.29.114.79
52.46.130.91
52.58.53.4
54.170.158.38
54.83.185.72
54.86.73.72
64.202.112.95
65.9.61.60
65.9.66.23
65.9.66.75
65.9.71.208
69.173.144.165
029492cd4e517e07e67dfb5c183428fe5d819a14dc3f2cc8971ca0b2621218a0
05dea6c77ac68974d5bbce61a61d9845122cb2109c7bf2526809cfcbff44564c
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0729926a3ab32e823402b118b0c2644485c51972d27a8b5e8c8d4d590bad53b4
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b8f08ac6ae2c7c8779a1336c92dbbb92f35912ee366d0624ffb289db0263f48
0b9fae203e249a23d7ced81553d81d0d7323d1a9ea3e87725684e6f49798d915
0ca6914c00ec9b51ea7dcdde2654ebf667da1ab092cd380971491febc218a31c
0ceb563d6ce39ba6ab2e90a1d7e6a39d737a2fa59db1914b115f784bbf97fa5f
0e971a6c0d48b9d8cab8aa3c2edbe66120afbab371d54a76c931e9e28a1f4921
1781cb2627a14a3c2e92e65d71c4650dd673d547c784f080b113052581abb942
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18ed1c1634d9f96286eecd6bfe892542a2cd46f4e46d437210fa99e4c8482966
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1e07e272734d4232d604835b00dfb9847c36a95e2fb6a01458590618e2bbcc77
202b65f7735476b526548db88f43f49a959907ed4078132204f0cb1c4503f9e2
204d60b3d8e31b6b5c5e4980a521c5284b8740f053a475b0894edddaee6b1220
2154b34bc0f6a1eb89ee530e36dfe7ed28abec06fa931e1838a00ea8bb2ee7db
21753cd170ea906a9b7a3459d71c7a936ecf8ae359c00f386a7e8cd11fb50558
2393a5f9012a549669d8dd7755e0411f25292d26d1aa3e2752795f2906adb5b3
253a1cd60c4d9a554f906a54444261880508b1bf6b2350014103f70e2c7fcfb7
26148ded0aed1146634fc71c52fe8458e89dae6acf31090ab279de392a7dac88
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2877aacc9859c172f48b9b7d6b4a6dc793e8ade612f50b82734154b0d9b404da
297f007c7cdfb5a4b9f50b62772ac549dccd71d88ffc473547a34147004a69ac
2a4c6f1135bea31e7d62ea82f74bbc26237303789b09be1b55e7bf8c3f9bc29a
2b4d9ab4cbc759ed850fb6e32c02a2e0342a4f2854afa475eab14fd7fcdaf08c
2d4551ad5c43c84a384cbb912a6366163d14e8eab63120c1b288e5143b134660
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31edca22e24ffa4f4160bf05db2242e4deee151bc37c2eda0229ddcefdf3d19e
33ca751ed175a163bef530ebdcdbd0a2d15997ccbcbf8d50a6f504e8ffac5a5c
33cf544ad9b2702ef8cc549ae1fbec26a2afb0ad835c0e3e863b367e18f338dc
36cd49b49d18675d396afa9bb80b3cba18e78b7e02cde35fa1d336808c5382a3
39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f
3a454d870a975028817fe383ce0c49f667e1187651b054bbf3d69fd748134c62
3ad36bb49239b3d32df10dc97841cb24dd28a8bca96ee95a57f4972d9b607976
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3bba1bb5847e0990d0d2983df61e98417272fc1aa014b09c4f8dda08e7b103ac
3d277a90920d78efa3d6e473d67240beb26100591c7b02a34bd444aa78ee5d5c
3f13c6b3026bf5f9437ea17554965e56be1b5ab25b5cf6f3de7415b5b8bd2f60
4219357b3207614d5a5329301691f754ded3f407d75cc34afce089e353060be8
428f7aa8e713109cdaf1b095f8aaedad37222f328df1b4993fa398c78d976556
44184c16fd72e51859e402906cfc8eb5cc13161916b42cf46e416bc9e3fe9850
44ba0a497cac66505aa560501d886e3bc900b979aaa4958add24935e08812b76
44f39cf7728c58ba7a80910914f6da3d5c4698e0371c5eac8a1164b78ce730b1
451bea371e363e4ce53f534aa901ae25067efc06286d18bc6c7088dff0a24e1c
45757680b77a304ad1d170c704814c72db5a4bde6aa26e1b81d749c549a96475
4678c7b68015a2edf29f963005eac0518d032dde277bab49dcfb98198fd19328
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
46a87306a983909ac9dd23e2a2c6fbb8c074fe248e29bdcf14edfc53305ed6fd
487aec7746a83542b3573383df65747e31c494d8412103b5675329f3d4befaeb
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48a93726f2b0e70a9f55cb0e29b83f3d87c2d6ca21a777a127b5ffc1980fac70
4a31fde39ebdd4cd2b803f33f8512361945b6b78d0fe3ae542f539ce82787bb9
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4d2c89832e34211173a0991f814df6d9a7e01de87c84103b196da2fa92e0a816
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
53ab1520402c2ade95cfbd4232430e936485c3f0deb70fda33c64d760d98a9a9
551bdee11724bb4e609f7354a77f8c98cfe7f238fa886885e8489e0929c1d858
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5885f27080593c5739bbc91069cb575aaae5a633398313c16521f2f35c6d77c0
58e22316f7732bc53e76e01ebacb75647d698faf70187aa79910abf1296bd687
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5d8f24de649d274c051960845b51a0407362d6b4c80de23985e648d3378708f5
5e713a207017a40f54387d0e25bbb3cbbe1b3d10338cdd4a7342cc1486b19140
5e949e0ba546cccd944b7fc64ebc3f97123638dd1b3af8eec5732cd599c2ed46
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
5f419c192e605d0d0bfac0ef0835ffdeb6691358a09d43a186656a4e3f6c02b4
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61ccd3cf5420f743612ad3c3372cb115725cc0923263f91671cccb3b171cec32
61fc845af19015ad342381666a72c1dfdb3203898ee3909ca83edb3354b44f2d
620bae4f435d4ccd1c611f602c0790871f65d6bf668f6ff2ac716b89285cdc4a
62b5e7ae9e2ed60dcd7cb2e0823dd0884575f2176aff629f2df1e912dfae20e1
686893618e09c17a646a453b841f73c5d7c7cd7f792b84387742c445c0335f31
6880a63068ff8427cafc59406647c07320aead257280260c72a87d6826522b5b
6a39bf6101f2f88de6e648bc5f573820f4ad8a44e83379db0ef6340aadc048ca
6acd432b3c0c7b85a1d0d9eddd2522fa557f74a0bf41a45498a78506d92f223e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bc4cd5be69f0c87c948ad881f4f72e4414b5e5166ba219b7a6b72f197b775ee
6e91bded8ac0fe50742250b3dbb81d08775e181bdb4e600af79b39ad9b8838d6
716692d351245392c048ab3e22c55e22d49c416476f23cf7bdbe2677b09dc64b
727f93b09ab81ccfabda8af76bbd53e3e99a3eafce122b52fac24f9e13872e33
72a64af6c85d8ab9bb2b508571c6a70080750c4891634dcbe36cb95737ca0f48
78920238e3da7954274aebb7babb5aa4700a88bf9b87521a2a49803438a1f612
7de886a084ff33bba971a067938a541d20340782ca5a77f0e8879f6571f42fb4
7e03ea05c599640f6d1a683302bec77bcd06d63d0a41c3df4867637835876dd9
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
81a6361b1f6ff5f9f6ca05b773fb993d7b7b3f668635ccba4379fa3ecb9a7e3e
8294f47c10ab9172680f9bba780fecd122dbec7acc578a6973704c97903a8915
82d63ecef7851ffd217020b3817b0206328488879b0c782f9b67d43bd1479a2a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
846ff06a23955e8fc1be256713f5c58eb0de23eb47f7de416963a055340a4c1f
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85c97bdbfb0fab332e4c93c18caf25e12989e5347597d02c1099773755907a30
89c9e80ecd6f37be835fe762db514ef63023190e1905645372c551b8c2201c89
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8db22950b3f47f686f4bad6b6d21386f03a4b0b24320c6715436424e41dcda09
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
947f6de0f1f5c2fe9797c8c22657ef50edc1557e7ede34fe10ad8af54295951e
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9a637212bb0eb2933d7eff89e4f899a24f313304325f44f1c46aa057e2eb9cfd
9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034
9c8487f83633ad7b175b94d036fa0dd648a116082a893a9c1960b6de1292cdf3
9e7364364960ab41fb0bdb8365708009e215221bdd4976952a30e9460cebcbdb
9e7fe9d81fad8be2fb90f53f8025f3c05d63b56d7b9380595656f67092a26289
9ed64e10f773861c3b4a3671ed71c3a93c3aa77afc67df68c3b9eed6a3876717
a04a64eb55c4a16ed352d149385a8ac8d8c2d3291f0e5b59b0f48375443b5f24
a360211799721abb9900beceede6dbbea3b0c5ea3da2181163929afcd16a3ab0
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a592740285723e2719318aa6407e0405fd95e341dfe114b8f5894e63078e1351
a661f8f8090e763d9e46c3b0745a402070fc823d3cf116aba6c2ad0287282d62
a6ee3e7f9699146584bd4c67566c98bcd213cabb816b6e375beb9ad691af45bf
a78eee44a33280cae70b7fade38a0ea36d2d3c34252c8fffe9e5d91aaf463a0c
a7b7120dffd25546c93c1367b9c86a3dc87e71d2c89ebb39163a71eb3b659f01
a83079124373d924ad1402fbc08d2e24d0043234d4c26565f1c368745f55f5d9
a84fb0803620acdf77c0f41d652eb5538002ed610424bd0be051203ee50cf940
a863f6bce792db2ab20ee43e45ea7dbefd080257cdc7ed76ce6ce77ca89b8f68
aa478652d3c012008eecf1268ff0b340d88be662acc3cde584628f39c7bbc236
ad8f910bdbf8d93555b655d7c147003525302132ce9ea263417efec3632796a6
af669993c551169a0a08b8ecdecf9641d8f3a64c88e570a462732fa093c21eb7
b01a08c197eb1a54a48b04df53426ac2c8d5b40d836a7dbdaa182f4d261d5084
b1059fcd58ac43f405fdd497a402fc51fe20028f734f8abbeb9120e9ceebeabc
b127fac4cc6707a510e3bb39b4ca7c4e7f9df01d06b9d72988c9a02792a0d0fb
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b274e07d334d692f072133062d8fb1359c689c99e8a1e7f2d543bf6f48a1bb33
b4096925f34c85d0c0e934ad77c44165dcd66fecc354c153784d246f00911da5
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b9a683974ca6b74595f90e1e29c2801fd546128f658c0829f3340ae95e86dce9
bd6cafb0d9f0509d461f9b8845027ecb7f5385ee273346f5f44efd2b328afdb3
bdc98241e6678e30358cea21ee478e7b3dad4be0291091a16961ba15ceb91217
bed95704925c3e78eff7cb873c0fe5da0a428b661fb66ab6642db342f9f5a193
c10c5b621b89667c8083849c03808337327ebfe31d832b55652b4abcaa803248
c1d0d1d3b605411b5c3dafe133a2d58bc43cff20eb9a2999bb5c9ab2b942aafb
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c3b53ef23e0ada8f8c2fbd04039879baed112f5fa54f186c07d96127cc5876f3
c4dd7ce2bccd78896bb8a453887e4b95261de47a8417469cbd2b8e7953deffe6
c8dc4d387c4e74a24ffeacb473c5cec08143808458cc0dd8efa153608af4f66f
c9bc8dd96339e10e0387a484c7d2d8f4b030644500c8caf067f50b343e155509
ce91e2144ea27f82292ef2c87c5d9e1d0b9994df63836130293865aca18fc550
ced42cc2900c7f0c998313f895767a36fdd38ca88fe4317d63559ce815d15cc5
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d14fd562f5091facebcb2c6e8201cb8f7a69efc0d1da85b5607bcd361ecd0f46
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
d4275796e9f1cfa6219c319180a5adcbf3da9c0f753c719fe4c48d43addff507
d50cc29cdb5193f9c74cd85af53aeeae41d67aeedc5a0229b623d18c3f665ef4
d5ff91865d995591bc5aff1faff0e4f1887a72b6995d7de350030f11f6a6bb6a
d66c157e60a88623fc6bb87393d303096b3a2db235ad33c1cdb80ed71ee38c42
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
dbe5b7ecbb1e59ac15de1b1ea340c9540f8d1cf1764c667aeca64a1fdd3b639c
dcc84ca2069873bf863e0b36e587fd75731d689301e628c13156550f61689722
dceb3bfb71ace8bdb05066f1dda376bbc6756c7a40daa5fc7ad9dae154f469b4
dff464a4288fb7c34c91a0d0b74eb9413e708f0563bfff23363265eeac817a59
e08cc0db8b2a31529e8fd60ec62e764701c2ff86312fa50d292028a6205c3e71
e1a3c83144fa5752c8668ca056742ec9e6d6dfe5cfb75a97a9e53d1150068f91
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4447831baf6690d632168390edfd95679cb7b5a09aec2c54d47b0a2343e54aa
e6664a3276fdcb4b406333dfee2ac0939937923bfd074f55318116f355b3d634
e69831b8ed5f889eb56f1973268d1256d1ea525bce4c49e77c6c11fa628c41a8
e6f8d3f9f2e56fd5910129867513cc25550919e2cc50f8ecafd9d100fb2e44cc
e835935305be6950382340969d92b7c46f7b87048eca4c9f537c335a42293e9b
e8deb16eb44574c11f7fc262b3fb21c23016e46f1d8b8cc4e0184adc0c38d097
e93eb3b104d528ed24faede2f8d79a65eb9b9c85366ae010c146b1db39d51607
eb9c0e020b07686b1c784ae61d85384965b30e3c907c2f4aafa1796716073759
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0fe7e69e970311a87c3b57b217e6fc19f0a65b25813ad64426169712f61e402
f19c00cbd837fe7c8d112c5d9c6b140378c34aa49344a204e2d6df0204e60075
f3d7c3a88135a3a10c5d4dcbb8ec96a4ffbe0bf2d5ed93681b96a967f997dcce
f852e47aa1b743f8025836531dded1b9b278ebd6a3d8a275da3af04c79368468
f8587ed15db63a3912a4bf9d5de9be29ffde7b77af197d8a43822e6b357a9503
fc9f580c837f059f435270f6ea8c1ad6ec90131a6c405236156a6d4a2567b795
fdcb74f626ef8f1059c0e3bd503017b8fdda4a54afcc26a4da734f5fd5c7a87a
fed003773723ba3dfc4e75ab722e39b2ea22b8757418fc66cd5e3afc08d492af
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

www.fox13now.com Open in urlscan Pro 13.32.99.93 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

327 Requests

91 %HTTPS

36 %IPv6

62 Domains

106 Subdomains

81 IPs

11 Countries

4027 kBTransfer

14658 kBSize

54 Cookies

27 Outgoing links

Page URL History

Redirected requests

327 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.fox13now.com Open in urlscan Pro
13.32.99.93 Public Scan

Screenshot
Live screenshot

Full Image

327
Requests

91 %
HTTPS

36 %
IPv6

62
Domains

106
Subdomains

81
IPs

11
Countries

4027 kB
Transfer

14658 kB
Size

54
Cookies

327 HTTP transactions
4 data transactions